CEH Certified Ethical Hacker

Vecomp Software - PCSNET Nordest
A Villafranca di Verona
  • Vecomp Software - PCSNET Nordest

Chiedi informazioni a un consulente Emagister

Informazioni importanti

Tipologia Corso
Luogo Villafranca di verona
Ore di lezione 35h
Durata 5 Giorni
Inizio 28/11/2017
  • Corso
  • Villafranca di verona
  • 35h
  • Durata:
    5 Giorni
  • Inizio:

La classe immergerà i partecipanti in un ambiente fortemente interattivo nel quale verrà loro mostrato come effettuare scanning, testing e hacking dei propri sistemi al fine di renderli più sicuri. La pervasiva presenza di laboratori darà ad ogni partecipante non solo una conoscenza approfondita ma anche un'esperienza pratica con i fondamentali sistemi di sicurezza. I partecipanti inizieranno a comprendere il funzionamento delle difese perimetriche e verranno condotti ad effettuare scanning e attacchi alle proprie reti. I partecipanti apprenderanno inoltre le tecniche degli intrusi per l'escalation dei privilegi e quali passi possono essere attuati per mettere in sicurezza un sistema. I partecipanti apprenderanno anche: l'intrusion detection, la policy creation, il social engineering, gli attacchi DDoS, i buffer overflow e la creazione di virus.
Alla conclusione di questi 5 giorni di formazione intensiva i partecipanti avranno acquisito la conoscenza teorica e pratica dell'Ethical Hacking.
Il corso prepara a sostenere l'esame EC-Council Certified Ethical Hacker 312-50 accreditato ANSI.


Dove e quando

Inizio Luogo
28 nov 2017
Villafranca di Verona
37069, Verona, Italia
Visualizza mappa
Inizio 28 nov 2017
Villafranca di Verona
37069, Verona, Italia
Visualizza mappa

Cosa impari in questo corso?

Certified Ethical Hacker
Sicurezza informatica
Security manager
Sistemi informatici
Reti informatiche
Infrastructure designing
Server deployment
Services designing


Francesco Pandiscia
Francesco Pandiscia
Senior Consultant, MCT, MCPIT, MCTS e VMware VCP


