The Four steps to Bolster cloud security-Cloud Computing-Soutech Nigeria

There has been a rapid growth in the use of cloud storage and the cloud technology is gradually moving from the ‘cloud-first’ strategy to the ‘cloud-only strategy. This is because the technology of cloud computing is in the year 2020 expected to have up to take up to about 70% of the enterprise software as well as the infrastructure.

The growth in the technology of public cloud has exposed organizations to trending security threats that normally cannot be minimized by employing endpoint security methodologies and technologies.

 

 

Security will be compromised because without applying the modern and cloud-native approach. The factors that affect the security include;

1.New Architectures

The architecture of cloud is entirely different from the legacy data centers which require some new approaches in the area of security. Traditional tools like penetration testing tools and network scanners are so reliable because the cloud is API-centric.

2. Increase of DevOps

When it comes to using public cloud, DevOps are on their own which end up not involving, not informing and not making central IT security teams aware. IT security teams require a new method to monitor the event of things because so many organizations are pushing are changing codes and productions everyday.

3. A More sophisticated landscape for threat

Hackers have kept the pace of in the deployment of similar tactics in order to automate attacks while DevOps teams have driven in the direction of making their code deployment process automated. This means that the surface of the attacks has been changed and there is not a path of traffic that can be monitored again. Security teams in order to ensure they have more visibility have resorted to deploying the use of new tools in all aspects of the organizations cloud applications.

The Four step program in bolstering cloud security

The issues surrounding the cloud security can be solved by the use of modern and cloud-native platforms which can make automation process very easy in order to provide a monitoring process that is continuous and further more analyse and remediate for cloud security compliance. This model has been able to offer a much better avenue for protection in the cloud far more than the traditional security platforms. Top cloud security experts have revealed that in order to achieve a continuous and automated cloud security and compliance, four key elements have to be addressed which are

  1. Real-time discovery in order to match the increasing pace of cloud changes: It is quite unusual for firms and organizations to possess millions of data points which require evaluation with the increasing cruelty surrounding the deployments in the cloud. A platform that can handle all the data in real time and isolating rapidly any form of security deviations and variations from good states is needed to the keep the functionality is cloud active
  2. Automated Action: One thing organizations must do is to automate monitor and remediate these processes to keep up. They need also to be flexible in the aspect of determining the way automated responses are made. They must also be able to inform the human administrators if there is a need for any other action.
  3. Deep insights to identify risks that may not be obvious: Communication can falter when the number of teams is large. You should make provision on your platform for teams to gain ownership of their security while also setting up security operations for other teams and corporate management in the bigger picture. This platform must be able to evaluate security information and details alongside the global customer base or across time and geography to put out a warning against potential issues before they occur.
  4. Comprehensive and properly detailed reports must be put together by teams about their daily security compliances and this should not necessarily be done during the yearly audit. You should be able to view the past and present state of your security and compliance stances by just a glance.

 

In conclusion, as organizations and firms make efforts to rely on public cloud in order to drive their daily business schemes and activities, they should also focus on the security risks and simplify the processes that are involved in the assurance of protection and compliance. Continuous security and compliance present us with new opportunities in order to maximize the value of the public cloud in the process of trying to minimize the risk.

It is very important to place our focus on the key characteristics such as automation, deep-insights and robust reporting and real-time discovery while evaluating potential cloud security platforms. The is a popular saying the IT world that the deployment of cloud technology changes everything but what doesn’t change is the importance of ensuring security and compliance.

 

To learn more about the security of the cloud environment as well as other security methodologies such as, vulnerability assessments, risk assessments and penetration testing, subscribe to our services at soutech ventures to learn CEH course in details.

Cybersecurity breaches are inevitable; What to do to stay safe- Information Security tips-SOUTECH Nigeria

Cybersecurity threats have become a cause of concern for many organizations especially with the daily reports of cyber intrusions where large volumes of data theft and intellectual property are involved. With the rise of new exploitation techniques and methods such as insider threats ransomwares, and advanced persistent threats the need for investing in cybersecurity cannot be over emphasized.

It has also be proven to be difficult to find rapt solutions to cyberattacks because of the dynamism in cloud computing, operating environment, supporting mobile, the iOt (internet of things), remote users, the quest for support the network devices that users bring to their offices and of course the question of how, where and what strategies to deploy in terms of specific security.

James Comey, a former director in the FBI described two kinds of big companies in the United States. He categorized them into “into those who have been hacked by the Chinese and those who have not been hacked by the Chinese.” Also in January 2015 at the world Economic Forum which was about a year later, John Chambers a former CEO Cisco confirmed that the people that have been hacked, do not even know they have been hacked.”

From all of this information, does it mean that cybersecurity breaches are inevitable? If a cybersecurity breach is inevitable then is prevention really possible and is trying to secure data and data systems worth the money?

Despite the fact that these remarks are quite discouraging, organizations still go ahead with storing data, financial data, intellectual property and their personal data on networked systems. In the midst of all these risks, there are the good sides to data storage and security which outweigh the bad sides.

Cybersecurity involves managing risks

There are things that should be put in place to secure information even with the fact that cybersecurity breaches cannot be avoided. In environments where risk is managed, there are ways and processes that can be put in place to ensure that data breaches are avoided which I have described in my previous article as penetration testing, vulnerability assessments, and IT audits. The premise surrounding the management of risk, is that the risk scenario cannot be completely eliminated.

 

 

If these uncertainties can be erased, then the risk can totally be erased as well. There are two basic security measures that can be put in place if the risk of a cybersecurity breach does not amount zero. Now the first strategy is to cut down the probability of the occurrence of a cybersecurity breach and the second involves cutting down on the impact which the damage that occurs when a cybersecurity risk is discovered. In order to manage any type of cybersecurity risks, these two strategies and measures are very appropriate in managing them. Do not forget that the general way to approach cybersecurity is very transparent and easy to understand.

