Module 1 – Introduction to Ethical Hacking
- Module 1 Notes
- Introduction
- Introduction to Hacking
- Information Security Threats and Attack Vectors
- Hacking Concepts
- Ethical Hacking Concepts and Scope
- Information Security Controls Part 1
- Information Security Controls Part 2
- Information Security Laws and Standards
Module 2 – Footprinting and Reconnaissance
- Module 2 Notes
- Footprinting and Reconnaissance
- Footprinting Methodology
- Google Hacking
- FootPrinting Through Social Networking
- Website Foot Printing
- Email Foot Printing
- Competitive Intelligence Gathering
- WhoIs Foot Printing
- DNS Logical and Geographical Foot Printing
- Network Footprinting
- Foot Printing
- Foot Printing Tools
- Foot Printing Penetration Testing
- Conduct Recon with Ping Act
- Query DNS with NSLookUp Act
- Discover Website Subdomain with Sublist3r Act
- Obtain OSINT Information About a Person wit Pipl Act
- Gather Contact and Host Information with theHarvester Act
- Automate OSINT Research with Recon-ng Act
- Get Started with Metasploit Act
- Conduct Open Source Intelligence with OSR Framework Act
- Obtain Whois Information with Smart Whois Act
- Extract Links, URLs, and Emails from Websites with Web Data Extractor Act
- Create an Offline Copy of a Website with HTTrack Act
- Trace an Email with eMail Tracker Pro Act
Module 3 – Network Scanning
- Module 3 Notes
- Network Scanning
- Discovery Scans
- Port Scans
- Nmap
- Nmap Stealth Scans
- Nmap Options
- H-ping and Other Scanners
- SSDP Scanning
- Scanning Beyond IDS and Firewall
- Banner Grabbing
- Scanning Pen Testing
- Checking for Live Systems with Angry IP Scanner Act
- Network Scanning with MegaPing Act
- Advanced Scanning with nmap Act
- Packet Crafting with Hping3 Act
- Packet Crafting with Colasoft Packet Builder Act
Module 4 – Enumeration
- Module 4 Notes
- Enumeration
- Enumeration Technicques Tools
- NetBIOS Enumeration
- SNMP Enumeration
- LDAP Enumeration
- NTP Enumeration
- SMTP and DNS Enumeration
- Enumeration Countermeasures
- Enumeration Penetration Testing
- Enumerate NetBIOS Information with SuperScan Act
- Enumerate NetBIOS Information with NetBIOS Enumerator Act
- Enumerate NetBIOS and LDAP Information with Hyena Act
- Enumerate SNMP WMI and Other Information Using SoftPerfect Network Scanner Act
Module 5 – Vulnerability Analysis
- Module 5 Notes
- Vulnerability Analysis
- Vulnerability Assessment Solutions
- Vulnerability Scoring Systems
- Vulnerability Assessment Tools and Reports
- Perform a Vulnerability Scan and Analysis with Nessus Act
Module 6 – Malware Threats
- Module 6 Notes
- Malware Threats
- Trojan Concepts
- Trojan Types
- Trojan Tools
- Virus and Worm Concepts
- Virus Types
- Malware Analysis
- Malware Reverse Engineering
- Malware Detection
- Malware Countermeasures
- Malware Penetration Testing
- Infect a Victim with a Remote Access Trojan Act
Module 7 – Sniffing
- Module 7 Notes
- Sniffing Concepts
- DHCP Attacks
- MAC Attacks
- ARP Poisoning
- DNS Poisoning
- Sniffing Tools
- Sniffing Countermeasures
- Sniff a Clear Text HTTP Session with Wireshark Act
- Intercept and Crack a Network Login Act
Module 8 – Social Engineering
- Module 8 Notes
- Social Engineering
- Human Based Social Engineering
- Computer Based Social Engineering
- Additional Types of Social Enginnering
- Social Engineering Countermeasures
- Social Engineering Penetration Testing
- Fool a User with a Baited USB Stick Act
- Harvest Credentials with Spear Phishing Act
Module 9 – Denial of Service
- Module 9 Notes
- Denial of Service
- Common Dos-DDoS Attack Types
- Additional DoS Attack Types
- BotNets
- DoS Countermeasures
- Additional DoS Countermeasures
- DoS Penetration Testing
- Perform a DoS Attack With the Low Orbit ION Cannon Act
- Step Up the DoS Attack With the High Orbit ION Cannon Act
- Perform a Slowloris DoS Attack Act
Module 10 – Session Hijacking
- Module 10 Notes
- Session Hijacking
- Browser Session Hijacking
- Way to Compromise a Session Token
- Client Side Attacks
- Hijacking at the Network Level
- Session Hijacking Tools
- Session Hijacking Countermeasures
- Session Hijacking Testing
- Perform a MITM Attack with Ettercap Act
Module 11 – Hacking Webservers
- Module 11 Notes
- Hacking Web Servers
- Webserver Attacks
