CS计算机代考程序代写 AWS chain flex Hive IOS Ethical Hacking

Ethical Hacking

Ethical Hacking
Introduction

Why Hacking
Definition: Hacking is an attempt to exploit a computer system or a private network inside a computer, unauthorised access to or control over computer network security systems illegally.

Ethical hacking: better known as “penetration testing,” involves purposeful “hacking” into a computer network by a qualified person for purposes of testing a system’s security.

Zodiac 340 Cipher, cracked after 50+ years, https://www.zodiacciphers.com/340-cipher.html

Movie Watch List
this glitch kills everyone in orgrimmar

Real life Catch Me If You Can

Threat Analysis The Bangladesh Bank Heist

STUXNET_ The Virus that Almost Started WW3
https://www.youtube.com/watch/7g0pi4J8auQ
British Airways hack

Classic Vulnerabilities

MS Blaster /MS RPC
CVE-2003-0352

Heart Bleed / OpenSSL leakage
CVE-2014-0160

Classic Vulnerabilities
Linux Kernel Priv. Escalation
CVE-2016-5195
Sudo Vulnerability
CVE-2021-3156

Classic Vulnerabilities
Eternal Blue, SMB
CVE-2017-0144
Citrix NetScaler VPN
CVE-2019-19781

Classic Vulnerabilities
Chinese Tax software (金税)
2020
SolarWinds Orient Sunburst
2020

Classic Vulnerabilities
iOS jailbreak
mac high sierra root no password login
CVE-2017-13872

Why Ethical

Hacker Hats:
SAME SKILL, DIFFERENT HATS
White Hat: ethical hackers, (blue team / red team)
Black hat: destructive, criminals
Grey hat: insider ( the greatest threat)

EH and other courses+
Will cover pre-requirements in lab 0

Fundamental

OperationSystems

Medium

Shell Programming

Advanced

ReverseEngineering

Networking

InformationSystem

Compliance

Mathematics

Programming

Ethical Hacking
SecurityMonitoring
SecurityDeveloping

PenetrationTesing
DigitalForensic
ThreatIntelligent

What did others feel about this course
変態エロh
分數?很想要吧(゚∀゚☜)
I feel GG everyday!
OH..NO
Me: Give me a GF.
God: No way.
Me: Help me pass this quiz then.
God: What is your previous wish?
:,(

Some examples

УЕРШСФД РФСЛШТП
What is the meaning of text above ?

IP Header was corrupted, Can you repair it and recover the destination IP ?

VV3lc30m3 7o 7|-|3 |-|311
Understand your limit
Set your goal
You choose the path

Hacker

You

End user

Course Info
OS
Windows / Linux
Process / Privilege Rings
Permissions / Owners
OSI Model
TCP/IP
Application
HTTP/S
Methods, Headers
TLS Handshake

Encoding
Base64, UTF, URL, GZip
Data format
Header, Magic Number
XML, JSON
DOCX
Metadata
EXIF, Email Header, HTTP Header
iNode, MFT

Course Info
[L] = with lab [M] = with Demo

Attack framework
Cyber Kill-chain
ATT&CK framework
CVE (e.g CVE-2016-5195)
Cryptography
Symmetric
Block Cipher: DES, AES
Stream Cipher
Asymmetric [LM]
RSA
Cryptography hashing [LM]
MD5, SHA1, SHA256, SALT
Crypto analysis [LM]
Steganography [LM]
Information Gathering
Passive (google, DNS, archive) [LM]
Active (Port / service scanning) [LM]
Password cracking
Brute force [LM]
Dictionary [LM]
Rainbow table [M]
Denial of Service
Local network [M]
SYN / Application [LM]
Reflection attack [M]

Course Info
Privilege escalation
Exploitation [LM]
Mis-configuration [LM]
Persistency
Windows – autorun / service [LM]
Linux – cron / service [M]
Web Attacks
XSS [LM]
SQLi [LM]
CSRF [LM]
Wireless
Radio and spectrum
Protocol handshake [M]
SIEM and log analysis
Common log format [LM]
Pen-testing
Pen-testing lifecycle
Report
CTF
Jeopardy / attack-defense
Exercise [LM]

Score
Attendance – 0%

5+ Lab exercise – 20%
(Bonus for lab – 10%)

Take home assignment – 20%
In-class CTF / 2nd assignment – 20%
(Bonus for assignment/CTF combined – 10%)

Final exam ( written exam / 24 hours hack lab ) –40%

Total possible Score > 100%
100% Hand-on

Lab 0

Linux Fundamental

https://overthewire.org/wargames/bandit/

The Bandit wargame is aimed at absolute beginners. It will teach the basics needed to be able to play other wargames. If you notice something essential is missing or have ideas for new levels, please let us know!

Tryhackme.com ( need to register a free account)

https://tryhackme.com/room/linux1

Networking fundamental

https://tryhackme.com/room/introtonetworking
The aim of this room is to provide a beginner’s introduction to the basic principles of networking
The topics that we’re going to cover in this room are:

Cryptography

https://tryhackme.com/room/encryptioncrypto101
This room will cover:

The OSI Model

The TCP/IP Model

How these models look in practice

An introduction to basic networking tools

Why cryptography matters for security and CTFs

The two main classes of cryptography and their uses

RSA, and some of the uses of RSA

2 methods of Key Exchange

Your lab setup – VM
Your Host Hardware, minimum
Intel i3
4GB RAM
50GB hard disk space
VirtualBox
https://www.virtualbox.org/
Kali Linux
https://www.kali.org/downloads/
Docker (if you like)
https://www.docker.com/

Your lab setup – Tools for your desktop
OpenVPN Client
https://tryhackme.com/room/openvpn
Wireshark
PCAP analysis
https://www.wireshark.org/
Burp Suite Community
Web intercept
https://portswigger.net/burp/communitydownload
https://www.youtube.com./watch?v=G3hpAeoZ4ek (configuration)
Cyber Chef
https://gchq.github.io/CyberChef/
Flexible text and data processing tools

Your lab setup – Tools for your desktop
Text Processing (any one)
NotePad++ (Windows only)
https://notepad-plus-plus.org/downloads/
Subline Text
https://www.sublimetext.com
Archive Manager (any one)
7z (windows only)
https://www.7-zip.org/download.html
Keka (Mac only)
https://www.keka.io/
7zip (Linux dist.)

Your lab setup – VPN (OPTIONAL)
OpenVPN Server
https://www.youtube.com./watch?v=w39P3k6XyNA

Choose your cloud provider (any one, one year trial / credit)
AWS https://aws.amazon.com/education/awseducate/
GCP https://edu.google.com/products/google-cloud/
Azure https://azure.microsoft.com/en-us/free/students/
BYOD

/docProps/thumbnail.jpeg