Wireless networks are popping up everywhere. It will be the most commonly used technology among computer networks in the near future. They provide a lot of freedom but not without cost: Too many home and corporate wireless networks are left wide open for attack.
This course takes an in-depth look at the security challenges of many different wireless technologies, exposing you to wireless security threats through the eyes of an attacker. Using readily available and custom-developed tools, youโll navigate your way through the techniques which are used by the attackers to exploit WiFi networks, including attacks against WEP, WPA/WPA2, PEAP, TTLS, and other systems.
Using assessment and analysis techniques, this course will show you how to identify the threats that expose wireless technology and build on this knowledge to implement defensive techniques that can be used to protect wireless systems.
The program begins with introductory-level cybersecurity skills training, then progresses to advanced cybersecurity technologies such as reverse engineering, penetration testing techniques, and many more. This training program will enable you to:
- Implement technical strategies, tools, and techniques to secure data and information for your organization.
- Adhere to ethical security behaviour for risk analysis and mitigation
- Understand security in cloud computing architecture in depth
- Comprehend legal requirements, privacy issues and audit process methodologies within the cloud environment
- Focus on IT compliance and the integrity of enterprise systems to establish a more secure enterprise IT framework
- Information security analysts must have strong analytical skills. They have to be able to study computer systems, assess any potential risks, and consider possible solutions.
- Creativity is critical for information security analysts. They must be able to anticipate cyber-attacks, always thinking one step ahead of a cyber threat. This kind of forward-thinking takes creativity.
- Threats to cybersecurity are always changing, as are solutions. Information security analysts have to constantly update their knowledge on the latest data-protection news, cyber-security legislation, and practices and techniques.
- Cybersecurity is vital for career roles such as penetration tester, cybersecurity analyst, network analyst, cybersecurity auditor, cybersecurity architect, forensics investigator, and many more.
- There are 2000+ cybersecurity jobs in India and 40,000+ in the US (Indeed.com). Cybersecurity job roles are expected to rise to six million worldwide by 2019.
- Expertise your skills in the management side of information security, including topics like governance, program development, and program, incident, and risk management.
Course Details
You will learn how to search for valuable information on a typical Linux system with LAMP services, and deposit and hide Trojans for future exploitation. You will learn how to patch these web apps with input validation using regular expressions. You will learn a security design pattern to avoid introducing injection vulnerabilities by input validation and replacing generic system calls with specific function calls. You will learn how to hack web apps with SQL injection vulnerabilities and retrieve user profile information and passwords. You will learn how to patch them with input validation and SQL parameter binding. You will learn the hacking methodology, Nessus tool for scanning vulnerabilities, Kali Linux for penetration testing, and Metasploit Framework for gaining access to vulnerable Windows Systems, deploying keylogger, and performing Remote VNC server injection. You will learn security in memory systems and virtual memory layout, and understand buffer overflow attacks and their defences.
- Kali Linux history and introduction
- Kali Linux GUI desktops
- Kali Linux Commands
- Tar and zips
- Compiling programs
- Identifying software packages
- Installing and removing software
- User account management
- Changing a user account password
- Passwd & Shadow file formats
- File permissions
- Directory permissions
- Octal representation
- Changing permissions
- Setting default permissions
- Internet addressing
- Network services
- Commonly available services
- Fundamental network configuration files
- Network control scripts
Introduction to wireless networks
- Wireless transmission standards
- 11 wireless network types
- Encryption and authentication standards
- Wireless network cards in Linux โ overview
- Wireless network interface cards in Linux
Wireless security (half) measures
- MAC address filtering
- Changing the MAC address of the wireless network card
- Disabling ESSID broadcast
- Finding a hidden access point with disabled ESSID broadcast
- Limiting wireless coverage
Wireless network attacks independent of used encryption
- Introduction
- DoS: RF jamming
- DoS: CSMA/CA jamming
- The use of deauthentication attack for jamming network traffic
- DoS: Deauthentication attack
- Wireless MITM
WEP attacks
- WEP encryption
- Chopchop
- The overview and demonstration of the chop-chop attack
- Keystream reuse
- Generating packets without knowing the network key
- Interactive packet replay and ARP request replay
- The demonstration of the PTW and KoreK attacks
- Caffe Latte Attack
- Creating a fake access point โ the Caffe Latte attack
WPA attacks
- WPA
- The dictionary attack on WPA
- WPA2
- Rainbow tables
- The dictionary attack on WPA โ using hash tables
- Cowpatty attack
- DoS: Taking advantage of the MIC failure holdoff time
Advanced attacks against WPA
- WKA TKIP attack
- WPA TKIP broken
- Beck-Tews attack enhanced
- Michael Reset attack
Sniffing Concepts
- Wiretapping
- Packet Sniffing
- Sniffing Threats
- How a Sniffer Works
- Types of Sniffing Attacks
- Passive Sniffing
- Active Sniffing
- Protocols Vulnerable to Sniffing
- SPAN Port
MAC Attacks
- MAC Flooding
- MAC Address/CAM Table
- How CAM Works
- What Happens When CAM Table is Full?
- Mac Flooding Switches with macof
- MAC Flooding Tools
- How to Defend against MAC Attacks
DHCP Attacks
- How DHCP Works
- DHCP Request/Reply Messages
- IPv4 DHCP Packet Format
- DHCP Starvation Attack
- Rogue DHCP Server Attack
- How to Defend Against DHCP Starvation and Rogue Server Attack
ARP Poisoning
- What is Address Resolution Protocol (ARP)?
- ARP Spoofing Techniques
- ARP Spoofing Attack
- How Does ARP Spoofing Work
- Threats of ARP Poisoning
- ARP Poisoning Tools
- How to Defend Against ARP Poisoning
- ARP Spoofing Detection: XArp
Spoofing Attack
- Spoofing Attack Threats
- MAC Spoofing/Duplicating
- MAC Spoofing Technique: Windows
- MAC Spoofing Tool: SMAC
- IRDP Spoofing
- How to Defend Against MAC Spoofing
DNS Poisoning
- DNS Poisoning Techniques
- Intranet DNS Spoofing
- Proxy Server DNS Poisoning
- DNS Cache Poisoning
- How to Defend Against DNS Spoofing
Sniffing Tools
- Sniffing Tool: Wireshark
- Follow TCP Stream in Wireshark
- Display Filters in Wireshark
- Additional Wireshark Filters
- Sniffing Tool: Tcpdump/Windump
- Packet Sniffing Tool: Capsa Network Analyzer
- Network Packet Analyzer: OmniPeek Network Analyzer
- Network Packet Analyzer: Observer
- Network Packet Analyzer: Sniff-O-Matic
- Network Packet Analyzer: JitBit Network Sniffer
- Chat Message Sniffer: MSN Sniffer 2
- TCP/IP Packet Crafter: Colasoft Packet Builder
- How an Attacker Hacks the Network Using Sniffers
Sniffer Detection Technique
- How to Defend Against Sniffing
- How to Detect Sniffing
- Sniffer Detection Technique: Ping Method
- Sniffer Detection Technique: ARP Method
- Sniffer Detection Technique: DNS Method
- Promiscuous Detection Tool: PromqryUI