Certified Information Security Expert (CISE level 1 v2) Detailed Course Module

Certified Information Security Expert (CISEv20)

Innobuzz Knowledge Solutions Pvt Ltd is high quality-training provider for courses in the field of Information Security, Systems and OpenSource The hands on security courses in the field of offensive security are built by the Innobuzz Knowledge Solutions Pvt Ltd members to ensure real world experience

www.innobuzz.in

Chapter 1 Introduction
Concept of Security Physical and Digital Assets Security Triangle Introduction: Ethical hacking Types of Ethical Hackers Basic Terminologies Elements of Security 5 Phases of Hacking Profile of an Ethical Hacker Security Testing, Computer Crimes and Law History of Hacking & Famous Hackers

Chapter 2 Networking & Basics

Concept of Networking Types of Networks and Networking Devices Concept of Network and Ports TCP, IP & UDP Addressing and Types of Addressing IP Address and Classes Client Server Relationship Domain name and DNS ARP, RARP, ICMP, FTP, Telnet, SMTP, SNMP, HTTP, POP Virtualization and Advantages of Virtualization

Chapter 3 Footprinting
Footprinting/Information Gathering Steps of Information Gathering Crawling and Mirroring of Websites Whois and Domain Registry Gathering Target Information Parallel Domain MX Entry Trace Route Archive Pages Banner Grabbing

Chapter 4 Google Hacking

Introduce Google Working of Google Outline Working of Google Crawling, Indexing & Searching Vulnerable Objects Using Cache and Google as Proxy Directory Listing and Locating Directory Listings along with specific folders Google Hacking and what it is about The basics of Google Hacking: Advanced Search in Google Advance Search Operators: site:, filetype:, inurl:, intitle:, cache:, info: Wildcard and Quotes Understanding and Viewing Robots.txt for important Files Normal Countermeasures o Robottxt o Metatag and Google Official Remove o Hiding Detailed Error Messages o Disabling Directory Browsing

Chapter 5 Scanning
Definition of Scanning Types of Scanning Diff b/w Port and Network Scanning Objectives and Benefits of Scanning TCP three way hands shake Various Classification of Scanning Fragments, UDP, ICMP, Reverse Ident, List & Idle, RPC, Window Scan, Ping Sweep Concept of War Dialer (History) OS Finger Printing and Types Active & Passive

Chapter 6 Windows Hacking

Definition and Objectives of Windows Hacking Types of Passwords Manual & Automatic Password Cracking Algorithm Types of Password Attacks Dictionary, Brute Force, and Hybrid LMHash and SAM File Password Cracking Countermeasures

Syskey Privilege Escalation Hiding Files Concept of Alternate Data Stream and Advantages Detecting ADS NTFS Streams countermeasures Keystroke Loggers and Types Software & Hardware Concept of Auditing, Logs and Covering Tracks Concept of Application Isolation

Chapter 7 Linux Hacking

Introduction of Linux as an OS Advantages of using Linux Basics about linux Commands, Shell types and User types Why Linux is hacked? Recent Linux Vulnerabilities Password cracking in Linux Introduction and explanation of IP Tables & IP Chains TCP wrappers Remote connection using SSH Log and Traffic Monitors in Linux Understanding Post Install Linux Security Auditing Understanding and using Backtrack

Chapter 8 Trojans & Backdoors

Definition and Objectives of Trojans & Backdoors Overt and Covert Channels Working of Trojans Different Types of Trojans Remote Access, Data Sending, Destructive, DOS, Proxy Trojans Target Data Types of Trojans Different Modes of Trojan Infection Auto-run of Trojans Common Symptoms of a Trojan Infection Ports used by Famous Trojans Wrappers & Binders Uses of Wrappers and Binders

Reverse Connection in relation to Trojans Detecting a Trojan in a computer Anti-Trojan Software Tips to Avoid Trojan Infection Concept of Rootkit Effects and Types of Rootkit Countermeasures of Rootkit

Chapter 9 Virus & Worms

Introduction to Virus & Worms Diff. between Virus & Worms Characteristics, Symptoms of a Virus History and Terminologies used for a Virus Types of Virus Damage Effects of a Virus Attack Access Methods of a Virus Modes of Virus infection Life Cycle of a Virus Types of Virus Programs What and how? Famous Virus & Worms Batch File programming Concept of Virus Construction Kit Virus Detection Methods Virus Incident Response Sheep Dip Tips on Prevention from Virus Infection Types of Worms Zombies Botnets Antivirus Program Popular Antivirus programs