The first things to identify in the operation of business is the assets which means that information assets which include raw data, people, processes and technology have to be protected.

The second thing you must note is that the purpose of a risk assessment is to reveal risks scenarios which could lead to damage or loss of data through unauthorized and unexpected disclosures, modifications and loss of confidentiality of data assets. Risks components are very few. The typical scenario of a cybersecurity intrusion is when a threat leverages on a vulnerability to damage information asset security. In this example, the components of risk exist when there is vulnerability and an exploit takes advantage of that vulnerability, and also a threat actor uses that exploit to damage the information assets’ security. Therefore, the only things that can be controlled by the network security manager are the presence of vulnerabilities on the network. The next step that follows is making an attempt to identify the risk and eliminating it.

Typically, once a risk has been identified, it is known to be eliminated and when a vulnerability is eliminated, all the threat scenarios where the vulnerability is exploited is reduced to zero.

Cybersecurity Risk Prioritization

Risk management at its core is a decision-support tool and once all the necessary cybersecurity scenarios have been unraveled, the job of the decision-support tool is to prioritize the order and manner in which the identified risks can be mitigated or controlled.

If there are insufficient resources that are capable of handling all the identified vulnerabilities, then the activity of risk prioritization with an aim to remediate and mitigate it can be seen to be important. Prioritization is also very valuable even in the midst of sufficient resources in order to remediate the existing vulnerabilities.

Outcome vs Impact

The prioritization of vulnerabilities is based on its potential impact on the organization if the risk scenarios exploiting that vulnerability are all realized. It is important to try to understand what the impact is if the potential impact is the prioritization factor. Whenever a vulnerability is being exploited, there is an unwanted outcome which involves an unwanted disclosure of data, unauthorized modification or the loss of access to the information asset that is being affected by the vulnerability is being exploitation. The result if an unwanted outcome is referred to as impact.

In the HIPAA privacy or security rules, if the health records are stolen, the outcome is that information will be disclosed, but the impact to the organizations is that there could be there will be a mandatory breach in the costs of notification and the potential for fines and civil penalties could run into millions of naira and dollars.

The prioritization of vulnerability mitigation by its potential impact can be done in different ways and one of them is in the use of a prioritization tool called Common vulnerability scoring System (CVSS), which will provide a framework for which one can understand the characteristics and impacts of vulnerabilities in information technology.

When CVSS is used, there is a likelihood that when an organization discovers that its risk has been prioritized to low severity or medium severity, they will choose not to remediate it. But in the case of organizations with many systems including mission-critical systems, such organizations need to come to an understanding that the potential impact to that asset and organizations is not totally and solely dependent on the ratings of the CVSS, but it could be higher and the organization needs to remediate the vulnerability.

 

In conclusion, if it is true that cybersecurity breaches cannot be avoided then all is not lost. The only sad thing is it will not be possible to completely eliminate the uncertainty that there will be data breaches.

To learn more about vulnerability assessments, risk assessments and penetration testing, subscribe to our services at soutech ventures to learn CEH course in details.

 

The need for an Automated Approach to Cloud Security and Compliance- Challanges in Cloud Computing-Soutech NigeriaEducation

Regardless of whether you are in charge of general IT, IT security, DevOps or administrative compliance, odds are open cloud services are a consistently developing piece of your portfolio. This can be extraordinary for the business, empowering lower costs, more prominent dexterity and speedier speed to advertise. Be that as it may, it can exhibit new and serious difficulties in guaranteeing security and compliance.

The public cloud is a radical new world. In the event that you think customary techniques for securing the data center or firewalling the border will keep your information and applications secured, you might be in for a reality check. The main issue with taking an approach in the form of a legacy approach is that they were not intended for the cloud period, which implies they don’t support or make use of the API-driven infrastructure of the public cloud.

 

 

 

Whatever your part is in your organization, you can infer huge advantages by grasping a present day, cloud-local model that utilizes equipment that are built on purpose to consistently and consequently screen and oversee security and compliance along the API control plane.

If you are in charge of IT, security or compliance, you can diminish costs, enhance security and affirm more prominent control over cloud technology and shadow IT. In the event that you are in DevOps, you can move rapidly without sitting tight for endorsements from security—while disposing of the potential for the calamity that is continually approaching if appropriate security and consistence balanced governance are not being set up.

Given the proper cloud security platform, the general organization can make of use automation to decrease risk and expel the human components from imperative procedures. Automation enables you to accomplish and achieve a constant visibility scheme over your cloud deployments, empowering reliable duplication among use conditions, for example, improvement, organizing and creation.

Automation, Security, Compliance and the cloud

The adoption of cloud technology moves too rapidly and is liable to excessively quick changes for organizations and firms to depend on manual assets. The major test, be that as it may, is that most organizations still utilize legacy devices, innovations and methodologies to oversee cloud security and compliance.

Luckily, new cloud-local arrangements are presently accessible, conveying an agent-less platform intended particularly for recent modern clouds.

 

These arrangements use the cloud’s API engineering architecture to determine gigantic adaptability in scaling and overseeing cloud security and compliance.

 

 

 

 

The steps below therefore will depict how an advanced automated approach to deal with persistent cloud security and compliance works. It depends on the Evident Security Platform from driving cloud security firm Evident.

Step 1

Close Observation: The environment revolving around cloud computing is evolving persistently. These progressions can be ordinary, routine exercises of your DevOps or IT groups; they can likewise be crafted by individuals who might do mischief to your business. As changes are made—over all cloud platforms, services and regions—the cloud security platform screens the designs of the cloud infrastructure to guarantee that it holds fast to security and compliance best practices.

Step 2

Assessment: The security platform safely gathers information about the services in your cloud and constantly performs checks against a progression of foreordained best security standards. It additionally performs checks against any predefined custom marks. These checks decide, on a persistent premise, if there are any conceivably exploitable vulnerabilities.

