|
|
| PAKCERT
ADVANCED NETWORK SECURITY/ETHICAL HACKING COURSE |
- FREE
1 month membership to the premium PakCERT Security Archive!
- Gain
practical experience under the expert guidance of CISSP and CPTS
certified PakCERT instructor
- State-of-the-art
class environment with Windows and UNIX operating systems
|
|
5
students maximum in every class. Guaranteed!
|
Mensans
can apply for special Mensa
Member Discount
|
Starting Date
23rd
February, 2007
Timing
6:00pm
- 9:00pm (Friday and Saturday)
Last
Date for Registration
20th
February, 2007
Interested
candidates are advised to visit our office at their earliest
to avoid any inconvenience
|
What
Will You Learn?
-
Sophisticated,
stealthy techniques used by professional hackers to gain access
to systems in a purpose-built lab environment
-
How
to circumvent traditional security mechanisms
-
How
hackers can accurately collect and assimilate information about
an organization's infrastructure whilst avoiding detection
-
How
end-users thwart security restrictions imposed upon them
-
How
hackers conceal their tracks and the route through which access
to a target may be maintained
-
Limitations
of firewalls and the tools used to bypass them
-
How
hackers evade Intrusion Detection Systems (IDS)
|
Benefits
-
Gain
practical experience under the expert guidance of CISSP certified
PakCERT instructor
-
Learn
about the hacker mindset and become familiar with the tools
used to attack systems
-
Develop
your skills in a state-of-the-art class environment with Windows
and UNIX operating systems and associated server software
-
Receive
a hacking tools resource pack CDROM with all the tools and
exploits discussed in the course
-
FREE!
1 month membership to the premium PakCERT Security Archive
|
Security
Assessment and Penetration Testing Expert, Qazi Ahmed (MBA-MIS,
CISSP, CPTS, COBIT, ITIL, AMBCI) is the pioneer of Security
Assessment and Penetration Testing services in Pakistan. He
has performed several penetration tests, forensic analysis and
incident response procedures for many national and multi-national
companies. He is currently a member of Network Security Taskforce
working under the Technology Resource Mobilization Unit of Ministry
of IT&T, Government of Pakistan. He has conducted several
workshops for high profile companies and is a regular speaker
at many IT events and conferences like E-Merge, IT Expo, ProCOM,
ITCN Asia ProQuest and also served as a coordinator and Judge
at the ITCN Asia ProQuest Hacking Competition. Qazi Ahmed is
routinely called to comment and discuss on IT security events
and has been featured on several TV channels like GEO, ARY Digital,
Indus News, PTV and newspapers, magazines and newsletters like
Spider, @internet, YAHOO!, CISCO, Newsbytes, Wall Street Journal,
India Times, Hindustan Times etc. Qazi Ahmed is also credited
for finding the most severe security vulnerability ever discovered
in Microsoft .NET Passport services affecting millions of people
worldwide. Qazi Ahmed also enjoys the membership of renowned
worldwide High IQ society, Mensa.
|
Who Should Take This Course?
