Ethical Hacking & Cyber Forensics workshop

2 Days (8 Hrs per Day)

 Ethical Hacking
 Web Application Penetration Testing
 Google Hacking
 Emails : Exploitation and Security
 Inside Threads: Operating System Hacking
 Virus Writing
 Playing with Networks
 Software Reverse Engineering
 Mobile Hacking
 “Certified Information Security Specialist”
2 (8Hrs/Day) Days Workshop Course Curriculum

ETHICAL HACKING: LEGAL OR ILLEGAL?

 Concepts of Hacking
o Ethical Hacking and Information Security : Definition
o Who is Hacker (Security Expert)?
o How to become a Hacker?
o Why do we need hackers?
o Case Studies: Hackers Methodology and Innovation
o Difference between hacker and cracker?
 Types of Hackers(As per Knowledge)
o Coders
o Admins
o Script Kiddies
 Types of Hackers(As per working)
o White Hat Hackers
o Black Hat Hackers
o Grey Hat Hackers
o Hacktivists (Cyber Terrorists)
 How to secure yourself from Attackers
 How to stop Attackers
 Indian Cyber Law
o Real Scenario
o Types of Cyber Crime
o Indian IT Act 2000

Web Application Penetration Testing:

 Introduction to Penetration Testing

 Legal and Ethical Implications
 Types of Penetration Testing
o White Box Penetration Testing
 o Black Box Penetration Testing
o Grey Box Penetration Testing

 Setting Up Web Application Penetration Testing Lab

o Collecting and Installing PenTest Tools
o Flexible Browser with Security Add-ons
o Setting up Browser Proxies

 Beginning Application Penetration Testing

 Identification of Application Entry Points
o Get and Post Parameters
 Testing for Security Vulnerabilities
o SQL Injection
o Cross Site Scripting
o Session Hijacking
o Local and Remote File Inclusion Attacks
o Parameter Tampering

Google Hacking

 Working of Google and its methodology

o Introduction to Crawlers, Bots
o Caching Process of Crawlers
 Various Roles of Google as a Friend of Hacker
o Advance Google Search Operators
o Directory Traversal Tool
 Finding Directory Listings
 Locating Specific Directories
 Various Attacks with the help of Google
o Password Harvesting
o Controlling CCTV Camera

E-mails: Exploitation and Security

 What is an E-mail?
 Working of E-mail?
 Travelling of an E-mail
 Email Server
o Definition
o Usage
 E-mail Forgery
o Anonymous Mailing techniques
 Using Websites
 Using Self Developed PHP Script
o E-Mail Bombers
 Security to Anonymous Mailing
o Can User Stop Receiving Fake Mile?
o Tracing an attacker
o Proving a Fake Mail
 Attacks on E-mail Password
o Attackers Anatomy and Psychology while hacking the passwords
o Technical Attacks
 Using Fake Websites: Phishing
 Key loggers
o Non-Technical Attacks
 Shoulder Suffering
 Dumpster Diving
 Social Engineering
 Securing the E-mail Passwords
o Password Policies
o Benefits of SSL Certificates for a User
o Anti-Trust Policies
 Email Forensics
o E-mail Header Analysis
o WhoisLookUp Query
o Tracing a Sender of an E-Mail
 Tracing Sender’s IP Address
 Tracing Sender’s Location
 Inside Threats: Operating System Hacking and Security

 Introduction to System Software

o Windows
o Ubuntu (Linux)
o Kali (Live OS)
 Windows Security Components and Working
o Windows Security Components
o User Account Login Process
 Implementation of Virtualization
o VM Ware Workstation
 Installation and Usage
 Windows
 Linux
o Oracle Virtual Box
o MS Virtual PC

 Attacks on Windows Login Password

o Resetting Windows Login Password without the old password
o Removing Windows login password without the old password

 Other Security Measure

o BIOS User and Supervisory password
o Biometric
o Implementing Syskey File Encryption
 Windows inbuilt Flaws and Security Loopholes
o Hidden Accounts
o Backdoor Via Sticky Keys
o Administrator Escalation on Limited accounts

 Invading into Computer System

o Recovering BIOS Password
 o Recovering Biometric Password
o Disabling Syskey File Encryption
 Optimizing Windows Computer System
o Steganography
 Hiding Files behind an Image
 Restrict Hackers into Box
o Restricting Access to Files and Folders
 ACLs Calculation
o Configuration Strong Password
o Changing Boot Order
o BIOS Password
o Physical Securities

Malwares: Trojan, Viruses and Worms

 What are malwares?

 Trojans
o What is Trojan?
o Types of Trojan
 Trojan Attack Methods
o Direct Connections
o Reverse Connection
 Some Knows Trojans
 Detection of Trojans
o Using Anti-Trojan Software
o Manual Detection
 TCP View
 Process Viewer
 Process Explorer
 Viruses
 Working and Functionality
 Development
o Batch Programming
 Programming
 Development of folder lockers
 Development professional security tools
 Compilation and EXE Generation

• Detection and Manual Removal

o Detecting Viruses
o Process Monitoring
o Manual Removal of Viruses

Playing With Networks

 Introduction to the LAN(Local Area Network)

o What is Network?
o What is networking?
o Understanding Network Devices
o Wireless Hacking(Wi-Fi WEP Key Cracking)
 Flaws and Security
o Attacks on Networks
 Sniffing
 MITM(ARP Poisoning)
 Live Demonstration
 Secure Network Configuration
o Configuring Anti-Sniffers
o MAC Filtering Restrictions
o Configuration of WPA2 KEYS
 Software Reverse Engineering

 What is Reverse Engineering

 Software- Definition
 Disassembling the Software’s
o Getting the Code of EXEs
o Manipulating the codes of EXEs
 Dis-Assemblers and Debuggers
o Olly DBG
o Windows Dis-assembler
 Software Cracking and Serial Key Phishing
o Analyzing Assembly Code of Software
o Tracing the Error Message
o Setting the Assembly Code
o Checking the Registers for the Key
 Software Patching
o Disassembling a software
o Error Tracing
o Decoding the Instructions
o Generating patch to inject the instruction
o Running the patch
 Applying application Security
o Introduction to Application Encryption
o Using the Setup Encrypters
o Applying Strong Serial Key Algorithm
 Mobile Hacking – VOIP and Android

 Attacks for Faking Caller ID

o Call from any Number
 Using Soft Phones
 Using Websites
 SMS Forgery
o Sending SMS from any number
o Attack on Facebook
 Mobile Trojans