Step 3

In-depth Analysis: The platform at that point plays out an investigation to decide if the misconfigurations and exposures are prioritized and quantified into high, medium or low risk levels.

Step 4

Automated Remediation: The result of the subsequent analysis being performed is shown on a dashboard and can be sent to incorporated frameworks for auto-remediation work processes to set in.

Step 5

Robust Reporting: Comprehensive and detailed reports are made accessible so your groups can see data involving the risk, as well as client attribution and infected assets.

Step 6

Correction: The groups would then be able to utilize simple-to-follow remediation methodologies to recover the infrastructure to a safe state.

Conclusion

Public cloud is not going to be phased out any time soon but before the decade’s over, people in general cloud administrations/services market will surpass $230 billion, as predicted by Forrester Research. As cloud turns out to be more key to the accomplishment of your organization, it is key that you concentrate on security and compliance, regardless of whether your part is in IT, security, DevOps or corporate administration and compliance.
By grasping a constant security model, your organization will have the capacity to process many procedures that would overpower your groups and frameworks on the premise that they must be done manually. It not just accommodates upgraded security and compliance assurances, it likewise calms the weight on your staff, enhances security for DevOPs and different groups, and brings down the cost and danger of cloud security and compliance.

Cloud computing and its associated technologies is a very broad field. But I have in a few of my writeups been able to discuss the few trends and challenges that is being faced in the cloud environment. To learn more about vulnerability assessments, risk assessments and penetration testing, subscribe to our services at Soutech Ventures to learn CEH course in details.

Six important benefits of IDS/IPS in your business-Secure your network-Tips from SOUTECH Nigeria

Intrusion detection systems (IDSs) and intrusion prevention systems (IPSs) have been very effective over the years in countering against cyberattacks and also in the securing the network perimeter on the segments of the internal network. They serve as extra eyes in the aspect of securing data from losses and authorized access and any form of damages which can lead to collateral damages to the organization in both monetary terms and its reputation.

 

 

Now, the usage and effectiveness of this devices and technology can only survive when there is sufficient manpower and training. Organizations and network administrators must come to the knowledge that the use of IDSs and IPSs require training in other to interpret and act on its results.

There are benefits in the deployment of the technology of IDS/IPSes in businesses which include

  • Identifying the number and the type of security incidents.
  • Making sure security events do not escalate to security incidents.
  • Improving on the ability if network devices being discovered
  • Protection of vulnerable assets.
  • Protection of Operating systems and application softwares

The use of all the information obtained here to meet various regulatory requirements.

Now let us go ahead and explore the benefits of IDS/IPS in information security.

1.Identifying security incidents

The technologies of IDS/IPS do not only help to capture logs of IP addresses and ports of the communication going between different systems but can also be used to identify some specific content inside a network packet. Example, they can use botnet controllers can capture reports that have been identified from any compromised endpoint devices and can also identify DDOS attacks.

The sensor in modern IDS/IPS can help to quantify the types and the numbers of such attacks that an organization is vulnerable to and can go further to help it alter any existing security controls and deploy some new ones. It can also identify bugs in softwares and address host and network device configuration issues. The results determined can be used to perform further risk assessments.

2. Prevention of Security incident

The deployment of IDS/IPS technology can help to prevent the occurrence of security incidents which it does by disrupting communication between an attacker and his target, it can also report security incidents as well. Sensors in modern IDS/IPS can take packets in the network and examine them based on the context of the protocols supporting it. Example, if there is an HTTP protocol attack such as cross site scripting and SQL injection attack, it can be detected and blocked. The sensors in IDS/IPS can identify and block anomalous behavior which can be in form of an out-bound traffic.

3.Protection of vulnerable assets

IDS/IPS have been upgraded to be virtual patches for some software vulnerabilities. This enables network administrators to block any form of attacks until patches have been developed for such software vulnerabilities and until the cost for replacing systems until the patches are ready. The ability to identify the level of patches can be very useful for gauging the deployment of patches and for automation of vulnerability assessments.

 

4. Identification of network devices and hosts

Sensors in IDS/IPS can be used in a passive means to detect the presence of network devices and hosts as well. They can do this based on;

  • The data within the network packets in real time
  • Identify operating systems and services which are offered by the network device of the host.

This can help to eliminate a great deal of the manual work that can be applicable in determining the number of systems that are available alongside their configurations. Apart from helping the automation of hardware inventories, IDS/IPS can be applicable in the identification of rogue devices in the network like unauthorized hosts and rogue wireless access points and rogue hotspots.

5. Leveraging of information gained to meet regulatory requirements

IDS/IPS have the ability to give an organization deep insight into their networks and their connected resources. Regulatory mandates can also be met for example in the PCI-DSS 1.1.6 documentation, there is permission for the documentation and business justification of use of all the services and protocols and it can be researched using reports obtained from IDS/IPS logs.

6. Improvement in the Return on Investment (ROI)

There has been an identification of some improved efficiencies and the attendance of labour costs. An organization can determine how much of a return on investment (ROI) IDS/IPS it can supply if the infrastructure is able to reduce or completely mitigate two major things which include;

  • Degradation and denial of internet service and/or internal network service such as application service downtimes and business ramifications of the network.
  • A security breach which involves the loss of sensitive customer information and credentials as well as intellectual property.

My word for network administrators is to explore more on the use of the IDS/IPS to boost business and ensure that asides their basic functions, they are able to harness other functionalities in these devices.

To learn more about vulnerability assessments, risk assessments and penetration testing, subscribe to our services at soutech ventures to learn CEH course in details.

What You Don’t Know Can Hurt You-Cloud Security Issues revealed-SOUTECH Nigeria

 

 

 

One of the major issues that Computer Information Officers and chief Information Security Officers (CISO) is in the aspect of gaining visibility into the posture of their cloud security. How can they be expected to put in the place the proper and necessary controls and security measures if they cannot even identify where there are security flaws and where they exist.

