Ethical Hacking Training in Chennai

Description:

This ethical hacking online training Module deals with CEH hacking methodology, password cracking, types of password attacks, password recovery tools, Kerberos authentication, password cracking tools, spyware, steganography, and NTFS data stream.

Chapter 6.1: CEH Hacking Methodology(CHM)
Chapter 6.2: System Hacking Objectives
Chapter 6.3: Password Cracking
Chapter 6.4: Kinds of Password Attacks

• Non-Electronic Attack
• Active Online Attack
• Passive Online Attack

Chapter 6.5: Password Recovery Tools
Chapter 6.6: Microsoft Authentication
Chapter 6.7: Storing Hash Passwords in Windows SAM
Chapter 6.8: NTLM Authentication Process
Chapter 6.9: Kerberos Authentication
Chapter 6.10: Password Salting and Cracking Tools
Chapter 6.11: Tools for Extracting the Password Hashes
Chapter 6.12: How to Defend against LLMNR/NBT-NS Poisoning and Password Cracking
Chapter 6.13: Escalating Privileges
Chapter 6.14: Tools to Execute Applications
Chapter 6.15: Keylogger
Chapter 6.16: Spyware
Chapter 6.17: How to Defend against Keylogger and Spyware
Chapter 6.18: RootKits

Kinds of RootKits
RootKits working
Steps to Detect RootKits
Defend Against RootKits
Anti-RootKits

Chapter 6.19: NTFS Data Stream

• Creating NTFS Streams
• Manipulating NTFS Streams
• Defend Against NTFS Streams
•  NTFS Stream Detectors

Chapter 6.20: Steganography

• Categorization of Steganography
• Kinds of Steganography
  • Document Steganography
  • Video and Audio Steganography
  • Email/Spam Steganography
  • Folder Steganography
  • Image Steganography Tools
  • Whitespace Steganography
• Steganography Tools for Mobile Phones
• Steganalysis
• Steganalysis Methods and Attacks on Steganalysis
• Detecting Steganography
• Steganography Detection Tools

Chapter 6.21: Covering Tracks

• Deactivating Auditing: Auditpol
• Clearing Logs
• Covering Tracks
• Covering Tracks tools
• Covering Tracks on OS and Network
• Covering Tracks Tools
   

Description:

This ethical hacking online training module deals with malware components, different types of trojans, stages of the  virus, worms, malware analysis, and anti-virus software.
 
Chapter 7.1: Malware Fundamentals

• Introduction to Malware
• Different methods by which Malware can get into a system
• General Techniques which Attackers use for Distributing the Malware on the web
• Components of Malware

Chapter 7.2: Trojan Basics

• Define Trojans
• How Hackers use Trojans
• General Ports used by the Trojans
• How to Infect systems through a Trojan
• Trojan Horse Construction Kit
• Wrappers and Crypters
• How Attackers Deploy the Trojan
• Avoiding Anti-virus Techniques
• Kinds of Trojans
  • Remote Access Trojans
  • BotNet Trojans
  • Backdoor Trojans
  • RootKit Trojans
  • E-banking Trojans
  • Proxy Trojans
  • Mobile Trojans 
  • IoT Trojans
• Exploit Kits

Chapter 7.3: Worms and Virus Concepts

• Virus Basics
• Stages of Virus life
• Working with Viruses
• Signs of Virus Attack
• How Virus Infects a computer
• Virus Hoaxes
• Fake Antivirus
• Ransomware
• Kinds of Viruses
• Creating Virus
• Computer Worms and Worm Makers

Chapter 7.4: Malware Analysis

• Sheep Dip Computer
• Anti-Virus Senor Systems
• Malware Analysis Basics
• Preparing Testbed
• Static and Dynamic Malware Analysis
• Virus Detection Ways
• Trojan Analysis: ZeuS/Zbot
• Virus Analysis: WannaCry

Chapter 7.5: Counterattacks

• Trojan and Backdoor Counterattacks
• Virus and Worms Counterattacks

Chapter 7.6: Anti-Malware Software

• Anti-Trojan and Antivirus software

Chapter 7.7: Malware Penetration Testing
 

Description:

This ethical hacking course module discusses the important aspects of the sniffing attack.

