در دنیای مجازی همواره امکان نفوذ به شبکه و انواع سیستمهای کامپیوتری و ... وجود دارد و برای جلوگیری از بروز چنین اتفاقات زیانباری از جانب نفوذگران، باید با طرز تفکر، روشها، تکنیکها، ترفندها، ابزارهای مورد استفادهی هکران و بسیاری فرایندهای ضدنفوذ و ضدهک آشنا بود تا بتوان ایمنیهای لازم را پیادهسازی کرد. آموزشهای مربوط به مدرک هکر اخلاقی Certified Ethical Hacker (CEH)، کاربران گوناگونی که با امور امنیتی سر و کار دارند را با انواع رویکردها، تکنیکها، راهها، برنامهها، ابزارها و ترفندهای نفوذی هکران آشنا میکند. آموزش ارائه شده نسخهی هشتم و بصورت گامبهگام بوده و تمامی مفاهیم مورد نیاز را در حوزه و آزمون مربوطه پوشش داده است؛ موارد مهمی چون هک کردن سیستم، حملات شبکه، هک کردن برنامههای وب، رمزنگاری و... .
Welcome (4 min)
Keith shares some tips on how to get the most out of this course
Building a LAB: Concepts (6 min)
Keith provides an overview of how using a Hypervisor, such as VMware Workstation, can provide LAB VM connections to a live network, or an isolated virtualized network
Building a LAB: Networking (9 min)
Keith demonstrates how to configure networking in VMware Workstation, as part of a virtualized lab environment
Deploy a Kali Linux VM (14 min)
Keith demonstrates how to download, deploy, and update a Kali Linux VM as part of a lab test environment
Adding Metasploitable to Your Lab (11 min)
Keith describes and demonstrates downloading and deploying a vulnerable version of Ubuntu Linux, called Metasploitable, to your lab environment
Adding Windows to Your Lab (14 min)
Keith demonstrates how to document and verify the Windows computers that you may include as part of your lab. These may include both physical and/or virtual machines
Configure a Static IP on Kali (5 min)
Keith demonstrates one method of configuring a static IPv4 address on the Kali Linux Virtual Machine (VM)
Windows Evaluations (7 min)
Keith describes and demonstrates how you can get evaluation versions of popular Windows products for use in your lab. It is strongly recommended that you build your own lab, so you can practice and follow along as you build your skills
Deploy Windows 8.1 (15 min)
Keith demonstrates the installation and configuration of Windows 8.1 within VMware Workstation. For an evaluation license of Windows, please refer to the previous Nugget titled: Windows Evaluations
Deploy Windows 2012 (11 min)
Keith demonstrates the installation and configuration of Windows 2012 Server within VMware Workstation. For an evaluation license of Windows, please refer to the previous Nugget titled: Windows Evaluations
Deploy Windows 10 (7 min)
Keith demonstrates the installation and configuration of Windows 10 within VMware Workstation. For an evaluation license of Windows, please refer to the previous Nugget titled: Windows Evaluations
Deploy Windows 2016 (7 min)
Keith demonstrates the installation and configuration of Windows 2016 within VMware Workstation. For an evaluation license of Windows, please refer to the previous Nugget titled: Windows Evaluations
Ethics and Hacking (10 min)
Keith describes several classes of hackers, and explains how studying and following the code of ethics can assist you in keeping out of trouble
Hacking Vocabulary (6 min)
Keith walks you through valuable hacking terms to build your hacking vocabulary
InfoSec Concepts (5 min)
Understanding the concepts of Information Security (InfoSec) can assist you in looking for vulnerabilities and weakness in systems as part of ethical hacking
Attack Categories, Types, and Vectors (5 min)
In preparation for the demonstration of many attack tools, it is important to be familiar with the categories, types, and vectors that are associated with attacks. In this Nugget, Keith provides an overview of the categories, types, and vectors that are often used in attacks
Five Phases of Hacking (5 min)
Keith describes a 5-phase model for hacking
Footprinting and Reconnaissance Concepts (11 min)
Keith describes the ideas behind footprinting, what information might be collected, and methods for collecting that information. Demonstrations of several of the tools used for collection are in the following Nuggets
Search Engine Tools (8 min)
