Categories

There are currently no items in your shopping cart.

User Panel

Forgot your password?.

Mile2 Certified Professional Ethical Hacker (CPEH) Part 1 of 2

Video Introducing this tutorial


1. Course Introduction:
1. Instructor Introduction
2. Course Overview
3. Course Prerequisites

2. Module 1 - Introduction to Ethical Hacking:
1. Introduction to Ethical Hacking
2. Where are We
3. Overview

3. Module 1 - Section 1 What and Why:
1. What is Ethical Hacking
2. What is Ethical Hacking Cont...
3. Why Ethical Hacking
4. Downfalls

4. Module 1 - Section 2 Differences:
1. Items we Cover
2. What is a Penetration Test
3. White HatRed Team
4. Red TeamSecurity Researcher
5. Differences
6. Task Differences
7. Hacker vs. Ethical Hacker

5. Module 1 - Section 3 Security Definitions:
1. Types of Hackers
2. CIA Triad in Detail
3. Security Definitions
4. Exploit and Vulnerability Lifecycle
5. Zero Day Anyone
6. Risk Assessment
7. Mile2 Glossary of Terms

6. Module 1 - Section 4 Risk Management:
1. Risk Management Flow
2. What is the Value of an Asset
3. Risk Based Definitions
4. What is a Threat SourceAgent
5. What is a Threat
6. What is a Vulnerability
7. Examples of Some Vulnerabilities that Are Not Always Obvious
8. What is a Control
9. What is the Likelihood
10. What is the Impact
11. Control Effectiveness
12. Risk Management
13. Reference Documents
14. NIST SP 800-39 Risk Context
15. Purpose of Risk Management

7. Module 1 - Section 5 Methodologies:
1. Options
2. Ethical Hacking Methodologies
3. Penetration Testing Methodologies
4. OSSTMM
5. OSSTMM - The Trifecta
6. OSSTMM Combining Trifecta and 4PP
7. NIST SP-800-115
8. NIST SP-800-115 Cont...
9. ISSAF Four Phases
10. ISSAF Diagram
11. PTES
12. Methodology for Penetration Testing
13. So Which One
14. Not Just Tools
15. Module 1 Review
16. Module 1 Quiz

8. Module 2 - Linux Fundamentals:
1. Linux Fundamentals
2. Where are We
3. Overview

9. Module 2 - Section 1 Core Concepts:
1. What is Linux
2. Linus + Minix = Linux
3. GNU
4. Linux GUI Desktops
5. Top 10 Latest GUI Releases
6. Distributions
7. Resources

10. Module 2 - Section 2 The Shell and other items you need to know:
1. Shell
2. Linux Shell
3. Linux Bash Shell
4. File System Structure
5. File System Structure Cont...
6. File System Structure Cont...
7. Mounting Drives with Linux
8. Tarballs and Zips
9. Compiling Programs in Linux
10. Iptables
11. Iptables Cont...
12. IP Forwarding

11. Module 2 - Section 3 Managing Users:
1. Accounts and Groups
2. Password & Shadow File Formats
3. Password & Shadow File Formats Cont...
4. Accounts and Groups
5. User Account Management
6. Changing a User Account Password
7. Root Account
8. Linux and Unix Permissions
9. Linux and Unix Permissions Cont...
10. Linux and Unix Permissions Cont...
11. Linux and Unix Permissions Cont...

