You are here CoursesCertificate SeriesEHS: Attack Phases
Thursday, May 23, 2013
Ethical Hackers Attack Phases
EC-Council Conference & Events

Course Description

This certification covers a plethora of the offensive security topics ranging from how perimeter defenses work to scanning and attacking the simulated networks. A wide variety of tools, viruses, and malware is presented in this and the other four books, providing a complete understanding of the tactics and tools used by hackers. By gaining a thorough understanding of how hackers operate, an Ethical Hacker will be able to set up strong countermeasures and defensive systems to protect an organization's critical infrastructure and information.

Certificate Info
Who Should Attend 
This course will significantly benefit the security officers, auditors, security professionals, site administrators, and anyone who is concerned about the integrity of the network infrastructure.

Course Duration
2 days (9:00AM – 5:00PM)

CPE/ECE Qualification
2 ECE Credits awarded for attendance (1 for each 8 hour class day)

Program Cost:
$750 USD

Supplement Cost (Courseware & Certificate exam Access):
$75 USD

Bundle Price:
$799 USD
 
Getting Started:

Find Training Click HERE:

Corporate Trainers interested in setting up internal company training programs, click here

 


Included Courseware:
Ethical Hacking & Countermeasures Attack Phases 
What’s included?
Physical Courseware
1 year Access To EC-Council Student LMS for Practical Labs (if applicable), testing, and Certificate
 
Related Certificates:
Ethical Hacking and Countermeasures: Threats and Defense Mechanisms
Ethical Hacking and Countermeasures: Web Applications and Data Servers
Ethical Hacking and Countermeasures: Linux, Macintosh and Mobile Systems
Ethical Hacking and Countermeasures: Secure Network Infrastructures
Course Briefing
1. Introduction to Ethical Hacking
Chapter Brief:
As computers have become strategic in the way business is conducted, companies leveraged their capabilities to conduct commerce. Enterprises have begun to realize the need to evaluate their systems for vulnerabilities and correct the security lapses.

Ethical hacking is broadly defined as the methodology that ethical hackers adopt to discover the existing vulnerabilities in information systems’ operating environments. Their job is to evaluate the security of targets, provide updates regarding any discovered vulnerabilities, and recommend the appropriate mitigation procedures.

The module “Introduction to Ethical Hacking” gives an introduction to cyber warfare and security threats. It briefs about hacking and also describes Ethical Hacking.  It talks about the prerequisites to become an Ethical Hacker, the scope and limitations of ethical hacking, and the classification of ethical hackers. The module explains the steps that should be followed while conducting an ethical hacking process.
 
                                                                                                                         
2. Footprinting
Chapter Brief:
Footprinting is the blueprint of the security profile of an organization that is undertaken in a methodological manner, which gives a unique system profile of an organization. Information unveiled at various network levels (Internet/intranet/extranet/wireless) can include details regarding: domain name, intrusion detection systems, specific IP addresses, access control mechanisms and related lists, contact addresses, authentication mechanisms, and system enumeration. An attacker spends 90% of the time in profiling an organization and 10% in launching the attack.

This module discusses about Footprinting terminologies, information gathering methodology, and competitive intelligence gathering. It explains about different Footprinting tools that can be used to intrude into a system or network and explains the process of creating fake websites and the tools used to create fake websites.

3. Scanning
Chapter Brief:
Scanning is one of the most important phases of intelligence gathering for an attacker. In the process of scanning, the attacker tries to gather information about the specific IP addresses that can be accessed over the Internet, their target’s operating systems, system architecture, and the services running on each computer.

This module explains about the scanning methodology that is used to identify the vulnerabilities in a network. It explains about the types of scanning, objectives of Scanning, and different tools present to perform scanning. It briefs about CEH scanning methodology that includes checking for live systems and ports, identifying services, Banner Grabbing/OS Fingerprinting, scanning for vulnerability, drawing network diagrams of the vulnerable hosts, and preparing proxies.

4. Enumeration
Chapter Brief:
The attacker’s objective is to identify the valid user’s accounts or groups where he/she can remain inconspicuous once the system has been compromised. Enumeration involves making active connections to the target system or subjecting it to direct queries.

The module “Enumeration” explains about the process of extracting the user names. It explains the techniques for Enumeration, enumerating user accounts, SNMP enumeration, UNIX/Linux enumeration, LDAP enumeration, NTP enumeration, SMTP enumeration, DNS enumeration, and web enumeration. The module lists the enumeration tools that can be used to extract the data.

