Introduction of Hacking
Phases Of Hacking
Types Of Hackers
CIA Triad
Vulnerability Assessment
Phases Of Vulnerability Assessment
Penetration Testing
Phases Of Penetration Testing
What is Footprinting
Phases Of Footprinting
Footprinting Through Search Engines
Footprinting Through Archives
Email Footprinting
Footprinting Through Whois
Footprinting Through TraceRoute
Footprinting IP Address
Footprinting Through Social Engineering
Gathering Information Using Websites and Applications
IP Mapping and Tracing IP address
Active and Passive Methods
Detecting Web Server
Find weaknesses using Google
Hacking Using Google and other Search Engines
What is Scanning
TCP Communication Flags
TCP Three Way Handshake
TCP Connect/Full Open Scanning
Stealth/Half Open Scanning
Inverse TCP Flag Probe Scanning
XMAS Scanning
ACK Scanning
UDP Scanning
OS Authentication Architecture
OS Hash BruteForcing
OS Password Cracking
Windows Login Bypass
OSX Login Bypass
Data Stealing Techniques
Kali Linux Vs Other Pen Testing OS
Installation and setup of Kali Linux
System Architecture of Kali Linux
Network Configuration of Kali Linux
Essential Commands of Kali Linux
Malware
Types Of Malware
Worms
Type Of Worms
Protecting Yourself From Worms
Symptoms of Worms
Removal of Worms
Virus
Types of Virus
Damage Caused By Virus
Cause of Virus
Symptoms Of Virus
Removal of Virus
Different Type of Trojans
Making of Trojan(RAT)
Right Way to Configure Trojan
Online Trojan propagation
Analysis and Removal of Trojan
Introduction to Network Sniffing
Man in the Middle Attacks
MAC spoofing & Flooding
ARP Poisoning
Rogue DHCP
SSL Stripping
Session Hijacking
Introduction to SQL Database
Types of SQL Injections
Authentication Bypass Injection
Blind Injections
Error Based Injection
Union Based Injection
Stacked Query Injection
Time Based Injection
Wi-Fi Technical Details
Types of Encryptions
MAC Spoofing
Attacks on WEP, WPA, WPA2
Forged Authentication Attack
Replay Attack
De-Synchronization Attack
Evil Twin and Fake AP Attack
Types of Steganography
Techniques of Steganography
How Steganography Works
Image Steganography
Working with Tools
How XSS Attacks Work
XSS Attack via Email
Stealing Cookies via XSS
XSS Attack in Comment Field
Blog Post via XSS Attack
CSRF Attacks
Understanding an iFrame Attack
New iFrame Injection Method
Ads in hidden iFrame and pop-ups
Redirecting to a malicious server
Malicious script execution
How DoS Attack Works
Indications of DoS Attacks
DoS Attack Techniques
Tools for DDoS Attacks
Detection of DoS Attacks
Need of Penetration Testing?
Types of Pen Testing
Pen Testing Techniques
Security Audit
Vulnerability Assessments
Black Box Pen Testing
Gray Box Pen Testing
Monitoring Events and Exceptions
Inspecting Processes and Modules
Introduction to Reverse Engineering
Tools and Commands
Introduction to Firewalls
Network Firewalls
Web Application Firewalls
Weakness in Firewalls
Honey Pots and Security Misconfiguration
Configure Rule sets
Setup Network IDS/IPS
Writing Custom Rules
Setup Network IDS or IPS
Logs Analysis
DMZ Configuration
Intrusion Detection Systems and weakness
Intrusion Prevention Systems and weakness
Introduction To Cryptography
History of Ciphers
Symmetric And Asymmetric Ciphers
Block Ciphers
Data Encryption Standard
DES-X
Advanced Encryption Standards
Block Cipher Modes
Stream Ciphers - RC4
Asymmetric-Key Algorithms
RSA
ELGAMAL
HASH Functions
Digital Signature
Hybrid Schemes
Public Key Infrastructure
Implementing Public Key Infrastructure
What Will PKI Allow You?
EXERCISE: Certificates
Certificate life cycle
Planning the PKI
PKI Administration
Threat Modelling and Classification
In Windows Authentication is process by which system validates a user's logon information. A user credentials are compared against an valid or authorized list, and if the system detects a exact, access is granted provided with permission list for specific user.
As an extensible architecture, Windows Server implement a default set of authentication, which include the Kerberos protocol with NTLM. Protocols used by providers which enable authentication of valid users, computers or services, and authentication process enables only authorized users with services to access resources.
Windows Server authenticate users by using SSPI to get specific calls for authentication. Windows Server include a set of security components with Windows security. These components ensure about applications can not gain unauthorized access to resources without authentication as stated below:-
1. Local Security Authority
2. Security Support Provider Interface
Local Security Authority
Local Security Authority, in short also refer as LSA, is a subsystem that is protected by authenticates and sign in users to local computer. LSA contain information about all detail of local security on a computer. Also provides services between names and SID - security identifiers.
Security Support Provider Interface
The SSPI - Security Support Provider Interface is the Application Program Interface that contains security on integrated services for integrity, authentication, message and privacy with security quality-of-service for application protocol.
Its a implementation of the GSSAPI - Generic Security Service . Provides a mechanism which distributed application that can also call one of several security to obtain authenticated connection by not knowing of the details of the security protocol.
Don't miss out!
Study Material
Quiz