Introduction of Hacking
Phases Of Hacking
Types Of Hackers
CIA Triad
Vulnerability Assessment
Phases Of Vulnerability Assessment
Penetration Testing
Phases Of Penetration Testing
What is Footprinting
Phases Of Footprinting
Footprinting Through Search Engines
Footprinting Through Archives
Email Footprinting
Footprinting Through Whois
Footprinting Through TraceRoute
Footprinting IP Address
Footprinting Through Social Engineering
Gathering Information Using Websites and Applications
IP Mapping and Tracing IP address
Active and Passive Methods
Detecting Web Server
Find weaknesses using Google
Hacking Using Google and other Search Engines
What is Scanning
TCP Communication Flags
TCP Three Way Handshake
TCP Connect/Full Open Scanning
Stealth/Half Open Scanning
Inverse TCP Flag Probe Scanning
XMAS Scanning
ACK Scanning
UDP Scanning
OS Authentication Architecture
OS Hash BruteForcing
OS Password Cracking
Windows Login Bypass
OSX Login Bypass
Data Stealing Techniques
Kali Linux Vs Other Pen Testing OS
Installation and setup of Kali Linux
System Architecture of Kali Linux
Network Configuration of Kali Linux
Essential Commands of Kali Linux
Malware
Types Of Malware
Worms
Type Of Worms
Protecting Yourself From Worms
Symptoms of Worms
Removal of Worms
Virus
Types of Virus
Damage Caused By Virus
Cause of Virus
Symptoms Of Virus
Removal of Virus
Different Type of Trojans
Making of Trojan(RAT)
Right Way to Configure Trojan
Online Trojan propagation
Analysis and Removal of Trojan
Introduction to Network Sniffing
Man in the Middle Attacks
MAC spoofing & Flooding
ARP Poisoning
Rogue DHCP
SSL Stripping
Session Hijacking
Introduction to SQL Database
Types of SQL Injections
Authentication Bypass Injection
Blind Injections
Error Based Injection
Union Based Injection
Stacked Query Injection
Time Based Injection
Wi-Fi Technical Details
Types of Encryptions
MAC Spoofing
Attacks on WEP, WPA, WPA2
Forged Authentication Attack
Replay Attack
De-Synchronization Attack
Evil Twin and Fake AP Attack
Types of Steganography
Techniques of Steganography
How Steganography Works
Image Steganography
Working with Tools
How XSS Attacks Work
XSS Attack via Email
Stealing Cookies via XSS
XSS Attack in Comment Field
Blog Post via XSS Attack
CSRF Attacks
Understanding an iFrame Attack
New iFrame Injection Method
Ads in hidden iFrame and pop-ups
Redirecting to a malicious server
Malicious script execution
How DoS Attack Works
Indications of DoS Attacks
DoS Attack Techniques
Tools for DDoS Attacks
Detection of DoS Attacks
Need of Penetration Testing?
Types of Pen Testing
Pen Testing Techniques
Security Audit
Vulnerability Assessments
Black Box Pen Testing
Gray Box Pen Testing
Monitoring Events and Exceptions
Inspecting Processes and Modules
Introduction to Reverse Engineering
Tools and Commands
Introduction to Firewalls
Network Firewalls
Web Application Firewalls
Weakness in Firewalls
Honey Pots and Security Misconfiguration
Configure Rule sets
Setup Network IDS/IPS
Writing Custom Rules
Setup Network IDS or IPS
Logs Analysis
DMZ Configuration
Intrusion Detection Systems and weakness
Intrusion Prevention Systems and weakness
Introduction To Cryptography
History of Ciphers
Symmetric And Asymmetric Ciphers
Block Ciphers
Data Encryption Standard
DES-X
Advanced Encryption Standards
Block Cipher Modes
Stream Ciphers - RC4
Asymmetric-Key Algorithms
RSA
ELGAMAL
HASH Functions
Digital Signature
Hybrid Schemes
Public Key Infrastructure
Implementing Public Key Infrastructure
What Will PKI Allow You?
EXERCISE: Certificates
Certificate life cycle
Planning the PKI
PKI Administration
Threat Modelling and Classification
As the name suggests, this type of test is a combination of both black box and white box testing. In other words, penetration testing requires only partial knowledge of the internal performance of a web application. It is often restricted to access to software code and system architecture diagrams.
With gray box testing, manual and automated testing procedures can be used. Because of this approach, Penn Tester can concentrate his or her core efforts on the areas of the web application that he or she is familiar with and use any weaknesses or weaknesses from there and there. In this particular method, there is a high likelihood that "security holes" will be difficult to find.
Don't miss out!
Study Material
Quiz