Ethical Hacking Ethical Hacking

Presented ByPresented By

R. Sunil KumarR. Sunil Kumar

OverviewOverview

History of InternetHistory of Internet

History of HackingHistory of Hacking

Ethical HackingEthical Hacking EC-Council : C|EHEC-Council : C|EH

C|EH ModulesC|EH Modules

Brief History of InternetBrief History of Internet 19691969 -  - The Advanced Research Projects Agency (ARPA) The Advanced Research Projects Agency (ARPA)

create the ARPANET, the forerunner of the Internet. The first create the ARPANET, the forerunner of the Internet. The first four nodes (networks) of ARPANET consisted of the University four nodes (networks) of ARPANET consisted of the University of California Los Angeles, University of California Santa of California Los Angeles, University of California Santa Barbara, University of Utah and the Stanford Research Barbara, University of Utah and the Stanford Research Institute.Institute.

19831983 -  - The Internet is founded by splitting the Arpanet into The Internet is founded by splitting the Arpanet into separate military and civilian networks.separate military and civilian networks.

19831983 -  - FidoNet is developed by Tom Jennings. FidoNet will FidoNet is developed by Tom Jennings. FidoNet will become the most widespread information exchange network become the most widespread information exchange network in the world for the next 10 years, until the Internet takes in the world for the next 10 years, until the Internet takes over.over.

19891989 -  - the WWW is developed at CERN labs, in the WWW is developed at CERN labs, in Switzerland.Switzerland.

19901990 -  - The Arpanet is dismantled.The Arpanet is dismantled.

Advantages of InternetAdvantages of Internet Sharing InformationSharing Information Collection of InformationCollection of Information NewsNews Searching JobsSearching Jobs AdvertisementAdvertisement CommunicationCommunication EntertainmentEntertainment Online EducationOnline Education Online ResultsOnline Results Online Airlines and Railway SchedulesOnline Airlines and Railway Schedules Online Medical AdviceOnline Medical Advice

Disadvantages of InternetDisadvantages of Internet Theft of Personal informationTheft of Personal information SpammingSpamming Viruses & WormsViruses & Worms Security ProblemsSecurity Problems ImmoralityImmorality Wastage of timesWastage of times chatting, playing games etcchatting, playing games etc

History of Hacking History of Hacking

HackerHacker

Hackers are here. Where are Hackers are here. Where are you?you?

The explosive growth of the Internet has brought The explosive growth of the Internet has brought many good things…As with most technological many good things…As with most technological advances, there is also a dark side: criminal advances, there is also a dark side: criminal hackers. hackers.

HACKER HACKER noun. noun. 1. A person who enjoys learning 1. A person who enjoys learning the details of computer systems and how to the details of computer systems and how to stretch their capabilities…. 2. One who programs stretch their capabilities…. 2. One who programs enthusiastically or who enjoys programming enthusiastically or who enjoys programming rather than just theorizing about programming. rather than just theorizing about programming.

Hacking : Hacking : The rapid crafting of a new program The rapid crafting of a new program or making changes to the existing, usually or making changes to the existing, usually complicated softwarecomplicated software

Hacker ClassesHacker Classes Black Hats:Black Hats: Individuals who have extraordinary Individuals who have extraordinary

computing skills resorting to malicious or computing skills resorting to malicious or destructive purposes.destructive purposes.

White Hats:White Hats: individuals professing hacking skills individuals professing hacking skills and using them for defensive purposes. Also and using them for defensive purposes. Also known as security professionalsknown as security professionals

Gray Hats:Gray Hats: Individuals who work both offensively Individuals who work both offensively and defensively at various times.and defensively at various times.

Suicide Hackers:Suicide Hackers: individuals who aim to bring individuals who aim to bring down the critical infrastructures for a “cause” .down the critical infrastructures for a “cause” .

Hacker ClassesHacker Classes Script Kiddies or Cyber-Punks:Script Kiddies or Cyber-Punks: Between 12-30; Between 12-30;

predominantly white and male; bored in school; get predominantly white and male; bored in school; get caught due to bragging online; intent is to caught due to bragging online; intent is to vandalize or disrupt systems.vandalize or disrupt systems.

Professional Criminals or Crackers:Professional Criminals or Crackers: Make a Make a living by breaking into systems and selling the living by breaking into systems and selling the information.information.

