0. Orientation

1. Footprinting & Scanning
2. Enumeration & System Hacking
3. Trojans and Backdoors & Sniffers
4. DOS & Social Engineering
5. Session Hijacking & Web Servers
6. Web Applications & Passwords
7. SQL injection &  Wireless
8. Viruses & Novell
9. Linux & Evasion
10. Buffer Overflows & Cryptology

You might want to look at these from the calendar  stand point to see the dates and times for class.

Please note: You will not be able to get files from the server unless you are a paid student and have been issued an account. So some links on this page will not work if you are a guest.

The steps below, the files, and links within, are numbered in order of what you will need to read and do. If this set of steps is unclear, please attend orientation for a walk-through.

00- Reading – The chapter in the book tracks to the class number. Two other source documents are here:

OSSTMM SP800-115

01-Mind map review for Note Cards, Terms and Process. For every term in the concepts section of the mindmap you should find a definition first from the book and second from your research. For every tool in the book you should make a notecard based upon Reconn Layer, Exploit Category, and Process.

02-Tool review

You must have the VMware structure in place to start labs. Every week and every class you will be assigned one tool to research, add to the database, and screen capture. Success of each student can be achieved on your own, but if we work together and meet our deadlines, we can see more tools in a shorter time than if we do it all on our own. Check in orientation for your tool assignment. Check the CEH forum for details. You should be able to discuss this tool’s function, place in the process, and comparison to other tools. The list of tools discussed this week:

18.  Linux Hacking

1. Cheops
2. Hunt
3. Nessus
4. Linux Rootkit V4 (LR4)
5. Nina p.
6. SARA (Security Auditor’s Research Assistant)
7. Xcrack
8. John the Ripper
9. Nmap
10. HPing2
11. LSOF
12. Netcat
13. Sniffit

19.  Evading IDS   Firewalls and Honeypots

03-Reports

As a professional you will be required to report your findings to management in a meaningful, actionable way. For each tool you must know how it fits with your original plan, the outcomes from its use, and what should be done to protect the environment from its use in the future.

04-Recording links are listed for your review of presentations. These are updated one week after the new class.

Recording ##

Recording ##

You can find these links and the class schedule here:http://www.expandingsecurity.com/about/events/

All content is copyright protected. Downloading or reviewing any material means you consent to the copyright restrictions placed on all works by the author. You are forbidden from using any of this material in the teaching of any class. You are only permitted to use this as a current student of Expanding Security. You are not permitted to copy or distribute these materials in any way.

Please note: You will not be able to get files from the server unless you are a paid student and have been issued an account. So some links on this page will not work if you are a guest.

The steps below, the files, and links within, are numbered in order of what you will need to read and do. If this set of steps is unclear, please attend orientation for a walk-through.

00- Reading – The chapter in the book tracks to the class number. Two other source documents are here:

OSSTMM SP800-115

01-Mind map review for Note Cards, Terms and Process. For every term in the concepts section of the mindmap you should find a definition first from the book and second from your research. For every tool in the book you should make a notecard based upon Reconn Layer, Exploit Category, and Process.

02-Tool review

You must have the VMware structure in place to start labs. Every week and every class you will be assigned one tool to research, add to the database, and screen capture. Success of each student can be achieved on your own, but if we work together and meet our deadlines, we can see more tools in a shorter time than if we do it all on our own. Check in orientation for your tool assignment. Check the CEH forum for details. You should be able to discuss this tool’s function, place in the process, and comparison to other tools. The list of tools discussed this week:

20.  Buffer Overflows

21.  Cryptography

• cryptool.exe

03-Reports

As a professional you will be required to report your findings to management in a meaningful, actionable way. For each tool you must know how it fits with your original plan, the outcomes from its use, and what should be done to protect the environment from its use in the future.

04-Recording links are listed for your review of presentations. These are updated one week after the new class.

Recording ##

Recording ##

You can find these links and the class schedule here:http://www.expandingsecurity.com/about/events/

All content is copyright protected. Downloading or reviewing any material means you consent to the copyright restrictions placed on all works by the author. You are forbidden from using any of this material in the teaching of any class. You are only permitted to use this as a current student of Expanding Security. You are not permitted to copy or distribute these materials in any way.

Please note: You will not be able to get files from the server unless you are a paid student and have been issued an account. So some links on this page will not work if you are a guest.

The steps below, the files, and links within, are numbered in order of what you will need to read and do. If this set of steps is unclear, please attend orientation for a walk-through.

