A Workshop on Information Security and Hacking
Workshop Code | Duration | Fee |
NTWSHACKB-01 | 1 / 2 Days | 1200/- |
Internet is not safe and secure until we have taken special care about safety. Learning of Information Security and Hacking is very useful for IT Developers and Internet users. IT Developers need to know how to identify the holes in the security of their projects. And Internet users need to understand the risk and how to avoid to become hacking target.
Hacking is no longer a theoretical concept but is rapidly becoming reality. The idea behind workshop is to teach the possibilty of Hacking in Internet world. Statistics show that by the year 2020 we will have close to 13.5 billion jobs in the hacking industry across the globe. The number is a whopping things as of date. Imagine the magnitude!!
Workshop Syllabus
Introduction to Ethical Hacking
Information Security Overview
Data Breach Statistics
Malware Trends in 2014
Elements of Information Security
The Security, Functionality, and Usability Triangle
Information Security Threats and Attack Vectors
Top Information Security Attack Vectors
Information Security Threat Categories
Types of Attacks on a System
Operating System Attacks
Examples of OS Vulnerabilities
Misconfiguration Attacks
Application-Level Attacks
Examples of Application-Level Attacks
Shrink Wrap Code Attacks
Information Warfare
Hacking Concepts, Types, and Phases
What is Hacking
Scanning
Gaining Access
Maintaining Access
Clearing Tracks
Ethical Hacking Concepts and Scope
What is Ethical Hacking?
Why Ethical Hacking is Necessary
Scope and Limitations of Ethical Hacking
Skills of an Ethical Hacker
Information Security Controls
Information Assurance (IA)
Information Security Management Program
Threat Modeling
Enterprise Information Security Architecture (EISA)
Network Security Zoning
Defense in Depth
Information Security Policies
Types of Security Policies
Examples of Security Policies
Privacy Policies at Workplace
Steps to Create and Implement Security Policies
HR/Legal Implications of Security Policy Enforcement
Physical Security
Physical Security Controls
Types of Vulnerability Assessment
Network Vulnerability Assessment Methodology
Vulnerability Research
Vulnerability Research Websites
Penetration Testing
Why Penetration Testing
Types of Penetration Testing
Information Security Laws and Standards
Payment Card Industry Data Security Standard (PCI-DSS)
ISO/IEC 27001:2013
Cyber Law in Different Countries
Footprinting Concepts
What is Footprinting?
Objectives of Footprinting
Footprinting Methodology
Footprinting through Search Engines
Google Hacking Database (GHDB)
Information Gathering Using Google Advanced Search
Website Footprinting
Website Footprinting using Web Spiders
Mirroring Entire Website
Email Footprinting
Tracking Email Communications
Collecting Information from Email Header
Email Tracking Tools
Traceroute
Traceroute Analysis
Footprinting Penetration Testing
Footprinting Pen Testing
Footprinting Pen Testing Report Templates
Overview of Network Scanning
TCP Communication Flags
TCP/IP Communication
Creating Custom Packet Using TCP Flags
Scanning Techniques
TCP Connect / Full Open Scan
Stealth Scan (Half-open Scan)
Inverse TCP Flag Scanning
Scan for Vulnerability
Vulnerability Scanning
Vulnerability Scanning Tool
Drawing Network Diagrams
Network Discovery Tool
Network Topology Mapper
Proxy Servers
Scanning Pen Testing
Enumeration Concepts
What is Enumeration?
Techniques for Enumeration
Information at Hand Before System Hacking Stage
Cracking Passwords
Password Cracking
Types of Password Attacks
Non-Electronic Attacks
Active Online Attack
Dictionary, Brute Forcing and Rule-based Attack
Password Guessing
Default Passwords
Active Online Attack:
Trojan/Spyware/Keylogger
Example of Active Online Attack Using USB Drive
Hash Injection Attack
Passive Online Attack
Wire Sniffing
Man-in-the-Middle and Replay Attack
Offline Attack
Rainbow Attacks
Tools to Create Rainbow Tables: rtgen and Winrtgen
How Hash Passwords Are Stored in Windows SAM?