Coders and Virus Writers:Coders and Virus Writers: See themselves as an See themselves as an elite; programming background and write code but elite; programming background and write code but won’t use it themselves; have their own networks won’t use it themselves; have their own networks called “zoos”; leave it to others to release their called “zoos”; leave it to others to release their code into “The Wild” or Internet. code into “The Wild” or Internet. ((www.tlc.discovery.com))

Time Line and Major EventsTime Line and Major Events

1960s: The Dawn of Hacking1960s: The Dawn of HackingMIT becomes home to the first computer hackers, who MIT becomes home to the first computer hackers, who begin altering software and hardware to make it work begin altering software and hardware to make it work better and/or faster.better and/or faster.

1970s: Phone Phreaks and Cap'n Crunch: 1970s: Phone Phreaks and Cap'n Crunch: One One phreak, John Draper (aka "Cap'n Crunch"), discovers a phreak, John Draper (aka "Cap'n Crunch"), discovers a toy whistle inside Cap'n Crunch cereal gives 2600-hertz toy whistle inside Cap'n Crunch cereal gives 2600-hertz signal, and can access AT&T's long-distance switching signal, and can access AT&T's long-distance switching system.system. Draper Draper builds a "blue box" used with whistle builds a "blue box" used with whistle allows phreaks to make free calls.allows phreaks to make free calls.

Steve WozniakSteve Wozniak and Steve Jobs, future founders of and Steve Jobs, future founders of Apple Computer, make and sell blue boxes.Apple Computer, make and sell blue boxes.

1980s: Hacker Message Boards and Groups1980s: Hacker Message Boards and GroupsHacking groups form; such as Legion of Doom (US), Hacking groups form; such as Legion of Doom (US), Chaos Computer Club (Germany).Chaos Computer Club (Germany).

1983: Kids' Games1983: Kids' GamesMovie "War Games" introduces public to hacking.Movie "War Games" introduces public to hacking.

1984: Hacker Zines1984: Hacker ZinesHacker magazine 2600 publication; online zine Phrack.Hacker magazine 2600 publication; online zine Phrack.

1986: 1986: Congress passes Computer Fraud and Abuse Act; crime to break Congress passes Computer Fraud and Abuse Act; crime to break into computer systems.into computer systems.

11988: The Morris Worm988: The Morris WormRobert T. Morris, Jr., launches self-replicating worm on Arpanet.Robert T. Morris, Jr., launches self-replicating worm on Arpanet.

1989: The Germans , the KGB and Kevin Mitnick.1989: The Germans , the KGB and Kevin Mitnick. German HackersGerman Hackers arrested for breaking into U.S. arrested for breaking into U.S.

computers; sold information to Soviet KGB (computers; sold information to Soviet KGB (Komitet Gosudarstvennoy Bezopasnosti)..

Hacker "The Mentor“Hacker "The Mentor“ arrested; publishes Hacker's arrested; publishes Hacker's Manifesto. Manifesto.

1990 : Kevin Mitnick1990 : Kevin Mitnick convicted; first person convicted under law against convicted; first person convicted under law against

gaining access to interstate network for criminal gaining access to interstate network for criminal purposes.purposes.

1990s: Why Buy a Car When You Can Hack One?1990s: Why Buy a Car When You Can Hack One?Radio station call-in contest; hacker-fugitive Kevin Radio station call-in contest; hacker-fugitive Kevin Poulsen and friends crack phone; they allegedly get two Poulsen and friends crack phone; they allegedly get two Porsches, $20,000 cash, vacation trips; Poulsen now a Porsches, $20,000 cash, vacation trips; Poulsen now a freelance journalist covering computer crime. freelance journalist covering computer crime.

First Def ConFirst Def Con hacking conference in Las Vegas hacking conference in Las Vegas 1995: The Mitnick Takedown:1995: The Mitnick Takedown: Arrested again; Arrested again;

charged with stealing 20,000 credit card numbers. charged with stealing 20,000 credit card numbers. 1995: Russian Hackers1995: Russian Hackers Siphon $10 million from Siphon $10 million from

Citibank; Vladimir Levin, leader.Citibank; Vladimir Levin, leader. 1999 1999 hackers attack Pentagon, MIT, FBI web sites.hackers attack Pentagon, MIT, FBI web sites. damage through attacks on government and military

computer systems has been calculated at between $1.5 and $1.8 Billion for 1999

1999:1999: E-commerce company attacked; blackmail E-commerce company attacked; blackmail threats followed by 8 million credit card numbers threats followed by 8 million credit card numbers stolen. stolen.

