Pakistan Computer Emergency Response Team

The Security Standard


HOME | ABOUT US | SERVICES | ADVISORIES | RESOURCES | DEFACEMENT ARCHIVE | MEMBERS AREA | TRAINING | CONTACT US

Copyright | Disclaimer

 

 

 

 
PAKCERT PENETRATION TESTING BOOTCAMP

  • Gain practical experience under the expert guidance of CISSP, CPTS, CEH, COBIT, ITILv3 and AMBCI certified PakCERT instructor
  • State-of-the-art class environment with Windows and UNIX operating systems
  • Learn about the hacker mindset and become familiar with the tools used to attack systems
  • Receive a bootable hacking tools resource pack CDROM with all the tools and exploits discussed during the course

Starting Data: 12th October

Last Date for Registration: 9th October

Duration: 4 Days (9:00am - 3:00pm daily)

Fee: Rs.30,000/-

Course Package Includes:Penetration Testing bootable CDROM will pre-installed tools and exploits for all major operating systems, services and network devices

Venue: Suite 807, Aramex SMS Tower (old Kawish Crown Plaza), Main Shahrah-e-Faisal, Karachi - Pakistan

What Will You Learn?

  • Sophisticated, stealthy techniques used by professional hackers to gain access to systems in a purpose-built lab environment
  • How to circumvent traditional security mechanisms
  • How hackers can accurately collect and assimilate information about an organization's infrastructure whilst avoiding detection
  • How end-users thwart security restrictions imposed upon them
  • How hackers conceal their tracks and the route through which access to a target may be maintained
  • Limitations of firewalls and the tools used to bypass them
  • How hackers evade Intrusion Detection Systems (IDS)

Who Teaches the Class?

Security Assessment and Penetration Testing Expert, Qazi Mohammad Misbahuddin Ahmed is the pioneer of Security Assessment and Penetration Testing services in Pakistan. He holds a Bachelor in Computer Science and MBA-MIS along with the following industry leading certifications:
  • Certified Information Systems Security Professional (CISSP)
  • Certified Penetration Testing Specialist (CPTS)
  • Certified Ethical Hacker (CEH)
  • COBIT based IT Governance Exam (COBIT)
  • Information Technology Infrastructure Library (ITIL v3)
  • Associate Member of Business Continuity Institute (AMBCI)

He has performed several penetration tests, forensic analysis and incident response procedures for many national and multi-national companies. He has served as a member of Network Security Taskforce working under the Technology Resource Mobilization Unit of Ministry of IT&T, Government of Pakistan. He has conducted several workshops for high profile companies and is a regular speaker at many IT events and conferences like E-Merge, IT Expo, ProCOM, ITCN Asia ProQuest and also served as a coordinator and Judge at the ITCN Asia ProQuest Hacking Competition.

Qazi Ahmed is routinely called to comment and discuss on IT security events and has been featured on several TV channels like GEO, ARY Digital, Indus News, PTV and newspapers, magazines and newsletters like Spider, @internet, YAHOO!, CISCO, Newsbytes, Wall Street Journal, India Times, Hindustan Times etc.

Qazi Ahmed is also credited for finding the most severe security vulnerability ever discovered in Microsoft .NET Passport services affecting millions of people worldwide. Qazi Ahmed also enjoys the membership of renowned worldwide High IQ society, Mensa.

Recently Qazi Ahmed has been selected as an honoree for the Asia-Pacific Information Security Leadership Achievements (ISLA) Program 2008 in the Senior IT Security Professional category by the International Information Systems Security Certification Consortium (ISC2)

Who Should Take This Course

Those responsible for the security of IT systems including (but not limited to):
    • System Administrators
    • Network Administrators
    • Penetration Testers
    • Information Security Professionals
    • Law Enforcement Officials
    • Computer Auditors
    • IT Security Officer

Our information security training sessions have been attended by professionals from organizations such as:

  • Ministry of Defence
  • Pakistan Atomic Energy Commission
  • Ernst & Young
  • Juma Al Majid Group (UAE)
  • Unilever
  • Habibsons Bank (UK)
  • Allied Bank Limited
  • Qasim International Container Terminal
  • Agha Khan University
  • Dubai Islamic Bank
  • Qatar Airways
  • Central College London (UK)
  • Union Bank
  • Alliance Frances
  • Central Depository Company
  • Karachi Electricity Supply Corporation
  • Getz Pharma
  • Xpert2go Inc. (USA)
  • Compunet Online (ISP)
  • Lucky Textile Mills
  • Nadra
  • Agha Khan Education Service
  • Hamdard University Network
  • Habib Bank AG Zurich
  • Nakshbandi Industries
  • Sidat Hyder Morshed Associates