Module 1 Introduction to Ethical HackingInformation Security OverviewInformation Security Threats and Attack VectorsHacking ConceptsHacking PhasesTypes of AttacksInformation Security ControlsModule 2 Footprinting and Reconnaissance<Footprinting ConceptsFootprinting ThreatsFootprinting MethodologyFootprinting ToolsFootprinting CountermeasuresFootprinting Penetration TestingModule 3 Scanning NetworksOverview of Network ScanningCEH Scanning MethodologyCheck for Live SystemsCheck for Open PortsScanning Beyond IDSBanner GrabbingScan for VulnerabilityDraw Network DiagramsPrepare ProxiesScanning Pen TestingModule 4 EnumerationWhat is Enumeration?Techniques for EnumerationNetbios EnumerationEnumerating User AccountsEnumerate Systems Using Default PasswordsSNMP (Simple Network Management Protocol) EnumerationUNIX/Linux EnumerationLDAP EnumerationNTP EnumerationSMTP EnumerationDNS Zone Transfer Enumeration Using nslookupEnumeration CountermeasuresEnumeration Pen TestingModule 5 System HackingInformation at Hand Before System Hacking StageSystem Hacking: GoalsCEH Hacking Methodology (CHM)Password CrackingMicrosoft AuthenticationHow Hash Passwords are Stored in Windows SAM?What is LAN Manager Hash?Kerberos AuthenticationSaltingPWdump7 and FgdumpL0phtCrackOphcrackCain & AbelRainbowCrackPassword Cracking ToolsLM Hash Backward CompatibilityHow to Defend against Password Cracking?Privilege EscalationActive@ Password ChangerPrivilege Escalation ToolsHow to Defend against Privilege Escalation?Executing ApplicationsAlchemy Remote ExecutorRemoteExecExecute This!KeyloggerTypes of Keystroke LoggersAcoustic/CAM KeyloggerKeyloggersSpywareHow to Defend against Keyloggers?How to Defend against Spyware?RootkitsTypes of RootkitsHow Rootkit Works?Rootkit: FuDetecting RootkitsHow to Defend against Rootkits?Anti-Rootkit: RootkitRevealer and McAfee Rootkit DetectiveNTFS Data StreamWhat is Steganography?Types of SteganographyImage SteganographyDocument Steganography: wbStegoVideo Steganography: Our SecretAudio Steganography: Mp3stegzFolder Steganography: Invisible Secrets 4Spam/Email Steganography: Spam MimicNatural Text Steganography: Sams Big G Play MakerSteganalysisSteganography Detection Tool: StegdetectWhy Cover Tracks?Ways to Clear Online TracksDisabling Auditing: AuditpolCovering Tracks Tool: Window WasherCovering Tracks Tool: Tracks Eraser ProSystem Hacking Penetration TestingModule 6 Trojans & BackdoorsWhat is a Trojan?Overt and Covert ChannelsPurpose of TrojansWhat Do Trojan Creators Look For?Indications of a Trojan AttackCommon Ports used by TrojansHow to Infect Systems Using a Trojan?WrappersDifferent Ways a Trojan can Get into a SystemHow to Deploy a Trojan?Evading Anti-Virus TechniquesTypes of TrojansDestructive TrojansNotification TrojansCredit Card TrojansData Hiding Trojans (Encrypted Trojans)BlackBerry Trojan: PhoneSnoopMAC OS X Trojan: DNSChangerMAC OS X Trojan: DNSChangerMac OS X Trojan: Hell RaiserHow to Detect Trojans?Process Monitoring Tool: What’s RunningScanning for Suspicious Registry EntriesRegistry Entry Monitoring ToolsScanning for Suspicious Device DriversScanning for Suspicious Windows ServicesScanning for Suspicious Startup ProgramsScanning for Suspicious Files and FoldersScanning for Suspicious Network ActivitiesTrojan CountermeasuresBackdoor CountermeasuresTrojan Horse Construction KitAnti-Trojan Software: TrojanHunterAnti-Trojan Software: Emsisoft Anti-MalwareAnti-Trojan SoftwaresPen Testing for Trojans and BackdoorsModule 7 Viruses & WormsIntroduction to VirusesVirus and Worm Statistics 2010Stages of Virus LifeWorking of Viruses: Infection PhaseWorking of Viruses: Attack PhaseWhy Do People Create Computer Viruses?Indications of Virus AttackHow does a Computer get Infected by Viruses?Virus HoaxesVirus Analysis:Types of VirusesTransient and Terminate and Stay Resident VirusesWriting a Simple Virus ProgramComputer WormsHow is a Worm Different from a Virus?Example of Worm Infection: Conficker WormWorm Analysis:Worm Maker: Internet Worm Maker ThingWhat is Sheep Dip Computer?Anti-Virus Sensors SystemsMalware Analysis ProcedureString Extracting Tool: BintextCompression and Decompression Tool: UPXProcess Monitoring Tools: Process MonitorLog Packet Content Monitoring Tools: NetResidentDebugging Tool: OllydbgVirus Analysis Tool: IDA ProOnline Malware Testing:Online Malware Analysis ServicesVirus Detection MethodsVirus and Worms CountermeasuresCompanion Antivirus: Immunet ProtectAnti-virus ToolsPenetration Testing for VirusModule 8 SniffersSniffing ConceptsMAC AttacksDHCP AttacksARP PoisoningSpoofing AttackDNS PoisoningSniffing ToolsCounter measuresSniffing Pen TestingModule 9 Social EngineeringWhat is Social Engineering?Behaviors Vulnerable to AttacksWhy is Social Engineering Effective?Warning Signs of an AttackPhases in a Social Engineering AttackImpact on the OrganizationCommand Injection AttacksCommon Targets of Social EngineeringTypes of Social EngineeringInsider AttackCommon Intrusion Tactics and Strategies for PreventionSocial Engineering Through Impersonation on Social Networking SitesRisks of Social Networking to Corporate NetworksIdentity Theft Statistics 2010Real Steven Gets Huge Credit Card StatementIdentity Theft – Serious ProblemSocial Engineering Countermeasures: PoliciesHow to Detect Phishing Emails?Identity Theft CountermeasuresSocial Engineering Pen TestingModule 10 Denial of ServiceWhat is a Denial of Service Attack?What is Distributed Denial of Service Attacks?Symptoms of a DoS AttackCyber CriminalsInternet Chat Query (ICQ)Internet Relay Chat (IRC)DoS