2000 2000 May: May: The The ILOVEYOU worm, also known as VBS/Loveletter and Love  worm, also known as VBS/Loveletter and Love

Bug worm, is a computer worm written in VBScript. It infected Bug worm, is a computer worm written in VBScript. It infected millions of computers worldwide within a few hours of its release. millions of computers worldwide within a few hours of its release.

September: teenage hacker September: teenage hacker Jonathan James becomes first juvenile  becomes first juvenile to serve jail time for hacking.to serve jail time for hacking.

20012001

Microsoft becomes the prominent victim of a new type of hack that Microsoft becomes the prominent victim of a new type of hack that attacks the attacks the domain name server. In these denial-of-service . In these denial-of-service attacks, the DNS paths that take users to Microsoft's Web sites are attacks, the DNS paths that take users to Microsoft's Web sites are corrupted.corrupted.

August: August: Code Red worm, infects tens of thousands of machines., infects tens of thousands of machines.

20022002

August: Researcher August: Researcher Chris Paget publishes a paper describing " publishes a paper describing "shatter attacks", detailing how Windows' unauthenticated ", detailing how Windows' unauthenticated messaging system can be used to take over a machine. The paper  can be used to take over a machine. The paper raises questions about how securable Windows could ever be.raises questions about how securable Windows could ever be.

October: The October: The 

International Information Systems Security Certification Consortium -  - (ISC)2 - confers its 10,000th (ISC)2 - confers its 10,000th CISSP certification. certification.

2003 2003

March: March: CULT OF THE DEAD COW and  and Hacktivismo are given permission  are given permission by the by the United States Department of Commerce to export software  to export software utilizing strong encryption.utilizing strong encryption.

December 18: December 18: Milford Man pleas guilty to hacking. pleas guilty to hacking.

20042004 March: March: Myron Tereshchuk is arrested for attempting to extort $17  is arrested for attempting to extort $17

million from million from Micropatent..

July: North Korea claims to have trained 500 hackers who July: North Korea claims to have trained 500 hackers who successfully crack South Korean, Japanese, and their allies' successfully crack South Korean, Japanese, and their allies' computer systems.computer systems.[18]

2005 2005 September 13: : Cameron Lacroix is sentenced to 11 months for  is sentenced to 11 months for

gaining access to gaining access to T-Mobile USA's network and exploiting  network and exploiting Paris Hilton's  Sidekick..[19]

November 3: : Jeanson James Ancheta, whom prosecutors say was a , whom prosecutors say was a member of the "Botmaster Underground", a group of member of the "Botmaster Underground", a group of script kiddies mostly noted for their excessive use of  mostly noted for their excessive use of bot attacks and  and propagating vast amounts of propagating vast amounts of spam, was taken into custody after , was taken into custody after being lured to FBI offices in Los Angeles.being lured to FBI offices in Los Angeles.[20]

2006 2006 May: Jeanson James Ancheta receives a 57 month prison sentence, May: Jeanson James Ancheta receives a 57 month prison sentence, 

[6] and is ordered to pay damages amounting to $15,000.00 to the  and is ordered to pay damages amounting to $15,000.00 to the Naval Air Warfare Center in China Lake and the Defense Naval Air Warfare Center in China Lake and the Defense Information Systems Agency, for damage done due to DDoS Information Systems Agency, for damage done due to DDoS attacks and hacking. Ancheta also had to forfeit his gains to the attacks and hacking. Ancheta also had to forfeit his gains to the government, which include $60,000 in cash, a BMW, and computer government, which include $60,000 in cash, a BMW, and computer equipment equipment [7]..

May: Largest Defacement in Web History is performed by the May: Largest Defacement in Web History is performed by the Turkish hacker  hacker iSKORPiTX who successfully hacked 21,549 websites  who successfully hacked 21,549 websites in one shot. in one shot. [8]

October: Jesus Oquendo releases Asteroid, a SIP Denial of Service October: Jesus Oquendo releases Asteroid, a SIP Denial of Service

testing tool. It broke all versions of Asterisk until 1.2.13. Asteroid is testing tool. It broke all versions of Asterisk until 1.2.13. Asteroid is also known to affect certain SIP Softphones, SIP Phones and also known to affect certain SIP Softphones, SIP Phones and possibly other products using the SIP protocol. It was used possibly other products using the SIP protocol. It was used in Henning Schulzrinne's Columbia University seminars. See MITRE in Henning Schulzrinne's Columbia University seminars. See MITRE CVE-2006-5444 and CVE-2006-5445CVE-2006-5444 and CVE-2006-5445

