Video Tutorials : Academy Hacking Penetration Testing and Countermeasures Training

Academy Hacking Penetration Testing and Countermeasures Training

Academy Hacking Penetration Testing and Countermeasures Training

AVI / XviD 1468 Kbps | 672х368 | 23.976 fps | MP3 128 kbps | 17CDs

Language: English

Package Includes:

Featuring live instructor-led classroom sessions with full audio, video and Career

demonstration components

Printable courseware

300+ Penetration Testing Review Questions

eWorkbook - 725 pages Student eWorkbook by Logical Security

Our training videos will show you how to scan, test, hack and secure your own systems. The intensive demonstrations give each student in-depth knowledge and practical experience with the current security systems. You will begin by understanding how perimeter defenses work and then be lead into scanning and attacking your own networks. You will then learn how intruders escalate privileges and what steps can be taken to secure a system. Students will also learn about Penetration Testing and Countermeasures, Intrusion Detection, Policy Creation, Social Engineering, DDoS Attacks, Buffer Overflows and Virus Creation.


Michael J Lester - (CISSP, MCSE:Messaging & Security, MCSE+I, MCSA, MCT, CCNP, CCDP, CCSE+, CCI, CCEA, CTT+, Linux+, Security+, Network+, I-net+, A+)

Michael holds a Bachelor of Science degree in Information Technology, and is a senior consultant and instructor for MicroLink Corporation. He divides his time between consulting and teaching. In his consulting work he performs security audits, penetration testing, network reconfigurations and design, and general troubleshooting for a range of small to large businesses. He has taught and written curricula for a variety of courses, including bootcamps for Microsoft and Cisco certification, Check Point, Citrix and IT security, and has worked for IBM Learning Services, the University of Miami and other institutions. For the individual needs of his clients he has created specialized courses that combine several technologies into week-long, hands-on training workshops.

Course Detail:

Module 1

Ethical Hacking and Penetration Testing

Security 101

Hacking Hall of Fame

What are Today's hackers Like?

Today's Hackers

Risk Management

Evolution of Threats

Typical Vulnerability Life Cycle

What is Ethical Hacking?

Rise of the Ethical Hacker

Types of Security Test

Penetration Test (Pen-test)

Red Teams

Testing Methodology

VMWare Workstation

Windows and Linux Running VMWare

Linux Is a Must

Linux Survival Skills

Useful vi Editor Commands

Module 1 Review

Module 2

Footprinting and Reconnaissance

Desired Information

Find Information by the Target (Edgar)

Network Reconnaissance & DNS Search

Query Whois Databases

Command-Line Whois Searches

ARIN whois: Search IP Address Blocks

SamSpade Tool and Website

Internet Presence

Look Through Source Code

Mirror Website

Find Specific Types of Systems

Big Brother


Specific Data Being Available?


Countermeasures to Information Leakage

Social Engineering

DNS Zone Transfer

Nslookup command-line utility

Zone Transfer from Linux

Automated Zone Transfers

Zone Transfer Countermeasures

DNS Quick Check - DNS Report Tool, Test your DNS delegation, DNS Servers, Mail and Web Servers, Network Admins, Webmasters, Hosting

Tracing Out a Network Path

tracert Output

Free Tools


War Dialing for Hanging Modems

Manual and Automated War Dialing

Case Study

Guide Dogs for the Blind: Pairing people with trained service dogs at no charge

Footprinting Countermeasures

Demo - Footprinting & Info Gathering

Module 2 Review

Module 3

TCP/IP Basics and Scanning

The OSI Model

TCP/IP Protocol Suite Layers


Data-Link Protocols

IP - Internet Protocol, Datagram (Packet)

