This is an old revision of the document!
Topics
Introduction to the following topics :
Cyber security terminology
25 Cyber Security Terms That Everyone Who Uses A Computer Should Know
Understanding Basic Security Frameworks
Top 10 IT security frameworks and standards explained
Cybersecurity Frameworks 101 – The Complete Guide
Top 10 IT security frameworks and standards explained
Fundamental frameworks, models, and approaches to cyber security including the CIA model.
C.I.A Model | Elements of Security | Confidentiality | Integrity | Availability - Urdu
Purpose of Cyber Security
Adversary Types
Most Common Types & Sources of Cyber Threats
Threat Hunting: Six Cyber Adversaries to Pursue
Vulnerability Types
Threat Types
Confidentiality Threat
Integrity Threat
Availability Threat
Fraud Threat
Testing for Vulnerabilities
Attacks
Brute Force vs. Heuristic Attacks
Cryptanalysis
Computer networks
Security policies
Incident response
Passwords
Cryptographic principles
Khawar Nehal’s 4 Layers of cybersecurity.
Physical security penetration testing
Khawar Nehal’s 6 Levels of security for LAN networks.
The Common Seven Layers Of Cybersecurity
Firewalls
Secure Configuration
User Access Control
Cybersecurity Administration
Malware Protection
System Safeguards
Network Defense
Patch Management
The need for cybersecurity
Attacks, concepts and techniques
Protecting your data and privacy
Protecting the organization
PCI-DSS, ISO-27001, NIST, SOC, SOX and HIPAA
Penetration Testing
Examining Cyber Threats More Closely
SQL/ Slammer Worm of 2003
Nachi Worm of 2003
Botnet Design
Botnet Arithmetic
Assets and Infrastructure
Calculating Risk
Making Security and Cost Decisions Based on Risk
Threat Trees and Completeness of Analysis
Threat Trees
Introducing Security Risk Analysis
Basic engineering and analysis methods for managing cyber security risk to valued assets.
Mapping Assets to Threats
Estimating Risk for Threat-Asset Pairs
Mapping Assets, Threats, Vulnerabilities, and Attacks
Course Objectives & Outcome Statements
• Communicate with confidence regarding information security topics, terms, and concepts
• Understand and apply the Principles of Least Privilege
• Understand and apply the Confidentiality, Integrity, and Availability for prioritization of critical security resources
• Build better passwords that are more secure while also being easier to remember and type
• Grasp basic cryptographic principles, processes, procedures, and applications
• Understand how a computer works
• Understand computer network basics
• Have a fundamental grasp of any number of technical acronyms: TCP/IP, IP, TCP, UDP, MAC, ARP, NAT, ICMP, and DNS, and more.
• Utilize built-in Linux tools to see your network settings
• Recognize and be able to discuss various security technologies, including anti-malware, firewalls, intrusion detection systems, sniffers, ethical hacking, active defense, and threat hunting.
• Understand wireless technologies including WiFi, Bluetooth, mobile phones and the Internet of Things (IoT)
• Explain a variety of frequent attacks such as social engineering, drive-by downloads, watering hole attacks, lateral movement, and other attacks
• Understand different types of malware
• Understand browser security and the privacy issues associated with web browsing
• Explain system hardening
• Discuss system patching
• Understand virtual machines and cloud computing
• Understand backups and create a backup plan for your personal life that virtually guarantees you never have to pay ransom to access your data
Physical Security
Khawar Nehal’s 4 Layers of cybersecurity.
For implementing a reliable and secure system.
Layer 1 : Physical Security
Layer 2 : Software Reliability
Layer 3 : Configuration Perfection and testing.
Layer 4 : User training for social engineering.
Security as a subset of reliability.
Methods to increase reliability
Separate machines for secure and public data. Can be virtual machines.
Khawar Nehal’s 6 Levels of security for LAN networks.
Security Level 1
Separate LAN for public networks. WIFI is included here. WIFI can be open or password protected.
Internet connections are at this level. Outside facing web servers are also located at this level.