Those responsible
for the security of IT systems including (but not limited to):
- System
Administrators
- Network
Administrators
- Penetration
Testers
- Information
Security Professionals
- Law
Enforcement Officials
- Computer
Auditors
-
IT
Security Officers
Our
information security training sessions have been attended by professionals
from organizations such as:
|
|
- Pakistan
Atomic Energy Commission
|
|
|
- Juma
Al Majid Group (UAE)
|
|
|
|
|
|
- Qasim
International Container Terminal
|
|
|
|
|
|
- Central
College London (UK)
|
|
|
|
- Central
Depository Company
|
- Karachi
Electricity Supply Corporation
|
|
|
|
|
|
|
|
|
- Agha
Khan Education Service
|
- Hamdard
University Network
|
|
|
|
- Sidat
Hyder Morshed Associates
|
COURSE
TOPICS
INTRODUCTION
- Basic
Definitions
- Hacker
Hats
- Security
Myths and Mysteries
- Security
Comparison between Microsoft Windows and Linux Variants
- The
Hacking Process
- Types
of Attacks
- Types
of Password Attacks
- Buffer
Overflows
- Penetration
Testing (Ethical Hacking)
- Electronic
Transaction Ordinance and proposed Electronic Crimes act 2003
of Pakistan
- Hacker
Hall of Fame
- Answers
to All Those Frequently Asked Questions (FAQs)
|
UNDSTANDING
NETWORKS AND TCP/IP
- Basic
Networking and TCP/IP in a Nutshell
- Components
of the TCP/IP Protocol Suite
- Understanding
the ISO/OSI Network Model
- The
Protocol Stack
- Understanding
the Data Flow between the Layers
- Exploring
TCP/IP Implementation of the ISO/OSI Model
- Understanding
the Physical Layer
- Understanding
the Data-link Layer
- Understanding
the Network Layer
- Understanding
Encapsulation
- Understanding
the Transport Layer
- Understanding
the Application Layer
- Understanding
the Transport Control Protocol (TCP)
- Ensuring
Reliability
- Understanding
a Simple ACK Handshake
- Understanding
a Sliding Window
- Defining
a TCP Message
- Establishing
a TCP Connection
- Understanding
the Initial Sequence Number
- Acknowledging
Data Transmissions
- Officially
Establishing a Connection
- Understanding
Sequencing Numbers
- Using
Full-Duplex Services
- Closing
a TCP Connection
- Understanding
the TCP Header
- Source
and Destination Port
- Sequence
Number
- Acknowledgement
Number
- Header
Length
- Flags
- Window
Size
- TCP
Checksum
- Urgent
Pointer
- Options
- Moving
from Concept to Design
- Understanding
Network Topologies
- The
Star Topology
- The
Ring Topology
- The
Bus Topology
- Understanding
Bus Arbitration
- Understanding
Token Passing
|
FOOTPRINTING
- Network
Surveying
- Whois
Lookups
- APNIC,
ARIN, RIPE Lookups
- DNS
Interrogation
- Zone
Transfers
- Gathering
Information from Websites, Mailing Lists, Job Postings, Newspapers
and Television
|
SCANNING
- Scan
Types
- Ping
Sweeps
- Port
Scanning
- NMAP
Scan Types
- Banner
Grabbing
- Operating
System Identification
- War
Dialing
- War
Driving
|
ENUMERATION
- Windows
NetBIOS Null Sessions
- NetBIOS
Enumeration
- Enumeration
Using SNMP
- Registry
Enumeration
- Enumerating
Users and Groups
- Banner
Grabbing
- DNS
Zone Transfers
- UNIX
RPC Enumeration
|
NETWORK
HACKING
-
Introduction to Spoofing
- Sending
Spoofed Packets
- Sniffing
- Denial
of Service (DoS) Using ARP
- Changing
Your MAC Address
- Hacking
a Manageable Switch to Sniff LAN Traffic
|
WINDOWS
95/98 HACKING
- Abusing
Terminal Access
- Cracking
.PWL Password Files
- Advance
Instant Windows9x Share Password Cracking
|
WINDOWS
NT/2000/XP/2003 HACKING
-
Introduction to Windows NT
- Important
DOS Commands
- Exploiting
NetBIOS
- Enumeration
- net.exe
- Windows
NT Resource Kit (NTRK)
- netcat
- Cracking
the SAM File
- Dumping
Password Hashes
- Cracking
Password Hashes
- Dumping
Local Security Authority (LSA) Secrets
- Privilege
Escalation Attacks
- Retrieving
Password Hashes Remotely
- NetBIOS
Password Cracking
- Abusing
the Windows 2000 Authentication Mechanism
- Abusing
SNMP
- Gaining
full access remotely (Remote Exploits)
- Remote
Denial of Service (DoS)
|
VIRUS,
WORMS AND TROJANS
- Virus
Writing
- Worm
Construction Kits
- Trojan
Construction Kits
- Making
Virus, Worms and Trojans Undetected from Anti-Virus and Anti-Trojan
Softwares
- Famous
Virus, Worms and Trojans
|
CRYPTOGRAPHY
- Understanding
Cryptography Concepts
- History
- Encryption
Key Types
- Learning
about Standard Cryptographic Algorithms
- Understanding
Symmetric Algorithms
- DES
- AES
(Rijndael)
- IDEA
- Understanding
Asymmetric Algorithms
- Diffie-Hellman
- RSA
|
FIREWALLS,
IDS AND HONEYPOTS
- Introduction
to Firewalls
- Why
Firewalls?
