• Security testing methodologies
• The Ethical Hacking Profession
• Passive Intelligence Gathering – 2008 Version
• Network Sweeps
• Stealthily Network Recon
• Passive traffic identification
• Identifying system vulnerabilities
• Abusing Domain Name System (DNS)
• Abusing Simple Network Management Protocol
(SNMP)
• Introduction to Remote Exploits
• Engineering remote exploits
• Running shell code in RAM vs. on disk
• Heap Buffer Overflows
• Compromising Windows 2003 Server Systems
• Compromising Solaris, Unix and Linux Systems
• Attacking RDP (Remote Desktop Protocol) in
Windows XP, 2003 & Vista
• Windows password weaknesses & Rainbow Tables
• Unix password weaknesses
• Attacking Cisco’s IOS password weaknesses
Trojan genres
• Windows, Unix and Linux Trojans
• Kernel Mode Windows Rootkits – System Call
Hijacking and Direct Kernel Object Modification
• Kernel Mode Linux Rootkits
• Covert communication channels
• Spoofing endpoints of communication tunnels
• Tunneling through IPSec VPNs by abusing ESP
• Steganographic Tunnels
• Remote command execution
• Sniffing and hijacking SSL encrypted sessions
• Installing sniffers on low privilege account in
Windows 2003 Server
• Stealthy Remote keylogger installation
• Circumventing Antivirus
Modifying syslog entries
• Raw binary editing to prevent forensic
investigations
• Editing the Windows Event Log
• Abusing Windows Named Pipes for Domain
Impersonation
• Impersonation of other Users- Hijacking kernel
tokens
• Disguising network connections
• Attacking Cisco IOS
• Attacking STP & BGP protocols
• Wireless Insecurity
• Breaking Wireless Security – WEP, WPA, WPA2
• Blinding IDS & IPS
• Attacking IDS & IPS
Malicious event log editing
• Binary filesystem modification for anti-forensics
• Named Pipe abuse
• Kernel Token Hijacking
• Attacking Border Gateway Protocol (BGP)
• Attack WEP
• Cracking WPA
• Cracking WPA2
• Cisco IOS Exploits
• Breaking into Cisco routers
• Blinding IPS
• Attacking IPS
Abusing Web Applications
• Attacking Java Applets
• Breaking web app authentication
• SQL Injection techniques
• Modifying form data
• Attacking session IDs
• Cookie stealing
• Cross Site Scripting
• Cross Site Request Forgery (CSRF) Attacks
Remote buffer overflow exploit lab
• Custom compiling Shellcode
• Running payloads in RAM
• Hiding exploit payloads in jpeg and gif image files
• Attacking email vectors (Lotus Notes and
Microsoft Exchange, and Outlook Web Access)
• Registry manipulation
• Client side IE & Firefox exploits
• Using custom Trojans to circumvent Antivirus
• Remote kernel overflows
• RDP (Remote Desktop Protocol) Exploitation
• Cracking Windows Passwords
• Building Rainbow Tables
• Cracking Windows 2003 native mode passwords
• Brute forcing salted Unix passwords
• Attacking Kerberos Pre-Auth Hashes
• Cracking IOS and PIX passwords
• Compromise a DMZ setting with port redirection
• Circumvent firewall IP access list (ACL)
• Customizing Trojans to avoid Antivirus
• Deploying kernel mode rootkits on Windows 2003
& Vista
• Installing LKM rootkits on Linux servers
• Hijacking MSN messenger traffic
• Running commands remotely
• Breaking wireless encryption – WEP, WPA, WPA2
• Installing sniffers in low privilege user accounts
• Sniffing remotely and retrieving results
• Remote keylogging
• Tunneling with cover channels through IPSec VPNs
• Hijack and capture SSL traffic
Network Sweeping
• Scanning from spoofed IP addresses
• Stealthy Recon
• Injecting p0f for passive OS fingerprinting
• Scanning through firewalls
• IPv6 Scanning
• Discover all subdomains owned by an
organization
• Inspect changes to whois record over last 3
years
• Windows 2003 Server & Vista DNS Cache
Poisoning Attacks
• Pumping SNMP for data – OID Dissection
• Attacking SNMP
Thursday, July 23, 2009
DONT CREATE THUMLIN.DB
When viewing a folder with the Thumbnail view, WindowsXP creates a thumbs.db file.
This is a cache of the current pictures in that directory.