COURSE TOPICS

INTRODUCTION

  • Basic Definitions
  • Hacker Hats
  • Security Myths and Mysteries
  • Security Comparison between Microsoft Windows and Linux Variants
  • The Hacking Process
  • Types of Attacks
  • Types of Password Attacks
  • Buffer Overflows
  • Penetration Testing (Ethical Hacking)
  • Electronic Transaction Ordinance and proposed Electronic Crimes act 2003 of Pakistan
  • Hacker Hall of Fame
  • Answers to All Those Frequently Asked Questions (FAQs)

UNDSTANDING NETWORKS AND TCP/IP

  • Basic Networking and TCP/IP in a Nutshell
  • Components of the TCP/IP Protocol Suite
  • Understanding the ISO/OSI Network Model
  • The Protocol Stack
  • Understanding the Data Flow between the Layers
  • Exploring TCP/IP Implementation of the ISO/OSI Model
  • Understanding the Physical Layer
  • Understanding the Data-link Layer
  • Understanding the Network Layer
  • Understanding Encapsulation
  • Understanding the Transport Layer
  • Understanding the Application Layer
  • Understanding the Transport Control Protocol (TCP)
  • Ensuring Reliability
  • Understanding a Simple ACK Handshake
  • Understanding a Sliding Window
  • Defining a TCP Message
  • Establishing a TCP Connection
  • Understanding the Initial Sequence Number
  • Acknowledging Data Transmissions
  • Officially Establishing a Connection
  • Understanding Sequencing Numbers
  • Using Full-Duplex Services
  • Closing a TCP Connection
  • Understanding the TCP Header
  • Source and Destination Port
  • Sequence Number
  • Acknowledgement Number
  • Header Length
  • Flags
  • Window Size
  • TCP Checksum
  • Urgent Pointer
  • Options
  • Moving from Concept to Design
  • Understanding Network Topologies
  • The Star Topology
  • The Ring Topology
  • The Bus Topology
  • Understanding Bus Arbitration
  • Understanding Token Passing

FOOTPRINTING

  • Network Surveying
  • Whois Lookups
  • APNIC, ARIN, RIPE Lookups
  • DNS Interrogation
  • Zone Transfers
  • Gathering Information from Websites, Mailing Lists, Job Postings, Newspapers and Television

SCANNING

  • Scan Types
  • Ping Sweeps
  • Port Scanning
  • NMAP Scan Types
  • Banner Grabbing
  • Operating System Identification
  • War Dialing
  • War Driving

ENUMERATION

  • Windows NetBIOS Null Sessions
  • NetBIOS Enumeration
  • Enumeration Using SNMP
  • Registry Enumeration
  • Enumerating Users and Groups
  • Banner Grabbing
  • DNS Zone Transfers
  • UNIX RPC Enumeration

NETWORK HACKING

  • Introduction to Spoofing
  • Sending Spoofed Packets
  • Sniffing
  • Denial of Service (DoS) Using ARP
  • Sniffing in a Switches Environment
  • Changing Your MAC Address
  • Hacking a Manageable Switch to Sniff LAN Traffic
  • Collecting LAN Passwords
  • Extracting Binaries, Images and Documents from Sniffed Traffic
  • Man-in-the-middle (MITM) Attacks
  • Session Hijacking
  • Resetting a Session Remotely

WINDOWS 95/98 HACKING

  • Abusing Terminal Access
  • Cracking .PWL Password Files
  • Advance Instant Windows9x Share Password Cracking

WINDOWS NT/2000/XP/2003 HACKING

  • Introduction to Windows NT
  • Important DOS Commands
  • Exploiting NetBIOS
  • Enumeration
  • net.exe
  • Windows NT Resource Kit (NTRK)
  • Third Part Command Line Tools (Local and Remote)
  • netcat
  • Cracking the SAM File
  • How to Reset the Administrator Password
  • Dumping Password Hashes
  • Cracking Password Hashes
  • Dumping Local Security Authority (LSA) Secrets
  • Privilege Escalation Attacks
  • Retrieving Password Hashes Remotely
  • NetBIOS Password Cracking
  • Abusing the Windows 2000 Authentication Mechanism
  • Advance Windows Password Cracking in 5 Seconds!
  • Gaining Administrator Access in Windows 2000/XP Remotely! (Remote Exploits)
  • Remote Denial of Service (DoS)
  • Hiding Files in NTFS streams
  • Disable Auditing
  • Keystroke Loggers
  • Clearing the Event Log