Auto reset virtual machines which are used for Internet connections, Browsing and Emails. Some machines used for Internet related work shall refresh themselves every time they start. All important data shall is to be stored on the file servers. This shall reduce chances of attacks by malware.
Security Level 2
Company VPN on public networks. Company WAN is included here.
Infra, Intra and Extranets are included here. All data moving from level 2 computers to level 1 computers shall be from Level 2 to Level 1.
The Level 1 computer shall allow access to the level 2 computer to upload data.
Any computer at a higher level shall never allow access to any of its services to a computer at a lower level of security.
Security Level 3
Separate LAN for private network company wide.
A computer on security level 3 can only communicate with other computers on the sale level.
Security Level 4
Internal LAN not available to everyone.
A computer on security level 4 can only communicate with other computers on the sale level.
Security Level 5
Confidential computers not connected to any LAN.
A computer on security level 5 can not communicate with any other computer.
Security Level 6
Vaults. Data stored offline. Not in any computer.
The LANs on different levels are not software configurable. They are not software defined networks. They are not VLANs. They are totally and physically separate switches. Important files and data stored on file servers.
Khawar Nehal’s 4 Layers of cybersecurity. For implementing a reliable and secure system. Layer 1 : Physical Security Layer 2 : Software Reliability Layer 3 : Configuration Perfection and testing. Layer 4 : User training for social engineering.
Security as a subset of reliability. Methods to increase reliability Separate machines for secure and public data. Can be virtual machines.
Firewalls All devices run network services, which create some form of communication with other devices and services. By restricting access to these services, you reduce your exposure to attacks. This can be achieved using firewalls and equivalent network devices. A boundary firewall is a network device which can restrict the inbound and outbound network traffic to services on its network of computers and mobile devices. It can help protect against cyber-attacks by implementing restrictions, known as ‘firewall rules’, which can allow or block traffic according to its source, destination and type of communication protocol. Alternatively, a host-based firewall may be configured on a device. This works in the same way as a boundary firewall but only protects the single device on which it is configured. This approach can provide for more tailored rules and means that the rules apply to the device wherever it is used. However, this increases the administrative overhead of managing firewall rules. Here are few things your I.T Administrator can routinely do, to maintain your security of your business network:
• change any default administrative password to an alternative that is difficult to guess • prevent access to the administrative interface (used to manage firewall configuration) from the Internet, unless there is a clear and documented business need • block unauthenticated inbound connections by default • ensure inbound firewall rules are approved and documented by an authorised individual • remove or disable permissive firewall rules quickly, when they are no longer needed
Secure Configuration Computers and network devices are not always secure in their default configurations. Standard, out-of-the-box configurations often include one or more weak points such as:
• an administrative account with a predetermined, publicly known default password • pre-enabled but unnecessary user accounts (sometimes with special access privileges) • pre-installed but unnecessary applications or services
Default installations of computers and network devices can provide cyber attackers with a variety of opportunities to gain unauthorised access to an organisation’s sensitive information — often with ease. By applying some simple technical controls when installing computers and network devices you can minimise inherent vulnerabilities and increase protection against common types of cyber attack. Here are few things your I.T Administrator can routinely do, to maintain your security of your business network:
• Remove and disable unnecessary user accounts (such as guest accounts and administrative accounts that won't be used)
• Change any default or guessable account passwords to something non-obvious
• Remove or disable unnecessary software
• Disable any auto-run feature which allows file execution without user authorisation
• Password Based authentication:
◦ protect against brute-force password guessing and the flowing methods can be used:
▪ lock accounts after no more than 10 unsuccessful attempts
▪ limit the number of guesses allowed in a specified time period to no more than 10 guesses within 5 minutes
◦ set a minimum password length of at least 8 characters
◦ change passwords promptly when the Applicant knows or suspects they have been compromised
◦ Use a Password Policy
▪ avoid choosing obvious passwords (such as those based on easy discoverable information like the name of a favourite pet)
▪ not to choose common passwords — this could be implemented by technical means, using a password blacklist
▪ not to use the same password anywhere else, at work or at home
▪ record passwords to store and retrieve them securely — for example, in a sealed envelope in a secure cupboard
