CyberCure Solutions

Certified Information Security Specialist

2 (16 Hrs. 8 hrs/Day) Days Workshop Course Curriculum

Ethical Hacking: Legal or illegal?

Concepts of Hacking o Ethical Hacking and Information Security : Definition o Who is hacker (Security Expert)? o How to become a Hacker? o Why do we need hackers? o Case Studies: Hackers Methodology and Innovation o Difference between hacker and cracker? Types of Hackers(As per Knowledge) o Coders o Admins o Script Kiddies Types of Hackers(As per Working) o White hat hackers o Black hat hackers o Grey hat hackers o Hacktivists (Cyber Terrorists) How to secure yourself from Attackers How to Stop Attackers Indian Cyber Law o Real Scenario o Types of Cyber Crime o Indian IT Act 2000

E-Mails: exploitation and Security

What is an E-mail Working of E-mail Traveling of an E-Mail Email Servers o Definition o Usage E-mail Forgery o Anonymous Mailing techniques Using Websites Using Self Developed PHP Script o E-Mail Bombers Security to Anonymous Mailing o Can User stop Receiving Fake Mails? 2

o o

Tracing an Attacker Proving a Fake Mail

Attacks on E-Mail Password o Attackers Anatomy and Psychology while hacking the passwords o Technical Attacks Using Fake Websites: Phishing Keyloggers o Non-Technical Attacks Shoulder Surfing Dumpster Diving Social Engineering

Securing the E-Mail Passwords o Password Policies o Benefits of SSL Certificate for a User. o Anti Trust Policies Email Forensics o E-Mail Header Analysis o WhoisLookUp Query o Tracing a Sender of an E-Mail Tracing Senders IP Address Tracing Senders Location

Inside Threats: Operating System Hacking and Security

Introduction to System Softwares o Windows o Ubuntu(Linux) o Back Track(Live OS) Windows Security Components and Working o Windows Security Components o User Account Login Process Implementation of Virtualization o VM Ware Workstation Installation and Usage Windows Linux o Oracle Virtual Box o MS Virtual PC

Attacks on Windows Login Password o Resetting Windows login password without the old password 3

Removing Windows login password without the old password

Other Security Measure o BIOS User and Supervisory password o Biometric o Implementing Syskey File Encryption Windows Inbuilt Flaws and Security Loopholes o Hidden Accounts o Backdoor Via Sticky Keys o Administrator Escalation on Limited accounts Invading into Computer System o Recovering BIOS Password o Recovering Biometric Password o Disabling Syskey File Encryption Optimizing Windows Computer System o Steganography Hiding Files behind an Image Restrict Hackers into box o Restricting Access to Files & Folders ACLs Calculation o Configuring Strong Password o Changing Boot Order o BIOS Password o Physical Security

Malwares: Trojan, Viruses & Worms

What are malwares? Trojans o What is a Trojan? o Types of Trojans Trojan Attack Methods o Direct Connection o Reverse Connection Some Knows Trojans Detection of Trojan o Using Anti-Trojan Software o Manual Detection TCP View Process Viewer Process Explorer Viruses Working and Functionality of Viruses Development 4

Batch Programming Programming Development of Folder lockers Developing Professional Security tools Compilation and EXE Generation Detection and Manual Removal o Detecting Viruses o Process Monitoring o Manual Removal of Viruses o

Playing with Networks

Introduction to the LAN(Local Area Networks) o What is Network? o What is networking? o Understanding Network Devices o o Wireless Hacking( Wi-Fi WEP Key Cracking) Flaws and Security Attacks on Networks Sniffing MITM(ARP Poisoning) Live Demonstration

Secure Network Configuration o Configuring Anti-Sniffers o MAC Filtering Restrictions o Configuration of WPA2 Keys

Internet World Wide Web attacks

Introduction to Web Application Security o What is Web Server o What is Database Servers o The Web Login Process o What is Web application Security o Why is Web application Security Important Understanding Attack Vectors o Vulnerabilities & Evolving Threats o Exploit Analysis Web Application Attacks o SQL Injection Basic Injection Advance Injections o Google Dorks Using Google as an Expert 5

Directory Traversal Attacks Sever Side code Retrieval Putting breaks on Web Application attacks o Proper Monitoring o Proper Input Validation o Deny Google to your Website o Finding Backdoors in the Website o Secure Programming Mozilla Firefox as a Hacking tool Bypassing Proxy Intermediate o What is Proxy o Bypassing a Proxy Opening Block Websites o Using Google as Proxy o

Mobile Hacking VOIP and Android

Introduction to Mobile Technology o Operating Systems Series 60 Nokia Android from Google VOIP Definition and Usage o What is VOIP o Requirements for Setting up VOIP server Asterisk Configuration SIP Connections Call Forgery o Call from any number Using Soft Phones Using Websites Using Series 60 mobile Phones SMS Forgery o Sending SMS from any number o Attack on Facebook Security to Mobile Attacks o Call Data Records Recognition o VOIP Identification o Nigerian 419 Scam(Advance Fee Attacks) Android o Running android on Laptops

Software Reverse Engineering

What is Reverse Engineering Software - Definition Disassembling the Softwares o Getting the code of EXEs 6

o Manipulating the Code of EXEs Dis-assemblers & Debuggers o Olly DBG o Windows Dis-assembler Software Cracking & Serial Key Phishing o Analysing Assembly Code of Software o Tracing the Error Message o Setting Break Point o Stepping the Assembly Code o Checking the Registers for the Key Software Patching o Disassembling a Software o Error Tracing o Decoding the Instructions o Generating Patch to inject the instruction o Running the Patch Applying Application Security o Introduction to Application Encryption o Using the Setup Encrypters o Applying strong Serial Key Algorithms