Professional Ethical Hacker course outline

Module 00 - Setup Lab

Overview To Virtualization Technology

Setup VMware Workstation

Overview Backtrack 5 R3

Setup and update backtrack 5 r3 on VMware Workstation

Install Backtrack 5 R3 On USB Flash Memory

Overview Kali Linux

Install and update Kali Linux on VMware Workstation

What is metasploit?

Install and update metasploit?

Module 01 - Introduction Ethical Hacking

Understanding Ethical Hacking Terminology

Identifying Different Types of Hacking Technologies

Understanding the Different Phases Involved in Ethical Hacking and Listing the Five
Stages of Ethical Hacking

Hacker Classes

Security consists of four basic elements

Security, Functionality, and Ease of Use Triangle

Penetration Testing

Testing Types

Types of Ethical Hacks

Types of Vulnerabilities

Vulnerability Research web sites

Exploits Type

Exploits Research web site

Penetration Test Report

Module 02 - Footprinting and Reconnaissance

Define the Term Footprinting

Describe the Information Gathering Methodology

Reconnaissance Type

Describe Competitive Intelligence

Understand Domain Name System (DNS)

Identify Different Types of DNS Records

Understand DNS Enumeration

Understand DNS Zone Transfer AXFR OR IXFR

Understand Whois

whois in backtrack

Understand Google Hacking

Understand robots.txt file

Google Site Operator

Understand email enumeration

SiteDigger Tools

Understand people search

Understand metadata collector

Understand How Traceroute

Email Tracing

Understand Exif Viewer

Understand Footprinting Web server

Fine type web server

Understand mirroring websites

Understand banner grabbing

Understand SSL analysis

Understand Load Balancing Detector

detect web application firewall

help websites

PassiveRecon Firefox add-ons

Module 03 - Scanning Methodology

Understanding the Different Phases Involved in Ethical Hacking and Listing the Five
Stages of Ethical Hacking

Scan type

Understand the CEH Scanning Methodology

Understand TCP Header

Understand UDP Header

Understand Three Way Handshake

Understand packet crafting

packet craft by scapy

Understand Ping Sweep Techniques

Understand TCP Flags

Understand TCP connect / full scan

Understand Stealth Scan / half open scan

Understand Ack Scan

Understand FIN scan

Understand Xmas scan

Understand NULL Scan

Understand Idel Scan

Understand UDP Scan

Understand Firewalking

Understand Port Scan Decoys

Understand O.S Fingerprinting

Passive fingerprinting tools

Active fingerprinter

Banner Grabbing

Scan network by Windows tools

Scan with Dradis framework

Sacn by metasploit armitage

Scan by Cobalt Strike

Understand Vulnerability scanning

Nmap Scripting Engine (NSE)

Nessus Tools

Acunetix Web Vulnerability Scanner

W3af Web Vulnerability Scanner

netsparker web vulnerability scanner

Scan service vulnerability by metasploit armitage

Scan service vulnerability by Cobalt Strike

Understand Proxy Servers

Understand How Proxy Servers Are Used

TOR Proxy chaining software

Understand Anonymizers

Understand HTTP Tunneling Techniques

Understand SSH Tunneling Techniques

Understand IP Spoofing

Module 04 - Enumeration Methodology

What Is Enumeration?
Understanding NetBIOS null sessions
Understanding SNMP Enumeration
Understand Mail Server enumeration ( SMTP)
Test mail server for an open relay
Mail Server enumeration users
Understand LDAP Enumeration
Understand DNS Enumeration

Module 05 - System Hacking

Understanding Password-Cracking Techniques

Understanding Network Environment Types
Different Types of Password-Cracking
Crack Password Techniques
Passive online attacks
Active online attacks
Stealing Passwords Using USB drive
What is LAN Manager Hash?
Understanding SAM file
Offline Password Cracking (Crack SAM password By backtrack)
Crack Administrator Password in Windows 2008 Domain Controller
Understanding shadow file

Offline Password Cracking (Crack Root Password In Unix)

Understanding Hashcat Tools And GPU Techniques
Understanding Privilege Escalation
Understanding Keyloggers and Spyware Technologies
Hardware keylogger & Software keylogger
Windows Keylogger Tools
Metasploit Keylogger And Privilege Escalation Techniques
Understanding Spyware
Spyware Tools
Understanding Rootkits
Understanding How to Hide Files
NTFS File Streaming
Understanding Steganography Technologies
Understanding How to Cover You Tracks and Erase Evidence