ICMP Packets

UDP ?User Datagram Protocol

UDP Datagram

TCP ?Transmission Control Protocol

TCP Segment

TCP/IP 3-Way Handshake and Flags

TCP and UDP Ports

Ping Sweeps

Good Old Ping, Nmap, TCP Ping Sweep

TCP Sweep Traffic Captured

Unix Pinging Utilities

Default TTLs

Pinging Countermeasures

Port Scanning


Advanced Probing Techniques


Port Probing Countermeasures

Watch Your Own Ports

Demo - Scanning Tools

Module 3 Review

Module 4

Enumeration and Verification

Operating System Identification

Differences Between OS TCP/IP Stack

Nmap -O

Active vs Passive Fingerprinting



SNMP Overview

SNMP Enumeration

SMTP, Finger, and E-mail Aliases

Gleaning Information from SMTP

SMTP E-mail Alias Enumeration

SMTP Enumeration Countermeasures


Attack Methodology

Find Domains and Computers

NetBIOS Data


NULL Session

Local and Domain Users

Find Shares with net view

enum: the All-in-one

Winfo and NTInfoScan (ntis.exe)

Digging in the Registry

NetBIOS Attack Summary

NetBIOS Countermeasures

What? this SID Thing Anyway?

Common SIDs and RIDs




psgetsid.exe and UserDump Tool

LDAP and Active Directory

GUI Tools to Perform the Same Actions

Demo - Enumeration

Module 4 Review

Module 5

Hacking & Defending Wireless/Modems

Phone Numbers & Modem Background

Phone Reconnaissance

Modem Attacks

Wireless Reconnaissance

Wireless Background

Wireless Reconnaissance Continued

Wireless Sniffing

*****ing WEP Keys

Defending Wireless

Module 5 Review

Module 6

Hacking & Defending Web Servers

Web Servers in General: HTTP

Uniform Resource Locator: URL

Apache Web Server Functionality

Apache: Attacking Mis-configurations

Apache: Attacking Known Vulnerabilities

Defending Apache Web Server

Microsoft Internet Information Server (IIS)

IIS: Security Features

IIS: Attacking General Problems

IIS: IUSER or IWAM Level Access

IIS: Administrator or Sys Level Access

IIS: Clearing IIS Logs

IIS: Defending and Countermeasures

Web Server Vulnerability Scanners

Demo - Hacking Web Servers

Module 6 Review

Module 7

Hacking & Defending Web Applications

Background on Web Threat & Design

Basic Infrastructure Information

Information Leaks on Web Pages

Hacking over SSL

Use the Source, Luke?br /> Functional/Logic Testing

Attacking Authentication

Attacking Authorization

Debug Proxies: @stake webproxy

Input Validation Attacks

Attacking Session State

Attacking Web Clients

Cross-Site Scripting (XSS) Threats

Defending Web Applications

Module 7 Review

Module 8

Sniffers and Session Hijacking


Why Are Sniffers so Dangerous?

Collision & Broadcast Domains

VLANs and Layer-3 Segmentation

tcpdump & WinDump

Berkley Packet Filter (BPF)