00- Reading – The chapter in the book tracks to the class number. Two other source documents are here:

OSSTMM SP800-115

01-Mind map review for Note Cards, Terms and Process. For every term in the concepts section of the mindmap you should find a definition first from the book and second from your research. For every tool in the book you should make a notecard based upon Reconn Layer, Exploit Category, and Process.

02-Tool review

You must have the VMware structure in place to start labs. Every week and every class you will be assigned one tool to research, add to the database, and screen capture. Success of each student can be achieved on your own, but if we work together and meet our deadlines, we can see more tools in a shorter time than if we do it all on our own. Check in orientation for your tool assignment. Check the CEH forum for details. You should be able to discuss this tool’s function, place in the process, and comparison to other tools. The list of tools discussed this week:

16.  Viruses

1. Senna Spy

17.  Novell Hacking

03-Reports

As a professional you will be required to report your findings to management in a meaningful, actionable way. For each tool you must know how it fits with your original plan, the outcomes from its use, and what should be done to protect the environment from its use in the future.

04-Recording links are listed for your review of presentations. These are updated one week after the new class.

Recording ##

Recording ##

You can find these links and the class schedule here:http://www.expandingsecurity.com/about/events/

All content is copyright protected. Downloading or reviewing any material means you consent to the copyright restrictions placed on all works by the author. You are forbidden from using any of this material in the teaching of any class. You are only permitted to use this as a current student of Expanding Security. You are not permitted to copy or distribute these materials in any way.

Please note: You will not be able to get files from the server unless you are a paid student and have been issued an account. So some links on this page will not work if you are a guest.

The steps below, the files, and links within, are numbered in order of what you will need to read and do. If this set of steps is unclear, please attend orientation for a walk-through.

00- Reading – The chapter in the book tracks to the class number. Two other source documents are here:

OSSTMM SP800-115

01-Mind map review for Note Cards, Terms and Process. For every term in the concepts section of the mindmap you should find a definition first from the book and second from your research. For every tool in the book you should make a notecard based upon Reconn Layer, Exploit Category, and Process.

02-Tool review

You must have the VMware structure in place to start labs. Every week and every class you will be assigned one tool to research, add to the database, and screen capture. Success of each student can be achieved on your own, but if we work together and meet our deadlines, we can see more tools in a shorter time than if we do it all on our own. Check in orientation for your tool assignment. Check the CEH forum for details. You should be able to discuss this tool’s function, place in the process, and comparison to other tools. The list of tools discussed this week:

14.  SQL Injection

15.  Hacking Wireless Networks

1. Airsnort
2. Kismet
3. WEPCrack
4. MAC Sniffing & AP Spoofing
5. NetStumbler
6. AiroPeek

03-Reports

As a professional you will be required to report your findings to management in a meaningful, actionable way. For each tool you must know how it fits with your original plan, the outcomes from its use, and what should be done to protect the environment from its use in the future.

04-Recording links are listed for your review of presentations. These are updated one week after the new class.

Recording ##

Recording ##

You can find these links and the class schedule here:http://www.expandingsecurity.com/about/events/

All content is copyright protected. Downloading or reviewing any material means you consent to the copyright restrictions placed on all works by the author. You are forbidden from using any of this material in the teaching of any class. You are only permitted to use this as a current student of Expanding Security. You are not permitted to copy or distribute these materials in any way.

Please note: You will not be able to get files from the server unless you are a paid student and have been issued an account. So some links on this page will not work if you are a guest.

The steps below, the files, and links within, are numbered in order of what you will need to read and do. If this set of steps is unclear, please attend orientation for a walk-through.

00- Reading – The chapter in the book tracks to the class number. Two other source documents are here:

OSSTMM SP800-115

01-Mind map review for Note Cards, Terms and Process. For every term in the concepts section of the mindmap you should find a definition first from the book and second from your research. For every tool in the book you should make a notecard based upon Reconn Layer, Exploit Category, and Process.

02-Tool review

You must have the VMware structure in place to start labs. Every week and every class you will be assigned one tool to research, add to the database, and screen capture. Success of each student can be achieved on your own, but if we work together and meet our deadlines, we can see more tools in a shorter time than if we do it all on our own. Check in orientation for your tool assignment. Check the CEH forum for details. You should be able to discuss this tool’s function, place in the process, and comparison to other tools. The list of tools discussed this week:

12.  Web Application Vulnerabilities

13.  Web Based  Password Cracking Techniques

1. WinSSLMiM
2. Brutus
3. ObiWan
4. Munga Bunga
5. Dictionary Maker
6. PassList
7. ReadCookies.html
8. WebCracker
9. Revelation

03-Reports

As a professional you will be required to report your findings to management in a meaningful, actionable way. For each tool you must know how it fits with your original plan, the outcomes from its use, and what should be done to protect the environment from its use in the future.