12. Module 2 - Section 4 Basic Commands:
1. Network Config
2. Where is my C Drive
3. Mounting CD
4. Manage Directories and Files
5. Module 2 Review
6. Module 2 Quiz

13. Module 3 - Protocols:
1. Protocols
2. Where are We
3. Overview

14. Module 3 - Section 1 Network Models:
1. Network Models
2. OSI Model
3. Layer 7 Application
4. Layer 6 Presentation
5. Layer 5 Session
6. Layer 4 Transport
7. Layer 3 Network
8. Layer 2 Data Link
9. Layer 1 Physical
10. TCPIP
11. Layer 4 Application Layer
12. Layer 3 Transport Layer
13. Layer 2 Internet Layer
14. Layer 1 Network Interface Layer
15. OSITCP IP

15. Module 3 - Section 2 Protocols & Services:
1. Protocols at Each OSI Model Layer
2. Ports and Protocols
3. TCP vs UDP
4. TCP Packet Content
5. UDP Packet Content
6. Three Way Handshake
7. TCP Flags
8. ARP
9. ARP Process
10. ICMP
11. ICMP Messages
12. DNS
13. DNS Insecurities
14. SNMP
15. SNMP Insecurities
16. SMTP
17. SMTP Insecurities
18. LDAP
19. LDAP Insecurities
20. Services to Consider
21. Module 3 Review
22. Module 3 Quiz
23. Cryptography
24. Where are We
25. Overview
26. Cryptographic Definitions
27. Cryptographic Definitions Cont...
28. A Few More Definitions
29. Cryptography Usage
30. Types of Cryptographic Algorithms
31. EncryptionDecryption Methods
32. Symmetric Cryptography - Use of Secret Keys
33. Symmetric Encryption
34. Symmetric Keys
35. Stream Cipher & Block Cipher
36. Symmetric Cipher - Stream Cipher
37. XOR Encryption Process
38. Stream Cipher Modes
39. Strength of a Stream Cipher
40. Symmetric Cipher - Block Cipher
41. S-Boxes Used in Block Ciphers
42. Block Cipher Modes
43. Block Ciphers - ECB
44. Block Cipher - CBC
45. CBC Mode
46. Block Cipher Modes - CFB and OFB
47. CTR Mode
48. Symmetric Algorithms - DES
49. Evolution of 3DES
50. Symmetric Cipher - AES
51. Other Symmetric Algorithms

16. Module 4 -Section 3 Asymmetric Encryption:
1. Asymmetric Cryptography
2. Asymmetric Encryption
3. When to Use Which Key
4. Asymmetric
5. Key Exchange
6. Diffie-Hellman
7. Asymmetric Algorithm - RSA
8. Asymmetric Algorithms - El Gamal and ECC
9. Public Key Cryptography Advantages
10. Asymmetric Algorithm Disadvantages
11. Symmetric versus Asymmetric
12. Example of Hybrid Cryptography
13. Digital Signatures
14. Digital Signature

17. Module 4 - Section 4 Hashing:
1. Hashing Algorithms
2. Protecting the Integrity of Data
3. Data Integrity Mechanisms
4. Security Issues in Hashing
5. Simple MAC
6. Weakness in Using Only Hash Algorithms
7. HMAC - Sender
8. HMAC - Receiver
9. QKD
10. QKD Cont...
11. Link versus End-to-End Encryption
12. End-to-End Encryption
13. Network Layer Protection
14. IPSec Key Management
15. IPSec Handshaking Process
16. SAs in Use
17. IPSec is a Suite of Protocols
18. IPSec Datagrams
19. SSLTLS Hybrid Encryption
20. SSH Security Protocol
21. E-mail Standards
22. Encrypted Message
23. Secure E-mail Standard

18. Module 4 - Section 6 Crypto Attacks:
1. Theoretical Cryptanalysis
2. Theoretical Cryptanalysis Cont...
3. Theoretical Cryptanalysis Cont...
4. Birthday Attack
5. Example of a Birthday Attack
6. Applied Cryptanalysis
7. Applied Cryptanalysis Cont...
8. Applied Cryptanalysis Cont...
9. Applied Cryptanalysis Cont...
10. Module 4 Review
11. Module 4 Quiz
12. Password Cracking
13. Where are We
14. Overview