Module 06 - Trojans, Backdoors, Viruses and Worms

What is Backdoors ?
What Is a Trojan Horse ?
What Is Meant by Overt and Covert Channels?
List the Different Types of Trojans
How Do Reverse-Connecting Trojans Work?
Windows Trojans Tools
Linux Trojan Tools metasploit
install metasploit on ubuntu
Generating Payloads By Metasploit
What Is Meant by Wrapping?
Wrapping Tools (Windows and Linux Wrapping Tools )
Metasploit Wrapping Tools
Wrapping by Metasploit
Understand How To Encoding Trojan
Understand Botnet Malware
Botnet Tools Zeus
What Is a Virus?
What Is a Worm?
Understand the Types of Viruses
Same Tools Can Make Viruses and Worms

Module 07 - Sniffers and Phishing

What is Sniffers?

Understand Active and Passive Sniffing

Understand Hub VS Switch

Understand ARP Poisoning

Understand Man In The Middle (MITM)

Man In The Middle (MITM) By Backtrack

Sniff HTTPS Traffic

Understand MAC flooding

Understand DHCP Starvation

DHCP Starvation Techniques

Understand MAC Spoofing

MAC Spoofing Tools (windows and Linux tools)

What is phishing?

How To Make phishing website

Understand DNS Cache Poisoning

Module 08 - Wireless Hacking

Overview Wireless Network

Understand Wireless Concept
Overview of WEP Encryption
How WEP Work?
Understand Injection Features
Crack WEP with connected client by Aircrack (fake authentication attack)
Crack WEP No connected client (fake authentication attack)
Crack WEP Aircrack (KoreK chopchop attack)
Crack WEP By Gerix Tool
Overview of WAP Encryption

How WAP Work?

Four Way Handshake
Crack WPA Encryption By Brute force Attack (Dictionary Attack)
Overview of WAP2 Encryption
How WAP2 Work?
Crack a WPA2 Encryption
Crack a WPA Encryption with Reaver Tool ( wps Attack )
Understand Fake Access Point
Make Fake AP By easy-creds

Module 09 - Hacking Web Servers and Web Application Vulnerabilities

Understand Web Server

List the Types of Web Server Vulnerabilities

Understand Web Application

Understand HTTP Protocol?

Understand HTTP Request Message

Understand HTTP Response Message

Understand HTTP Methods

HTTP Response Codes

Burp Suite Professional

What is Mutillidae?

What is (DVWA) Damn Vulnerable Web Application?

What is Metasploitable2-Linux?

Web Application Threats

What is a cookie?

Understand Cross-site Scripting (XSS)

Persistent XSS Attacks

Reflected XSS Attacks

Reflected XSS Attacks Threat

Reflected XSS Attacks with session hijacking

Persistent XSS Attacks With Metasploit

Understand Command Execution vulnerability

Command Execution With Metasploit Attacks Web Server

Understand Brute Force vulnerability

Brute Force Attacks

Understand File Inclusion vulnerability

Local File Inclusion (LFI)

Remote File Inclusion (RFI)

Understand web shell

Local File Inclusion (LFI) Threat

Remote File Inclusion (RFI) Threat With Metasploit

Understand File Upload Vulnerability

Remote File Upload Threat With Metasploit

Remote File Upload With SHELL

Understand CSRF Vulnerability

Understand SQL Injection Vulnerability

Understand Database

Understand discover SQL Injection

SQL Injection Threat

SQL Injection authentication bypass

Automate SQL Injection using Havij

Automate SQL Injection using sqlmap

SQL Injection Threat data retrieval

Understand Order by & Union Select Techniques

Read files by NULL SQL Injection Techniques

Insert Database by SQL Injection Techniques

Understand Blind SQL Injection

Read files by Blind SQL Injection Techniques

Module 10 - windows and Linux Hacking

Understand Server Side Attack & Client Side Attack

(Server side attack) Hack Windows BY (ms08_067_netapi) exploit

Hack Windows BY (ms08_067_netapi) Technique

Hack Windows BY Payload + (ms08_067_netapi) exploit

(Server side attack) Hack Windows server BY (ms03_026_dcom) exploit

(Client side attack) Hack Windows BY Java_signed_Applet

Java_Applet (HTTP shell with AES encryption) + Phishing + Spoof DNS

(Client side attack) Hack Windows BY browser_autopwn

(Client side attack) Hack Windows BY Mozilla Firefox Bootstrapped Add-on

Hack Windows BY Encoding Payload (Bypass All Antiviruses)

Hack windows BY Fake Software Update

Hack windows server 2008 R2 with MS12-020

Hack Linux By PAYLOAD