If there isn’t a new approach, the problems will aggravate even before there is any hope of rendering a solution. Now why is this so?

Let us see various ways;

Without a new approach, the problems promise to get a whole lot worse before they get better. Why? Let us count the ways:

1.Growth of public cloud: Organizations have now deployed the use of cloud services to a much degree ever more than before. According to a study the use of cloud services in the average enterprise now amounts to about 1,427 services.

2. Shadow IT:

A lot of the publicly available cloud services and applications result from the initiative of the shadow IT are usually out of the control of the security teams and line-of-business managers why seem not to be familiar with security and best practices in compliances.

 

 

 

3. DevOps: Like I mentioned in my follow-up article on DevOps, DevOps teams have continued to outpace security teams going out on their own to deploy public cloud services to increase the rate of their development.

These teams do not often want to dragged behind by the concerns of the security and compliance.

 

 

 

 

4. Tools and technologies that have become extinct: Traditional tools that can be used for monitoring remediation endpoints have not been effective in the environments of data centers and cannot be effective and efficient for use in the security of public clouds.

5. The Pace of change: For manual processes to be able to keep to the pace, cloud environments change too quickly. Let us assume that organizations are even able to hire and retain personnel that are trained and have experience in the compliance and management of cloud security. CISOs and CIOS need to really worry about complacency in the use of cloud storage because public cloud providers like amazon web services and MS Azure have stepped up their game in the past couple of years. And because of this, surveys have shown that IT heads are becoming less worried of the security challenges in cloud environment. It has also been discovered that the biggest risks are always more in the internal network than in the external network.

6. The relationship between automation, visibility and continuous security and compliance: The questions therefore is on how CIO’s and CISOs gain the needed visibility they may need in order to minimize and maximize protection. The simple answer is through automation and this can be achieved by automating the process of remediation, analyzing and putting up monitoring measures across the whole cloud environment, security teams can gain the visibility they need in order to address their biggest cloud security and compliance challenges. The architecture of the cloud makes it a perfect fit for an automated approach to security and compliance this is because architecture of the cloud environment uses the API model, cloud-native agentless solutions. This architecture can be deployed to give IT security and DevOps teams some level of tremendous visibility and flexibility. With and automated model, it is very possible for CIO and CISOs can;

  • Obtain a view that gives bigger picture across all their cloud environments with a centralized means to manage and control events.
  • Allow DevOps and other teams to manage best practices in security and compliance that can be necessary for their own cloud deployments and controls.
  • Lower costs and reduce risk levels and complexities which can be done by replacing manual tasks with processes that are automated.
  • Enhance time with respect to value which can be achieved by securely making use of the public cloud to empower the smaller teams be they individual lines if businesses or DevOps
  • Flag risks and remediate the threats even before they get an opportunity or chance to affect availability, compliance and operations.

Finally, a plethora of openings Public cloud services have created for security officers by helping them to deliver significant value to their establishments in a lower costs, accelerated development cycles and greater work rate in productivity. However, there are a lot of risks masked behind these opportunities and these risks are surrounded by security and compliance. But the good thing is that there is a success path which can result in automation for providing continuous security and continuous compliance. This is the time to take the first step towards cloud security.

To learn more about the security of the cloud environment as well as other security methodologies such as, vulnerability assessments, risk assessments and penetration testing, subscribe to our services at soutech ventures to learn CEH course in details.

The Secure Socket Layer and how it secures your internet sessions- Be Educated-SOUTECH Nigeria

I’ll be teaching here on the Secure Sockets Layer because most of I believe have been hearing of SSL as a protocol but do not know how it works; don’t worry I’ve got you. What is SSL?

Secure Sockets Layer is a protocol applicable in computer networks that secures connections that exist between network application clients and servers on insecure networks such as the internet. SSL was proposed for use on the internet by the Internet Engineering Task Force (IETF) in 2015 because of the very many protocol and implementation flaws and vulnerabilities found in the other internet protocols. It has however been replaced by the TLS (Transport Layer Security) protocol. TLS and SSL are however not compatible together so therefore TLS is deployed in the SSL 3.0.

SSL was originally developed as a protocol in its proprietary state in the 1990s such that it allows the Netscape browser clients which work over the HTTP (hypertext Transfer Protocol) to communicate securely with Netscape web servers. SSL was eventually adopted for use to secure authentication and encryption in network transport layer communications.

Encryption Standard used in SSL

 

SSL makes use of two keys which are the public key and the symmetric key to ensure encryption when two machines when they establish a connection. These machines can typically be web or mail server and a client system communicating over the internet or some other TCP/IP network. SSL makes sure that data that is being sent between two processes working in the client and server model is encrypted and authenticated.

SSL works above the transport and network layer and is responsible for the transportation of data packets between processes and data routing of network traffic over a network between a client and server. It also works below the application layer protocols like the popular HTTP and SMTP (Simple Mail Transport Protocol).

Ever wondered what the word ‘socket’ in the term SSL refers to? It refers to the sockets method which data is transported between a client and server program in a certain network or between processes that take place on the same computer device.

Like I said, TLS protocol was developed from the SSL and has phased out the SSL protocol but in the aspect of SSL or SSL/TLS, they are still commonly used to refer to the protocol that was used to protect the internet traffic. SSL/TLS is the most widely deployed security protocol being used today and has been known secure up to about 50% of the pages that have been loaded on the Google chrome browser. SSL has been specifically implemented for applications such as email, file transfer, VoIPs, instant messaging which is an additional method to support the transmission of web pages.

How does SSL work?