Attack TechniquesBotnetWikiLeak Operation PaybackDoS Attack ToolsDetection TechniquesDoS/DDoS Countermeasure StrategiesDDoS Attack CountermeasuresPost-attack ForensicsTechniques to Defend against BotnetsDoS/DDoS CountermeasuresDoS/DDoS Protection at ISP LevelEnabling TCP Intercept on Cisco IOS SoftwareAdvanced DDoS Protection: IntelliGuard DDoS Protection System (DPS)DoS/DDoS Protection ToolDenial of Service (DoS) Attack Penetration TestingModule 11 Session HijackingWhat is Session Hijacking?Dangers Posed by HijackingWhy Session Hijacking is Successful?Key Session Hijacking TechniquesBrute ForcingHTTP Referrer AttackSpoofing vs. HijackingSession Hijacking ProcessPacket Analysis of a Local Session HijackTypes of Session HijackingPredictable Session TokenMan-in-the-Middle AttackMan-in-the-Browser AttackClient-side AttacksCross-site Script AttackSession FixationNetwork Level Session HijackingThe 3-Way HandshakeSequence NumbersTCP/IP HijackingIP Spoofing: Source Routed PacketsRST HijackingBlind HijackingMan-in-the-Middle Attack using Packet SnifferUDP HijackingSession Hijacking ToolsCountermeasuresProtecting against Session HijackingMethods to Prevent Session Hijacking: To be Followed by Web DevelopersMethods to Prevent Session Hijacking: To be Followed by Web UsersDefending against Session Hijack AttacksSession Hijacking RemediationIPSecSession Hijacking Pen TestingModule 12 Hijacking WebserversWebserver Market SharesOpen Source Webserver ArchitectureIIS Webserver ArchitectureWebsite DefacementCase StudyWhy Web Servers are Compromised?Impact of Webserver AttacksWebserver MisconfigurationDirectory Traversal AttacksHTTP Response Splitting AttackWeb Cache Poisoning AttackHTTP Response HijackingSSH Bruteforce AttackMan-in-the-Middle AttackWebserver Password CrackingWeb Application AttacksWebserver Attack MethodologyWebserver Attack ToolsWeb Password Cracking ToolCountermeasuresHow to Defend Against Web Server Attacks?How to Defend against HTTP Response Splitting and Web Cache Poisoning?Patches and HotfixesWhat is Patch Management?Identifying Appropriate Sources for Updates and PatchesInstallation of a PatchPatch Management Tool: Microsoft Baseline Security Analyzer (MBSA)Web Application Security Scanner: SandcatWeb Server Security Scanner: WiktoWebserver Malware Infection Monitoring Tool: HackAlertWebserver Security ToolsWeb Server Penetration TestingModule 13 Hijacking Web ApplicationsWeb Application Security StatisticsIntroduction to Web ApplicationsWeb Application ComponentsHow Web Applications Work?Web Application ArchitectureWeb 2.0 ApplicationsVulnerability StackWeb Attack VectorsWeb Application Threats – 1Web Application Threats – 2Unvalidated InputParameter/Form TamperingDirectory TraversalSecurity MisconfigurationInjection FlawsWhat is LDAP Injection?How LDAP Injection Works?Hidden Field Manipulation AttackCross-Site Scripting (XSS) AttacksWeb Application Denial-of-Service (DoS) AttackBuffer Overflow AttacksCookie/Session PoisoningSession Fixation AttackInsufficient Transport Layer ProtectionImproper Error HandlingInsecure Cryptographic StorageBroken Authentication and Session ManagementUnvalidated Redirects and ForwardsWeb Services ArchitectureFootprint Web InfrastructureWeb Spidering Using Burp SuiteHacking Web ServersAnalyze Web ApplicationsAttack Authentication MechanismUsername EnumerationPassword Attacks: Password Functionality ExploitsPassword Attacks: Password GuessingPassword Attacks: Brute-forcingSession Attacks: Session ID Prediction/ Brute-forcingCookie Exploitation: Cookie PoisoningAuthorization AttackSession Management AttackInjection AttacksAttack Data ConnectivityAttack Web App ClientAttack Web ServicesWeb Services Probing AttacksWeb Service Attack Tool: soapUIWeb Service Attack Tool: XMLSpyWeb Application Hacking Tool: Burp Suite ProfessionalWeb Application Hacking Tools: CookieDiggerWeb Application Hacking Tools: WebScarabEncoding SchemesWeb Application CountermeasuresWeb Application Firewall: dotDefenderWeb Application Firewall: IBM AppScanWeb Application Firewall: ServerDefender VPWeb Application Pen TestingModule 14 SQL InjectionsSQL Injection is the Most Prevalent Vulnerability in 2010SQL Injection ConceptsTesting for SQL InjectionTypes of SQL InjectionBlind SQL InjectionSQL Injection MethodologyAdvanced SQL InjectionEvasion TechniquesCounter-measuresModule 15 Hacking Wireless NetworksWireless ConceptsWireless EncryptionWireless ThreatsWireless Hacking MethodologyWireless Hacking ToolsBluetooth HackingCounter-measuresWireless Security ToolsWi-Fi Pen TestingModule 16 Hacking Mobile PlatformsMobile Platform Attack VectorsHacking Android OSHacking iOSHacking Windows Phone OSHacking BlackBerryMobile Device Management (MDM)Mobile Security Guidelines and ToolsMobile Pen TestingModule 17 Evading IDS, Firewalls and HoneypotsIDS, Firewall and Honeypot ConceptsIDS, Firewall and Honeypot SystemEvading IDSEvading FirewallsDetecting HoneypotsFirewall Evading ToolsCountermeasuresPenetration TestingModule 18 Buffer OverflowBuffer Overflow ConceptsBuffer Overflow MethodologyBuffer Overflow ExamplesBuffer Overflow DetectionBuffer Overflow Counter-measuresBuffer Overflow Security ToolsBuffer Overflow Penetration TestingModule 19 CryptographyCryptography ConceptsEncryption AlgorithmsCryptography ToolsPublic Key Infrastructure(PKI)Email EncryptionDisk EncryptionCryptography AttacksCryptanalysis ToolsModule 20 Penetration TestingPen Testing ConceptsTypes of Pen TestingPen Testing TechniquesPen Testing PhasesPen Testing RoadmapOutsourcing Pen Testing Services