04-Recording links are listed for your review of presentations. These are updated one week after the new class.

Recording ##

Recording ##

You can find these links and the class schedule here:http://www.expandingsecurity.com/about/events/

All content is copyright protected. Downloading or reviewing any material means you consent to the copyright restrictions placed on all works by the author. You are forbidden from using any of this material in the teaching of any class. You are only permitted to use this as a current student of Expanding Security. You are not permitted to copy or distribute these materials in any way.

Please note: You will not be able to get files from the server unless you are a paid student and have been issued an account. So some links on this page will not work if you are a guest.

The steps below, the files, and links within, are numbered in order of what you will need to read and do. If this set of steps is unclear, please attend orientation for a walk-through.

00- Reading – The chapter in the book tracks to the class number. Two other source documents are here:

OSSTMM SP800-115

01-Mind map review for Note Cards, Terms and Process. For every term in the concepts section of the mindmap you should find a definition first from the book and second from your research. For every tool in the book you should make a notecard based upon Reconn Layer, Exploit Category, and Process.

02-Tool review

You must have the VMware structure in place to start labs. Every week and every class you will be assigned one tool to research, add to the database, and screen capture. Success of each student can be achieved on your own, but if we work together and meet our deadlines, we can see more tools in a shorter time than if we do it all on our own. Check in orientation for your tool assignment. Check the CEH forum for details. You should be able to discuss this tool’s function, place in the process, and comparison to other tools. The list of tools discussed this week:

10.  Session Hijacking

11.  Hacking Web Servers

1. Unicodeuploader.pl
2. cmdasp.asp
3. iiscrack.dll
4. ispc.exe
5. CleanllSLog
6. IISHackexe
7. IISxploit.exe
8. execiis-win32.exe

03-Reports

As a professional you will be required to report your findings to management in a meaningful, actionable way. For each tool you must know how it fits with your original plan, the outcomes from its use, and what should be done to protect the environment from its use in the future.

04-Recording links are listed for your review of presentations. These are updated one week after the new class.

Recording ##

Recording ##

You can find these links and the class schedule here:http://www.expandingsecurity.com/about/events/

All content is copyright protected. Downloading or reviewing any material means you consent to the copyright restrictions placed on all works by the author. You are forbidden from using any of this material in the teaching of any class. You are only permitted to use this as a current student of Expanding Security. You are not permitted to copy or distribute these materials in any way.

Please note: You will not be able to get files from the server unless you are a paid student and have been issued an account. So some links on this page will not work if you are a guest.

The steps below, the files, and links within, are numbered in order of what you will need to read and do. If this set of steps is unclear, please attend orientation for a walk-through.

00- Reading – The chapter in the book tracks to the class number. Two other source documents are here:

OSSTMM SP800-115

01-Mind map review for Note Cards, Terms and Process. For every term in the concepts section of the mindmap you should find a definition first from the book and second from your research. For every tool in the book you should make a notecard based upon Reconn Layer, Exploit Category, and Process.

02-Tool review

You must have the VMware structure in place to start labs. Every week and every class you will be assigned one tool to research, add to the database, and screen capture. Success of each student can be achieved on your own, but if we work together and meet our deadlines, we can see more tools in a shorter time than if we do it all on our own. Check in orientation for your tool assignment. Check the CEH forum for details. You should be able to discuss this tool’s function, place in the process, and comparison to other tools. The list of tools discussed this week:

8.  Denial of Service

9.  Social Engineering

1. None!
2. Special Assignment

03-Reports

As a professional you will be required to report your findings to management in a meaningful, actionable way. For each tool you must know how it fits with your original plan, the outcomes from its use, and what should be done to protect the environment from its use in the future.

04-Recording links are listed for your review of presentations. These are updated one week after the new class.

Recording ##

Recording ##

You can find these links and the class schedule here:http://www.expandingsecurity.com/about/events/

All content is copyright protected. Downloading or reviewing any material means you consent to the copyright restrictions placed on all works by the author. You are forbidden from using any of this material in the teaching of any class. You are only permitted to use this as a current student of Expanding Security. You are not permitted to copy or distribute these materials in any way.