NTLM Authentication Process
Kerberos Authentication
Password Salting
Password Cracking Tools
Password Cracking Tool for Mobile: FlexiSPY Password Grabber
How to Defend against Password Cracking
Keylogger
Types of Keystroke Loggers
Keyloggers for Windows
Spyware
Spyware: Spytech SpyAgent
What Does the Spyware Do?
USB Spyware: USBSpy
Audio Spyware: Spy Voice Recorder and Sound Snooper
Video Spyware: WebCam Recorder
Cellphone Spyware: Mobile Spy
Telephone/Cellphone Spyware
GPS Spyware: SPYPhone
GPS Spyware
How to Defend Against Keyloggers
Anti-Keylogger: Zemana AntiLogger
Anti-Keylogger
How to Defend Against Spyware
Anti-Spyware: SUPERAntiSpyware
Anti-Spyware
What Is Steganography?
Classification of Steganography
Types of Steganography based on Cover Medium
Whitespace Steganography Tool: SNOW
Image Steganography
Least Significant Bit Insertion
Masking and Filtering
Algorithms and Transformation
Image Steganography Tools
Clearing Logs
Manually Clearing Event Logs
Ways to Clear Online Tracks
Covering Tracks Tool: CCleaner
Covering Tracks Tool: MRU-Blaster
Track Covering Tools
Penetration Testing
Password Cracking
Privilege Escalation
Executing Applications
Malware Threats
Introduction to Malware
Different Ways a Malware can Get into a System
Common Techniques Attackers Use to Distribute Malware on the Web
Trojan Concepts
Financial Loss Due to Trojans
What is a Trojan?
How Hackers Use Trojans
Common Ports used by Trojans
How to Infect Systems Using a Trojan
Dark Horse Trojan Virus Maker
Trojan Horse Construction Kit
Remote Access Trojans
Virus and Worms Concepts
Introduction to Viruses
Stages of Virus Life
Working of Viruses:
Infection Phase
Attack Phase
Why Do People Create Computer Viruses
Indications of Virus Attack
Virus Hoaxes and Fake Antiviruses
Types of Viruses
Anti-Malware Software
Anti-Trojan Software
Penetration Testing
Pen Testing for Trojans and Backdoors
Penetration Testing for Virus
Sniffing Concepts
Types of Sniffing
Spoofing Attack
Sniffing Tools
Counter measures
How to Defend Against Sniffing
How to Detect Sniffing
Social Engineering Concepts
What is Social Engineering?
Phishing
Spear Phishing
Social Engineering Pen Testing
Denial-of-Service
Session Hijacking
Session Hijacking Pen Testing
Hacking Webservers
Webserver Concepts
Web Server Security Issue
Webserver Security Tools
Hacking Web Applications
SQL Injection Attacks
Cross-Site Scripting (XSS) Attacks
How XSS Attacks Work
Cross-Site Request Forgery (CSRF) Attack
Web Application Denial-of-Service (DoS) Attack
CAPTCHA Attacks
Connection String Parameter Pollution (CSPP) Attacks
SOAP Injection
XML Injection
Example of SQL Injection
SQL Injection Tools
SQL Injection Detection Tools
Hacking Wireless Networks
Wireless Hacking Tools
Bluetooth Hacking
Hacking Mobile Platforms
Mobile Spyware
Firewall
Types of Honeypots
HTTP-Tunnel
Introduction to Cloud Computing
Cloud Deployment Models
Understanding Virtualization
Cloud Computing Threats
Cloud Computing Attacks
Cloud Pen Testing
Cryptography
Types of Cryptography
Certification Authorities
Digital Signature
SSL (Secure Sockets Layer)
Transport Layer Security (TLS)
Cryptography Attacks
Outcome of Workshop
The Student is able to list what is Hacking.
The Student is able to list the salient features of Hacking.
The Student is able to understand types of Hacking.
The Student is able to understand complete structure of Hacking applications.
The Student is able to protect with Hacking.
Key Experiments or Demo
Understanding and managing windows Hacking.
Running basic tools of Hacking.
Managing the security in the web applications.
Write SQL Injection free code.
How to protect with Trogan.
|