Hackveda Training - Ethical Hacking, Networking & Security Day1: Hacking windows 7 / 8 system and security Part1 a.) Windows Login Password Bypass manually without CD / DVD b.) Windows Login Password Bypass with Installation Media c.) Windows Login Password Bypass manually by Windows Misconfiguration d.) Hacking windows passwords in Plaintext using DLL Injection Attack Day3: Hacking windows system and security Part3 Day2: Hacking windows system and security Part2 a.) Understanding NTFS filesystem and implementation b.) Hacking Driver Signatures Check c.) Manual Bypass NTFS filesystem permissions to access every file d.) Privilege escalation attacks on Windows Accounts e.) Hacking Netbios to hack RPC and IPC protocols to access all a.) Creating antivirus-proof virus program to hack windows systems b.) What hackers look for after a successful hack c.) Access violation attacks and management d.) Implement: Security policy and logging to prevent hacks Day4: Memory Hacking and Analysis Part 1 Day5: Memory Hacking and Analysis Part 2 a.) Basics of RAM, ROM, Flash Memory, Hex-Binary & more b.) Convert windows files from binary to hexadecimal c.) Capture file-signatures and convert to Original Binary file d.) Make memory dump of RAM manually on windows system e.) Make memory dump of ROM, hard-disk & USB manually on windows f.) Analyze memory dump in hex editor and manually recover original files a.) Recover all processes, commands executed on windows to identify attacker b.) Recover all kernel memory and objects: drivers, mutants, files & modules c.) Recover all network connection info to identify attacker- who, when, how? d.) Recover information stored in registry: passwords, hashes and much more e.) Recover system crashes and identify problem and solution f.) Manually recover all deleted and formatted data from disk drives for evidence
Day6: Linux Hacking and Security Day7: Malware Analysis on Windows / Linux System a.) Hacking Linux login accounts manually b.) Privilege escalation attacks on Linux c.) Manually sharing files between Linux / windows machines d.) Understand block devices and filesystem of Linux e.) Making memory dump of RAM / ROM of Linux machines f.) Hack Linux Processes, Kernel memory and objects g.) Hack networking & system information of Linux machines a.) Find hidden, injected malicious malware codes in memory b.) Understand Pool Tag, Regular Expression, ANSI & Unicode Strings c.) Scan tag, regular expression, strings in memory bytes of user & kernel d.) Scan user and kernel services to identify virus, Trojans and malwares e.) Identify hidden virus DLL files using virtual address descriptor technology f.) Reverse engineer malware code from memory & get executed functions g.) Identify api-hooks in user and kernel mode Day8: Basics of Practical Networking Part 1 Day9: Basics of Practical Networking Part 2 a.) Basics of networking Hardware: Cables, Switches, Routers b.) Basics of collision domains in networks c.) IP Addressing basics: IPv4 vs IPv6 d.) Mathematical conversion for networking: Binary <-> Digital e.) Class based IP Addressing & Classless inter domain routing f.) Understand why subnet mask is used in networking g.) Understand OSI, TCP/IP & Four Layer Model in Networking h.) How packet travels in LAN. Why switch? Concepts of ARP & TCP i.) How packet travels in WAN. Why router? Concepts of ARP & TCP j.) Capture Network Packets and Analyze using Wireshark. a.) Create a New Custom Network using Virtual Network Adapter b.) Create a New Virtual User Machine and connect to network. c.) Create a Mac table manually in Windows and Develop Switch and switching. d.) Create a Linux Router / CISCO router and connect to custom network e.) Add internet connectivity to router and set a default gateway. f.) Add new network adapter to router. g.) Setup NAT on the router h.) Setup router as a DHCP Server for allocating IP addresses in Custom Network i.) Provide internet to internal network machines using our own created router
Day10 Network hacking Day 1 Day11 Network Hacking Day 2 a.) Setup a Client Server architecture on IPv4 Between Windows/ Linux / Android b.) Setup a basic chat system with TCP packets containing Text Data c.) Implement Bind Shell and Reverse Shell concept of Hacking over Networks d.) Create your own virus reverse shell program in C and have fun with others PC s e.) Create a reverse shell payload using Metasploit f.) Create an antivirus-proof meterpreter virus and hack computers on lan & internet a.) Eavesdropping attack to re-route packets and capture to get HTTP / HTTPS passwords from Facebook, Gmail and other websites. b.) Capture packets and Data Modification attack on Networks c.) Manual IP Address spoofing attack to hide Attacker Identity Day12 Network Hacking Day 3 Day13 Mobile Hacking a.) Manual Denial of Service and Distributed attacks over Websites and Servers b.) Create Application Layer attacks : Terminate Apps and Operating Systems c.) Create and Copy Viruses throughout network using compromised machine d.) Create your own Network Simulation e.) Create a Router Forgery Attacks using fake router reply f.) Create a IP delay, IP dropping attack to slow down a Big Network a.) Create a virus program for Android Mobile over Internet b.) Hack Calls, Contacts, Sms, Facebook, Whatsapp, Gmail and other important database c.) Learn Concept of Memory Technology Devices in New Generation Mobile Devices d.) Generate Memory dump of MTD Devices and export for Analysis using Hex editor and recover all files, images, media, databases, passwords, pins, patterns and others e.) Bypass pattern lock, pins and passwords on mobile devices f.) Privilege escalation attack on Android mobile devices Day14- Exploitation and Shell-coding Techniques Part 1 a.) Understand stack, buffer and overflow conditions b.) Buffer overflow attacks over programs c.) How to construct Shell-codes and use for buffer overflow attacks d.) Shellcode execution and get root on compromised machine
Day15 Advanced Metasploit Techniques Part 1 a. Learn address randomization and Return Oriented programming b. Create printable shell-codes c. Stack Heap Collision attack over programs a.) Understanding Metasploit code writing and execution architecture b.) Identify a vulnerability in a program c.) Create custom exploits for Metasploit and execute successful exploitation d.) Create a Mediocre Custom Exploit for exploitation and add to Metasploit e.) Understanding Advanced Custom Exploit Writing Techniques Day16 - Exploitation and Shell-coding Techniques Part 2 Day 17 Website / Web Application Hacking and Security a.) Understand website and web app architectures b.) Database concepts and practical sql injection c.) PHP architecture and exploitation, upload shell and Enjoy Day18- Website / Web Application Hacking and Security Day19 Web Server Hacking and Security a.) Heap Exploitation attacks on New Generation Programs b.) Exploiting malloc() memory function c.) Exploiting free() memory function d.) Understand and overwrite PLT entries e.) Understand adapted shell-coding f.) Difference between Old and New glibc improved versions g.) Bypass DEP and ASLR on latest glibc versions available a. ASP architecture and exploitation, upload shell and Enjoy b. JavaScript based exploitation, upload shell and Enjoy c. Understanding other advanced attack vectors possible a.) Windows Server Exploitation, Compromise, Privilege Escalation and Persistence b.) Linux Server Exploitation, Compromise, Privilege Escalation and Persistence c.) Understand other available web servers and there attack vectors Day 20 Tracking Hackers on Websites / Web Server and Security a.) Tracking Hackers live on website and web server using advanced techniques b.) Create an application to implement persistence cookies and script injection c.) Advanced security logging on web server for security d.) Advanced Log analysis for attacker identification using: Logparser and Highlighter