5. System Hacking
Chapter Brief:
With the advent of Internet, securing the systems has become a major concern for organizations and governments alike. The fear of the trade secrets, financial information, and customer information being compromised has urged organizations to evaluate the threat scenario to their organizational networks. This led to the organizations hiring “ethical hackers” to launch system hacking on the systems and learn about the vulnerabilities in the networks. In System Hacking, the system refers to the applications and software that perform business functions or support key processes.

The module “System Hacking” describes the CEH system hacking process which is classified into 3 stages: gaining access (by cracking passwords and escalating privileges), maintaining access (executing applications and hiding files), and clearing access (covering tracks). The module also explains the hacking tools that aid the hacking process. The module explains how the attackers penetrate into a system with the help of examples and tools.  It also presents the countermeasures that can be applied in each stage to prevent an attack on the system.

6. Penetration Testing (PT)
Chapter Brief:
A penetration test is a simulation of a potential attack from an attacker. The test involves analyzing the system for vulnerabilities that may be used by the attacker to break in. It involves using proprietary and open source tools to test for known and unknown technical vulnerabilities in the networked systems. Apart from the automated techniques, penetration testing training involves manual techniques for conducting the targeted testing on the specific systems to ensure that there are no security flaws that may have gone undetected earlier.

This module explains how to penetrate through a system or network. It gives an introduction to penetration testing, risk management, manual testing, and automated testing. It discusses on how to enumerate the devices and DoS enumeration and explains about HackerShield, pen-test using different devices, VigilENT, WebInspect, and the tools used for penetration testing.

 
Course Outline

Chapter 1: Introduction to Ethical Hacking

  • Case Example
  • Introduction to Ethical Hacking
  • Importance of Security
  • Threats and Vulnerabilities
  • Attacks
  • Security Breaches
  • Exposure
  • Elements of Security
  • The Security, Functionality, and Ease of Use Triangle
  • The Growth of Hacking
  • Phases of an Attack

o    Phase 1—Reconnaissance

o    Phase 2—Scanning

o    Phase 3—Gaining Access

o    Phase 4—Maintaining Access

o    Phase 5—Covering Tracks

  • Types of Hacker Attacks
  • Hacktivism
  • Ethical Hackers
  • What Do Ethical Hackers Do?
  • Can Hacking Be Ethical?
  • Skills of an Ethical Hacker
  • What Is Vulnerability Research?
  • Why Hackers Need Vulnerability Research
  • Vulnerability Research Web Sites
  • Conducting Ethical Hacking
  • How Do They Go About It?
  • Ethical Hacking Testing
  • Ethical Hacking Deliverables
  • Computer Crimes and Implications
  • Case Example Revisited

 

 

Chapter 2: Footprinting

  • Case Example
  • Introduction to Footprinting
  • Why Is Footprinting Necessary?
  • Revisiting Reconnaissance
  • Footprinting Terminologies

o    Open Source Footprinting

  • Information-Gathering Methodology

o    Unearthing Initial Information

·         What Is an IP Address?

·         Finding a Company’s URL

·         Finding the Internal URLs

·         Public and Private Websites       

·         People Searching

·         WHOIS Lookup

·         Whois Lookup Result Analysis

·         WHOIS Lookup Result

·         Footprinting Through Job Sites

·         Information Gathering Stances

·         Why Do Hacker Need Competitive Intelligence

·         Competitive Intelligence Tools

·         Footprinting Tools

·         Big Brother

·         Wikto

·         Exomind

·         WHOIS Tools

§  SmartWhois

§  ActiveWhois

§  CountryWhois

§  CallerIP

§  Web Data Extractor

·         DNS Information Tools

·         DNSstuff.com

·         Expired Domains

o    Locating the Network Range

·         NeoTrace (now McAfee Visual Trace)

·         Path Analyzer Pro

·         TouchGraph

·         E-Mail Spiders

·         Locating Network Activity

·         Google Earth

·         Meta Search Engines

·         Faking Web Sites Using Man-In-The-Middle Phishing Kit

·         Case Example Revisited: What Happened Next?

