This intensive, two-day training touches on many areas of IT security. Below is the complete program:
General introduction to hacking
Collecting information on our target.
Web-based instruments: Google, Netcraft, Visualroute, etc.
Local instruments: scanners, fingerprinters, etc.
Extended Network Mapping:
A detailed analysis of the techniques to be used for
executing Extended Network Mapping:
- Passive and Active Resources
- DNS brute-forcing
- Zone Transfer
Live session
Collecting information on old and new vulnerabilities
Protecting anonymity while hacking (theory about
shells and proxies)
Rootkits
Trojans
Live session on gathering information on various targets
The typical structure of a web site
Enumeration of the components and their inherent
possible vulnerable points
Cross-site scripting
What is an exploit?
Introducing and exploiting most common Linux
vulnerabilities:
- SSH, SSL, Apache, Others
Live session
Introducing and exploiting most common Windows
vulnerabilities:
- Frontpage extension
- The ever-present Unicode
Internet Explorer
The most devastating vulnerabilities in Internet Explorer.
How to gain control of a PC through IE
vulnerabilities. Examples on how to use three
different vulnerabilities for executing an arbitrary
code on a PC are showcased.
Live session
Exploiting database vulnerabilities:
- SQL injection
- URL poisoning
Live session
Black box hacking session:
- Hacking an unknown Windows system
- Hacking an unknown Linux system
- Hacking an unknown OS system
Live session
The theory behind Buffer Overflows
How to properly follow-up the system patching
Social engineering: techniques and psychological
traps
Future hacking playgrounds:
Home automation systems, 3rd generation mobile
phone platforms
start on this list of things to do.
Code:
1. Learn about hardware - basicly how your computer works.
2. Learn about different types of software.
3. Learn DOS.(learn everything possible)
4. Learn how to make a few batch files.
5. Port scanning. ( download blues port scanner if it's your first time)
6. Learn a few programming languages
HTML,C++,Python,Perl.... (i'd recommend learning html as your first lang)
7. How to secure yourself (proxy,hiding ip etc)
8. FTP
9. TCP/Ip , UDP , DHCP ,
10. Get your hands dirty with networking
11. Learn diassembler language (its the most basic language for understanding machine language and very useful to ubderstand when anything is disassembled and decoded)
12. Learn to use a Unix os. (a Unix system is generally loaded with networking tools as well as a few hacking tools)
13. Learn how to use Exploits and compile them. (Perl and c++ is must)