Chapter 8.1: Sniffing Basics

• Network Sniffing
• Basics of Sniffing
• How an attacker uses Sniffing to Hack the Network
• Protocols exposed to Sniffing
• Sniffing in the Data Link Layer
• Hardware Protocol Analyzers
• SPAN Port
• Wiretapping and Lawful Interception

Chapter 8.2: MAC Attacks

• MAC Address or CAM Table
• CAM Working
• What Happens when the CAM Tables is Full?
• MAC Flooding
• Switch Port Stealing
• Defending MAC Attacks

Chapter 8.3: Sniffing Technique: DHCP Attacks

• DHCP Working
• DHCP Request/Reply Messages
• DHCP Starvation Attack
• Rogue DHCP Server Attack
• Defending DHCP Starvation and Rogue Server Attack

Chapter 8.4: Sniffing Technique: ARP Poisoning

• Address Resolution Protocol
• ARP Spoofing Attack
• ARP Poisoning Threats
• ARP Poisoning Tools
• Defending ARP Poisoning
• Dynamic ARP Inspection and Configuring DHCP Snooping
• ARP Spoofing Detection Tools

Chapter 8.5: Spoofing Attacks

• MAC Duplicating/Spoofing
• Windows
• MAC Spoofing Tools
• IRDP Spoofing
• Defending MAC Spoofing

Chapter 8.6: DNS Poisoning and Sniffing Tools

• DNS Poisoning Techniques
• Defending DNS Poisoning
• Wireshark
• Packet Sniffing Tools for Mobile

Chapter 8.7: CounterAttacks and Sniffing Detection Techniques

• Defending Sniffing
• Detect Sniffing
• Sniffer Detection Techniques
• Promiscuous Detection Tools
• Sniffing Penetration Testing
   

Description: 

In this module, you will master social engineering basics, identity theft and counterattacks, and social engineering penetration testing.

Chapter 9.1: Social Engineering Basics and Techniques

• Define Social Engineering
• Social Engineering Attack Phases
• Types of Social Engineering
• Human-based and Computer-based Social Engineering
• Mobile-based Social Engineering

Chapter 9.2: Impersonation on Social Networking Sites

• Social Engineering using Impersonation on Social Networking
• Impersonation on Facebook 
• Risks of Social Networking Threats for Corporate Networks

Chapter 9.3: Identity Theft and Counterattacks

• Identity Theft concepts
• Social Engineering Counterattacks
• Insider Threats Counterattacks
• Identity Theft Counterattacks
• Detecting Phishing Emails
• Anti-Phishing Toolbar
• General Social Engineering Targets and Defense Strategies

Chapter 9.4: Social Engineering Penetration testing and Insider Threats

• Social Engineering Penetration Testing Tools
• Types of Insider Threats

Description:

This ethical hacking online classroom training module discusses the techniques and tools of DoS and DDoS attacks.

Chapter 10.1: DoS and DDoS Concepts

• Define DoS Attack
• What is Distributed Denial-of-Service Attack

Chapter 10.2: DoS and DDoS Attack Techniques

• Basic Classification of DoS and DDoS Attack vendors
• UDP and ICMP Flood Attack
• Ping of Smurf and Death Attack
• SYN Flood Attack
• Fragmentation Attack
• HTTP GET/POST and Slowloris Attacks
• Multi-Vector Attack
• Peer-to-Peer Attacks
• Permanent DoS
• Distributed Reflection Denial-of-Service(DRDoS)

Chapter 10.4: Botnets and DDoS Case Study

• Botnet
• General Botnet Setup
• Botnet Ecosystem
• Scanning methods to Find Vulnerable Machines
• How Malicious Code Propagates?
• Botnet Trojan
• DDoS Attack
• Hackers Advertise Links for Downloading Botnet
• Use of Mobile Devices as Botnets to Launch DDoS Attacks
• Dyn DDoS Attack

Chapter 10.5: DoS and DDoS Attack Tools and Counterattacks

• DoS and DDoS Attack Tools for Web and Mobile
• Detection Techniques
• DoS/DDoS Counterattack Strategies
• DDoS Attack Counterattacks
• Techniques for Defending Botnets
• DoS and DDoS Counterattacks
• DoS and DDoS Protection at ISP level
• Enabling TCP Internet on Cisco IOS Software

Chapter 10.6: DoS and DDoS protection tools and Penetration Testing

• Modern DDoS Protection Appliances
• DoS and DDoS Protection Tools
• DoS and DDoS Attack Penetration Testing
   

Description:

Through this module, you will get in-depth knowledge of kinds of session hijacking, application-level session hijacking, session hijacking tools, and IPsec.

