503.1 – Defensible Security Architecture and Engineering
فهرست مطالب کتاب 503.1 – Defensible Security Architecture and Engineering:
Defensible Security Architecture
Traditional Security Architecture Deficiencies
Winning Defensible Security Techniques
Security Models
Threat, Vulnerability, and Data Flow Analysis
EXERCISE: Egress Analysis
Physical Security
Wireless
Layer 2 Attacks and Mitigations
EXERCISE: Identifying Layer 2 Attacks
Private VLANs
Switch and Router Best Practices
Network Flow
EXERCISE: Architecting for Flow Data
1 Summary
504.1 – Incident Handling Step-by-Step and Computer Crime Investigation
فهرست مطالب کتاب 504.1 – Incident Handling Step-by-Step and Computer Crime Investigation:
Roadmap and Overview
Incident Handling Process
Preparation
Identification
Cheat Sheets
LAB 1.1: Windows Cheat Sheet
Containment
Eradication
Recovery
Lessons Learned
Enterprise-Wide IR
LAB 1.2: Enterprise-Wide Identification and Analysis
Espionage
Unauthorized Use
Insider Threats
Legal Issues and Cybercrime Laws
LAB 1.3: IR Tabletop
Appendix A: Intro to VMware and LinuxWorkshop
504.2 – Computer and Network Hacker Exploits Part 1
فهرست مطالب کتاب 504.2 – Computer and Network Hacker Exploits Part 1:
Purpose of This Course
General Trends
Step 1: Reconnaissancе
Open-Source Intelligence (OSINT)
LAB 2.1: OSINT with SpiderFoot
DNS Interrogation
Website Searches
Search Engines as Recon Tools
Maltego Recon Suite
Web-Based Recon and Attack Sites
Step 2: Scanning
War Dialing
Step 2: Scanning (Continued)
War Driving
LAB 2.2: Wireless LAN Discovery
Network Mapping with Nmap
Port Scanning with Nmap
LAB 2.3: Nmap
Evading IDS/IPS
Vulnerability Scanning with Nessus
LAB 2.4: Nessus Scan Analysis
SMB Sessions
LAB 2.5: SMB Sessions
504.3 – Computer and Network Hacker Exploits Part 2
فهرست مطالب کتاب 504.3 – Computer and Network Hacker Exploits Part 2:
Physical Access Attacks
Multipurpose Netcat
LAB 3.1: Netcat’s Many Uses
Network Sniffing
LAB 3.2: ARP and MACAnalysis
Hijacking Attacks
LAB 3.3: Responder
Buffer Overflows
Metasploit
Protocol and File Parser Problems
Endpoint Security Bypass
LAB 3.4: Metasploit Attack and Analysis
504.4 – Computer and Network Hacker Exploits Part 3
فهرست مطالب کتاب 504.4 – Computer and Network Hacker Exploits Part 3 :
Step 3: Exploitation (Continued)
Password Attacks Overview
Understanding Password Hashes
Password Cracking
LAB 4.1: John the Ripper
LAB 4.2: Hashcat
Pass-the-Hash Attacks
Worms and Bots
LAB 4.3: BeEF for Browser Exploitation
Web App Attacks
Open Web Application Security Project (OWASP)
Account Harvesting
Command Injection
SQL Injection
Cross-Site Scripting
LAB 4.4:Cross-Site Scripting and SQL Injection
Attacking Web App State Maintenance
Denial of Service
DNS Amplification Attacks
Distributed Denial-of-Service Attacks
LAB 4.5: Counting Resources to Evaluate DoS Attacks
504.5 – Computer and Network Hacker Exploits Part 4
فهرست مطالب کتاب504.5 – Computer and Network Hacker Exploits Part 4:
Step 4: Keeping Access
Application-Level Trojan Horse Suites
Virtual Network Computing Overview
Common Remote Control Backdoor Capabilities
Wrappers and Packers
Memory Analysis
LAB 5.1:Windows Analysis with Rekall
Rootkit Techniques
Kernel-Mode RootkitTechniques
Rootkit Examples
LAB 5.2: Fun with Rootkits
Covering Tracks In Linux Ln and UNIX
Hiding Files in UNIX
UNIX Log Editing Ed
nting E Editing
LAB 5.3: Shell HistoryAnalysis
Covering Tracks in Windows
Hiding Filles in NTFS
Alternate Data Streams in NTFS
LAB 5.4: Alternate Data Streams
Log Editing