▪ which passwords they really must memorise and not record anywhere
User Access Control
Every active user account in your business facilitates access to devices and applications, and to sensitive business information. By ensuring that only authorised individuals have user accounts, and that they are granted only as much access as they need to perform their role, you reduce the risk of information being stolen or damaged. Compared to normal user accounts, accounts with special access privileges have enhanced access to devices, applications and information. When such accounts are compromised, their greater freedoms can be exploited to facilitate large-scale corruption of information, disruption to business processes and unauthorised access to other devices in the organisation. Administrative accounts are especially highly privileged and can typically allow:
• execution of software that has the ability to make significant and security relevant changes to the operating system • changes to the operating system for some or all users • creation of new accounts and allocation of their privileges
All types of Administrator will have such accounts, including Domain Administrators and Local Administrators. Now consider that if a user opens a malicious URL or email attachment, any associated malware is typically executed with the privilege level of the account that user is currently operating. Clearly, you must take special care over the allocation and use of privileged accounts Here are few things your I.T Administrator can routinely do, to maintain your security of your business network:
• Have a user account creation and approval process • remove or disable user accounts when no longer required (when a user leaves the organisation • use administrative accounts to perform administrative activities only (no emailing, web browsing or other standard user activities that may expose administrative privileges to avoidable risks) • remove or disable special access privileges when no longer required (when a member of staff changes role
Malware Protection
The execution of software downloaded from the Internet can expose a device to malware infection. Malware, such as computer viruses, worms and spyware, is software that has been written and distributed deliberately to perform malicious actions. Potential sources of malware infection include malicious email attachments, downloads (including those from application stores), and direct installation of unauthorised software. If a system is infected with malware, your organisation is likely to suffer from problems like malfunctioning systems, data loss, or onward infection that goes unseen until it causes harm elsewhere You can avoid the potential harm from malware by:
• Use Anti-Malware Software which can detect and disable before it causes harm
◦ The software (and all associated malware signature files) should be kept up to date, with signature files updated at least daily. This may be achieved through automated updates, or with a centrally managed deployment.
◦ The software must be configured to scan files automatically upon access.
◦ The software should prevent connections to malicious websites on the Internet (by means of blacklisting) — unless there is a clear, documented business need
Patch Management Any device that runs software can contain security flaws, known as vulnerabilities. Vulnerabilities are regularly discovered in all sorts of software. Once discovered, malicious individuals or groups move quickly to exploit vulnerabilities to attack computers and networks in organisations with these weaknesses. Product vendors provide fixes for vulnerabilities identified in products that they still support, in the form of software updates known as 'patches'. Patches may be made available to customers immediately or on a regular release schedule. Product vendors do not generally release patches for products they no longer support — not even to fix vulnerabilities
The Common Seven Layers Of Cybersecurity
1. Mission-Critical Assets
This is data that is absolutely critical to protect. Whether businesses would like to admit it or not, they face malicious forces daily. The question is how are leaders dealing with this type of protection? And what measures have they put in place to guard against breaches? An example of mission-critical assets in the Healthcare industry is Electronic Medical Record (EMR) software. In the financial sector, its customer’s financial records.
2. Data Security
Data security is when there are security controls put in place to protect both the transfer and the storage of data. There has to be a backup security measure in place to prevent the loss of data, This will also require the use of encryption and archiving. Data security is an important focus for all businesses as a breach of data can have dire consequences.
3. Endpoint Security
This layer of security makes sure that the endpoints of user devices are not exploited by breaches. This includes the protection of mobile devices, desktops, and laptops. Endpoint security systems enable protection either on a network or in the cloud depending on the needs of a business.
4. Application Security
This involves the security features that control access to an application and that application’s access to your assets. It also includes the internal security of the app itself. Most of the time, applications are designed with security measures that continue to provide protection when the app is in use.