Chapter 11.1: Session Hijacking Basics

• Define Session Hijacking
• Importance of Session Hijacking
• Session Hijacking Process
• Kinds of Session Hijacking
• Session Hijacking in OSI Model
• Differentiate Hijacking and Spoofing
• Packet Analysis of a Local Session Hijack

Chapter 11.2: Application Level Session Hijacking

• Compromising Session IDs through Sniffing and by Predicting Session Token
• Predicting a Session Token
• Compromising Session IDs through Man-in-the-Middle Attack
• Compromising Session IDs through Man-in-the-Browser Attack
• Compromising Session IDs through Client-side Attacks
• Compromising Session IDs through Client-side Attacks and Cross-site Script Attack
• Compromising Session IDs through Cross-site Request Forgery Attack
• Compromising Session IDs through Session Replay Attack and Session Fixation
• Session Hijacking through Proxy Servers, CRIME Attack, and Forbidden Attack

Chapter 11.3: Network Level Session Hijacking

• TCP/IP Hijacking
• RST and Blind Hijacking.
• UDP Hijacking and IP Spoofing
• MiTM Attack through Forged ICMP and ARP Spoofing

Chapter 11.4: Session Hijacking Tools and Counterattacks

• Session Hijacking Tools for Web and Mobile
• Session Hijacking Detection Methods
• Protecting Session Hijacking
• Session Hijacking prevention methods for web developers and web users
• Session Hijacking Detection Tools
• Approaches for preventing Session Hijacking
• Approaches exposable to Session Hijacking 

Chapter 11.5: IPsec

• IPsec Components
• Advantages and Modes of IPsec
• IPsec Architecture
• IPsec Confidentiality and Authentication
• Session Hijacking Prevention Tools and Penetration Testing
   

Description:

In this ethical classroom online training module, you will get extensive knowledge of intrusion detection systems, honeypots, firewalls, and their evasion techniques.

Chapter 12.1: Intrusion Detection System

• How Intrusion Detection System Detects an Intrusion
• Instructions of Intrusions
• Different Kinds of Intrusion Detection Systems
• Different Kinds of IDS Alerts

Chapter 12.2: Firewall

• Firewall Architecture
• Demilitarized Zone
• Different Kinds of Firewalls
• Firewall Technologies
  • Packet Filtering Firewall
  • Circuit-Level Gateway Firewall
  • Application-Level Firewall
  • Stateful Multilayer Inspection Firewall
  • Application Proxy
  • Virtual Private Network(VPN)
  • Network Address Translation
  • Firewall Restrictions

Chapter 12.3: Intrusion Detection Tools

• Snort
• TippingPoint and AlienVault
• Intrusion Detection Tools for Web and Mobile

Chapter 12.4: Firewalls

• ZoneAlarm Free Firewall and Firewall Analyzer
• Firewalls for Web and Mobile

Chapter 12.5: Honeypots and Honeypot Tools

• Different Kinds of Honeypots
• KFSensor and SPECTER
• Honeypot Tools for Web and Mobile

Chapter 12.5: IDS Evasion Methods

• Insertion Attack
• Evasion
• Denial-of-Service Attack(DoS)
• Obfuscating
• False Positive Generation and Session Splicing
• Fragmentation Attack
• Session Splicing
• Time-to-live Attacks
• Overlapping Fragments
• Invalid RST Packets
• Polymorphic Shellcode
• ASCII Shellcode
• Desynchronization
• Application-Layer Attacks
• Other types of Evasion9966321077

Chapter 12.6: Firewall Evasion Techniques

• Firewall Detection
• IP Address Spoofing
• Source Routing and Tiny Fragments
• Evading Blocked Sites through IP Address and Anonymous Website surfing sites
• Evading Firewall through Proxy server and ICMP Tunneling method
• Evading Firewall through ACK Tunneling and HTTP Tunnelling method
• Evading Firewall through External Systems and MITM Attack
• Evading Firewall through the content
• Evading WAF through XSS Attack

