CEH All-in-One Exam Guide, 3e, Professional

CONTENTS

Acknowledgments

Chapter 1 Getting Started: Essential Knowledge

Security Basics

Introduction to Ethical Hacking

Hacking Terminology

The Ethical Hacker

Chapter 2 Reconnaissance: Information Gathering for the Ethical Hacker

Passive Footprinting

Active Footprinting

Footprinting Methods and Tools

Website and E-mail Footprinting

DNS Footprinting

Network Footprinting

Chapter 3 Scanning and Enumeration

TCP/IP Networking

Scanning Methodology

Identifying Targets

Vulnerability Scanning

Windows System Basics

Enumeration Techniques

Chapter 4 Sniffing and Evasion

Network Knowledge for Sniffing

Active and Passive Sniffing

Sniffing Tools and Techniques

Devices Aligned Against You

Evasion Techniques

Chapter 5 Attacking a System

Getting Started

Windows Security Architecture

Linux Security Architecture

Authentication and Passwords

Privilege Escalation and Executing Applications

Hiding Files and Covering Tracks

Chapter 6 Web-Based Hacking: Servers and Applications

Web Organizations

Attack Methodology

Web Server Architecture

Web Server Attacks

Attacking Web Applications

Application Attacks

Countermeasures

Chapter 7 Wireless Network Hacking

Wireless Networking

Wireless Terminology, Architecture, and Standards

Wireless Hacking

The Mobile World

Mobile Platforms and Attacks

Chapter 8 Security in Cloud Computing

Cloud Computing

Threats and Attacks

Chapter 9 Trojans and Other Attacks

The “Malware” Attacks

Viruses and Worms

Remaining Attacks

Denial of Service

Session Hijacking

Chapter 10 Cryptography 101

Cryptography and Encryption Overview

Encryption Algorithms and Techniques

PKI, the Digital Certificate, and Digital Signatures

Digital Certificates

Digital Signatures

Encrypted Communication and Cryptography Attacks

Encrypted Communication

Cryptography Attacks

Chapter 11 Low Tech: Social Engineering and Physical Security

Social Engineering

Human-Based Attacks

Computer-Based Attacks

Mobile-Based Attacks

Physical Security

Physical Security 101

Chapter 12 The Pen Test: Putting It All Together

Methodology and Steps

The Security Assessments

Security Assessment Deliverables

More Terminology

Appendix A Tool, Sites, and References

Vulnerability Research Sites

Footprinting Tools

People Search Tools

Competitive Intelligence

Tracking Online Reputation

Website Research/Web Updates Tools

DNS and Whois Tools

Traceroute Tools and Links

Website Mirroring Tools and Sites

E-mail Tracking

Scanning and Enumeration Tools

Banner Grabbing

Vulnerability Scanning

Network Mapping

Proxy, Anonymizer, and Tunneling

SNMP Enumeration

LDAP Enumeration

NTP Enumeration

Windows Service Monitoring Tools

File/Folder Integrity Checkers

System Hacking Tools

Default Password Search Links

Password Hacking Tools

Keyloggers and Screen Capture

Privilege Escalation

Executing Applications

Covering Tracks

Packet Crafting/Spoofing

Session Hijacking

Clearing Tracks

Cryptography and Encryption

Encryption Tools

Stego Detection

MAC Flooding/Spoofing

Attack and Analysis

Packet Sniffing

WEP/WPA Cracking

Mobile Wireless Discovery

Mobile Device Tracking

Rooting/Jailbreaking

Trojans and Malware

Anti-Malware (AntiSpyware and Anitvirus)

Crypters and Packers

Monitoring Tools

Pen Test Suites

Social Engineering

Linux Distributions

Tools, Sites, and References Disclaimer

Appendix B About the Download

System Requirements

Installing and Running Total Tester

About Total Tester

Technical Support