5. Network Security
This is where security controls are put in place to protect the business’s network. The goal is to prevent unauthorized access to the network. It is crucial to regularly update all systems on the business network with the necessary security patches, including encryption. It’s always best to disable unused interfaces to further guard against any threats.
6. Perimeter Security
This security layer ensures that both the physical and digital security methods protect a business as a whole. It includes things like firewalls that protect the business network against external forces. 7. The Human Layer
Despite being known as the weakest link in the security chain, the human layer is a very necessary layer. It incorporates management controls and phishing simulations as an example. These human management controls aim to protect that which is most critical to a business in terms of security. This includes the very real threat that humans, cyber attackers, and malicious users pose to a business.
How To Build A Layered Cybersecurity Approach
Building a layered cybersecurity approach is a gradual and daily process. To start, you need to take stock of your inventory to ascertain the number of devices used, systems as well as firewalls. Then, you can add security where necessary in the different layers. Yes, the world of work has changed and so has the opportunity for attackers to get their hands on sensitive data.
To protect your business, do regular tests to ensure that your security controls are effective and, most of all, that they work properly. If you need new security solutions, it’s best to conduct a security analysis to find out what you actually need. Find out whether there are quick wins through which you can achieve compliance with industry regulations.
Building a layered cybersecurity approach will require a strategy to be effective. The reality is that businesses need to be prepared for an attack, meaning you constantly need to test your security measures and adjust where necessary.
In A Nutshell
As a business, you need to have backups and a solid incident response plan that relies on technology, people, and processes to make sure that a layered approach works as best as it possibly can. The company culture needs to be one that takes security seriously. You need to ensure that you and your staff are knowledgeable about the reality of cyberattacks and the importance of protecting data. The best way to approach cybersecurity is to be proactive instead of reactive when threats or breaches take place.
Cryptanalysis is the process of studying cryptographic systems to look for weaknesses or leaks of information.
Cryptanalyzing Caesar Cipher
“Why Cryptosystems Fail,” Ross Anderson https://www.cl.cam.ac.uk/~rja14/Papers/wcf.pdf
Required: “There Be Dragons,” Steve Bellovin https://www.usenix.org/legacy/publications/library/proceedings/sec92/full_papers/bellovin.pdf
Required: “Hackers Remotely Kill a Jeep on the Highway with Me in It,” Andy Greenberg, Wired Magazine Required: “A Hacker’s Evolution: Austin’s HD Moore Grew Up with Cybersecurity Industry,” 512 Tech Suggested: Introduction to Cyber Security (Ch. 5 - 6) Suggested: TCP/IP Illustrated Volume 1 (2nd Edition), (Ch. 5 - 6) Video: “Top Hacker Shows Us How It’s Done,” Pablos Holman, TEDx Midwest Video: “All Your Devices Can be Hacked,” Avi Rubin, TED Talk
Required: “A Man-in-the-Middle Attack on UMTS,” Meyer and Wetzel Required: “Are Computer Hacker Break-Ins Ethical?” Eugene Spafford Video: “What’s Wrong With Your Password,” Lorrie Faith Cranor, TED Talk Video: “Fighting Viruses, Defending the Net,” Mikko Hypponen, TED Talk
Final Quiz - What level of security risk do you estimate for the following threat-asset matrix entries for the ACME Software Company
AAA and Access Controls The candidate will demonstrate an understanding of access controls and effective authentication, authorization and accountability. Every good security practitioner and every good security program begins with the same mantra: learn the fundamentals. This course starts by instilling familiarity with core security terms and principles. By the time you leave the classroom after the first day, you fully understand the Principle of Least Privilege and why it drives all security decisions. You know the Confidentiality, Integrity, and Availability (CIA) method of prioritizing your security program. You understand the fundamentals of risk management, security policy, and authentication/authorization/accountability (AAA).
