[ Certified Ethical Hacker v10 ] :: [ Syllabus ]

Apple
This entry is part 2 of 29 in the series [ Certified Ethical Hacker Training ]

¬†SYLLABUS Text: CEHv10 Study Guide, by Sean-Philip Oriyano (provided by UNM) The Hacker Playbook 3, by Peter Kim (optional and student-bought, but encouraged) Past texts: # Certified Ethical Hacker Exam Guide, Third Edition, by Matt Walker # CEH v9: Certified Ethical Hacker Version 9 Study Guide 3rd Edition, by Sean-Philip Oriyano Learning Objectives Gaining a …

[ Certified Ethical Hacker v10 ] :: [ Chapters 1 & 2 ] :: Footprinting and Reconnaissance

This entry is part 3 of 29 in the series [ Certified Ethical Hacker Training ]

Introductions Short bios and description of experience Assessment test: https://www.eccouncil.org/programs/certified-ethical-hacker-ceh/ceh-assessment/ DURING THE COVID-19 RESPONSE: Free and discounted materials from EC-Council: https://www.eccouncil.org/free-cybersecurity-resources/ 30 days of free access to Code Red courses: https://codered.eccouncil.org/ DON’T BUY YOUR TEST VOUCHERS ONLINE. BUY THEM LOCALLY: Vickie Eha 505-910-4173 vickie dot eha at eccouncil.org Study Guide: Modules 1 and 2 Module …

[ Certified Ethical Hacker v10 ] :: [ Chapter 3 ] :: Scanning

Apple
This entry is part 4 of 29 in the series [ Certified Ethical Hacker Training ]

Chapter 3: Scanning Stage 2 of a Hack: Scanning, Enumeration and Vulnerability Analysis Pings and ping sweeps Port scanning traceroute Port scans Network scans Vulnerability scans TCP and UDP scans nmap nmap – https://nmap.org/, http://scanme.nmap.org/ nmap vs. scapy – https://blog.stalkr.net/2010/05/udp-scan-with-icmp-port-unreachable-and.html Videos on Nmap “Nmap Tutorial for Beginners – 1” https://www.youtube.com/watch?v=5MTZdN9TEO4 Note the switches: -A, -v …

[ Certified Ethical Hacker v10 ] :: [ Chapter 3 cont’d ] :: Enumeration

Apple
This entry is part 5 of 29 in the series [ Certified Ethical Hacker Training ]

Chapter 3 Continued: Enumeration Stage 2 of a Hack: Scanning, Enumeration and Vulnerability Analysis Windows Enumeration NetBIOS: services, names and details nbtstat # nbtstat enumerates your current sessions. # It requires at least one switch. Remember -s or -S. nbtstat -s # Make nbtstat list addresses from a remote system: nbtstat -a <NetBIOS name or …

[ Certified Ethical Hacker v10 ] :: [ Chapter 4 ] :: Sniffing, Evasion and Packet Analysis

This entry is part 7 of 29 in the series [ Certified Ethical Hacker Training ]

Chapter 4: Sniffing, Evasion and Packet Analysis This is kind of an odd grouping, especially because “sniffing” doesn’t sound that different from “scanning,” which we did several steps ago. Learn how to split this hair: scanning is looking for hosts and ports, sniffing is capturing and examining traffic. (Yes, that’s wildly oversimplified.) Using Wireshark, tshark …

[ Certified Ethical Hacker v10 ] :: [ Chapter 5 ] :: System Hacking

Apple
This entry is part 8 of 29 in the series [ Certified Ethical Hacker Training ]

A hacker only needs to be right once. ECC’s System Hacking Goals Gaining Access One of the most common ways to gain access to a system is by seeing, asking for, stealing or cracking a password. See the next section, Hash Cracking, for examples and explanation. Windows can be a juicy target because Windows domains …

[ Certified Ethical Hacker v10 ] :: [ Chapter 5 cont’d] :: Hash Cracking

This entry is part 9 of 29 in the series [ Certified Ethical Hacker Training ]

Hash Cracking Passwords Hash-cracking communities: https://hashes.org/crackers.php Password dictionaries: https://wiki.skullsecurity.org/Passwords Kali supplies you with several wordlists and hash lists in /usr/share/. John the Ripper John the Ripper is quite old, and still an excellent tool. John can use Kali’s built-in wordlists: /usr/share/wordlists/rockyou.txt.gz etc. “How to crack passwords using john the ripper in kali linux” https://www.youtube.com/watch?v=eAn8dYdn1eY Exercises …

[ Certified Ethical Hacker v10 ] :: [ Chapter 6 ] :: Web Servers and Applications

This entry is part 10 of 29 in the series [ Certified Ethical Hacker Training ]

Hacking Web Servers and Applications Tools to Know for Reconnaisance, Scanning and Attacking Web Servers and Applications Discovering Server Details Netcraft whatweb <target ip> -v # for a single target whatweb -v 192.168.0.1/24 # for a subnet ua-tester -u www.schoolforhackers.com -d M D uniscan-gui¬† # opens a GUI Tampering with Server Requests Tamper Data / …