- Methodology of Webserver Attacks
- Webserver Attack and Defense Tools
- Webserver General Defense
- Webserver Specific Attack Countermeasures
- Webserver Patch Management
- Webserver Pen Testing
- Footprint a Web Server with IDServe Act
- Conduct a Simple Web Server Vulnerability Scan with Uniscan Act
- Conduct a Comprehensive Web Server Vulnerability Scan with Uniscan Act
- Brute Force a Web Server with Medusa Act
Module 12 – Hacking Web Applications
- Module 12 Notes
- Hacking Web Applications
- Web App Vulnerabilities and Exploits
- Web Application Threats
- Injection Attacks
- Hidden Fields and Clickjacking
- Cross Site Attacks
- Additional Web App Attacks
- Web Hacking Methodology
- Web App Hacking Countermeasures
- Web App Security Tools
- Web Application Penetration Testing
- Conduct a Simple Command Injection Attack Act
- Inject a Malicious Link with Cross Site Scripting Act
- Conduct a Cross Site Request Forgery Attack
Module 13 – SQL Injection
- Module 13 Notes
- SQL Injection
- Types of SQL Injection
- SQL Injection Methodology
- SQL Injection Tools
- SQL Injection Countermeasures
- SQL Injection Penetration Testing
- SQL Injection Act
Module 14 – Hacking Wireless Networks
- Module 14 Notes
- Hacking Wireless Networks
- Wireless Discovery and Mapping
- WiFi Sniffers
- WiFi Attacks
- WiFi Cracking
- Wireless Hacking Tools
- Bluetooth Hacking
- Wireless Hacking Countermeasures
- Wireless Security Tools
- Wireless Penetration Testing
- Crack a WEP Key with Aircrack-ng Act
- Crack a WPA Key with Aircrack-ng Act
Module 15 – System Hacking
- Module 15 Notes
- System Hacking Methodology
- Windows System Vulnerabilities and Exploits
- Linux System Vulnerablities and Exploits
- Password Cracking Methods
- Network Service Password Cracking
- Windows Password Cracking
- Linux Password Cracking
- Password Cracking Tools
- Other Methods of Obtaining Passwords
- Keylogging
- Spyware
- RootKits
- Hiding Files
- Steganography
- Privilege Escalation
- Creating and Maintaining Remote Access
- Hiding Evidence
- System Hacking Penetration Testing
- Spoof Name Resolution and Capture Credentials with Responder Act
- Dump and Crack Password Hashes with pwdump7 and Ophcrack Act
- Crack Passwords with L0pht7 Act
- Exploit Client Side Vulnerabilities Act
- Track User Activity with Spyware Act
- View and Clear Audit Policies with Auditpol Act
- Hide Data Using Whitespace Steganography Act
- Hide Data Using Least Significant Bit Steganography Act
- Cover Your Tracks Act
Module 16 – Hacking Mobile Platforms
- Module 16 Notes
- Hacking Mobile Platforms
- Hacking Android OS
- Rooting Android
- Securing Android
- Hacking iOS
- Jailbreaking iOS
- Securing iOS
- Hacking Windows Phone OS
- Hacking Blackberry
- Mobile Device Management
- Mobile Security Guidelines and Tools
- Mobile Penetration Testing
- Prepare Your Wireless Email Environment Act
- Pwn a Mobile Device with Metasploit Act
- Use a Mobile Device in a DDoS Campaign Act
- Return Your VMs to Original Configuration Act
- Uninstall Main Activity Malware from Android Act
Module 17 – Evading IDS, Firewalls, and Honeypots
- Module 17 Notes
- Evading IDS Firewalls and Honeypots
- Firewalls
- Honeypots
- IDS Firewalls and Honeypots Tools
- Evasion
- Evasion Countermeasures
- IDS Firewall Honeypot Penetration Testing
- Fly Below IDS Radar Act
- Test and Analyze a Honey Pot Act
- Bypass Windows Firewall Act
Module 18 – Cryptography
- Module 18 Notes
- Cryptography
- Encryption Algorithms
- Cryptography Tools
- Public key Infrastructure
- Email Encryption
- Disk Encryption
- Cryptography Attacks
- Crytography Penetration Testing
- Examine Hashing Algorithms Act
- Protect Data with Symmetric Encryption Act
- Protect Data with Asymmetric Encryption Act
Module 19 – Cloud Computing
- Module 19 Notes
- Cloud Computing
- Virtualization
- Cloud Computing Threats
- Countermeasures to Cloud Computing Threats
- Cloud Computing Attacks
- Cloud Security
- Cloud Security Best Practices
- Cloud Penetration Testing
Module 20 – IoT Hacking
- Module 20 Notes
- IoT Hacking
- IoT Vulnerabilities and Attacks
- IoT Hacking Methodology and Tools
- IoT Hacking Countermeasures
- oT Penetration Testing
- Search the Internet for Vulnerable IoT Devices Act
- Conclusion