19. Module 5 - Section 1 What and Why:
1. Why it is kind of a no brainer!
2. Password Cracking Strategy
3. Password Cracking Strategy Cont...
4. Password Cracking Strategy Cont...
5. Cracking Techniques
6. Password Guessing
7. Password Cracking LMNTLM Hashes
8. Syskey Encryption
9. Rainbow Tables
10. GPU andor CPU for Password Cracking
11. Cain and Abel's Cracking Methods
12. Rainbow Tables Limitations
13. Password Salting
14. Password Salting Cont...
15. NTPASSWD Hash Insertion Attack
16. Password Sniffing
17. Mimikatz
18. A Few other Common Tools

20. Module 5 - Section 3 Countermeasures:
1. Implement General Password Policies that Work!
2. Consider Something Better
3. Understand the Windows Authentication Protocols
4. Security Items to Consider
5. Security Items to Consider Cont...
6. Module 5 Review
7. Module 5 Quiz
8. Malware
9. Where are We
10. Overview
11. Denial of Service
12. Distributed Denial of Service
13. Distributed Denial of Service Cont...
14. Denial of Service Impact
15. DoS Attack Symptoms
16. Digital Attack Map A Global Threat Visualization
17. DoS Attack Methods
18. BOTNET
19. Botnet Ecosystem
20. BOTNET Propagation
21. BOTNET Tools
22. DoSDDoS Attack Tools
23. High Orbit Ion Canon (HOIC)
24. DoS Attack Detection
25. DoS Detection - Activity Profiling
26. DoS Detection Sequential Change Point Detection
27. DoS Detection - Wavelet Analysis
28. DoSDDoS Countermeasures
29. Botnet Countermeasures
30. Advanced DoSDDoS Protection Tools
31. Advanced DDoS Protection Methods
32. What is a Virus
33. How it works
34. What they do
35. Types of Viruses
36. Types of Viruses Cont...
37. Types of Viruses Cont...
38. Types of Viruses Cont...
39. Types of Viruses Cont...
40. Stealth Strategies
41. How do you get Infected
42. DNS Changer Virus
43. Melissa Virus
44. Worms
45. How bad is it
46. Storm Worm
47. Stuxnet
48. conficker
49. Trojans and Backdoors
50. Distributing Malware
51. Malware Capabilities
52. Trojan Types
53. Netcat
54. Netcat Switches
55. Remote Access Trojan (RAT) Components
56. Meet Zberb
57. Executable Wrappers
58. Avoiding Detection
59. REFUD
60. Today's Wrappers
61. Malware Countermeasures
62. Malware Reference www.BleepingComputer.com
63. Monitoring Autostart Methods
64. Port Monitoring Software
65. File Protection Software
66. SigCheck
67. Hardware-based Malware Detectors
68. User Education

21. Module 6 - Section 4 Ransomware:
1. Ransomware
2. Famous Ransomware
3. Famous Ransomware
4. Ransomware and Cryptocurrency
5. Module 6 Review
6. Module 6 Quiz
7. Security Devices
8. Where are We
9. Overview
10. Introduction
11. Switching and Routing
12. Switch Security
13. Router Security
14. Router Security Cont...
15. VLAN
16. VLAN Cont...
17. Proxy, NAT, PAT

22. Module 7 - Section 2 Security Appliances:
1. Firewall
2. Next Generation Firewall
3. DMZ
4. IDS
5. IDS Cont...
6. IPS
7. IPS Cont...
8. SIEM
9. SIEM Capabilities
10. Module 7 Review
11. Module 7 Quiz
12. Information Gathering - Reconnaissance-Passive (External Only)
13. Where are We
14. Overview
15. What is it
16. Open-Source Intelligence (OSINT)
17. Why do we do it
18. What do we want
19. What do we want Cont...
20. What do we want Cont...
21. What do we want Cont...
22. Where
23. Where Do We Find This Information
24. Domain Name Registration
25. WHOIS
26. DNS Databases
27. Using Nslookup
28. Username Searches
29. eMail Address Searches
30. People Search Engines
31. Business Search Engines
32. Web Server Info Tool Netcraft
33. Internet Archive The WayBack Machine
34. Job Postings
35. Blogs & Forums
36. Shodan
37. Google Hacking
38. GHDB