Chapter 10 Proxy Server & Packet filtering

Proxy Server Advantages of using Proxy Servers Proxy Server Based Firewalls

Types of Proxy Servers Software Proxy, Proxy Websites, and Server Proxy Diff. between Transparent, Anonymous and Elite Proxies Anonymizers Socks Chain Proxy Http Tunnel Proxy Countermeasures of Proxy Packet Filtering Packet Filtering Devices and Approaches Stateless Packet Filtering Different Types of Filtering Based on IP Header, TCP, TCP/UDP, ICMP, ACK flags, Fragmentation and Packet Contents Filtering Suspicious Inbound Packets Stateful Packet Filtering Proxy Server Vs Packet Filtering

Chapter 11 Denial of Service Attack

Concept of DOS Attacks Goal of DOS Attack Impact and Modes of Dos Attack Types of Dos Attack smurf, Buffer Overflow, Ping of death, Teardrop, SYN, Tribal flow Concept of DDOS Attack Diff. between Dos and DDos Attack Characteristics of DDos Attacks Concept of Agent Handler Model, IRC Based Model, DDos Attack Taxonomy, Amplification Attack Concept of the Reflected Dos Countermeasures - Reflected DoS DDoS Countermeasures Detect and Neutralize Handlers Detect Potential Attacks Mitigate or Stop the Effects of DDoS Attacks Post-Attack Forensics

Chapter 12 Sniffers
Concept of Sniffing Types of Sniffing Active & Passive

ARP Poisoning Countermeasures of ARP Poisoning DNS Spoofing Changes in Host file for DNS Redirection Countermeasures of sniffing MAC Spoofing

Chapter 13 Social Engineering

Social Engineering Techniques of Social Engineering Attempt Using Phone, E-mail, Traditional mail, In person, Dumpster Diving, Insider Accomplice, Extortion and Blackmail, Websites, Shoulder surfing, Third Person Approach, Technical Support Countermeasures of Social Engineering

Chapter 14 Physical security

Physical Security Current Statistics Accountability and Need of Physical security Factors Affecting Physical Security Physical Security Checklist o Company Surroundings o Premises o Reception o Server o Workstation Area o Wireless Access Points o Other Equipments such as fax, removable media etc o Access Control o Computer Equipment Maintenance o Wiretapping o Remote Access o Locks o Spyware

Chapter 15 Steganography

 Steganography o What is Steganography? o History o Steganography today o Steganography tools Steganalysis o What is Steganalysis? o Types of analysis o Identification of Steganographic files Steganalysis meets Cryptanalysis o Password Guessing o Cracking Steganography programs Forensics/Anti-Forensics Conclusions o Whats in the Future? o Other tools in the wild o References

Chapter 16 Cryptography
Concept of Cryptography Advantages and uses of Cryptography PKI (Public Key Infrastructure) Algorithms of encryption RSA, MD5, SHA, SSL, PGP, SSH, GAK Concept of Digital Signature Encryption Cracking Techniques Disk Encryption Cracking S/MIME encryption using idle CPU time Concept of Command Line Scriptor and Crypto Heaven, Cyphercalc CA (Certificate Authority)

Chapter 17 - Wireless Hacking

Wireless Technology Introduction to wireless networking Basics & Terminologies Advantages of Wireless Technology Components of Wireless Network Types of Wireless Network

Setting and detecting a wireless network Advantages and Disadvantages of wireless network Antennas, SSID, Access Point Positioning and Rogue Access Point Concept of Wired Equivalent Privacy (WEP) MAC Sniffing & AP Spoofing Terminology of Wi-Fi Access Denial-of-Service and MITM Attack in Wi-Fi Wireless Intrusion Detection System Tips to Secure Wireless Network

Chapter 18 - Firewalls & Honeypots Firewall

What Does a Firewall Do? What a firewall cannot do How does a firewall work? Types of Firewall Working of Firewall Advantages and Disadvantages of Firewall Firewalls Implementing for Authentication Process Types of Authentication Process Steps for Conducting Firewall Penetration Testing o Locate the Firewall o Traceroute to identify the network range o Port scan the router o Grab the banner o Create custom packet and look for firewall responses o Test access control Enumeration o Test to indentify firewall architecture o Test firewall using firewalking tool o Test for port redirection o Test Convert channels o Test HTTP Tunneling o Test firewall specific vulnerabilities How to Bypassing the Firewall Concept of Honeypots Purpose and working of Honeypots Advantages and Disadvantages of Honeypots