Keith reviews and demonstrates search engine tools that can be used in passive footprinting of a target
Hacking using Google (12 min)
Keith describes and demonstrates using additional operators within Google, for the purpose of gaining more footprinting information regarding targets. Please download the NuggetLab files, and do the homework Keith assigns in this Nugget
Website Recon Tools (13 min)
Keith demonstrates tools as examples of what can be used to extract data directly from a target's website
Metagoofil Metadata Tool (3 min)
Keith describes and demonstrates the use of Metagoofil to collect and extract metadata from pdf docs and other publicly available files, as well as how to create a report about a target company
Email Headers for Footprinting (5 min)
Keith demonstrates EmailTrackerPro, an example of a tool that can extract reconnaissance information from email headers
Using WHOIS for Recon (4 min)
Keith demonstrates using WHOIS in the command line and online services, as well as an application running on a PC
DNS Tools (12 min)
Keith demonstrates using Command Line Interface (CLI) and Graphical User Interface (GUI) tools to extract information from Domain Name System (DNS
Network Scanning Overview (3 min)
Keith describes the main objective and concepts for performing direct network scanning, as part of the second phase of hacking
Network Scanning Methodology (9 min)
Keith shares the 8-step network scanning methodology
Port Discovery (11 min)
Keith discusses and demonstrates the discovery of open ports, along with a few methods for finding them
Network Scanning Tools (3 min)
Keith assigns videos 13, 31, and 32 on the topics of Nmap, Scapy, and hping3, from the Penetration Testing with Linux Tools course
Stealth Idle Scanning (10 min)
Keith describes and demonstrates how an idle scan can be used to determine open ports on a host, without direct interaction with that host from the attacker's IP address
OS and Application Fingerprinting (10 min)
Knowing the specifics for the versions and flavors of an operating system and/or applications running on a host can lead to knowing which vulnerabilities may exist on that host. In this Nugget, Keith explains and demonstrates techniques, including banner grabbing, which can be used to collect that data
Vulnerability Scanning (8 min)
Having a tool that can identify a system's potential vulnerabilities is useful both to the network engineer and to the hacker. Keith demonstrates an example of a popular vulnerability assessment tool named Nessus. Practice what you learn in these Nuggets in your own home lab
Network Mapping Tools (5 min)
Having a utility that can dynamically create network topology diagrams can be useful for both the administrator and the hacker. Keith demonstrates a tool from Solarwinds called Network Topology Mapper
Proxy Servers (8 min)
Proxy services can be used to hide the attacker's address. In this Nugget, Keith explains how proxies can be chained together to increase the effectiveness of disguising the attacker
Using Public Proxy Services (6 min)
Using Internet-based proxy services is as easy as the tools that enable it. Keith demonstrates an example of how to use an Internet proxy
Enumeration Concepts (5 min)
Keith describes what enumeration does — and typical protocols used to provide that information
NetBIOS Enumeration (11 min)
Keith demonstrates gathering details provided through NetBIOS
SNMP Enumeration Concepts (10 min)
Keith discusses some of the security weaknesses in Simple Network Management Protocol (SNMP), and demonstrates the preparation of the lab environment for SNMP enumeration
SNMP Enumeration Tools (10 min)
Using the many tools for SNMP enumeration can be very useful for a hacker. In this Nugget, Keith demonstrates several GUI and CLI tools for extracting information from devices on the network
LDAP Enumeration Concepts (5 min)
Keith describes some defaults used by Lightweight Directory Access Control (LDAP), and demonstrates preparing the lab 2012 server to support it
LDAP Enumeration Example (7 min)
Keith demonstrates JXplorer, an LDAP enumeration tool.