Chapter 12.7: IDS or Firewall Evading Tools

• IDS or Firewall Evasion Tools
• Packet Fragment Generator Tools

Chapter 12.8: Detecting Honeypots

• Detecting and Defeating Honeypots
• Send-Safe Honeypot Hunter - Honeypot Detection Tool

Chapter 12.9: IDS and Firewall Evasion Counterattacks

• Defending IDS Evasion
• Defending Firewall Evasion

Chapter 12.10: Penetration Testing

• Firewall and IDS Penetration Testing
   

Description:

In this module, you will learn about different types of web server attacks, web server attack tools, web server security tools, and web server counterattacks.

Chapter 13.1: Web Servers Basics

• Web Server operations
• Open source Web Server Architecture
• IIS Web Server Architecture
• Web Server Security Issue
• Why we compromise web servers?
• Effect of Web Server Attacks

Chapter 13.2: Web Server Attacks

• DoS and DDoS Attacks
• DNS Server Hijacking
• DNS Amplification Attack
• Directory Traversal Attack
• Man-in-the-Middle or Sniffing Attack
• Phishing Attacks
• Website Defacement
• Web Server Misconfiguration
• HTTP Response Splitting Attack
• Web Cache Poisoning Attack
• SSH Brute Force Attack
• Web Server Password Cracking
• Web Application Attacks

Chapter 13.3: Web Server Attack Methodology and Web Server Footprinting or Banner Grabbing

• Collecting Information from Robots.txt file
• Web Server Footprinting tools
• Enumerating Web Server Information through Nmap

Chapter 13.4: Website Mirroring and Vulnerability Scanning

• Finding the Default Credentials of Web Server
• Finding the Default Content of Web Server
• Finding Directory Listings of Web Server
• Finding Exploitable Vulnerabilities

Chapter 13.5: Web Server Attack Tools

• Metasploit
• Web Server Attack Tools

Chapter 13.6: Counterattacks

• Locate Web Servers in the Separate Secure Server Security Agent
• Counterattacks
• Detecting Web Server Hacking Attempts
• Defending Web Server Attacks
• Defending HTTP Response and Web Caching
• Defending DNS Hijacking

Chapter 13.7: Patch Management

• Patches and Hotfixes
• Patch Management
• Patch Installation
• Patch Management Tools

Chapter 13.8: Web Server Security Tools

• Web Application Security Scanners
• Web Server Security Scanners
• Web Server Security Tools

Chapter 13.9: Web Server Penetration Testing

• Web Server Penetration Testing concepts
• Web Server Penetration Testing Tools

Description:

In this module, trainees will acquire extensive knowledge of Web app threats, hacking methodologies, web application hacking tools, and web app security testing tools.

Chapter 14.1: Web App Concepts

• Web Applications Basics
• Web Application Architecture
• Web2.0 Applications
• Vulnerability Stack

Chapter 14.2: Web App Threats

• OWASP Top 10 Application Security Risks - 2017
• Other Web Application Threats

Chapter 14.3: Hacking Methodology

• Web App Hacking Methodology
• Footprint Web Infrastructure
• Attack Web Servers
• Analyze Web Applications
• Bypass Client-side Controls
• Attack Authentication Mechanism
• Authorization Attack Schemes
•  Attack Access Controls
• Attack Session Management Mechanism
• Perform Injection or Input Validation Attacks
• Attack Application Logic Flaws
• Attack Database Connectivity
• Attack Web App Client
• Attack Web Services

Chapter 14.4: Web Application Hacking Tools and Countermeasures

• Web Application Hacking Tools
• Web Application Fuzz Testing
• Source Code Review
• Encoding Schemes
• Defending Injection Attacks
• Web Application Attack Counterattacks
• Defending Web Application Attacks

Chapter 14.5: Web App Security Testing Tools and Web App Pen Testing

• Web App Security Testing Tools
• Web Application Firewall
• Web Application Penetration Testing Framework

Description:

In this module, you will learn the concepts related to SQL injection attacks.