The SSL protocol has majorly two sub-protocols which are;

  • The Record Protocol: This protocol defines how the hosts communicating will use exchange data via the SSL which include specifications for how data is to be prepared before being transmitted. It also tells how the verification and decryption of the received data.
  • The Handshake Protocol: This protocol defines how the client and server go about to establish an SSL connection. This includes the negotiation in way the cryptographic systems and each host is willing or unwilling to be engaged in the exchange of cryptographic materials. This includes the session keys and public keys for the encryption or authentication or transmitted data.

Now, during the handshake process, the initial process that takes place is that the server presents its digital certificate in order to be authenticated with the client. The server certificates use the X.509 certificate standard format which is defined by the public key cryptography standards. In order to be authenticated, the public key encryption validates the digital certificate and is used to confirm that the server is what it says it is.

Immediately the server is authenticated, the client and the server will go ahead to establish the settings of the cipher and a shared key will be used to encrypt the information that is being exchanged until the session expires. By this way, data confidentiality and integrity are assured and the whole process is invisible to the user.

Now let us look at this example, if a webpage is in need of an SSL connection, the URL will be changed from HTTP to HTTPS and you will see a padlock icon on the left pane of the browser once the server gets authenticated.

 

The handshake process allows the authentication to happen between the client and server. When the server authentication is complete, the client has to present its certificate to the server in order to authenticate its identity before it is encrypted for the SSL session to be established.

Version 3.1 of the SSL was released as TLS 1.0 (which was named to avoid legal issues with Netscape) after IETF officially took over the SSL protocol in order to standardize it through the open process. Attacks perpetrated against the SSL have been majorly been focused on issues in the SSL implementation. POODLE (Padding Oracle On Downgraded Legacy encryption) vulnerability is a known flaw in the SSL 3.0 protocol which is as a result of the way it ignores padded bytes when running in the cipher block chain mode. This existence of this flaw gives room for an attacker to decrypt sensitive data like the authentication cookies. TLS 1.0 has not been known to be vulnerable to attacks because it shows that all the padding bytes need to have the same value and must be authenticated.

There are some other differences between the TLS and SSL which make it a more secure and efficient protocol which is in its message authentication, generation of the key material, and the supported cipher suites where TLS supports some new and recent secure algorithms. The most recent version is the TLS 1.2 and the publication of the next version is expected before the year of this year 2017 pending approval. This update may likely be called the TLS 1.3 or the TLS 2.0.

subscribe to our CEH course at SOUTECH ventures to know more about network security and this subject topic in full. Call us today: 08034121380

Check out SOUTECH bespoke training sessions of over 20 Professional IT courses.

Professional IT Courses Training in Abuja: Web Design, Ethical Hacking, Networking, Mobile App Development, Project Management

Order any of our IT Training Kits

https://buyallsoftwares.com/

BEST PRACTICES FOR PERFORMING AN INFORMATION SECURITY ASSESSMENT-SOUTECHNIGERIA TIPS

Dear reader, do you know of the best way to measure information security risk? My favorite answer is that you dive in immediately to find those vulnerabilities that are specifically inherent in your system and applications. This can be likened to humans going through different tests to know the situation of their health through blood tests and analysis as well as magnetic resonance imaging and the likes. Some IT experts may refer to this kind of exercise as IT security audits while some may refer to it as penetration testing. Well, I will say that when you are performing an in-depth analysis of any IT infrastructure, it is not just about comparing policies to the working mechanism of things and trying to proof a point. This is the reason why I prefer to call this exercise information security assessment. Information security assessment is a broader and a more meaningful standard to unravel areas where security policies and procedures are lagging.

The ultimate goal in security testing is to find and fix any form of weaknesses in a system before anyone gets to exploit them and this is the core reason why the semantics of security testing is debated. It is therefore the duty of all security professionals to ensure that proper steps and measures are taken to ensure risk identification is understood. Let us put ego and politics aside and ensure that the key components of an effective information security scheme is given the desired attention. What are the key components of a detailed information security assessment?

1.Support: One of the important components is support of management. This is because no good information security assessment scheme can be successful without first receiving the support of management. If the leadership of an organisation is not willing to invest immensely their resources into making sure that their IT infrastructure is protected to a great extent, then the battle will be much more uphill. The focus should be on getting and keeping the right team on the organizational board. The target should not be on just management but on the security staff and member of the team.

2. Scope: This is known to be a very vital phase of information security assessment and I have seen many examples where the applications, systems and even the entire IT network is being excluded from security testing. The reasons are usually the same which may be insufficient time and lack of money. In as much as you need to fine tune the scope of your work, you have to make sure that all the critical systems are looked at and as soon as possible. In subsequent times, you may need to totally look at your environment because it requires a benign system, network segments or security process to out everything in jeopardy. The systems to be considered are the external and internal systems as well as the systems that are being hosted in the cloud by third parties as well as the marketing website. Also, it is of absolute necessity to do an authentic security testing of both the web applications and the operating systems. Ensure all that there is a fair test conducted on the people, the processes and all the physical system.

3. Testing: The testing phase should include and begin with vulnerability scan by using a vulnerability scanner to perform a manual analysis to discover the areas that are susceptible to attacks as regards to our context of the business environment. This phase usually includes activities like;

  • Password cracking
  • Wireless network analysis
  • Email phishing

The most important in this phase is to do an overview of the business environment from an attackers’ viewpoint in order to see the areas that can be exploited and then demonstrate what may happen so that the issue can be analyzed and steps taken towards resolving it.