Application Security The candidate will demonstrate an understanding of securing applications from malware and other common threats. If you are going to secure a computer or a network, you must have at least a basic knowledge of how they work. Every attack uses something that exists for perfectly valid reasons and misuses it in invalid malicious ways. To work in cyber security, you have to understand the valid functions to understand the potential for invalid misuse. The day begins with a discussion of how computers work. We cover the numbering system of decimal, binary, and hexadecimal - vital to understanding computers and networks. We also cover ASCII (the American Standard Code for Information Interchange). We also discuss what an operating system is. We talk about the terms kilobyte, megabyte, gigabyte, and terabyte and what those terms mean. We cover the difference between the hard drive and Random Access Memory (RAM). In short, how a computer works.
While the above description sounds exceptionally technical, rest assured that we present the material in the most non-technical way possible. We cover each topic at a very high-level without getting into the nitty-gritty details.
Lab - Networking: Use a variety of built-in operating system commands to see your IP address, network mask, default gateway, ARP cache, DNS Cache, and see Network Address Translation in action. You will also perform simple network packet analysis with the Wireshark tool.
Computer Math The candidate will demonstrate an understanding of foundational numbering systems. Lab - Computer Number Conversions: Apply the knowledge you learned to convert decimal numbers to binary, binary numbers to hexadecimal, binary and hexadecimal numbers to decimal values, and so on.
Cryptographic Algorithms and Attacks The candidate will demonstrate an understanding of cryptographic algrorithms. Fundamentals of Cryptography The candidate will demonstrate an understanding of cryptography and its application. History of Cryptography The candidate will demonstrate an understanding of cryptography throughout history.. Network Addressing and Protocols The candidate will demonstrate an understanding of network addressing and protcols. From there, we move to a discussion of how information moves from point A to point B across a network without using any technical terminology of any kind. This discussion includes both Internet and Local Area Network (LAN) examples. As we move on through the day, we slowly add the technical aspects of those explanations, including the terms and acronyms of networking. We discuss the origins of the Internet and why that origin matters to modern-day cyber security. We explain what a protocol is, and what both the OSI and TCP/IP stacks are and why they matter. You learn about standard network hardware such as a network interface card, a switch, and a router. We progress to topics such as IP addresses, network masks, default gateways, and routing. We explain, compare, and contrast the Transmission Control Protocol (TCP) and the User Datagram Protocol (UDP) and why you might want to use one over the other. Eventually, we get to network protocols such as the Dynamic Host Control Protocol (DHCP), Domain Name System (DNS), and Network Address Translation (NAT).
Network Attacks The candidate will demonstrate a foundational understanding of network attacks. Network Communication Fundamentals The candidate will demonstrate an understanding of network concepts and terminology. Network Security Technology The candidate will demonstrate an understanding of countermeasures and technologies employed to minimize the associated risks from attacks. Risk Management Principles and Security Policy The candidate will demonstrate an understanding of fundamental information security and risk management concepts as well as the components of effective policy creation and awareness programs. Systems Security The candidate will demonstrate an understanding of securing systems from common threats. Wireless Security Technology The candidate will demonstrate an understanding of wireless technologies as well as the defenses employed to minimize the associated risks from wireless attacks.
Topics
Exercises
•
1. Overview
Cryptography is one of the most complex issues faced by security practitioners. It is not a topic you can explain in passing; we spend a full day on it. You do not need a calculator for this day since we do not delve into the math behind crypto. We introduce you to cryptographic terms. We explain what steganography is. We then look at historical examples of cryptography. We do this because even the most advanced cryptographic systems today utilize methods of encrypting data that were used hundreds of years B.C. So we explain the historical examples that are very easy to understand to make it easier to understand modern cryptographic methods and principles. We cover the “work factor” - the length of time necessary to break cryptography and why understanding this concept is so important. We cover some of the potential attacks against crypto and which ones are viable against modern cryptography and which attacks are nonviable. We cover hashing, symmetric & asymmetric cryptography and how each works. We then show real-world examples of how those cryptographic systems work. We cover the secure key exchange mechanism called Diffie-Hellman. We even briefly cover digital certificates and Public Key Infrastructure (PKI). Once we have thoroughly explained how cryptography works, we end the day with a discussion of data encrypting protocols. Things that use cryptography to secure data on our networks and across the Internet. Here we cover email encryption, secure remote administration, secure file transfer, and three examples of Virtual Private Networks (VPNs). Again, we do not spend our time on the mathematics behind cryptography, but instead, we are highly process focused. We explain the steps required to make crypto work, the order those steps must occur in, and which key you must use for each step. Exercises
• Lab - Crypto by Hand: Apply the knowledge and skills you've learned to encrypt information using mono and poly alphabetic ciphers and gain a better understanding of triple encryption (as used by Triple DES).
