IFC3-Ethical Hacking This class will immerse the students into an interactive environment where they will be shown how to scan, test, hack and secure their own systems. The lab intensive environment gives each student in-depth knowledge and practical experience with the current essential security systems. Students will begin by understanding how perimeter defenses work and then be lead into scanning and attacking their own networks, no real network is harmed. Students then learn how intruders escalate privileges and what steps can be taken to secure a system. Students will also learn about Intrusion Detection, Policy Creation, Social Engineering, DDoS Attacks, Buffer Overflows and Virus Creation. When a student leaves this intensive two day class they will have hands on understanding and experience in Ethical Hacking.

About Ethical Hacking 

Hacking history : How it all began



Why is security needed?



What is ethical hacking?



Ethical Hacker Vs Malicious hacker



Types of Hackers



Building an approach for ethical hacking

Windows security & Google Hacking 

Windows security



Registry



Port & Services



Securing Windows



Looking for loop holes in windows



What is Google and how does it work?



Google tricks



Basic hacks



How can Google hacking help an Ethical Hacker?



Preventing Google crawls



Practical class: Case studies

Basics of Internet, Networking & Hacking 

What is a Network?



Types of network – LANs, WANs & WLANs.



What is Internet?



History of the Internet.



Basic Structure.



What is a Server?



What is an IP Address?



What is a domain name?



IP-Domain Relation.



Client-Server Relationship Model.



Internet networking.



What is a port?



What is Programming?



Types of programming languages.



What is a Programming loophole or error? Basic explanation of exploitation of loopholes.



Scanning 

What is Scanning?



Objectives of Scanning



Practical Class



Scanning tools to be used:



Nmap



Null Scan



Firewalk



XMAS Scan



NIKTO



GFI Languard

Types of threats in the Internet age 

Viruses: Trojans, Worms, Malware, Spyware



Modes of spreading



Different Ways a Trojan can Get into a System



Indications of a Trojan Attack



Some Famous Trojans and Ports They Use



How to Determine which Ports are Listening



Concepts



Famous Trojans



How to Detect Trojans?



Netstat



MS Configuration Utility



Countermeasures



Phishing sites



Sniffers



Spoofing



Session Hijacking



Spoofing Vs Hijacking



Types of Hijacking

E-Mail Hacking, Firewalls & DOS attacks 

How does an email work?



Tracing an email



Spam



What is spamming?



Laws about spamming



Fake emails



Detecting fake emails



What is a firewall? & How can it help you



How a firewall works



Demo on installing and using firewall



What is a DOS attack?



What is a DDOS attack?



DOS Vs DDOS



Types of DOS attacks



Key loggers & how it works?

Hacking web servers 

Web Application Vulnerabilities



Web based password cracking techniques



SQL injection



PHP injection



Hacking wireless networks

LINUX 

What is LINUX



LINUX Vs Windows



Advantages and disadvantages over each other



Cost factor



Support



GUI & Security factor



Ubuntu: A flavor of LINUX



More on Session hijacking



Understanding sessions



Passive Vs Active session hijack



TCP sessions and HTTP sessions



TCP session hijacking: Telnet



Stealing Cookies to hijack session ID: XSS

SQL Injection 

Defining SQL



Understanding web application



Using SQL to login via middleware language



Checking SQL injection vulnerability



URL and Forms



SQL Query SELECT, DROP etc.



SQL cheat sheets



Using source changes to bypass client side validation



PHP magic quotes



Using SQL injection tools



Importance of server side validation

Sniffing 

Introduction: Active Vs passive



DNS, ARP



Tools: Wireshark, Ettercap, Cain n Abel



Detecting sniffing



DNS poisoning



Router hacking



Emulating WAN Sniffing

Cryptography 

Introduction to Cryptography



Encryption and Decryption



Cryptographic Algorithms



DES



RSA



RC6



MD5



SHA



Secure Socket Layer



Digital signature



Cryptography tools



Cryptography attacks

Password Cracking 

How to steal passwords



Hashing algorithm



Active brute force attack



Passive brute force attack Web based password cracking techniques



Tools to be used 

Kali Linux



VM Ware



MetaSploit



NMap



Hping3



SqlMap

Zonal Competition After the hands on theory and practical experience from the workshop, Zonal Round Competition will be conducted for the participants.

Other IFC3 MODULES:1) Cloud Computing 2) Android Development 3) Linux Server and Security 4) Cisco Networking