23. Module 8 - Section 3 Are there tools to help:
1. Maltego - Clear Leader
2. Maltego - Clear Leader Cont...
3. Recon-ng
4. Recon-ng Cont...
5. theharvester
6. FirecatKromcat
7. Module 8 Review
8. Module 8 Quiz
9. Social Engineering
10. Where are We
11. Overview
12. Vulnerable Human Behavior
13. Organization Vulnerabilities
14. Human Based Social Engineering
15. Human Based Social Engineering Cont...
16. Social Engineering Techniques
17. Social Engineering Gaps
18. Computer Based Social Engineering
19. Social Network Lookup httpnamechk.com
20. Impact of Social Engineering
21. Social Media Protection
22. Identity Theft and PII
23. Identity Theft and PII Protection
24. Identity Theft and PII Protection Cont...

24. Module 9 - Section 2 Phishing Scams:
1. Phishing
2. Spear Phishing
3. Whaling Attacks
4. Recent Successful Whaling Attacks
5. Whaling Mitigation
6. Phishing Protection
7. Module 9 Review
8. Module 9 Quiz
9. Reconnaissance-Active Scanning-Enumeration
10. Where are We
11. Overview
12. Where are we in the Process
13. What is it
14. What are we looking for
15. Methods of Obtaining Information
16. Physical Access
17. Social Access Covered in Module 9
18. Introduction to Port Scanning
19. Which Services use which Ports
20. Legalities
21. Port Scan Tips
22. Port Scans Should Reveal�
23. Comparison of Models
24. Types of Scans
25. TCPIP Suite
26. TCP Flags
27. TCP 3-Way Handshake
28. TCP Connect Port Scan
29. Half-open Scan (SynScan)
30. Firewalled Ports
31. UDP versus TCP
32. UDP Port Scan
33. Popular Port Scanning Tools
34. Stealth Online Ping
35. Online Tools
36. Fing & Fing Mobile
37. Solarwinds Port Scanner
38. Hping3
39. Hping3 Cont...
40. P0f
41. NMAP Is the Host online
42. ICMP Disabled
43. NMAP TCP Connect Scan
44. NMAP
45. Tool Practice TCP Half-open & Ping Scan
46. NMAP Service Version Detection
47. Additional NMAP Scans
48. Saving NMAP Results
49. NMAP UDP Scans
50. Introduction
51. Why Banner Grabbing
52. Banner Grabbing Tools
53. Banner Grabbing Tools - ID Serve
54. Banner Grabbing Tools - Netcraft
55. Banner Grabbing Tools - Netcat
56. Banner Grabbing Tools - Telnet
57. Practice Banner Grabbing with Telnet
58. Banner Grabbing Tools - NMAP

25. Module 10 - Section 5 Enumeration:
1. Enumeration
2. Services to Enumerate
3. SNMP
4. LDAP
5. NTP
6. SMTP
7. DNS
8. Module 10 Review
9. Module 10 Quiz
10. Vulnerability Assessment
11. Where are We
12. Overview
13. Review from CSP+
14. What is a Vulnerability Assessment (VA)
15. Benefits of a Vulnerability Assessment
16. Types of Vulnerability Assessments
17. How do we know about Vulnerabilities
18. Typical Vulnerability Assessment Process
19. Choosing the Right Tool
20. Different Types of Tools
21. The List
22. Network Based Tools Comparison
23. Application Based Tools Comparison

