Members loginEnglandRomania

Ethical Ninja II

About the course

Ethical Ninja II is about ‘doing stuff’ and practically learning the advanced techniques used by hackers to penetrate an organization's network and systems. This course goes beyond the standard hacking techniques and covers the more advanced exploits and tools used by hackers to reach the inner most sensitive areas of an organization and steal valuable information without getting caught. The course also addresses advanced hacking techniques used by hackers to compromise client machines to be used in bot nets. Ethical Ninja II focuses on a selected range of tools, showing how they are tailored and used efficiently to achieve the most damage. The final aim of the course is to understand the advanced hacking techniques of malicious users in order to protect your organization from the more stealth and targeted activities that go beyond common hacking attacks. By attending this course you will learn how to test your organization against such advanced attacks before it is done by the ‘bad guys’!

“This is the advanced hacking course for those who want to learn by doing”

Who Should Attend

This course is ideally suited for:

  • Spenetration testers
  • System administrators
  • Security professionals wanting to gain a practical understanding of advanced systems and network exploitation techniques

“The class will benefit anyone who wants to gain practical knowledge in the domain of ethical hacking”

Prerequisites

The course is "hands-on", technically focused and aimed at those individuals who have a good knowledge of standard ethical hacking techniques, common networking protocols, and practical familiarity with the Linux and Microsoft operating systems.

“This course will benefit anyone who wants to test their own organization against advanced hacking techniques and tools before hackers do”

Duration:5 days

Course Structure

Ethical Ninja II is a fully hands-on course developed around a set of real-life hacking scenarios. Specifically, the course will address the following phases:

  • Advanced information gathering and reconnaissance techniques
  • Optimized scanning and enumeration techniques
  • Identifying and using exploits to compromise target hosts
  • Privilege escalation
  • Stealth information theft from compromised systems
  • Maintaining Access
  • Covering Tracks

 The hacking scenarios will be the thread around which each of the above phases will be addressed, as opposed to the commonly followed approach of teaching each phase and related tools in isolation.

Laptop Requirements

A laptop is required to be able to work through all the practical hands-n workshops. Failure to meet the requirements below may result in the delegate not being able to carry out one or more of the practical workshops and thus not taking full benefit for the Ethical Ninja course. The minimum laptop requirements are:

  •  x86-compatible 1.5 Ghz CPU Minimum or higher
  • DVD Drive
  • 1GB RAM minimum or higher
  • Ethernet adapter
  • 10 Gigabyte available hard drive space
  • The system must be capable of booting from a CD
  • PCMCIA or ExpressCard or USB interface (this is required for the external wireless card included in the Ethical Ninja hacking kit). 
  • VMware Player or VMware Workstation.

 Ethical Ninja II Security Assessment (SA) Toolkit

The content of the SA Toolkit is:

  •  CDROM with all the required hacking tools
  • PCMCIA Wireless card a/b/g

 

Course Outline

Day

Details

Scenario
1 Gathering information about an organization, enumerating externally available services, profiling the firewall, and trying to find as much information as possible by “flying” under the radar and avoiding the organization intrusion detection systems Gaining access to an organization's internal network through the organization's Internet facing systems
2 We now proceed to attack the Internet facing website using advanced attacks to gain access and quickly escalate privileges. We use the advanced Metasploit framework to exploit our target.
3 Through the reconnaissance and scanning phases we know that the organization has hundreds of client users and we decide to test the organization security posture and security awareness by launching advanced client attacks aimed at compromising as many hosts as possible. Compromising the organization's client machines through Web-based attacks
4 We perform a number of attacks aimed at wireless clients and bypass the company wireless security policy. We then exploit the vulnerable wireless hotspot of the organization to launch attacks to other organizations. Finally we decide to break into the organization's wireless network by exploiting a number of configuration and deployment vulnerabilities. Gaining access to an organization's internal network through the organization's wireless network
5 It is time to go and take what we came here for. We use a number of different techniques and covert channels to go unnoticed while we send valuable organization's information to our remotely controlled hosts. We plant some sniffers and keyloggers to keep monitoring internal activities and plant some backdoors to let us back in in the future. Finally we do some cleaning and remove the traces of our intrusion. Exfiltrating information, keeping access and removing traces of the intrusions

Course Breakdown


Day 1

1 Reconnaissance
1.1 Advanced reconnaissance techniques
1.2 Email harvesting
2 Scanning
2.1 Advanced nmap scanning
2.2 Zenmap
2.3 IDS Evasion
3 Enumeration and Fingerprinting Services
3.1 Profiling firewalls
3.2 Profiling VPNs

Day 2

4 Web Application Attacks
4.1Advanced online password cracking
4.2 Advanced Database Attacks
4.3 Metasploit's WMAP
4.4 Direct database attacks
4.5 Metasploit's DB exploits
4.6 Pass The Hash
4.7 Token Stealing

Day 3

5 Phishing and Social Engineering
5.1 MetaPhish
6 Client-side exploits
6.1 Java / PDF / Binary payloads
7. Internal Information Gathering
8. Gaining access to internal systems

Day 4

9 Wireless Security
9.1 Fast WPA cracking
10 Hotspot Security
10.1 Unauthorized access
10.2 Session hijacking
11 Wireless client attacks
11.1 Rogue access points
11.2 Preferred Network List (PNL) 12 Wireless Network Attacks
12.1 EAP Types 12.2 Braking Radius

Day 5

13 Advanced covert channels
14 Evading the firewall
14.1 Port forwarding techniques
15 Netcat
15.1 bind shell
15.2 reverse shell
15.3 netcat relays
16 Keeping access
16.1 Backdoors
16.2 Sniffers
17 Covering tracks
17.1 Clean logs
17.2 Cleaning Command History

  

Why us?

"Our trainers are security consultants with many years of experience, highly dedicated to teach and share their knowledge."

"Ethical Ninja II is about acquiring practical skills and competence - not just theory."

"We focus on the tools and techniques which are used in real life by hackers."

 

Dr. Almerindo Graziano
CEO Silensec

About the Author

 Dr. Graziano holds an MSc in Electronic Engineering and a PhDin mobile computer security, both from the University of Naples, Italy.

 He is a senior academic at Shefield Hallam University, UK, where he leads the MSc in Information

 Systems Security. He has consulted internationally for a number of clients ranging from banks to government organizations. He has personally authored the implementation course for ISO27001 offered by the British Standardization Institute (BSI), the UK national standardization body. He is also a BSI-certified ISO27001 Lead Auditor trainer and auditor.

top
© 2010 Silensec. All Rights Reserved. Legal notice | Sitemap