 

Chapter 3: Scanning

§  Introduction to Scanning

§  Scanning Defined

§  Objectives of Scanning

§  Scanning Methodology

§  Surfing Anonymously

§  Scanning Countermeasures

§  Tools

o    Angry IP Scanner

§  Firewalk Tool   

o    Firewalk

o    Firewalk Output

o    Nmap 

    • Nmap: Scan Methods
    • Nmap Scan Options
    • Nmap Output Format
    • Nmap Timing Options
    • Nmap Options
    • Nmap: Output
    • Nmap: Host/Ports Details
    • Nmap: Host Details
    • Nmap: Hosts Viewer

o    NetScanTools

o    WUPS

o    SuperScan

o    Global Network Inventory

o    Net Tools Suite Pack

o    FloppyScan

o    Atelier Web Ports Traffic Analyzer

o    Atelier Web Security Port Scanner

o    Ike-scan

o    Infiltrator Network Security Scanner

o    YAPS: Yet another Port Scanner

o    Advanced Port Scanner

o    NetGadgets

o    P-Ping Tools

o    LANView

o    NetBrute

o    Advanced IP Scanner

o    Colasoft MAC Scanner

o    Active Network Monitor

o    Advanced Serial Data Logger

o    WotWeb

o    Antiy Ports

o    Port Detective

o    PhoneSweep

o    Httprint

o    IIS Lockdown Wizard

o    ServerMask

o    PageXchanger

o    SAINT

o    ISS Security Scanner

o    Nessus

o    Retina Network Security Scanner

o    IPsonar

o    BSA Visibility

o    SocksChain

o    Happy Browser

o    Browzar

o    Torpark

o    Proxy+

o    JAP

o    HTTPort

o    SentryPC

 

Chapter 4: Enumeration

§  Introduction to Enumeration

§  Enumeration Defined

§  Techniques for Enumeration

§  Null Session Enumeration

§  Windows Session Establishment

§  Establishing Netbios Null Sessions

§  So What's the Big Deal

§  SNMP Enumeration

§  Management Information Base

§  SNMP UNIX Enumeration

§  UNIX Enumeration

§  LDAP Enumeration

§  NTP Enumeration

§  SMTP Enumeration

§  Web Enumeration

§  Web Application Directory Enumeration

§  Default Password Enumeration

§  Enumeration Procedure

§  Enumerating User Accounts on Linux and OS X with rpcclient

§  Tools

o    Null Session Tools

o    User Account Tools

o    PsTools

o    SNMP Enumeration Tools

o    LDAP Enumeration Tools

o    General Enumeration Tools

 

Chapter 5: System Hacking

§  Introduction to System Hacking

§  Gaining Access

§  Cracking Passwords

§  Types of Password Attacks

o    Passive Online Attack: Wire Sniffing

o    Passive Online Attack:  Man-in-the-Middle and Replay Attacks

o    Active Online Attack: Password Guessing

o    Offline Attacks

·         Brute-force Attack

·         Attack: Pre-Computed Hashes

o    Syllable Attack/ Rule-based Attack

o    Distributed Network Attack

o    Rainbow Attack

o    Non-Technical Attacks

o    Password Cracking Web Sites

§  Password Guessing

§  Tool:

o    Windows Password Cracker

o    Windows Password Recovery

§  Microsoft Authentication

§  Password Cracking Tools

§  Password Cracking Countermeasures

§  Escalating Privileges

§  Cracking NT/2000 Passwords

§  Login Hack: Example

§  Executing Applications

§  Keyloggers and Spyware

§  Keylogger and Spyware Countermeasures

§  Hiding Files

§  Rootkits

§  Steganography

§  Steganography Tools

§  Steganography Detection

§  Steganalysis Tools

§  Covering Tracks

 

Chapter 6: Penetration Testing (PT)

§  Introduction to Penetration Testing

§  Security Assessments

§  Types of Penetration Testing

o    Black-box Penetration Testing

o    Grey-box Penetration Testing

o    White-box Penetration Testing

o    Announced Testing/ Unannounced Testing

§  Why Penetration Testing

§  What Should be Tested

§  What Makes a Good Penetration Test

§  Strategies of Penetration Testing

o    External Penetration Testing

o    Internal Security Assessment

o    Application Security Assessment

o    Network Security Assessment

o    Wireless/Remote Access Assessment

o    Telephony Security Assessment

o    Social Engineering

§  Phases of Penetration Testing

o    Planning Phase

o    Enumerating Devices

o    Pre-attack Phase

o    Attack Phase

o    Post-attack Phase

§  Tools

      §Other Tools Useful in a Pen-Test
Copyright 2013 by EC-CouncilPrivacy StatementTerms Of Use