4. Reporting: Doing a 500-page PDF report from a vulnerability scanner will not make it either easy to understand the issue or prevent it from happening. The aim of a report is to obtain a security assessment report that is concise prioritizes findings and recommendations on the way out. The report does not have to be lengthy but needs to be drafted in a way that will cut to the chase and give an detailed outline of the specific areas of weaknesses that should be given immediate and proper attention. This is often done from the viewpoint and professionalism of the security professional taking into account the business and systems. IT security auditing and penetration testing are the elements that are incorporated here as well. There are many standards to draft out good reports but I’m usually not a big fan of follow too many standards but I advocate that you draft out something that works for you. You can look out for templates such as the CVE (Common Vulnerability Scoring System) and some similar ratings which provide a severe rating for SNMP (Simple Network Management Protocol) which is being enabled with a two-default community string. If the vulnerabilities are discovered to be on very high risk, then what will be the dangers of a weak firewall password. Missing patches that are remotely exploitable, SQL injections on intrinsic web applications? What should rather be applicable here is common sense and the worst kind of information security assessment that can be performed and that will not have a formal report with issues that cannot be resolved.

5. Resolution: After a detailed report has been made, we must take all the discovered problems are try to develop solution plans for them. Majorly, problems should be found and fixed. I have seen security reports that contain unacknowledged and pending solutions after a security assessment. There is an easy fix which involves assigning responsibilities and ensuring that everyone is held accountable. The usual cycle for performing your information security assessments spans from 6months to a year depending on the environment. An alternative way is to do a follow-up from a time frame of 30 to 45 days after a report is drafted when performing a remediation validation of all the critical and highly prioritized findings.

6. Oversight: This involves ensuring that the security process between the security assessments will require things like tweaking of the existing systems and software including an implementation of the new technical controls with an outright of the policies and processes. Instead of trying to achieve a perfect security, your target should be on moving forward should on achieving a good security with a shorter time for catching flaws and resolving them. The management must be engaged with the task of achieving this plan with the executives kept on board with whats required in the aspect of compliance and contractual obligations. Whether or not they are interested, the right people must be kept to make sure security is ensured. By doing this Return on Investment is assured which is essential for business growth. Note that security is not out of mind but a priority.

As final words, I will say that the bottom line of the matter is that every business organisation has information and computing infrastructure that criminal hackers or malicious attackers are interested in for their gains. Of course, you know that you cannot totally be safe or immune from information risks and attacks so you must know the value of information security assessments. Organisations and businesses I would advise not to depend on IT security auditing and penetration testing to be safe. Neglecting IT security assessments is not a defensive option for due care. Furthermore, take out time to properly plan and strategize on how to perform information security assessment, ensuring that the task is completed and that the proper staff members in IT, development management and elsewhere are appraised on the findings so the matter can be resolved.

Some security professionals and vendors will try to paint it that information security assessment is not a difficult exercise to perform and will not be a very expensive project given its virtual return on investment. But I must tell you that your information security program will be a deep reflection of what you invest in. That means if you fail at it, then you stand a huge chance of shutting down your infrastructure. So, I will tell you a quote from warren Buffet which says “you only have to do a very few things in your life so long as you don’t do too many things wrong.” Assessments are never and will not be the perfect solution to your security problems even though it is performed periodically or consistently. The fact that you have tall fences, a big and strong gate and armed men at your does not guarantee 100% your safety. However, there is a big level of assurance that if you choose to ignore this exercise, history will of a surety repeat itself.

You can subscribe to our services at Soutech ventures to give you the desired security ideas that you may require to carry out a detailed and successful information security assessment. You can also learn our Ethical Hacking course from EC-Council which is desired to educate and give you hands-on knowledge on how to secure your infrastructure.

Certified Ethical Hacker Training- Cyber Security Courses in Nigeria- SOUTECH Web Consuts

What makes the Ethical Hacking and Countermeasures course different from other courses in the market?

The Ethical Hacking and Countermeasures course prepares candidates for the CEH exam offered by EC-Council. The course focuses on hacking techniques and technology from an offensive perspective. The advanced security course is regularly updated to reflect latest developments in the domain, including new hacking techniques, exploits, automated programs as well as defensive recommendations as outlined by experts in the field. The CEH body of knowledge represents detailed contributions from security experts, academicians, industry practitioners and the security community at large.

What is the Employment Value of CEH?

The ANSI accredited Ethical Hacking program is primarily targeted at security professionals who want to acquire a well rounded body of knowledge to have better opportunities in this field. Acquiring a CEH means the candidate has a minimum baseline knowledge of security threats, risks and countermeasures. Organizations can rest assured that they have a candidate who is more than a systems administrator, a security auditor, a hacking tool analyst or a vulnerability tester. The candidate is assured of having both business and technical knowledge.

Features

Updated Content

  • CEH v8 contains completely updated content on rapidly evolving security scenario and attack mechanisms

New Hacks

  • CEH v8 provides insights on new hacking techniques, networked environment and organized cybercrime

Hacking Tools

  • CEH v8 showcases thousands of Hacking tools including password cracker, spyware, live Trojans and viruses.

Security Tools

  • CEH v8 provides a detailed description of different industry-standard securitytools. Other tools are listed for testing by students in a lab environment.