VIRUS, WORMS AND TROJANS

  • Virus Writing
  • Worm Construction Kits
  • Trojan Construction Kits
  • Making Virus, Worms and Trojans Undetected from Anti-Virus and Anti-Trojan Softwares
  • Famous Virus, Worms and Trojans

CRYPTOGRAPHY

  • Understanding Cryptography Concepts
  • History
  • Encryption Key Types
  • Learning about Standard Cryptographic Algorithms
  • Understanding Symmetric Algorithms
  • DES
  • AES (Rijndael)
  • IDEA
  • Understanding Asymmetric Algorithms
  • Diffie-Hellman
  • RSA

FIREWALLS, IDS AND HONEYPOTS

  • Introduction to Firewalls
  • Why Firewalls?
  • Issues and Problems with Firewalls
  • Firewall Components
  • Service Access Policy
  • Firewall Design Policy
  • Packet Filtering
  • Which Protocols to Filter?
  • Problems with Packet Filtering Firewalls
  • Application Gateways
  • Circuit-level Gateways
  • Bypassing Firewalls and Access Control Lists (ACLs)
  • Intrusion Detection Systems (IDS)
  • Overview
  • Types of Intrusion Detection
  • Host-based IDS
  • Network-based IDS
  • IDS Techniques
  • Anomaly Detection
  • Misuse Detection or Signature Detection
  • Target Monitoring
  • Stealth Probes
  • IDS evasion
  • Honeypot
  • Uncensored Logs of Pakistani hackers caught in honeypot

LINUX HACKING

  • Introduction to Linux
  • Important Linux Commands
  • Installing Programs on Linux
  • Compiling Exploits
  • Linux Scanners
  • Cracking Linux Password File
  • Major Linux Vulnerabilities
  • Privilege Escalation
  • Gaining ROOT Level Access in a Linux System Remotely
  • Hiding Tracks
  • Rootkits
  • Backdooring the Linux Kernel

BACKDOORS AND ROOTKITS

  • Abusing Windows Registry Keys
  • Customizing Remote Access Programs as Backdoors
  • Placing Stealth (Non-listening) Backdoors
  • Placing Backdoors Behind Firewalls
  • Backdooring the Linux Kernel
  • Windows NT/2000/XP/2003 Rootkits

CISCO HACKING

  • Decrypting Router Passwords
  • Cracking Router Passwords Remotely
  • Cracking Router Passwords Hash Locally
  • Remotely Upload/Download Router Configuration without any Password
  • Remotely Reset Router Access and Enable Password
  • Cracking Router SNMP Community Strings
  • Managing a Router Remotely using SNMP
  • Cracking PIX Password Hashes
  • Bypassing PIX (and Other Firewall) ACLs

DENIAL OF SERVICE (DoS) ATTACKS

  • Motivation of DoS Attackers
  • Types of DoS Attacks
  • Bandwidth Consumption
  • Resource Starvation
  • Programming Flaws
  • Routing & DNS Attacks
  • Generic DoS Attacks
  • Sites Under Attack
  • Unix & Windows NT DoS
  • Distributed Denial of Service Attacks
  • Distributed Reflective Denial of Service Attacks

SQL HACKING

  • SQL Password Cracking
  • Getting Full Access using SQL Vulnerabilities
  • Introduction to SQL Injection
  • Using SQL Injection to Access Restricted Web Areas

SOCIAL ENGINEERING

  • Overview of Social Engineering
  • The Biggest Social Engineer of the Computer Underground
  • Common Types of Social Engineering
  • Exploiting the Human Weaknesses
  • The Importance of Employee Education

WEB SERVER HACKING

  • Web Server Enumeration
  • Web Vulnerability Scanners
  • Site Duplication
  • Web Based Password Cracking
  • Microsoft IIS Vulnerabilities
  • Executing Commands Using IIS Vulnerabilities
  • Getting Full Access using IIS Vulnerabilities
  • Hacking Apache Web Server
  • Defacing a Website

WIRELESS HACKING

  • 802.11x protocols
  • Wardriving
  • 802.11x Detection without a Computer
  • Hidden SSID Discovery
  • Sniffing on Wireless Networks
  • WEP Keys Cracking
  • Spoofing Wireless LAN MAC Address

All rights reserved. Copyright© PakCERT 2000-2008