Chapter 15.1: SQL Injection Concepts

• Define SQL Injection
• SQL Injection and Server-side Technologies
• Understanding HTTP POST Request and SQL Injection Query
• Example of SQL Injection

Chapter 15.2: Types of SQL Injection and SQL Injection Methodology

• Different Types of SQL Injection
• SQL Injection Methodology

Chapter 15.3: SQL  Injection Tools and Evasion Techniques

• SQL Injection Tools for Web and Mobile
• Evading IDS
• Different Types of Signature Evasion Techniques

Chapter 15.4: Counterattacks

• Defendinding SQL Injection Attacks
•  SQL Injection Detection Tools

Description:

This module discusses concepts like wireless terminologies, wireless encryption, wireless hacking tools, bluetooth hacking, wireless security tools, and wi-fi penetration testing framework.

Chapter 16.1: Wireless Fundamentals

• Wireless Terminologies
• Wireless Networks and Standards
• Service Set Identifier
• Wi-Fi Authentication Modes
• Wi-Fi Authentication Process through a Centralized Authentication
• Different Types of Wireless Antenna

Chapter 16.2: Wireless Encryption

• Different Types of Wireless Encryption
• WEP vs WPA vs WPA2
• WEP Concerns
• Weak Initialization Vector(IV)

Chapter 16.3: Wireless Threats and Wireless Hacking Methodology

• Wireless Threats
• Wireless Hacking Methodology

Chapter 16.4: Wireless Hacking Tools

• WEP/WPA Cracking Tools
• WEP/WPA Cracking Tool for Mobile
• Wi-Fi Sniffer
• Wi-Fi Traffic Analyzer Tools
• Additional Wireless Hacking Tools

Chapter 16.5: Bluetooth Hacking

• Bluetooth Stack and Hacking
• Bluetooth Threats and Hacking Tools
• How do we BlueJack a Victim?

Chapter 16.6: Counterattacks and Wireless Security Tools

• Wireless Security Layers
• Defending WPA or WPA2 Cracking
• Defending Krack Attacks
• Detecting and Blocking Rogue AP
• Defending Wireless Attacks
• Defending Bluetooth Hacking
• Wireless Intrusion Prevention System
• Wireless IPS Deployment
• Wi-Fi Security Auditing Tool
• Wi-Fi Intrusion Prevention System
• Wi-Fi Predictive Planning Tools
• Wi-Fi Vulnerability Scanning Tools
• Bluetooth Security Tool
• Wi-Fi Security Tools for Mobile

Chapter 16.7: Wi-Fi Penetration Testing

• Wi-Fi Penetration Testing Framework
   

Description:

This module provides you with a detailed overview of mobile platform attack vendors, hacking android os and ios, mobile spyware, and mobile security tools.

Chapter 17.1: Mobile Platform Attack Vendors

• Vulnerable Areas in Mobile Business Management
• OWASP Top 10 Mobile Risks
• Anatomy of the Mobile Attack
• How a Hacker can profit from mobile 
• Mobile Attack Vectors and Mobile Platform Vulnerabilities
• Security problems emerge from the App Stores
• App sandboxing issues
• Mobile spam and SMS Phishing Attack
• Pairing Mobile Devices on Wi-Fi and Bluetooth Connection

Chapter 17.2: Hacking Android OS

• Android OS and Rooting
• Blocking Wi-Fi Access through NetCut
• Hacking with zANTI
• Hacking Networks through Network Spoofer
• Launching DoS Attack through Low Orbit Ion Cannon(LOIC)
• Performing Session Hijacking through DroidSheep
• Hacking with Orbot Proxy
• Android-based Sniffers and Trojans
• Securing Android Devices
• Android Security Tools
• Android Vulnerability Scanner
• Android Device Tracking Tools

Chapter 17.3: Hacking iOS

• Apple and Jailbreaking iOS
• iOS Trojans
• Standards to Secure iOS Devices
• IOS Device Tracking Tools
• Device Security Tools

Chapter 17.4: Mobile Spyware and Mobile Device Management

• Mobile Spyware: mSpy
• Mobile Spywares
• Mobile Device Management Solutions
• Bring Your Own Device

Chapter 17.5: Mobile Security Guidelines and Tools

• Standards for Mobile Platform Security
• Standards for Administrator
• SMS Phishing Counterattacks
• Mobile Protection Tools
• Mobile Anti-Spyware

Chapter 17.6: Mobile Penetration Testing

• Android and iPhone Penetration Testing
• Mobile Pentesting Toolkit
   

Description:

In this module, trainees will learn IoT basics, IoT attacks, IoT hacking tools, and IoT penetration testing.