Libpcap & WinPcap

BUTTSniffing Tool and dSniff


Mitigation of Sniffer Attacks


ARP Poisoning

MAC Flooding

DNS and IP Spoofing

Session Hijacking

Sequence Numbers



Source Routing

Hijack Countermeasures

Demo - Sniffers

Module 8 Review

Module 9

Hacking & Defending Windows Systems

Physical Attacks

LANMan Hashes and Weaknesses

WinNT Hash and Weaknesses

Look for Guest, Temp, Joe Accounts

Direct Password Attacks

Before You *****: Enum Tool

Finding More Account Information

*****ing Passwords

Grabbing the SAM

***** the Obtained SAM

LSA Secrets and Trusts

Using the Newly Guessed Password

Bruteforcing Other Services

Operating System Attacks

Hiding Tracks: Clearing Logs

Hardening Windows Systems

Strong 3-Factor Authentication

Creating Strong Passwords


Windows Account Lockouts

Auditing Passwords

File Permissions

Demo - Attacking Windows Systems

Module 9 Review

Module 10

Hacking & Defending Unix Systems

Physical Attacks on Linux

Password *****ing

Brute Force Password Attacks

Stack Operation

Race Condition Errors

Format String Errors

File System Attacks

Hiding Tracks

Single User Countermeasure

Strong Authentication

Single Sign-On Technologies

Account Lockouts

Shadow Password Files

Buffer Overflow Countermeasures

LPRng Countermeasures

Tight File Permissions

Hiding Tracks Countermeasures

Removing Unnecessary Applications

DoS Countermeasures

Hardening Scripts

Using SSH & VPNs to Prevent Sniffing

Demo - Attacking Unix Systems

Module 10 Review

Module 11

Rootkits, Backdoors, Trojans & Tunnels

Types Of Rootkits

A Look at LRK

Examples of Trojaned Files

Windows NT Rootkits

NT Rootkit

AFX Windows Rootkit 2003

Rootkit Prevention Unix

Rootkit Prevention Windows


netcat: Useful Unix Commands

netcat: What it Looks Like

VNC-Virtual Network Computing

Backdoor Defenses


Back Orifice 2000



Defenses to Trojans



Other Tunnels

Q-2.4 by Mixter

Starting Up Malicious Code

Defenses Against Tunnels

Manually Deleting Logs

Tools to Modify Logs

Demo - Trojans

Module 11 Review

Module 12

Denial of Service and Botnets

Denial-of-Service Attacks


Ping of Death

Teardrop Attacks


Smurf Attacks

SYN Attacks

UDP Floods

Distributed DoS

DDoS Tool: Trin00

Other DDoS Variation

History of Botnets

Anatomy of a Botnet

Some Common Bots

Demo - Denial of Service

Module 12 Review

Module 13

Automated Pen Testing Tools

General: Definitions


General: Why?

Core Impact?Framework

Core Impact?Operation



Metasploit Framework

Metasploit Operation

Demo - Automated Pen Testing

Module 13 Review

Module 14

Intrusion Detection Systems

Types of IDSs

Network IDSs

Distributed IDSs (DIDSs)

Anomaly Detection

Signature Detection

Common IDS Software Products

Introduction to Snort

Attacking an IDS

Eluding Techniques

Testing an IDS

Hacking Tool - NIDSbench

Hacking Tool - Fragroute

Hacking Tool - SideStep

Hacking Tool - ADMmutate

Other IDS Evasion Tools

Demo - IDS and Snort

Module 14 Review

Module 15


Firewall Types

Application Layer Gateways

ALGs (Proxies)

Stateful Inspection Engine

Hybrid Firewall

Host-Based Firewall

Network-Based Firewall

DMZ (Demilitarized Zone)

Back-to-Back Firewalls

Bastion Hosts

Control Traffic Flow

Multiple DMZs

Controlling Traffic Flow

Why Do I Need a Firewall?

What Should I Filter?

Egress Filtering

Network Address Translation (NAT)

Firewall Vulnerabilities


Default Tables and Chains

iptables Syntax 1

iptables Syntax 2

Sample IPTables Script 1

Sample IPTables Script 2

Persistent Firewalls

Firewall Identification


Tunneling with Loki

Tunneling with NetCat/CryptCat

Port Redirection with Fpipe

Denial-of-Service Attacks Risk?

Demo - Firewalls and IP Tables

Module 15 Review

Module 16

Honeypots and Honeynets

What Is a Honeypot?

Advantages and Disadvantages

Types and Categories of Honeypots

Honeypot: Tarpits

Honeypot: Kfsensor

Honeypot: Honeyd

Sample Honeyd Configuration

High-Interaction Honeypot

Project HoneyNet

Types of Honeynets

The Main Difference is Data Control

GEN II Data Control: Honeywall CD

Gen II Data Capture: Sebek & Sebek II

Automated Alerting


Legal Issues

Demo - Setting up a Honeypot

Module 16 Review

Module 17

Ethics and Legal Issues

The Costs

Relation to Ethical Hacking?

The Dual Nature of Tools

Good Instead of Evil?

Recognizing Trouble When It Happens

Emulating the Attack

Security Does Not Like Complexity

Proper and Ethical Disclosure

CERT? Current Process

Full Disclosure Policy

Organization for Internet Safety (OIS)

What Should We Do from Here?

Legal Meets Information Systems

Addressing Individual Laws



1030: Worms and Viruses

Blaster Worm Attacks

Civil vs. Criminal

18 USC SECTIONS 2510 and 2701

Digital Millennium Copyright Act

Cyber Security Enhancement Act

Module 17 Review

Course Closure

For USA, EU, Japan, Sing, Au, Ru, UAE, GE, CA, SA.