26. Module 11 - Section 3 Testing InternalExternal Systems:
1. It starts here!
2. Enumeration
3. Detection
4. Additional Details
5. Easily Exploitable Vulnerabilities
6. Module 11 Review
7. Module 11 Quiz
8. Network Attacks
9. Where are We
10. Overview
11. Packet Sniffers
12. Example Packet Sniffers
13. Tool Pcap & WinPcap
14. Tool Wireshark
15. TCP Stream Re-assembling
16. tcpdump & windump
17. TCP Dump Examples
18. Sniffer Detection using Cain & Abel
19. Passive Sniffing
20. Active Sniffing
21. Active Sniffing Methods
22. Switch Table Flooding
23. ARP Cache Poisoning
24. ARP Normal Operation
25. ARP Cache Poisoning
26. Technique ARP Cache Poisoning (Linux)
27. MAC Spoofing
28. DNS Poisoning
29. Source Routing
30. Advertise Bogus Routes
31. Rogue DHCP
32. Tool Cain and Abel
33. Ettercap
34. Linux Tool Set Dsniff Suite
35. What is DNS Spoofing
36. Tools DNS Spoofing
37. Breaking SSL Traffic
38. Breaking SSL Traffic Cont...
39. URL Obfuscation
40. Intercepting VoIP
41. Countermeasures
42. Countermeasures Cont...
43. Countermeasures for Sniffing

27. Module 12 - Section 2 Hijacking:
1. Session Hijacking
2. Session Hijacking Cont...
3. Contributors to Session Hijacking
4. Impact of Session Hijacking
5. Session Hijacking Techniques
6. Brute Force Attack
7. Stealing and Calculating Session IDs
8. Session Hijacking Process
9. Types of Session Hijacking
10. Application-level Session Hijacking
11. Predicting Session Token
12. Man-in-the-Middle Attacks
13. Client-side Attacks
14. Man-in-the-Browser Attacks
15. Session Sniffing
16. Cross-site Script Attacks
17. Network-level Session Hijacking
18. TCPIP Hijacking
19. Session Hijacking Tools
20. Burp Suite
21. Session Hijacking Tools
22. Protecting against Session Hijacking
23. Protecting against Session Hijacking Cont...
24. Protecting against Session Hijacking Cont...
25. Protecting against Session Hijacking - Web Users
26. Module 12 Review
27. Module 12 Quiz
28. Hacking Servers
29. Where are We
30. Overview
31. Servers, what are they good for
32. Know the OS
33. Know How it is Used
34. Find the Exploit
35. What is an Exploit
36. Exploit Development
37. Exploit Development Cont...
38. Exploit-db
39. Search Exploit-db
40. Metasploit
41. Metasploit Cont...
42. Understanding Metasploit
43. Hands on Metasploit
44. Core Impact
45. SaintExploit at a Glance

28. Module 13 - Section 4 Testing InternalExternal Systems:
1. It starts here!
2. External Systems
3. Outside of Possible Evasion Techniques
4. Internal Systems
5. Inside out Possible Evasion Techniques
6. Client-Side Attacks
7. Physical Access Attacks
8. Module 13 Review
9. Module 13 Quiz
10. Assessing and Hacking Web Technologies
11. Where are We
12. Overview
13. OWASP Top 10
14. A1 - Injection
15. A2 - Broken Authentication
16. A3 - Sensitive Data Exposure
17. A4 - XML External Entities (XXE)
18. A5 - Broken Access Control
19. A6 - Security Misconfiguration
20. A7 - Cross-Site Scripting
21. A8 - Insecure Deserialization
22. A9 - Using Components with Known Vulnerabilities
23. A10 - Insufficient Logging and Monitoring
24. Introduction
25. SQL Injection Attack Characters
26. SQL Injection Methodology
27. SQL Injection Attacks
28. Types of SQL Injection
29. Blind SQL Injection
30. Simple SQL Injection Attack
31. Union & Error Based SQL Injection
32. SQL Injection Tools
33. SQL Injection Tools Cont...
34. SQL Injection Tools Cont...
35. SQL Injection Detection Tool
36. SQL Injection Detection Tool Cont...
37. SQL Injection Detection Tool Cont...
38. SQL Injection Detection Tool Cont...