NTP Enumeration (7 min)
Keith describes and demonstrates tools that can be used for learning more information about the network and topology using Network Time Protocol (NTP)
SMTP Enumeration (8 min)
Keith describes and demonstrates tools that can be used to perform enumeration leveraging the Simple Mail Transfer Protocol (SMTP)
System Hacking Overview (9 min)
Keith introduces the phases for "System Hacking," along with the goals and some of the tools used to accomplish those goals
Password Cracking Concepts (10 min)
Keith provides an overview of methods that can be used to compromise passwords on a system
Password Attack Example: MITM and Sniffing (13 min)
Keith explains and demonstrates using Cain and Abel to discover passwords that are sent in plain text
Rainbow Crack Lab Setup (8 min)
Keith walks you through modifying the lab and downloading tools in preparation for dumping the SAM database, generating a rainbow table and cracking a password
Rainbow Crack Demonstration (8 min)
Keith demonstrates dumping the SAM database, creating a rainbow table, and then cracking a password
Password Reset Hacking (8 min)
Keith explains and demonstrates booting from a CD to reset the password of a user account on a Windows system
DHCP Starvation (10 min)
Keith demonstrates how to perform a DHCP starvation attack, which could be used prior to implementing a rogue DHCP server. The attacker's DHCP server could then contain malicious options for the client, such as the attacker's IP address as default gateway and DNS server
Remote Access (15 min)
Keith demonstrates how an application that is run on a victim's computer can provide remote access for the attacker. This Nugget also demonstrates how tools can modify file attributes, in an attempt to cover the attacker's tracks
Spyware (9 min)
Keith describes and demonstrates how damaging malware, including spyware, can be on a system.
NTFS Alternate Data Streams Exploit (9 min)
Keith discusses and demonstrates how the NTFS Alternate Data Streams (ADS) can be abused by an attacker to hide malicious content
Steganography with OpenPuff (7 min)
Keith describes and demonstrates how the art of hiding a file, within another file (A.K.A. Steganography) can be used to hide files
Steganography with SNOW (5 min)
Keith demonstrates using the application of SNOW to hide secret messages as whitespace in a simple text document
Covering Tracks (7 min)
Keith describes and demonstrates how an attacker may manipulate auditing and log files, in an attempt to be undetected
Malware Overview (10 min)
Keith talks with you about the functions, types, and methods for installation that Malware can use
Trojan Overview (10 min)
Keith describes and demonstrates the concepts and use of trojan software
Creating a Trojan (11 min)
Keith demonstrates using the Social Engineering Toolkit (SET) to create, run, and verify a trojan
Virus Overview (13 min)
Keith discusses the characteristics, stages, and types of viruses
Virus Creation (8 min)
Keith demonstrates how to create a virus
Detecting Malware (17 min)
Keith describes how to and where to look when investigating malicious software that may be installed on your system
Malware Analysis (10 min)
Keith describes and demonstrates some methods to analyze Malware
Hash File Verification (8 min)
Keith demonstrates how to verify the data integrity of a downloaded file by performing a verification of the hash
Sniffing Overview (12 min)
Keith discusses some of the concepts, types, and methods used to "sniff" a computer network
CAM Table Attack and Port Security (10 min)
Keith demonstrates a Content Addressable Memory (CAM) table attack on a Layer 2 switch, along with how to protect against it using port security on the switch
DHCP Snooping (14 min)
Keith describes the problem of a malicious DHCP server — and how to solve it using DHCP snooping, a feature on a layer 2 Cisco switch
Dynamic ARP Inspection (DAI) (14 min)
Keith describes and demonstrates the use of Dynamic ARP Inspection (DAI) on a Cisco switch to prevent ARP poisoning
Social Engineering (15 min)
Keith discusses several methods, techniques, and phases used in social engineering, one of the most effective ways to compromise a system
Denial of Service (DoS) Attacks (19 min)
Keith describes several methods and categories of both Denial of Service (DoS) and Distributed DoS (DDoS) attacks
Session Hijacking (18 min)
Keith discusses methods and techniques used for session hijacking
Hacking Web Servers (10 min)
Keith discusses and demonstrates hacking a web server
Buffer Overflow (13 min)
Keith describes the concepts, risks, and countermeasures regarding buffer overflow attacks
OWASP Broken Web Application Project (13 min)
Keith demonstrates how OWASP's Broken Web Application VM can be downloaded and used to both learn about, and get hands-on experience with, the top web application security risks on the Internet today
