LearnNowOnline

Learn your way! Get started

Certified Ethical Hacking: Advanced

with expert Rafiq Wayani

Watch trailer

Course at a glance

Release date 2/1/2016
Level
Runtime 6h 25m
Closed captioning N/A
Transcript N/A
eBooks / courseware N/A
Hands-on labs N/A
Sample code N/A
Exams Included
Enterprise Solutions

Need reporting, custom learning tracks, or SCORM? Learn More

Course description

Certified Ethical hacking Advanced Master Course

Prerequisites

To get the most out of this course, this course assumes that you have a good working knowledge of Linux and Windows based networking environments. It also assumes that you have experience with managing a network, have worked with networking hardware such as switches & routers, are familiar with MS Active Directory (AD) Domain based authentication, know how to work with command-line utilities, and understand the basics of Web Server environments. Many of the demonstrations in this course use the Windows 7 and Kali Linux operating systems which can be downloaded free from the respective sites. All of the demonstrations are created in a virtual environment using Oracle VirtualBox and VMware vSphere 6.

Meet the expert

Rafiq Wayani has extensive experience including more than 20 years in IT as Systems Architect, Software Engineer, DBA, and Project Manager. Wayani has instructed in a variety of technical areas, has designed and implemented network and information systems, and is certified across a wide range of platforms and systems including Microsoft Solutions Developer, Systems Engineer, Application Developer, Database Administrator, Trainer; Novell Netware Administrator and Engineer; Master Certified Netware Engineer; and A Certified.

Course outline

Session Hijacking

Session Hijacking Concepts (05:26)
  • Introduction (00:22)
  • Session Hijacking (00:46)
  • Session Hijacking Diagram (02:33)
  • Session Hijacking Cont. (01:26)
  • Summary (00:18)
App Level Session Hijacking (06:43)
  • Introduction (00:28)
  • Application Level Hijacking (04:13)
  • Web Services (01:49)
  • Summary (00:12)
Network Level Hijacking (05:41)
  • Introduction (00:21)
  • Network Level Hijacking (02:29)
  • Models (02:43)
  • Summary (00:08)
Session Hijacking Tools (07:06)
  • Introduction (00:19)
  • Network Level Hijacking (00:28)
  • Demo: Session Hijacking Tools (06:03)
  • Summary (00:14)
Session Hijack Countermeasures (08:00)
  • Introduction (00:33)
  • Session Hijack Countermeasures (04:34)
  • Countermeasures Cont. (02:38)
  • Summary (00:13)
Session Hijack Pentest (07:01)
  • Introduction (00:21)
  • Session Hijack Pentest (03:57)
  • Session Hijack Pentest Cont. (02:28)
  • Summary (00:14)

Web Server Attacks

Web Server Concepts (05:55)
  • Introduction (00:16)
  • What's Happening (01:39)
  • HTTP Request Processing in IIS (03:45)
  • Summary (00:14)
Web Server Attacks (07:16)
  • Introduction (00:15)
  • Web Server Attacks (03:13)
  • Demo: Netsparker (03:34)
  • Summary (00:12)
Web Server Attack Methodology (08:20)
  • Introduction (00:23)
  • Web Server Attack Methodology (00:42)
  • Demo: Netsparker (00:32)
  • Web Server Attack Methodology (00:58)
  • Demo: WinHTTrack (05:34)
  • Summary (00:10)
Web Server Attack Tools (09:27)
  • Introduction (00:19)
  • Web Server Attack Tools (01:19)
  • Demo: Passivetotal (02:22)
  • Demo: HTTPRecon (05:15)
  • Summary (00:11)
Web Server Countermeasures (10:47)
  • Introduction (00:17)
  • Web Server Countermeasures (00:40)
  • 18-Year-Old Vulernerability (01:04)
  • Server O/S (01:25)
  • Demo: End-of-Life Support (02:41)
  • Web Server Countermeasures (00:06)
  • Demo: Locking Down Servers (02:06)
  • Web Server Countermeasures (02:13)
  • Summary (00:11)
Web Server Patch Management (04:20)
  • Introduction (00:21)
  • Web Server Patch Management (02:11)
  • Patch Management Cont. (01:31)
  • Summary (00:15)
Web Server Security Tools (09:50)
  • Introduction (00:17)
  • Web Server Security Tools (05:02)
  • Demo: Cache (04:22)
  • Summary (00:08)
Web Server Penetration Testing (05:34)
  • Introduction (00:19)
  • Web Server Penetration Testing (00:56)
  • Demo: Pen Test Tools (03:02)
  • Web Server Pen Testing (01:01)
  • Summary (00:15)