2007 2007

May 17: Estonia recovers from massive denial-of-service attackMay 17: Estonia recovers from massive denial-of-service attack [21][21]

June 13: FBI Operation Bot Roast finds over 1 million botnet victimsJune 13: FBI Operation Bot Roast finds over 1 million botnet victims

June 21: A spear phishing incident at the Office of the Secretary of June 21: A spear phishing incident at the Office of the Secretary of Defense steals sensitive U.S. defense information, leading to Defense steals sensitive U.S. defense information, leading to significant changes in identity and message-source verification at significant changes in identity and message-source verification at OSD.OSD.

August 11: United Nations website hacked by Turkish Hacker August 11: United Nations website hacked by Turkish Hacker Kerem125Kerem125

October 7: Trend Micro website successfully hacked by Turkish hacker October 7: Trend Micro website successfully hacked by Turkish hacker Janizary(a.k.a Utku)Janizary(a.k.a Utku)

November 29: FBI Operation Bot Roast II: 1 million infected PCs, $20 November 29: FBI Operation Bot Roast II: 1 million infected PCs, $20 million in losses and 8 indictmentsmillion in losses and 8 indictments

2008 2008

January 18: Project Chanology Anon attacks January 18: Project Chanology Anon attacks Scientology website servers around the world. Private Scientology website servers around the world. Private documents are stolen from Scientology computers documents are stolen from Scientology computers and distributed over the Internet.and distributed over the Internet.

March 7: Around 20 Chinese hackers claim to have March 7: Around 20 Chinese hackers claim to have gained access to the world's most sensitive sites, gained access to the world's most sensitive sites, including The Pentagon. They operate from a bare including The Pentagon. They operate from a bare apartment on a Chinese island.apartment on a Chinese island.

2009 2009

April 1: Conficker worm has infiltrated billions of PCs April 1: Conficker worm has infiltrated billions of PCs worldwide including many government-level top-worldwide including many government-level top-security computer networks.security computer networks.

Ethical HackingEthical Hacking

What is Ethical Hacking?What is Ethical Hacking? Ethical hackingEthical hacking – defined “methodology adopted – defined “methodology adopted

by ethical hackers to discover the vulnerabilities by ethical hackers to discover the vulnerabilities existing in information systems, operating existing in information systems, operating environments.”environments.”

With the growth of the Internet, computer security With the growth of the Internet, computer security has become a major concern for businesses and has become a major concern for businesses and governments. governments.

In their search for a way to approach the problem, In their search for a way to approach the problem, organizations came to realize that one of the best organizations came to realize that one of the best ways to evaluate the intruder threat to their ways to evaluate the intruder threat to their interests would be to have independent computer interests would be to have independent computer security professionals attempt to break into their security professionals attempt to break into their computer systems. computer systems.

Who are Ethical Hackers?Who are Ethical Hackers? ““One of the best ways to evaluate the intruder One of the best ways to evaluate the intruder

threat is to have an independent computer threat is to have an independent computer security professionals attempt to break their security professionals attempt to break their computer systems” computer systems”

Successful ethical hackers possess a variety of skills. Successful ethical hackers possess a variety of skills. First and foremost, they must be completely trustworthy. First and foremost, they must be completely trustworthy.

Ethical hackers typically have very strong programming Ethical hackers typically have very strong programming and computer networking skills. and computer networking skills.

They are also adept at installing and maintaining They are also adept at installing and maintaining systems that use the more popular operating systems systems that use the more popular operating systems (e.g., Linux , Unix, Windows ) used on target systems. (e.g., Linux , Unix, Windows ) used on target systems.

These base skills are augmented with detailed These base skills are augmented with detailed knowledge of the hardware and software provided by knowledge of the hardware and software provided by the more popular computer and networking hardware the more popular computer and networking hardware vendors. vendors.

Ethical Hacker classesEthical Hacker classes

• Former Black hatsFormer Black hats – Reformed – Reformed hackers, first-hand experience,hackers, first-hand experience,

lesser credibility perceivedlesser credibility perceived• WWhite hatshite hats – Individual security – Individual security

consultants, knowledgeable about black consultants, knowledgeable about black hatshats

• Consulting FirmsConsulting Firms– Part of ICT firms, – Part of ICT firms, good credentialsgood credentials

What do Ethical Hackers do?What do Ethical Hackers do?