Legal Agreement

  • Ethical Hacking and Countermeasures course mission is to educate, introduce anddemonstrate hacking tools for penetration testing purposes only. Prior to attending thiscourse, you will be asked to sign an agreement stating that you will not use the newly acquired skills for illegal or malicious attacks and you will not use such tools in an attempt to compromise any computer system, and to indemnify EC-Council with respect to the use or misuse of these tools, regardless of intent. Not anyone can be a student — the Accredited Training Centers (ATC) will make sure the applicants work for legitimate companies.
 Introduction to Ethical Hacking
  • Internet is Integral Part of Business and Personal Life – What Happens Online in 60 Seconds
  • Information Security Overview
    • Case Study
      • eBay Data Breach
      • Google Play Hack
      • The Home Depot Data Breach
    • Year of the Mega Breach
    • Data Breach Statistics
    • Malware Trends in 2014
    • Essential Terminology
    • Elements of Information Security
    • The Security, Functionality, and Usability Triangle
  • Information Security Threats and Attack Vectors
    • Motives, Goals, and Objectives of Information Security Attacks
    • Top Information Security Attack Vectors
    • Information Security Threat Categories
    • Types of Attacks on a System
      • Operating System Attacks
        • Examples of OS Vulnerabilities
      • Misconfiguration Attacks
      • Application-Level Attacks
        • Examples of Application-Level Attacks
      • Shrink Wrap Code Attacks
    • Information Warfare
  • Hacking Concepts, Types, and Phases
  • Hacking Concepts, Types, and Phases
    • What is Hacking
    • Who is a Hacker?
    • Hacker Classes
    • Hacking Phases
      • Reconnaissance
      • Scanning
      • Gaining Access
      • Maintaining Access
      • Clearing Tracks
    • Ethical Hacking Concepts and Scope
      • What is Ethical Hacking?
      • Why Ethical Hacking is Necessary
      • Scope and Limitations of Ethical Hacking
      • Skills of an Ethical Hacker
    • Information Security Controls
      • Information Assurance (IA)
      • Information Security Management Program
      • Threat Modeling
      • Enterprise Information Security Architecture (EISA)
      • Network Security Zoning
      • Defense in Depth
      • Information Security Policies
        • Types of Security Policies
        • Examples of Security Policies
        • Privacy Policies at Workplace
        • Steps to Create and Implement Security Policies
        • HR/Legal Implications of Security Policy Enforcement
      • Physical Security
        • Physical Security Controls
      • Incident Management
        • Incident Management Process
        • Responsibilities of an Incident Response Team
      • What is Vulnerability Assessment?
        • Types of  Vulnerability Assessment
        • Network Vulnerability Assessment Methodology
        • Vulnerability Research
        • Vulnerability Research Websites
      • Penetration Testing
        • Why Penetration Testing
        • Comparing Security Audit, Vulnerability Assessment, and Penetration Testing
        • Blue Teaming/Red Teaming
        • Types of Penetration Testing
        • Phases of Penetration Testing
        • Security Testing Methodology
        • Penetration Testing Methodology
      • Information Security Laws and Standards
        • Payment Card Industry Data Security Standard (PCI-DSS)
        • ISO/IEC 27001:2013
        • Health Insurance Portability and Accountability Act (HIPAA)
        • Sarbanes Oxley Act (SOX)
        • The Digital Millennium Copyright Act (DMCA) and Federal Information Security Management Act (FISMA)
        • Cyber Law in Different Countries

 

Footprinting and Reconnaissance

  • Footprinting Concepts
    • What is Footprinting?
    • Objectives of Footprinting
  • Footprinting Methodology
    • Footprinting through Search Engines
      • Finding Company’s Public and Restricted Websites
      • Determining the Operating System
      • Collect Location Information
      • People Search: Social Networking Services
      • People Search Online Services
      • Gather Information from Financial Services
      • Footprinting through Job Sites
      • Monitoring Target Using Alerts
      • Information Gathering Using Groups, Forums, and Blogs
    • Footprinting using Advanced Google Hacking Techniques
      • Google Advance Search Operators
      • Finding Resources Using Google Advance Operator
      • Google Hacking Database (GHDB)
      • Information Gathering Using Google Advanced Search
    • Footprinting through Social Networking Sites
      • Collect Information through Social Engineering on Social Networking Sites
      • Information Available on Social Networking Sites
    • Website Footprinting
      • Website Footprinting using Web Spiders
      • Mirroring Entire Website
        • Website Mirroring Tools
      • Extract Website Information from http://www.archive.org
      • Monitoring Web Updates Using Website Watcher
        • Web Updates Monitoring Tools
      • Email Footprinting
        • Tracking Email Communications
          • Collecting Information from Email Header
          • Email Tracking Tools
        • Competitive Intelligence
          • Competitive Intelligence Gathering
          • Competitive Intelligence – When Did this Company Begin?  How Did it Develop?
          • Competitive Intelligence – What Are the Company’s Plans?
          • Competitive Intelligence – What Expert Opinions Say About the Company
          • Monitoring Website Traffic of Target Company
          • Tracking Online Reputation of the Target
            • Tools for Tracking Online Reputation of the Target
          • WHOIS Footprinting
            • WHOIS Lookup
            • WHOIS Lookup Result Analysis
            • WHOIS Lookup Tools
            • WHOIS Lookup Tools for Mobile
          • DNS Footprinting
            • Extracting DNS Information
            • DNS Interrogation Tools
          • Network Footprinting
            • Locate the Network Range
            • Traceroute
            • Traceroute Analysis
            • Traceroute Tools
          • Footprinting through Social Engineering
            • Footprinting through Social Engineering
            • Collect Information Using Eavesdropping, Shoulder Surfing, and Dumpster Diving
          • Footprinting Tools
            • Footprinting Tool
              • Maltego
              • Recon-ng
            • Additional Footprinting Tools
          • Footprinting Countermeasures
          • Footprinting Penetration Testing
            • Footprinting Pen Testing
            • Footprinting Pen Testing Report Templates

 