If you want to turn this feature off and save a little disk space
Start the Windows Explorer
Go to Tools / Folder Options / View
In the first section under Files and Folders, check Do not cache thumbnails
Now you can search for the thumbs.db file on your computer and remove them. No more should be created.
This is a cache of the current pictures in that directory.
If you want to turn this feature off and save a little disk space
Start the Windows Explorer
Go to Tools / Folder Options / View
In the first section under Files and Folders, check Do not cache thumbnails
Now you can search for the thumbs.db file on your computer and remove them. No more should be created.
NTLDR NOT FOUND
If you get an error that NTLDR is not found during bootup,
If you have FAT32 partitions, it is much simpler than with NTFS.
Just boot with a Win98 floppy and copy the NTLDR or NTDETECT.COM files
from the i386 directory to the root of the C:\ drive.
For NTFS:
Insert and boot from your Windows XP CD.
At the first R=Repair option, press the R key
Press the number that corresponds to the correct location for the installation of Windows you want to repair.
Typically this will be #1
Enter in the administrator password when requested
Enter in the following commands (X: is replaced by the actual drive letter that is assigned to the CD ROM drive.
COPY X:\i386\NTLDR C\:
COPY X:\i386\NTDETECT.COM C:\
Take out the CD ROM and type exit
If you have FAT32 partitions, it is much simpler than with NTFS.
Just boot with a Win98 floppy and copy the NTLDR or NTDETECT.COM files
from the i386 directory to the root of the C:\ drive.
For NTFS:
Insert and boot from your Windows XP CD.
At the first R=Repair option, press the R key
Press the number that corresponds to the correct location for the installation of Windows you want to repair.
Typically this will be #1
Enter in the administrator password when requested
Enter in the following commands (X: is replaced by the actual drive letter that is assigned to the CD ROM drive.
COPY X:\i386\NTLDR C\:
COPY X:\i386\NTDETECT.COM C:\
Take out the CD ROM and type exit
Monday, July 20, 2009
CLONE YOUR HARD DRIVE
Did know that you could clone your current Hard Drive without having to by extra software? Maybe you didn't know that all you needed, was already set up on your current system? Well, it is, and if you follow this tutorial, you shouldn't have much of a problem.
Make sure that you have a Master and a Slave setup on your system. The Slave drive, in this case, is where all the data on the Master is going to go to.
First: Perform a Scandisk your Master drive and follow that with a thorough Defrag. If you have an Antivirus program, do a thorough sweep with the AV first, then do the Scandisk, followed by the Defrag.
Second: Do the same thing to the target drive, as you did the Master: Scandisk then a thorough Defrag.
Third: Right-click on the Target drive and click on Format. When the box comes up, click your mouse onto the "Full" button.
Fourth: After Formatting the Target drive, run a Scandisk again and click on the button that says "Autofix Errors".
Fifth: In this final part, you might want to cut-and-paste to code in, unless you are sure that you can do it without making any mistakes:
Click on the "Start" button, then click on the "Run..." button, then place the following into the Runbox:
"XCOPY C:\*.*D:\ /c/h/e/k/r" (minus the quotes, of course) then press the "Enter" button.
If you receive an error message, then remove the space from between XCOPY and C:\
Anything that should happen to come up in the DOS box, just click "Y" for "Yes". When its all finished, pull the original Master from the system, designate the Slave as the Master,then check your new Master out.
Make sure that you have a Master and a Slave setup on your system. The Slave drive, in this case, is where all the data on the Master is going to go to.
First: Perform a Scandisk your Master drive and follow that with a thorough Defrag. If you have an Antivirus program, do a thorough sweep with the AV first, then do the Scandisk, followed by the Defrag.
Second: Do the same thing to the target drive, as you did the Master: Scandisk then a thorough Defrag.
Third: Right-click on the Target drive and click on Format. When the box comes up, click your mouse onto the "Full" button.
Fourth: After Formatting the Target drive, run a Scandisk again and click on the button that says "Autofix Errors".
Fifth: In this final part, you might want to cut-and-paste to code in, unless you are sure that you can do it without making any mistakes:
Click on the "Start" button, then click on the "Run..." button, then place the following into the Runbox:
"XCOPY C:\*.*D:\ /c/h/e/k/r" (minus the quotes, of course) then press the "Enter" button.
If you receive an error message, then remove the space from between XCOPY and C:\
Anything that should happen to come up in the DOS box, just click "Y" for "Yes". When its all finished, pull the original Master from the system, designate the Slave as the Master,then check your new Master out.
Subscribe to:
Posts (Atom)