Types of Honeypots Uses of Honeypots Detecting Honeypot Honeynets Architecture of Honeynet Working process of Honeynet Types of Honeynet Honeywall CDROM

Chapter 19 - IDS & IPS

Concept of IDS (Intrusion Detection System) History and Characteristics of IDS Importance of IDS Deployment of IDS Intro, Advantages and Components of Distributed IDS Aggregate Analysis with IDS Types and Architecture of IDS:o Network Based IDS o Host Based IDS Diff. Between Network Base IDS and Host Base IDS Methods to Detect IDS Signatures Types of Signature:o Network Signatures o Host-based Signatures o Compound Signatures Methods to Detect Signature Prelude of IDS Concept of IPS (Intrusion Prevention System) Diff. Between IDS and IPS Network Antivirus Softwares

Chapter 20 Vulnerability Assessment

Concept of Vulnerability Assessment Purpose Types of Assessment Vulnerability Classification

How to Conduct Vulnerability Assessment Vulnerability Analysis Stages Vulnerability Assessment Considerations Vulnerability Assessment Reports TimeLine and Penetration Attempts Vulnerability Assessment Tools

Chapter 21 Penetration Testing

Concept of Penetration Testing Security assessments Categories Vulnerability Assessment Limitation of Vulnerability assessment Why Penetration Testing? Types of Penetration Testing o External Testing o Internal Testing Sourcing Penetration Testing Terms of Engagement Project Scope Agreements of Pentest Service Testing Points, Locations, Automated Testing, Manual Testing, Gathering information for Penetration Testing By :o Domain name and IP address information o Enumerating Information about Hosts o Testing Network-Filtering Devices o Enumerating Devices o Denial of Service Emulation

Chapter 22 Session Hijacking

Session Hijacking Difference between Spoofing and Session Hijacking Phases of Session Hijacking:o Tracking the session o Desynchronizing the connection o Injecting the attackers packet Types of Session Hijacking:-

o Active o Passive TCP 3 Way Hand Shake Sequence Numbers Dangers Posed by Hijacking Countermeasure of Session Hijacking Protection Against Session Hijacking Countermeasure: IPSec

Chapter 23 Hacking Web Server

Web Servers Working process of Web Server Loopholes of Web Server Introduction of Popular Web Server and Common Security Threats Apache Vulnerability Attacks against IIS Components of IIS IIS Directory Traversal Unicode and Unicode Directory Traversal Vulnerability Unspecified Executable Path Vulnerability File System Traversal Counter measures WebDAV / ntdlldll Vulnerability RPC DCOM Vulnerability ASN Exploits IIS Logs Escalating Privileges on IIS Hot Fixes and Patches Countermeasures of Web Server

Chapter 24 SQL Injection

Introduction of SQL What SQL Can do SQL Queries Use of Quotes, AND & OR Concept of SQL Injection OLE DB Error Login Guessing & Insertion

 Shutting Down SQL Server Extended Stored Procedures Preventive Measures

Chapter 25 Cross Site Scripting

Introduction Cross Site Scripting Cross-Site Scripting Ways of Launching Cross-Site Scripting Attacks Working Process of Cross-Site Scripting Attacks When will be an attack successful? Programming Languages Utilized in XSS Attacks Types of XSS Attacks Steps of XSS Attack Not Fixing CSS/XSS Holes Compromises Methodology of XSS How to protect Against XSS

Chapter 26 Exploit Writing

Concept of Exploit Writing Purpose of Exploit Writing Requirements of Exploits Writing & Shell codes Types of Exploits:o Stack Overflow Exploits o Heap Corruption Exploit o Format String Attack o Integer Bug Exploits o Race Condition o TCP/IP Attack The Proof-of-Concept and Commercial Grade Exploit Converting a Proof of Concept Exploit to Commercial Grade Exploit Attack Methodologies Socket Binding Exploits Steps for Writing an Exploit Shellcodes Null Byte Types of Shellcode Steps for Writing a ShellCode

Issues Involved With Shellcode Writing Buffer Static Vs Dynamic Variables Stack Buffers, Data Region and Memory Process Regions About the Stack Need of Stack, Stack Region, Stack frame, Stack pointer, Procedure Call (Procedure Prolog) , Return Address (RET), Word Size and Buffer Overflows, Why do we get a segmentation violation and Segmentation Error Writing Windows Based Exploits EIP Register and ESP Metasploit Framework, msfconsole Development with Metasploit Need for Creating of Exploit Determining the Attack Vector Debugger Determine the offset & pattern create Where to place the payload?