Web Application Hacking

Web Application Concepts (05:06)
  • Introduction (00:17)
  • Most Exposed & Least Protected (02:02)
  • Exposure & Protection Cont. (02:33)
  • Summary (00:12)
Web Application Threats (12:27)
  • Introduction (00:18)
  • Web Application Threats (00:42)
  • Application Replays Script (01:34)
  • Email Vector (00:57)
  • Decoded Attack Sequence (01:19)
  • Verbose and Blind (01:19)
  • SQL Injection (00:42)
  • Database Driven Page (00:33)
  • Piggybacking with UNION (01:07)
  • Enumerate All Tables (00:48)
  • Subquery Enumerates Columns (01:55)
  • Select Data from the Column (00:57)
  • Summary (00:12)
Web App Hacking Methodology (10:25)
  • Introduction (00:17)
  • Web App Hacking Methodology (03:21)
  • Demo: Netsparker (00:53)
  • Web App Hacking Methodology (05:39)
  • Summary (00:13)
Web Application Hacking Tools (06:09)
  • Introduction (00:15)
  • Web Application Hacking Tools (03:50)
  • More Hacking Tools (01:47)
  • Summary (00:16)
Web App Countermeasures (07:33)
  • Introduction (00:25)
  • Countermeasures (03:47)
  • How to Protect Yourself (03:12)
  • Summary (00:08)
Web App Security Tools (12:06)
  • Introduction (00:31)
  • Demo: Kali, Nmap, & Nessus (04:30)
  • Demo: Openwall, pof, & WireShark (02:45)
  • Demo: Netcraft, Yersinia, & PuTTY (01:53)
  • Demo: Cain & Abel and Kismet (00:43)
  • Demo: hping and Secapps (01:19)
  • Summary (00:21)
Web Application Pen Testing (11:36)
  • Introduction (00:20)
  • Demo: Veracode (02:21)
  • Demo: Shodan and Arachni (00:46)
  • Demo: Aircrack-ng, AppScan, & Nikto (01:14)
  • Demo: WebScarab, Paterva, & Ironwasp (01:29)
  • Demo: Metasploit & WireShark (00:17)
  • Demo: w3af, Impact Pro, and Kali (00:51)
  • Demo: Netsparker, Nessus & Portswigger (01:30)
  • Demo: Zed Attack & Acunetix (00:25)
  • Demo: BeyondTrust, SQLNinja, & BeEF (01:07)
  • Demo: Dradis & Ettercap (00:49)
  • Summary (00:23)

SQL Injection

SQL Injection Concepts (08:07)
  • Introduction (00:22)
  • SQL Injection (SQLi) (03:08)
  • How Does SQLi Work? (04:18)
  • Summary (00:17)
SQL Injection Types (08:24)
  • Introduction (00:18)
  • Types of SQLi (05:17)
  • How Does SQLi Work? (02:40)
  • Summary (00:08)
SQLi Attack Methodology (05:54)
  • Introduction (00:18)
  • Application Security Risks (03:13)
  • OWASP Top 10 (02:04)
  • Summary (00:18)
SQLi Tools (04:58)
  • Introduction (00:20)
  • SQLi Tools (01:01)
  • Demo: sqlmap (01:56)
  • Demo: SQL Ninja (00:39)
  • Demo: safe3 (00:46)
  • Summary (00:13)
SQLi Evasion Techniques (05:15)
  • Introduction (00:16)
  • SQLi Evasion Techniques (02:03)
  • SQLi Evasion Techniques Cont. (02:40)
  • Summary (00:14)
SQLi Countermeasures (05:46)
  • Introduction (00:18)
  • SQLi Countermeasures (04:16)
  • Demo: Web Application Firewall (00:50)
  • SQLi Countermeasures (00:12)
  • Summary (00:08)

Wireless Networking

Wireless Networking Concepts (05:35)
  • Introduction (00:23)
  • Wireless Networking Concepts (02:35)
  • Directional Antennae (00:28)
  • Wireless Networking Concepts (01:24)
  • Omnidirectional Antennae (00:29)
  • Summary (00:13)
Wireless Encryption (06:59)
  • Introduction (00:19)
  • Wireless Encryption (03:20)
  • Demo: WPA2 (03:10)
  • Summary (00:09)
Wireless Threats (09:53)
  • Introduction (00:19)
  • Wireless Threats (02:14)
  • Rogue APs (00:57)
  • Wireless Threats (06:11)
  • Summary (00:11)
Wireless Hacking Methodology (08:55)
  • Introduction (00:19)
  • Wireless Hacking Methodology (01:51)
  • Wifite (03:20)
  • Wireless Hacking Methodology (01:08)
  • Wifiphisher (02:02)
  • Summary (00:12)
Wireless Bluetooth Hacking (07:22)
  • Introduction (00:18)
  • Bluetooth: Basics (02:24)
  • Bluetooth Hacking (01:07)
  • Bluetooth Security (02:45)
  • Bluetooth Hacking Tools (00:35)
  • Summary (00:11)
Wireless Countermeasures (08:06)
  • Introduction (00:19)
  • Wireless Countermeasures (00:35)
  • Demo: CIRT.net Passwords (03:33)
  • Wireless Countermeasures (00:27)
  • Demo: Linksys Settings (03:02)
  • Summary (00:08)