An ethical hacker’s evaluation of a system’s An ethical hacker’s evaluation of a system’s security seeks answers to these basic questions: security seeks answers to these basic questions: • What can an intruder see on the target systems? What can an intruder see on the target systems? • What can an intruder do with that information? What can an intruder do with that information? • Does anyone at the target notice the intruder’s at Does anyone at the target notice the intruder’s at

tempts or successes? tempts or successes? • What are you trying to protect? What are you trying to protect? • What are you trying to protect against? What are you trying to protect against? • How much time, effort, and money are you How much time, effort, and money are you

willing to expend to obtain adequate protection? willing to expend to obtain adequate protection?

Required Skills of an Ethical Required Skills of an Ethical HackerHacker

Routers:Routers: knowledge of routers, routing protocols, and knowledge of routers, routing protocols, and access control listsaccess control lists

Windows:Windows: skills in operation, configuration and skills in operation, configuration and management.management.

Linux:Linux: knowledge of Linux/Unix; security setting, knowledge of Linux/Unix; security setting, configuration, and services.configuration, and services.

Firewalls & IDS & IPS:Firewalls & IDS & IPS: configurations, and operation configurations, and operation of IDS and IPS.of IDS and IPS.

MainframesMainframes Network Protocols:Network Protocols: TCP/IP; how they function and TCP/IP; how they function and

can be manipulated.can be manipulated. Project Management:Project Management: knowledge of leading, knowledge of leading,

planning, organizing, and controlling a penetration planning, organizing, and controlling a penetration testing team.testing team.

(Source: http://www.examcram.com)

Approaches to Ethical HackingApproaches to Ethical Hacking

Remote networkRemote network Remote dial-up networkRemote dial-up network Local networkLocal network Stolen EquipmentStolen Equipment Physical entryPhysical entry Social engineering Social engineering

(Source: http://www.examcram.com)

Anatomy of an attack:Anatomy of an attack:• ReconnaissanceReconnaissance – attacker gathers – attacker gathers

information; can include social engineering.information; can include social engineering.• ScanningScanning – searches for open ports (port – searches for open ports (port

scan) probes target for vulnerabilities.scan) probes target for vulnerabilities.• Gaining accessGaining access – attacker exploits – attacker exploits

vulnerabilities to get inside system; used for vulnerabilities to get inside system; used for spoofing IP.spoofing IP.

• Maintaining accessMaintaining access – creates backdoor – creates backdoor through use of Trojans; once attacker gains through use of Trojans; once attacker gains access makes sure he/she can get back in.access makes sure he/she can get back in.

• Covering tracksCovering tracks – deletes files, hides files, – deletes files, hides files, and erases log files. So that attacker cannot and erases log files. So that attacker cannot be detected or penalized. be detected or penalized.

(Source: www.eccouncil.org)

How Much Do Ethical Hackers How Much Do Ethical Hackers Get Paid?Get Paid?

Globally, the hiring of ethical hackers is on Globally, the hiring of ethical hackers is on the rise with most of them working with the rise with most of them working with top consulting firms. top consulting firms.

In the United States, an ethical hacker can In the United States, an ethical hacker can make upwards of $120,000 per annum. make upwards of $120,000 per annum.

Freelance ethical hackers can expect to Freelance ethical hackers can expect to make $10,000 per assignment. make $10,000 per assignment.

Some ranges from $15,000 to Some ranges from $15,000 to $45,000 for a standalone ethical $45,000 for a standalone ethical hack. hack.

Ec-Council: Certified Ethical Ec-Council: Certified Ethical HackerHacker

EC-COUNCILEC-COUNCIL

International council of electronic commerce International council of electronic commerce consultantsconsultants• Most successful and rapidly growing IT security and Most successful and rapidly growing IT security and

certification providerscertification providers• Standardized the concept of “Ethical Hacking”Standardized the concept of “Ethical Hacking”• EC-Council was the first to provide certification EC-Council was the first to provide certification

standards for these “Ethical Hackers”standards for these “Ethical Hackers”• EC-Council has trained more than 60,000 IT EC-Council has trained more than 60,000 IT

professionals, with over 20,000 earning a certificationprofessionals, with over 20,000 earning a certification