Shellshock (6 min)
Keith describes the shellshock bash shell vulnerability
SQL Introduction (9 min)
Keith describes several fundamentals of Structured Query Language (SQL). Knowing this will assist you in better understanding SQL Injection attacks, which we address in the next Nugget
SQL Injection (16 min)
Keith discusses several methods and types of SQL injection attacks
Web App Vulnerabilities: WordPress (10 min)
Keith demonstrates enumeration and password cracking against WordPress, a popular blogging web application
Wireless Hacking (18 min)
Keith discusses wireless fundamentals, hacking, and best practices for WiFi
Using an Android VM (4 min)
Keith walks you through adding a Virtual Machine (VM) of an Android device to the lab network
Malware for Mobile (11 min)
Keith demonstrates creating and deploying a malicious app for the Android operating system
Mobile Device Risks and Best Practices (13 min)
Keith discusses security risks that are common to mobile devices, and some steps that can be taken to improve their security
Firewall Evasion (19 min)
Keith describes firewall methodologies, topologies, and how a hacker may evade the controls implemented in a firewall
Firewall ACL Example (15 min)
Keith walks through the process of how Access Control Lists (ACLs) can be used as a technical control on networking devices, such as a firewall
NAT and PAT fundamentals (11 min)
Keith discusses Network Address Translation (NAT) and Port Address Translation (PAT). Understanding how NAT and PAT can hide the internal and DMZ addresses from the Internet is useful for securing the network
IDS/IPS Evasion (17 min)
Keith provides an overview of how Intrusion Detection/Prevention Systems operate, and how attackers can attempt to bypass them
Honeypots (12 min)
Keith describes and demonstrates the use of a honeypot on a network
Cloud Computing (23 min)
Keith describes cloud services including security concerns
CIA: Confidentiality, Integrity, and Availability (3 min)
Keith discusses key factors regarding information security
Policies (9 min)
Keith discusses the policies that are created by senior management, and how they govern the use of controls in a system
Quantifying Risk (6 min)
Keith explores methods and formulas that can be used when calculating risk
Separation of Duties (13 min)
Keith discusses the administrative control known as Separation of Duties
Symmetrical Encryption Concepts (14 min)
Keith discusses methods and use cases for symmetrical encryption
Asymmetrical Encryption Concepts (16 min)
Keith discusses encryption technologies that use an asymmetrical key pair for cryptography
Control Types (11 min)
Keith explores various control types used to assist in protecting information systems and sensitive data
Multifactor Authentication (12 min)
Keith discusses the three different factors categories, and several examples of biometric authentication
Centralized Identity Management (13 min)
Maintaining thousands of user accounts is no small feat. In this Nugget, Keith explains several options for performing centralized user identity management
Kerberos and Single Sign On (SSO) (17 min)
Keith explores the methods that Microsoft's Active Directory uses Kerberos for Single Sign On (SSO). Methods to improve the security of a SSO system are also included in this Nugget
Backups and Media Management (9 min)
Keith discusses backups with an eye toward having reliable methods to restore data, as well as protecting the data that is backed up
Operations Security Controls (14 min)
Keith provides explanations and examples of control types used in operational security, along with their functions
Physical Security Controls (11 min)
Keith describes several physical security controls that can be used by a company for their security or bypassed by the hacker to evade the security measures
Incident Response (12 min)
Keith explores several items that should be part of an incident response plan
VPNs (21 min)
Keith describes the types and technologies used for virtual private networking
Disaster Recovery Planning (13 min)
Keith discusses the concepts of disaster recovery (DR) and business continuity (BC)
Pen Testing Tips (10 min)
Keith shares a few recommendations to help keep you out of trouble when performing penetration testing
Useful Tools (11 min)
Keith points out a few categories, and demonstrates examples of useful tools in network and system analysis, as well as hacking
Case Study (21 min)
Keith introduces and reviews several security-related concepts regarding apps, policies, and IDS/IPS
Additional Resources and Exam Prep (8 min)
Keith shares some additional resources that can be used to improve your skills and knowledge, as well as where to go for the latest requirements regarding certification from EC-Council