• Lab - Visual Crypto: Observe the encryption process that occurs by turning plaintext (what you can read) into ciphertext (what you cannot read) in real-time. Increase your understanding of what "randomness in ciphertext" truly means. See ciphertext turned back into plaintext. Find out what happens if you edit cyphertext and try to decrypt it. Learn what happens if you attempt to decrypt data with the wrong key. The lab provides visual proof of many definitive statements made by the instructor throughout the lecture.
1. Overview
Our fourth day in the classroom begins our exploration of cyber security technologies. We begin with wireless network security (WiFi and Bluetooth), and mobile device security (i.e., mobile phones & tablets). We compare and contrast the security models of Apple's iPhone and Google's Android phones. We also discuss the almost total lack of security in the Internet of Things (IoT). We follow that with a look at some frequent attacks, including open-source intelligence gathering, social engineering, drive-by download attacks, watering hole attacks, buffer overflow attacks, Denial of Service (DoS), and other frequent attacks. We then move into a discussion of malware. What is a virus versus a worm or a trojan horse? What is ransomware, and what is cryptojacking. We then cover both anti-malware and host firewalls that try to counter these problems. Exercises
• Lab - Configure a Wireless Access Point (A.K.A. Wireless Router). Students go through the steps of configuring a wireless access point from its default insecure state to a locked-down, far more secure state. Industry best practices dictate the final settings. Students can take these lab instructions home or to work and apply them with some necessary modifications given their device manufacturer.
• Lab - Run the anti-malware scanner "Malwarebytes" on a virtual machine running within the lab environment. Discover active malware and remove it from the system. Also, discover Potentially Unwanted Programs (PUPs) that are, in reality, authorized software. Whitelist the PUPs, so they stop showing up in the scan results.
◦ Overview
The final day of our This course journey continues the discussion of Cyber Security Technologies. The day begins by looking at several security technologies, including compartmentalization, firewalls, Intrusion Detection Systems and Intrusion Prevention Systems (IDS/IPS), sniffers, content filters, sinkholes, ethical hacking, active defense, threat hunting and many more. We then take a solid look at Browser and Web security, and the difficulties of securing the web environment. For example, students understand why and how their browser connects to anywhere from 5 to 100+ different Internet locations each time they load a single web page. We end the day with a look at system security to include hardening operating systems, patching, virtual machines, cloud computing, and backup. We include solid real-world examples of how to implement these.
Exercises
◦ Lab - Firewall Configuration with Firewall Builder. Students utilize an open-source tool called "Firewall Builder" to create a simple yet fully functional firewall configuration. The lab not only explains how to build each of the rules but, more importantly, explains WHY you build each rule. The lab teaches not only the basics of configuring a firewall but also how to read and audit an existing firewall ruleset.