Chapter 27 Buffer Overflow

Why Applications are vulnerable Buffer Overflow Attack Reasons of Buffer Overflow Knowledge for Buffer Overflow Understanding Stacks Understanding Heaps Types of Buffer Overflow Attack o Stack Based o Heap Based Heap Memory Buffer overflow Bug Understanding Assembly Language Intro of Shell Code Detection of Buffer Overflows in a program Attacking a Real Program Once the Stack is smashed NOPS Mutate a Buffer Overflow Exploit Comparing Functions of libc and libsafe

 Simple Buffer Overflow in C Code Analysis Countermeasure of Buffer Overflow Attack

Chapter 28 Reverse Engineering

Concept of Reverse Engineering Positive Application of Reverse Engineering Ethical Reverse Engineering DMCA ACT Disassembler Decompilers Program Obfuscation Why do you need to decompile ? NET Obfuscator and NET Obfuscation Java Byte code Decompilers How does OllyDbg Work?

Chapter 29 Email Hacking

Concept of Email Spam and Spam Laws E-Mail Tracking By Header Concept of Fake E-mails Various steps to send Fake mails Traceip by PHP Script

Chapter 30 Incident Handling & Response

Incident Different Categories of Incidents Various Types of Incidents Who should I report an incident Step by Step Procedure of Incident Handling Managing Incidents Incident Response Incident Handling Process Incident Detection Process Incident Containment Process

Incident Eradication Process Incident Recovery Process Incident Follow up Process Incident Response Team CSIRT Services

Chapter 31 Bluetooth Hacking

Bluetooth Technology Concept of Bluetooth Hacking Attacks on Bluetooth Mobile Why Bluetooth hacking? Working of Bluetooth Hacking Mobile Dos Attack Mobile Viruses & Worms Mobile Security Tips & Tricks Samsung Mobile Security Tips & Tricks Motorola Mobile Security Tips & Tricks Conclusions Countermeasures

Chapter 32 Mobile Phone Hacking Mobile Technologies

Introduction and Facts of GSM Low-Tech Fraud Countermeasure of Low-Tech Fraud GSM Security Problems Attacks on GSM Networks De-Registration and Location Update Spoofing Camping on a False BTS and False BTS/MS Active and Passive Identity Caching Suppressing encryption between the target user and the intruder Suppressing encryption between target user and the true network Compromised cipher key Eavesdropping on user data by suppressing encryption Eavesdropping User impersonation with compromised authentication vector

Hijacking outgoing calls Hijacking outgoing calls with encryption enabled Hijacking incoming calls Hijacking incoming calls with encryption enabled Introduction of Cryptography, Fake BTS and Terminology Terminal and SIM Discuss about Mobile Execution Environment GSM Data, Signaling and Signaling Security SS7: Opening up to World, Waiting for disaster, Evolution and What to do Diff. between :o PSTN vs VOIP o VOIP vs SS7 GSM Network Elements and Architecture Home Location Register (HLR) and Authentication Center (AuC) Mobile Switching Center (MSC) Customer Care and Billing System Value-Added Services WAP Security Model, The WAP Gap and WTLS Security WAP: o No end-to-end Trust o Man-in-the-middle Introduction of third Generation of Wireless 3G Security Architecture and Security Model Diff. Between 3G vs GSM AKA Message Flow and Connection Establishment Overview of Ciphering and Integrity Interception and Its :o Definitions o Terminology o Logical Configuration o Concepts Circuit and Packet Data Event Records Discuss the Security of Interception Components of GSM Network Overview of Subscriber and its Identification Electronic Access to the SIM Extraction From A SIM

o Location Information File o Serial Number o Subscriber Identifier o Phone Number o Text Message Data o Status of Text Message Data o Threats to a SIM Data Equipments:o Generic Properties o Ms data o Threats to MS Data o Network and :o Network Operator Data o Call Data Records o Threats to Network Operator GSM Security Operation and Forensics Tools Overview of Cell Seizure Features Of Cell Seizure Advantages and Disadvantages of Cell Seizure Tool of Cell Seizure