Chapter 18.1: IoT Fundamentals

• Define IoT
• How IoT Works?
• IoT Architecture
• IoT Applications and Devices
• IoT Technologies and Protocols
• IoT Communication Models
• IoT Challenges
• Differentiate Threat and Opportunity

Chapter 18.2: IoT Attacks

• IoT Security Problems
• OWASP Best IoT Obstacles and Vulnerabilities
• IoT Attack Surface Areas
• IoT Threats
• Hacking IoT Devices
• IoT Attacks in various cases

Chapter 18.3: IoT Hacking Methodology and IoT Hacking Tools

• IoT Hacking Methodology
• Information Gathering Tools
• Sniffing and Vulnerability Scanning Tools
• Hacking Tools

Chapter 18.4: Counterattacks and IoT Penetration Testing

• Defending IoT Hacking
• Guidelines for IoT Device Manufacturing Companies
• OWASP Best IoT Vulnerabilities Solutions
• IoT Framework Security issues
• IoT Security Tools
• IoT Penetration Testing
   

Description:

This module will help you learn cloud computing basics, cloud computing threats, cloud security tools, and cloud penetration testing.

Chapter 19.1: Cloud Computing Basics

• Introduction to Cloud Computing
• Separating Responsibilities in Cloud
• Cloud Deployment Models
• NIST Cloud Computing Reference Architecture
• Cloud Computing Advantages
• Understanding Virtualisation

Chapter 19.2: Cloud Computing Threats and Attacks

• Cloud Computing Threats
• Service Hijacking through Network Sniffing
• Session Hijacking through XSS Attack and Session Riding
• DNS(Domain Name System) Attacks
• Side-Channel Attacks or Cross-guest VM Breaches
• SQL Injection Attacks
• Cryptanalysis and Wrapping Attacks
• Denial-of-Service(Dos) Attacks or Distributed Denial-of-Services Attacks
• Man-in-the-Cloud Attack

Chapter 19.3: Cloud Security and Cloud Security Tools

• Cloud Security Control Layers
• Cloud Security is the responsibility of Cloud Provider
• Cloud Computing Security Issues
• Placement of Security Controls in Cloud
• Best Methods for Securing Cloud
• NIST Recommendations for Cloud Security
•  Provider Cloud Security Compliance Checklist
• Cloud Security Tools

Chapter 19.4: Cloud Penetration Testing

• Define Cloud Penetration Testing
• Key Issues for the Cloud Penetration Testing
• Suggestions for Cloud Testing
   

Description:

Through this module, you will master the basic and important concepts of cryptography.

Chapter 20.1: Cryptography Basics and Encryption Algorithms

• Government Access to Keys
• Ciphers
• Data Encryption Standard
• Advanced Encryption Standard
• RC4, RC5, and RC6 Algorithms
• Twofish
• DSA and Related Signature Schemas
• Rivest Shamir Adleman(RSA)
• Diffie-Hellman
• Message Digest Functions

Chapter 20.2: Cryptography Tools

• MD5 Hash Calculators
• Hash Calculators for Mobile
• Cryptography Tools for Web and Mobile

Chapter 20.3: Public Key Infrastructure and Email Encryption

• Public Key Infrastructure
• Digital Signature
• Secure Sockets Layer(SSL)
• Transport Layer Security(TLS)
• Cryptography Toolkit
• Pretty Good Privacy(PGP)

Chapter 20.4: Disk Encryption and Cryptanalysis

• Disk Encryption Tools
• Cryptanalysis Methods
• Code Breaking Methodologies
• Cryptography Attacks
• Cryptanalysis Tools
• Online MD5 Encryption Tools

Chapter 20.5: Counterattacks

• Defending Cryptographic Attacks

Mindmajix offers advanced Ethical Hacker interview questions and answers along with Ethical Hacker resume samples. Take a free sample practice test before appearing in the certification to improve your chances of scoring high.