IDS & Firewall

IDS, Firewalls, and Honeypots (08:35)
  • Introduction (00:24)
  • Intrusion Detection System (02:46)
  • Network-Based IDS (01:06)
  • Host-Based IDS (01:31)
  • Intrusion Detection Techniques (02:31)
  • Summary (00:15)
Evading IDS (06:25)
  • Introduction (00:17)
  • Evading IDS (03:44)
  • IDS Diagram (02:11)
  • Summary (00:11)
Evading Firewalls (11:26)
  • Introduction (00:24)
  • Types of Firewalls (03:40)
  • Firewall Diagram (05:47)
  • Evading Firewalls (00:10)
  • Spoofing Diagram (01:22)
  • Evading Firewalls (00:13)
  • Source Routing Diagram (00:26)
  • Evading Firewalls (00:-51)
  • Summary (00:11)
Evading Firewall Tools (11:26)
  • Introduction (00:24)
  • Evading Firewall Methods (01:42)
  • Demo: Loki (02:05)
  • HTTP Tunneling Diagram (01:08)
  • Evading Firewall Tools (00:15)
  • Demo: Traffic IQ Professional (00:12)
  • Evading Firewall Tools (03:11)
  • Demo: Evading Firewall Tools (00:43)
  • Your Freedom Diagram (00:35)
  • Demo: More Evading Tools (00:53)
  • Summary (00:11)
Detecting Honeypots (02:56)
  • Introduction (00:15)
  • Detecting Honeypots (01:41)
  • Detecting Honeypots Cont. (00:45)
  • Summary (00:13)
IDS Evasion Countermeasures (04:34)
  • Introduction (00:21)
  • Attacker Creativity (02:02)
  • Network Monitor (00:00)
  • Insertion (00:56)
  • Attacker Creativity (00:57)
  • Summary (00:15)
IDS Penetration Testing (08:06)
  • Introduction (00:17)
  • IDS/Firewall Pen Testing (03:38)
  • Penetration Tesing Cont. (03:48)
  • Summary (00:22)

Cloud Computing

Intro to Cloud Computing (06:54)
  • Introduction (00:26)
  • Intro to Cloud Computing (00:55)
  • Cloud Computing Diagram (00:44)
  • Intro to Cloud Computing (00:25)
  • Pizza as a Service (02:53)
  • Intro to Cloud Computing (01:11)
  • Summary (00:16)
Cloud Computing Threats (05:28)
  • Introduction (00:14)
  • Cloud Computing Threats (02:46)
  • Cloud Computing Threats Cont. (02:04)
  • Summary (00:22)
Cloud Computing Attacks (06:35)
  • Introduction (00:16)
  • Cloud Computing Attacks (03:06)
  • Cloud Computing Attacks Cont. (02:59)
  • Summary (00:13)
Cloud Security (06:15)
  • Introduction (00:18)
  • Cloud Security (03:37)
  • Cloud Security Cont. (02:07)
  • Summary (00:12)
Cloud Security Tools (05:45)
  • Introduction (00:18)
  • Demo: Cloud Security (01:55)
  • Demo: Cloud Security Tools (03:09)
  • Summary (00:22)
Cloud Penetration Testing (06:04)
  • Introduction (00:33)
  • Cloud Penetration Testing (02:37)
  • Cloud Pen Testing Cont. (02:42)
  • Summary (00:11)

Cryptography

2014: The Year of Encryption (04:21)
  • Introduction (00:27)
  • 2014: The Year of Encryption (02:03)
  • The Year of Encryption Cont. (01:29)
  • Summary (00:20)
Case Study: Heartbleed (03:36)
  • Introduction (00:17)
  • Demo: The Heartbleed Bug (01:18)
  • Demo: The Heartbleed Bug Cont. (01:45)
  • Summary (00:14)
Case Study: POODLEbleed (03:21)
  • Introduction (00:22)
  • Demo: POODLEbleed (01:47)
  • Demo: POODLEbleed Cont. (00:58)
  • Summary (00:13)
Cryptography Concepts (05:01)
  • Introduction (00:20)
  • Cryptography Concepts (02:01)
  • Cryptography Concepts Cont. (02:29)
  • Summary (00:10)
Encryption Algorithms (06:13)
  • Introduction (00:16)
  • Encryption Algorithms (01:39)
  • Encryption Algoritms Cont. (03:59)
  • Summary (00:16)
Public Key Infrastructure (03:16)
  • Introduction (00:14)
  • Public Key Infrastructure (01:06)
  • PKI Cont. (01:45)
  • Summary (00:10)
Email Encryption (04:06)
  • Introduction (00:28)
  • Demo: Email Encryption (01:39)
  • Demo: Email Encryption Cont. (01:42)
  • Summary (00:15)
Disk Encryption (04:23)
  • Introduction (00:17)
  • Disk Encryption (02:06)
  • Disk Encryption Cont. (01:44)
  • Summary (00:15)
Cryptography Attacks (04:36)
  • Introduction (00:19)
  • Cryptography Attacks (02:20)
  • Cryptography Attacks Cont. (01:41)
  • Summary (00:14)
Security Tools (04:00)
  • Introduction (00:17)
  • Demo: CrypTool (01:19)
  • Demo: Cipher Tools (01:22)
  • Demo: Matasano Challenges (00:52)
  • Summary (00:08)