29. Module 14 - Section 3 XSS:
1. Cross-Site Scripting (XSSCSS)
2. Introduction to Cross-Site Scripting
3. Type of XSS
4. Stored XSS or PersistentType I
5. Reflected XSS (Non-Persistent or Type II)
6. DOM Based XSS (Type-0)
7. Server XSS
8. Client XSS
9. XSS Types in the Matrix
10. Test for XSS Vulnerability
11. Code Review
12. Web Application Security Scanners
13. Testing
14. Module 14 Review
15. Module 14 Quiz
16. Hacking Wireless Networks
17. Where are We
18. Overview
19. 802.11 Wireless Background Information
20. Wireless LAN (WLAN)
21. Standards Comparison
22. Basic Items SSID (Service Set Identity)
23. Basic Items MAC Filtering
24. Encryption Protocols
25. Wireless Security Wired Equivalent Privacy
26. WEP
27. WEP Weak IV Packets
28. WEP Weaknesses
29. Wireless Security Wi-Fi Protected Access
30. How WPA Improves on WEP
31. Temporal Key Integrity Protocol (TKIP)
32. WPA (TKIP Flow Chart)
33. The WPA MIC Vulnerability
34. WPA-PSK Encryption
35. Wireless Security 802.11i - WPA2
36. Wireless Security 802.11i - WPA2 Cont...
37. WPA and WPA2 Mode Types
38. WPA2 (AES Encryption)
39. 4-Way Handshake AES-CCMP - WPA2
40. WPA2 Weaknesses
41. Wireless Security WPA3
42. WPA3 Improvements
43. WPA3 Improvements Cont...
44. WPA3 Improvements Cont...
45. Wi-Fi Protected Setup
46. Authentication
47. Open Authentication
48. Shared Key Authentication
49. EAP Authentication
50. MAC Address Authentication
51. Bluetooth
52. Bluetooth Cont...
53. Bluetooth Protocol Stack
54. The Pairing Process
55. Basics of Bluetooth Security
56. Basics of Bluetooth Security Cont...
57. Bluetooth Security
58. Overview of Smartphones Communication
59. Risks and Threats Mobile Devices
60. Risks and Threats Mobile Devices Cont...
61. IoT Risks and Threats
62. Wireless Hardware Needed
63. Aircrack-ng Suite Used for both WEP and WPA
64. Airodump-ng Used for both WEP and WPA
65. Aireplay Used for both WEP and WPA
66. Aircrack-ng Used for both WEP and WPA
67. Wesside-ng Used for both WEP and WPA
68. Kismet
69. Wireshark
70. coWPAtty
71. NetStumbler This Product has not been updated in some time
72. Other Notable Tools
73. Bluetooth Equipment
74. Bluetooth Tools
75. Bluetooth Tools Cont...
76. DOS DeauthDisassociation Attack
77. Attacking WEP
78. Attacking WPA
79. Attacking WPA2
80. Attacking WPA2 via LinuxAndroid
81. Attacking WPA2 via LinuxAndroid Cont...
82. Recon Bluetooth
83. Attacking Bluetooth
84. Bypassing Smartphone Security

30. Module 15 - Section 5 Countermeasures:
1. Umm, Patching
2. Require Network Authentication 802.1X EAP Types
3. Comparing 802.1X Authentication Methods
4. EAPTLS Deployment
5. Wireless Intrusion Detection
6. MobileIoT Areas to Consider
7. MobileIoT Device Security
8. MobileIoT Device Security Cont...
9. MobileIoT Application Security
10. MobileIoT Application Security Cont...
11. Mobile Device Connections to Secure
12. Hardening the Devices
13. Is IoT Any Different
14. Security Areas that Apply to IoT
15. General Hardening Recommendations for IoT
16. Implement IoT Standards
17. Mobile Deployment Models
18. BYOD IssuesConcerns
19. MobileIoT Initial Recommendations
20. Develop Internal Policies
21. Module 15 Review
22. Module 15 Quiz