Please note: You will not be able to get files from the server unless you are a paid student and have been issued an account. So some links on this page will not work if you are a guest.

The steps below, the files, and links within, are numbered in order of what you will need to read and do. If this set of steps is unclear, please attend orientation for a walk-through.

00- Reading – The chapter in the book tracks to the class number. Two other source documents are here:

OSSTMM SP800-115

01-Mind map review for Note Cards, Terms and Process. For every term in the concepts section of the mindmap you should find a definition first from the book and second from your research. For every tool in the book you should make a notecard based upon Reconn Layer, Exploit Category, and Process.

02-Tool review

You must have the VMware structure in place to start labs. Every week and every class you will be assigned one tool to research, add to the database, and screen capture. Success of each student can be achieved on your own, but if we work together and meet our deadlines, we can see more tools in a shorter time than if we do it all on our own. Check in orientation for your tool assignment. Check the CEH forum for details. You should be able to discuss this tool’s function, place in the process, and comparison to other tools. The list of tools discussed this week:

6.  Trojans and Backdoors

7.  Sniffers

1. Wireshark Ethereal
2. Macof, Mailsnarf, URLSnarf, Webspy
3. Snort
4. Ettercap
5. Windump
6. SMAC
7. Etherpeek
8. Mac Changer
9. Iris
10. NetIntercept
11. EtherFlood
12. dsniff
13. WinDNSSpoof

03-Reports

As a professional you will be required to report your findings to management in a meaningful, actionable way. For each tool you must know how it fits with your original plan, the outcomes from its use, and what should be done to protect the environment from its use in the future.

04-Recording links are listed for your review of presentations. These are updated one week after the new class.

Recording ##

Recording ##

You can find these links and the class schedule here:http://www.expandingsecurity.com/about/events/

All content is copyright protected. Downloading or reviewing any material means you consent to the copyright restrictions placed on all works by the author. You are forbidden from using any of this material in the teaching of any class. You are only permitted to use this as a current student of Expanding Security. You are not permitted to copy or distribute these materials in any way.

The steps below, the files, and links within, are numbered in order of what you will need to read and do. If this set of steps is unclear, please attend orientation for a walk-through.

00- Reading – The chapter in the book tracks to the class number. Two other source documents are here:

OSSTMM SP800-115

01-Mind map review for Note Cards, Terms and Process. For every term in the concepts section of the mindmap you should find a definition first from the book and second from your research. For every tool in the book you should make a notecard based upon Reconn Layer, Exploit Category, and Process.

02-Tool review

You must have the VMware structure in place to start labs. Every week and every class you will be assigned one tool to research, add to the database, and screen capture. Success of each student can be achieved on your own, but if we work together and meet our deadlines, we can see more tools in a shorter time than if we do it all on our own. Check in orientation for your tool assignment. Check the CEH forum for details. You should be able to discuss this tool’s function, place in the process, and comparison to other tools. The list of tools discussed this week:

4.  Enumeration

1. net view,  nbstat
2. Enum
3. DumpSec
4. NAT
5. GetAcct
6. SNMPutil
7. IP Network Browser
8. sid2user
9. user2sid
10. NBTscan

5.  System Hacking

1. IKS Software Keylogger
2. Legion
3. GetAdmin
4. WinZapper
5. hk.exe
6. Evidence Eliminator
7. makestrm.exe
8. ads_cat
9. eBlaster
10. RootKit
11. elsave.exe
12. SMBDie
13. NBTDeputy
14. dskprobe.exe
15. KerbCrack
16. LOphtcrack
17. SMB Grind
18. SMBRelay
19. John the Ripper
20. Spyware: Spector

03-Reports

As a professional you will be required to report your findings to management in a meaningful, actionable way. For each tool you must know how it fits with your original plan, the outcomes from its use, and what should be done to protect the environment from its use in the future.

Sample RFP from foundstone.

04-Recording links are listed for your review of presentations. These are updated one week after the new class.

Recording ##

Recording ##

You can find these links and the class schedule here:http://www.expandingsecurity.com/about/events/

All content is copyright protected. Downloading or reviewing any material means you consent to the copyright restrictions placed on all works by the author. You are forbidden from using any of this material in the teaching of any class. You are only permitted to use this as a current student of Expanding Security. You are not permitted to copy or distribute these materials in any way.