Hacker Tools, Techniques, Exploits, and Incident Handling Training

Print Friendly, PDF & Email
Introduction

Hacker Tools, Techniques, Exploits, and Incident Handling Training Course Hands-on

Hacker Tools, Techniques, Exploits, and Incident Handling Training; The Internet is full of powerful hacking tools and bad guys using them extensively. If your organization has an Internet connection or one or two disgruntled employees (and whose doesn't!), your computer systems will get attacked.

From the five, ten, or even one hundred daily probes against your Internet infrastructure to the malicious insider slowly creeping through your most vital information assets, attackers are targeting your systems with increasing viciousness and stealth. As defenders, it is essential we understand these hacking tools and techniques with this Hacker Tools, Techniques, Exploits, and Incident Handling Training course.

By helping you understand attackers' tactics and strategies in detail, giving you hands-on experience in finding vulnerabilities and discovering intrusions, and equipping you with a comprehensive incident handling plan, this Hacker Tools, Techniques, Exploits, and Incident Handling Training course helps you turn the tables on computer attackers. It addresses the latest cutting-edge insidious attack vectors, the "oldie-but-goodie" attacks that are still prevalent, and everything in between.

Instead of merely teaching a few hack attack tricks, this Hacker Tools, Techniques, Exploits, and Incident Handling Training course provides a time-tested, step-by-step process for responding to computer incidents, and a detailed description of how attackers undermine systems so you can prepare, detect, and respond to them. In addition, the course explores the legal issues associated with responding to computer attacks, including employee monitoring, working with law enforcement, and handling evidence. Finally, students will participate in a hands-on workshop that focuses on scanning for, exploiting, and defending systems. It will enable you to discover the holes in your system before the bad guys do!

The Hacker Tools, Techniques, Exploits, and Incident Handling Training course is particularly well-suited to individuals who lead or are a part of an incident handling team. General security practitioners, system administrators, and security architects will benefit by understanding how to design, build, and operate their systems to prevent, detect, and respond to attacks.

Duration: 5 days

Hacker Tools, Techniques, Exploits, and Incident Handling Training Related Courses

Customize It

• We can adapt this Hacker Tools, Techniques, Exploits, and Incident Handling Training course to your group’s background and work requirements at little to no added cost.
• If you are familiar with some aspects of this Hacker Tools, Techniques, Exploits, and Incident Handling Training course, we can omit or shorten their discussion.
• We can adjust the emphasis placed on the various topics or build the Hacker Tools, Techniques, Exploits, and Incident Handling Training course around the mix of technologies of interest to you (including technologies other than those included in this outline).
• If your background is nontechnical, we can exclude the more technical topics, include the topics that may be of special interest to you (e.g., as a manager or policy-maker), and present the Hacker Tools, Techniques, Exploits, and Incident Handling Training course in manner understandable to lay audiences.

Audience / Target Group

• Incident handlers
• Leaders of incident handling teams
• System administrators who are on the front lines defending their systems and responding to attacks
• Other security personnel who are first responders when systems come under attack

Prerequisites

• A strong desire to understand hacker tools and techniques
• A foundational understanding of the Windows Command Line
• A foundational understanding of core networking concepts such as TCP/IP
• A strong desire to understand how key defensive tactics can thwart advanced attackers

Hacker Tools, Techniques, Exploits, and Incident Handling Training - Objectives:

After completing this Hacker Tools, Techniques, Exploits, and Incident Handling Training course, attendees will be able to:

• How best to prepare for an eventual breach
• The step-by-step approach used by many computer attackers
• Proactive and reactive defenses for each stage of a computer attack
• How to identify active attacks and compromises
• The latest computer attack vectors and how you can stop them
• How to properly contain attacks
• How to ensure that attackers do not return
• How to recover from computer attacks and restore systems for business
• How to understand and use hacking tools and techniques
• Strategies and tools for detecting each type of attack
• Attacks and defenses for Windows, Unix, switches, routers, and other systems
• Application-level vulnerabilities, attacks, and defenses
• How to develop an incident handling process and prepare a team for battle
• Legal issues in incident handling

Hacker Tools, Techniques, Exploits, and Incident Handling Training - Course Content:

1. Incident Handling Step-by-Step and Computer Crime Investigation

Preparation
Building an incident response kit
Identifying your core incident response team
Instrumentation of the site and system
Identification
Signs of an incident
First steps
Chain of custody
Detecting and reacting to Insider Threats
Containment
Documentation strategies: video and audio
Containment and quarantine
Pull the network cable, switch and site
Identifying and isolating the trust model
Eradication
Evaluating whether a backup is compromised
Total rebuild of the Operating System
Moving to a new architecture
Recovery
Who makes the determination to return to production?
Monitoring to system
Expect an increase in attacks
Special Actions for Responding to Different Types of Incidents
Espionage
Inappropriate use
Incident Record-keeping
Pre-built forms
Legal acceptability
Incident Follow-up
Lessons learned meeting
Changes in process for the future

2. Computer and Network Hacker Exploits - Part 1

Reconnaissance
What does your network reveal?
Are you leaking too much information?
Using Whois lookups, ARIN, RIPE and APNIC
Domain Name System harvesting
Data gathering from job postings, websites, and government databases
Recon-ng
Pushpin
Identifying publicly compromised accounts
Maltego
FOCA for metadata analysis
Scanning
Locating and attacking unsecure wireless LANs
War dialing with War-VOX for renegade modems and unsecure phones
Port scanning: Traditional, stealth, and blind scanning
Active and passive Operating System fingerprinting
Determining firewall filtering rules
Vulnerability scanning using Nessus and other tools
CGI scanning with Nikto
Powershell Empire
Bloodhound
Rubber Duckie attacks to steal wireless profiles
User Behavioral Analytics
Intrusion Detection System (IDS) Evasion
Foiling IDS at the network level
Foiling IDS at the application level: Exploiting the rich syntax of computer languages
Web Attack IDS evasion tactics
Bypassing IDS/IPS with TCP obfuscation techniques

3. Computer and Network Hacker Exploits - Part 2

Network-Level Attacks
Session hijacking: From Telnet to SSL and SSH
Monkey-in-the-middle attacks
Passive sniffing
Gathering and Parsing Packets
Active sniffing: ARP cache poisoning and DNS injection
Bettercap
Responder
LLMNR poisoning
WPAD Attacks
MITMf
DNS cache poisoning: Redirecting traffic on the Internet
Using and abusing Netcat, including backdoors and nasty relays
IP address spoofing variations
Operating System and Application-level Attacks
Buffer overflows in-depth
The Metasploit exploitation framework
Format string attacks
AV and application whitelisting bypass techniques
Netcat: The Attacker's Best Friend
Transferring files, creating backdoors, and shoveling shell
Netcat relays to obscure the source of an attack
Replay attacks

4. Computer and Network Hacker Exploits - Part 3

Password Cracking
Analysis of worm trends
Password cracking with John the Ripper
Hashcat
Rainbow Tables
Password spraying
Web Application Attacks
Account harvesting
SQL Injection: Manipulating back-end databases
Session Cloning: Grabbing other users' web sessions
Cross-Site Scripting
Denial-of-Service Attacks
Distributed Denial of Service: Pulsing zombies and reflected attacks
Local Denial of Service

5. Computer and Network Hacker Exploits - Part 4

Maintaining Access
Backdoors: Using Poison Ivy, VNC, Ghost RAT, and other popular beasts
Trojan horse backdoors: A nasty combo
Rootkits: Substituting binary executables with nasty variations
Kernel-level Rootkits: Attacking the heart of the Operating System (Rooty, Avatar, and Alureon)
Covering the Tracks
File and directory camouflage and hiding
Log file editing on Windows and Unix
Accounting entry editing: UTMP, WTMP, shell histories, etc.
Covert channels over HTTP, ICMP, TCP, and other protocols
Sniffing backdoors and how they can really mess up your investigations unless you are aware of them
Steganography: Hiding data in images, music, binaries, or any other file type
Memory analysis of an attack
Putting It All Together
Specific scenarios showing how attackers use a variety of tools together
Analyzing scenarios based on real-world attacks
Learning from the mistakes of other organizations
Where to go for the latest attack info and trends

6: Hacker Tools Workshop

Hands-on Analysis
Nmap port scanner
Nessus vulnerability scanner
Network mapping
Netcat: File transfer, backdoors, and relays
More Metasploit
Exploitation using built in OS commands
Privilege escalation
Advanced pivoting techniques

Request More Information

Time Frame: 0-3 Months4-12 Months

No Comments Yet.

Leave a comment

0