- Issues
and Problems with Firewalls
- Firewall
Components
- Service
Access Policy
- Firewall
Design Policy
- Packet
Filtering
- Which
Protocols to Filter?
- Problems
with Packet Filtering Firewalls
- Application
Gateways
- Circuit-level
Gateways
- Bypassing
Firewalls and Access Control Lists (ACLs)
- Intrusion
Detection Systems (IDS)
- Overview
- Types
of Intrusion Detection
- Host-based
IDS
- Network-based
IDS
- IDS
Techniques
- Anomaly
Detection
- Misuse
Detection or Signature Detection
- Target
Monitoring
- Stealth
Probes
- IDS
evasion
- Honeypot
- Uncensored
Logs of Pakistani hackers caught in honeypot
|
LINUX
HACKING
-
Introduction to Linux
- Important
Linux Commands
- Installing
Programs on Linux
- Compiling
Exploits
- Linux
Scanners
- Cracking
Linux Password File
- Major
Linux Vulnerabilities
- Privilege
Escalation
- Rooting
a Linux System Remotely
|
BACKDOORS
AND ROOTKITS
- Abusing
Windows Registry Keys
- Backdooring
the Linux Kernel
- Windows
NT/2000/XP/2003 Rootkits
|
CISCO
HACKING
- Decrypting
Router Passwords
- Cracking
Router Passwords Remotely
- Cracking
Router Passwords Hash Locally
- Remotely
Upload/Download Router Configuration without any Password
- Remotely
Reset Router Access and Enable Password
- Cracking
Router SNMP Community Strings
- Managing
a Router Remotely using SNMP
- Cracking
PIX Password Hashes
|
DENIAL
OF SERVICE (DoS) ATTACKS
- Motivation
of DoS Attackers
- Types
of DoS Attacks
- Bandwidth
Consumption
- Resource
Starvation
- Programming
Flaws
- Routing
& DNS Attacks
- Generic
DoS Attacks
- Sites
Under Attack
- Unix
& Windows NT DoS
- Distributed
Denial of Service Attacks
- Distributed
Reflective Denial of Service Attacks
|
SQL
HACKING
- SQL
Password Cracking
- Getting
Full Access using SQL Vulnerabilities
- Introduction
to SQL Injection
- Using
SQL Injection to Access Restricted Web Areas
|
SOCIAL
ENGINEERING
- Overview
of Social Engineering
- The
Biggest Social Engineer of the Computer Underground
- Common
Types of Social Engineering
- Exploiting
the Human Weaknesses
- The
Importance of Employee Education
|
WEB
SERVER HACKING
- Web
Server Enumeration
- Web
Vulnerability Scanners
- Site
Duplication
- Web
Based Password Cracking
- Microsoft
IIS Vulnerabilities
- Executing
Commands Using IIS Vulnerabilities
- Getting
Full Access using IIS Vulnerabilities
- Hacking
Apache Web Server
|
WIRELESS
HACKING
-
802.11x protocols
- Wardriving
- 802.11x
Detection without a Computer
- Hidden
SSID Discovery
- Sniffing
on Wireless Networks
- WEP
Keys Cracking
- Spoofing
Wireless LAN MAC Address
|
|
|
