Scribd Logo
Hochladen

Willkommen bei Scribd!

  • Ethical Hacking and Countermeasures Course Outline - EC-Council12

    Hochgeladen von

    farah_nishu
    19 Ansichten2 Seiten
    Paper

    Originaltitel

    Ethical Hacking and Countermeasures Course Outline _ EC-Council12

    Copyright

    © © All Rights Reserved

    Verfügbare Formate

    PDF, TXT oder online auf Scribd lesen

    Stufen Sie dieses Dokument als nützlich ein?

    Sind diese Inhalte unangemessen?

    Dieses Dokument melden
    Paper

    Copyright:

    © All Rights Reserved
    Als PDF, TXT herunterladen oder online auf Scribd lesen
    Markieren Sie unangemessene Inhalte
    19 Ansichten2 Seiten

    Ethical Hacking and Countermeasures Course Outline - EC-Council12

    Hochgeladen von

    farah_nishu
    Paper

    Copyright:

    © All Rights Reserved
    Als PDF, TXT herunterladen oder online auf Scribd lesen
    Markieren Sie unangemessene Inhalte
    von 2

    CEHv8Curriculumconsistsofinstructorledtrainingandselfstudy.

    The
    Instructorwillprovidethedetailsofselfstudymodulestothestudents
    beginningoftheclass.

    CEHCourseOutline

    01 Introduction to Ethical
    Hacking
    02 Footprinting and
    Reconnaissance

    WebApplicationSecurityStatistics
    IntroductiontoWebApplications

    03 Scanning Networks

    WebApplicationComponents

    04 Enumeration

    HowWebApplicationsWork?
    WebApplicationArchitecture

    05 System Hacking
    06 Trojans and Backdoors
    07 Viruses and Worms

    Web2.0Applications
    VulnerabilityStack
    WebAttackVectors
    WebApplicationThreats1

    08 Sniffers

    WebApplicationThreats2

    09 Social Engineering

    UnvalidatedInput
    Parameter/FormTampering

    10 Denial of Service

    DirectoryTraversal

    11 Session Hijacking

    SecurityMisconfiguration

    12 Hijacking Webservers

    InjectionFlaws
    SQLInjectionAttacks

    13 Hacking Web Applications


    14 SQL Injection

    CommandInjectionAttacks
    CommandInjectionExample
    FileInjectionAttack

    15 Hacking Wireless
    Networks

    WhatisLDAPInjection?
    HowLDAPInjectionWorks?

    16 Evading IDS, Firewalls,


    and Honeypots

    HiddenFieldManipulationAttack

    17 Buffer Overflow

    CrossSiteScripting(XSS)Attacks
    HowXSSAttacksWork?

    18 Cryptography

    CrossSiteScriptingAttackScenario:AttackviaEmail
    XSSExample:AttackviaEmail

    19 Penetration Testing

    XSSExample:StealingUsers'Cookies
    XSSExample:SendinganUnauthorizedRequest
    XSSAttackinBlogPosting
    XSSAttackinCommentField
    XSSCheatSheet
    CrossSiteRequestForgery(CSRF)Attack

    HowCSRFAttacksWork?
    WebApplicationDenialofService(DoS)Attack
    DenialofService(DoS)Examples
    BufferOverflowAttacks
    Cookie/SessionPoisoning
    HowCookiePoisoningWorks?
    SessionFixationAttack
    InsufficientTransportLayerProtection
    ImproperErrorHandling
    InsecureCryptographicStorage
    BrokenAuthenticationandSessionManagement
    UnvalidatedRedirectsandForwards
    WebServicesArchitecture
    WebServicesAttack
    WebServicesFootprintingAttack
    WebServicesXMLPoisoning
    FootprintWebInfrastructure
    FootprintWebInfrastructure:ServerDiscovery
    FootprintWebInfrastructure:ServerIdentification/BannerGrabbing
    FootprintWebInfrastructure:HiddenContentDiscovery
    WebSpideringUsingBurpSuite
    HackingWebServers
    WebServerHackingTool:WebInspect
    AnalyzeWebApplications
    AnalyzeWebApplications:IdentifyEntryPointsforUserInput
    AnalyzeWebApplications:IdentifyServerSideTechnologies
    AnalyzeWebApplications:IdentifyServerSideFunctionality
    AnalyzeWebApplications:MaptheAttackSurface
    AttackAuthenticationMechanism
    UsernameEnumeration
    PasswordAttacks:PasswordFunctionalityExploits
    PasswordAttacks:PasswordGuessing
    PasswordAttacks:Bruteforcing
    SessionAttacks:SessionIDPrediction/Bruteforcing
    CookieExploitation:CookiePoisoning
    AuthorizationAttack
    HTTPRequestTampering
    AuthorizationAttack:CookieParameterTampering
    SessionManagementAttack
    AttackingSessionTokenGenerationMechanism
    AttackingSessionTokensHandlingMechanism:SessionTokenSniffing
    InjectionAttacks
    AttackDataConnectivity
    ConnectionStringInjection
    ConnectionStringParameterPollution(CSPP)Attacks
    ConnectionPoolDoS
    AttackWebAppClient
    AttackWebServices
    WebServicesProbingAttacks

    Das könnte Ihnen auch gefallen