Cyber Security Course Outline Module 1: “Introduction” ●Welcome ●The information Security Field ●InfoSec Culture ●Career Opportunities ●Information Security Terms ●Cryptography and VPNs ●Wireshark Introduction ●Binary Arithmetic Basics ●Bitwise Operations ●Hexadecimal Arithmetic Module 2: “Networking” ● Protocols ● IP ● Routing ● Link Layer Devices and Protocols ● TCP and UDP ● Firewalls and Network Defenses ● DNS ● Wireshark Module 3: “Web Applications” ● Introduction ● HTTP Protocol Basics ● HTTP Cookies ● Sessions ● Same Origin Policy ● Burp Suite Module 4: “Penetration Testing” ● Introduction ● Lifecycle of Penetration Test ● Engagement ● Information Gathering ● Foot printing and Scanning ● Vulnerability Assessment ● Exploitation ● Reporting Module 5: “Introduction to Programming” ● What is programming ● Low and high-level languages ● Programming vs. Scripting ● Basic concepts ● Variables ● Functions ● Conditional Statements ● Loops ● Understanding the Code ● Conclusion Module 6: “Python” ● What is python ● Variables and types ● Input / Output ● Control flow ● Lists ● Dictionaries ● Functions ● Modules ● Scripting for pen testers ● Network sockets ● Port scanning ● Backdoor ● HTTP ● Login brute forcing ● Python assisted hacking Module 7: “Command Line Scripting” ● Bash shell ● Bash environment ● Bash commands and programs ● Bash output redirectors and special characters ● Bash conditional statements and loops ● Windows command line ● Windows environment ● Windows commands and programs ● Windows output redirectors and special characters ● Windows conditional statements and loops Module 8: “PENETRATION TESTING” ● Information gathering ● Introduction ● Open-source Intelligence ● Subdomain enumeration ● Importance of information gathering Module 9: “Footprinting and scanning” ● Mapping network ● OS fingerprinting ● Port Scanning Module 10: “Vulnerability Assessment” ● Vulnerability assessment ● Nessus Module 11: “Web Application Attacks” ● Introduction ● HTTP/S Protocol Basics ● Web server fingerprinting ● HTTP Verbs ● Directories and file enumeration ● Google Hacking ● Cross Site Scripting (XSS) ● SQL Injections ● Encoding ● Web application proxies ● Other common web attacks ● File and resource attacks Module 12: “System Attacks” ● Malware ● Viruses ● Trojan Horses ● Backdoors ● Rootkits ● Bootkits ● Adware ● Spyware ● Greyware ● Dialer ● Keylogger ● Bots ● Ransomware ● Data-stealing malware ● Worms Module 13: “Password attacks” ● Brute force algorithm ● Brute forcing weaknesses ● John the Ripper ● Dictionary attacks ● Hashcat ● Conclusion Module 14: “Buffer Overflow Attacks” ● Buffers ● Stack ● The stack in applications ● How buffer overflow attacks work Module 15: “Network Attacks” ● Authenticating Cracking ● Brute force vs. Dictionary Attacks ● Weak and default credentials ● Authentication cracking tools ● Hydra Module 16: “Windows shares” ● NetBIOS ● Shares ● UNC Paths ● Administrative shares ● Badly configured shares Module 17: “Null Sessions” ● Enumerating windows shares ● Checking for Null Sessions ● Exploiting Null sessions ● About null sessions Module 18: “ARP Poisoning” ● ARP poisoning actors ● Gratuitous ARP replies ● Forwarding and mangling packets ● Local to remote Man in the Middle ● Dsniff Arpspoof Module 19: “Metasploit” ● MSFConsole ● Identifying a vulnerable service ● Searching ● Configuring an exploit ● Configuring a payload ● Running an exploit Module 20: “Meterpreter” ● Bind and reverse ● Launching meterpreter ● Sessions ● Information gathering with meterpreter ● Privilege escalation ● Dumping the password database ● Exploring the victim system ● Uploading and downloading files ● Running OS Shell ● Beyond Remote Code Execution Module 21: “Forensic Investigation” ● Computer Forensics Today ● Computer Forensics Investigation Process ● Hard Disks & File Systems ● Data Acquisition ● Anti-Forensics Techniques ● Operating System Forensics ● Network Forensics ● Web Attack Investigation ● Database Forensics ● Forensics with the Cloud ● Malware ● Email Investigation ● Mobile ● Forensic Reporting ● Course Summary