EC-Council has certified IT EC-Council has certified IT professionals from the following professionals from the following

organizations as CEH:organizations as CEH:

Novell, Canon, Hewlett Packard, US Air Force Novell, Canon, Hewlett Packard, US Air Force Reserve, US Embassy, Verizon, PFIZER, HDFC Reserve, US Embassy, Verizon, PFIZER, HDFC Bank, University of Memphis, Microsoft Bank, University of Memphis, Microsoft Corporation, Worldcom, Trusecure, US Department Corporation, Worldcom, Trusecure, US Department of Defense, Fedex, Dunlop, British Telecom, Cisco, of Defense, Fedex, Dunlop, British Telecom, Cisco, Supreme Court of the Philippines, United Nations, Supreme Court of the Philippines, United Nations, Ministry of Defense, UK, Nortel Networks, MCI, Ministry of Defense, UK, Nortel Networks, MCI, Check Point Software, KPMG, Fleet International, Check Point Software, KPMG, Fleet International, Cingular Wireless, Columbia Daily Tribune, Johnson Cingular Wireless, Columbia Daily Tribune, Johnson & Johnson, Marriott Hotel, Tucson Electric Power & Johnson, Marriott Hotel, Tucson Electric Power Company, Singapore Police Force Company, Singapore Police Force

PriceWaterhouseCoopers, SAP, Coca-Cola PriceWaterhouseCoopers, SAP, Coca-Cola Corporation, Quantum Research, US Military, IBM Corporation, Quantum Research, US Military, IBM Global Services, UPS, American Express, FBI, Global Services, UPS, American Express, FBI, Citibank Corporation, Boehringer Ingelheim, Citibank Corporation, Boehringer Ingelheim, Wipro, New York City Dept Of IT & Telecom – Wipro, New York City Dept Of IT & Telecom – DoITT, United States Marine Corps, Reserve Bank DoITT, United States Marine Corps, Reserve Bank of India, US Air Force, EDS, Bell Canada, SONY, of India, US Air Force, EDS, Bell Canada, SONY, Kodak, Ontario Provincial Police, Harris Kodak, Ontario Provincial Police, Harris Corporation, Xerox, Philips Electronics, U.S. Corporation, Xerox, Philips Electronics, U.S. Army, Schering, Accenture, Bank One, SAIC, Army, Schering, Accenture, Bank One, SAIC, Fujitsu, Deutsche BankFujitsu, Deutsche Bank

(Cont.)(Cont.)

Certified Ethical Hacker (C|EH) Certified Ethical Hacker (C|EH) TrainingTraining

EC-Council AcademyEC-Council Academy http://www.eccouncil.orghttp://www.eccouncil.org

• Five-dayFive-day CourseCourse• (C|EH)(C|EH) exam Code 312-50 exam Code 312-50• No. Of questions : 150No. Of questions : 150• Exam Duration : 4 hoursExam Duration : 4 hours• Passing Score : 70%Passing Score : 70%• Prometric and vuePrometric and vue

C|EH ModulesC|EH Modules

EC-CouncilEC-Council

Certified Ethical HackerCertified Ethical Hacker

www.eccouncil.org

ISBN 0-9729362-1-1

Ec-Council Topics CoveredEc-Council Topics Covered Introduction to Ethical HackingIntroduction to Ethical Hacking Hacking LawsHacking Laws Foot printingFoot printing Google hackingGoogle hacking ScanningScanning EnumerationEnumeration System HackingSystem Hacking Trojans and BackdoorsTrojans and Backdoors Viruses and wormsViruses and worms SniffersSniffers Social EngineeringSocial Engineering

Ec-Council (Cont.)Ec-Council (Cont.)

PhishingPhishing Hacking Email AccountsHacking Email Accounts Denial-of-serviceDenial-of-service Session HijackingSession Hijacking Hacking Web serversHacking Web servers Web Application vulnerabilitiesWeb Application vulnerabilities Web base password crackingWeb base password cracking Sql InjectionSql Injection Hacking wireless networksHacking wireless networks Physical SecurityPhysical Security

Ec-Council (Cont.)Ec-Council (Cont.)

Linux HackingLinux Hacking Evading IDS, Firewalls and detecting honey Evading IDS, Firewalls and detecting honey

potspots Buffer overflowsBuffer overflows CryptographyCryptography Penetration testingPenetration testing