Scanning Networks

  • Overview of Network Scanning
    • TCP Communication Flags
    • TCP/IP Communication
    • Creating Custom Packet Using TCP Flags
  • CEH Scanning Methodology
    • Check for Live Systems
      • Checking for Live Systems – ICMP Scanning
      • Ping Sweep
        • Ping Sweep Tools
      • Check for Open Ports
        • SSDP Scanning
        • Scanning IPv6 Network
        • Scanning Tool
          • Nmap
          • Hping2 / Hping3
          • Hping Commands
        • Scanning Techniques
          • TCP Connect / Full Open Scan
          • Stealth Scan (Half-open Scan)
          • Inverse TCP Flag Scanning
          • Xmas Scan
          • ACK Flag Probe Scanning
          • IDLE/IPID Header Scan
            • IDLE Scan: Step 1
            • IDLE Scan: Step 2 and 3
          • UDP Scanning
          • ICMP Echo Scanning/List Scan
        • Scanning Tool: NetScan Tools Pro
        • Scanning Tools
        • Scanning Tools for Mobile
        • Port Scanning Countermeasures
      • Scanning Beyond IDS
        • IDS Evasion Techniques
        • SYN/FIN Scanning Using IP Fragments
      • Banner Grabbing
        • Banner Grabbing Tools
        • Banner Grabbing Countermeasures
          • Disabling or Changing Banner
          • Hiding File Extensions from Web Pages
        • Scan for Vulnerability
          • Vulnerability Scanning
          • Vulnerability Scanning Tool
            • Nessus
            • GAFI LanGuard
            • Qualys FreeScan
          • Network Vulnerability Scanners
          • Vulnerability Scanning Tools for Mobile
        • Draw Network Diagrams
          • Drawing Network Diagrams
          • Network Discovery Tool
            • Network Topology Mapper
            • OpManager and NetworkView
          • Network Discovery and  Mapping Tools
          • Network Discovery Tools for Mobile
        • Prepare Proxies
          • Proxy Servers
          • Proxy Chaining
          • Proxy Tool
            • Proxy Switcher
            • Proxy Workbench
            • TOR and CyberGhost
          • Proxy Tools
          • Proxy Tools for Mobile
          • Free Proxy Servers
          • Introduction to Anonymizers
            • Censorship Circumvention Tool: Tails
            • G-Zapper
            • Anonymizers
            • Anonymizers for Mobile
          • Spoofing IP Address
          • IP Spoofing Detection Techniques
            • Direct TTL Probes
            • IP Identification Number
          • TCP Flow Control Method
          • IP Spoofing Countermeasures
        • Scanning Pen Testing

 

Enumeration

  • Enumeration Concepts
    • What is Enumeration?
    • Techniques for Enumeration
    • Services and Ports to Enumerate
  • NetBIOS Enumeration
    • NetBIOS Enumeration Tool
      • SuperScan
      • Hyena
      • Winfingerprint
      • NetBIOS Enumerator and Nsauditor Network Security Auditor
    • Enumerating User Accounts
    • Enumerating Shared Resources Using Net View
  • SNMP Enumeration
    • Working of SNMP
    • Management Information Base (MIB)
    • SNMP Enumeration Tool
      • OpUtils
      • Engineer’s Toolset
    • SNMP Enumeration Tools
  • LDAP Enumeration
    • LDAP Enumeration Tool: Softerra LDAP Administrator
    • LDAP Enumeration Tools
  • NTP Enumeration
    • NTP Enumeration Commands
    • NTP Enumeration Tools
  • SMTP Enumeration
    • SMTP Enumeration Tool: NetScanTools Pro
    • Telnet Enumeration
    • DNS Zone Transfer Enumeration Using NSLookup
  • Enumeration Countermeasures
  • SMB Enumeration Countermeasures
  • Enumeration Pen Testing

 

System Hacking

  • Information at Hand Before System Hacking Stage
  • System Hacking: Goals
  • CEH Hacking Methodology (CHM)
  • CEH System Hacking Steps
    • Cracking Passwords
      • Password Cracking
      • Types of Password Attacks
      • Non-Electronic Attacks
      • Active Online Attack
        • Dictionary, Brute Forcing and Rule-based Attack
        • Password Guessing
      • Default Passwords
      • Active Online Attack:
        • Trojan/Spyware/Keylogger
        • Example of Active Online Attack Using USB Drive
        • Hash Injection Attack
      • Passive Online Attack
        • Wire Sniffing
        • Man-in-the-Middle and Replay Attack
      • Offline Attack
        • Rainbow Attacks
          • Tools to Create Rainbow Tables: rtgen and Winrtgen
        • Distributed Network Attack
      • Elcomsoft Distributed Password Recovery
      • Microsoft Authentication
      • How Hash Passwords Are Stored in Windows SAM?
        • NTLM Authentication Process
        • Kerberos Authentication
      • Password Salting
      • pwdump7 and fgdump
      • Password Cracking Tools
        • L0phtCrack and Ophcrack
        • Cain & Abel and RainbowCrack
      • Password Cracking Tools
      • Password Cracking Tool for Mobile: FlexiSPY Password Grabber
      • How to Defend against Password Cracking
      • Implement and Enforce Strong Security Policy
      • CEH System Hacking Steps
    • Escalating Privileges
      • Privilege Escalation
      • Privilege Escalation Using DLL Hijacking
      • Privilege Escalation Tool: Active@ Password Changer
      • Privilege Escalation Tools
      • How to Defend Against Privilege Escalation
    • Executing Applications
      • RemoteExec
      • PDQ Deploy
      • DameWare Remote Support
      • Keylogger
        • Types of Keystroke Loggers
        • Hardware Keyloggers
        • Keylogger: All In One Keylogger
        • Keyloggers for Windows
        • Keylogger for Mac: Amac Keylogger for Mac
        • Keyloggers for MAC
      • Spyware
        • Spyware: Spytech SpyAgent
        • Spyware: Power Spy 2014
        • What Does the Spyware Do?
        • Spyware
        • USB Spyware: USBSpy
        • Audio Spyware: Spy Voice Recorder and Sound Snooper
        • Video Spyware: WebCam Recorder
        • Cellphone Spyware: Mobile Spy
        • Telephone/Cellphone Spyware
        • GPS Spyware: SPYPhone
        • GPS Spyware
      • How to Defend Against Keyloggers
        • Anti-Keylogger: Zemana AntiLogger
        • Anti-Keylogger
      • How to Defend Against Spyware
        • Anti-Spyware: SUPERAntiSpyware
        • Anti-Spyware
      • Hiding Files
        • Rootkits
          • Types of Rootkits
          • How Rootkit Works
          • Rootkit
            • Avatar
            • Necurs
            • Azazel
            • ZeroAccess
          • Detecting Rootkits
            • Steps for Detecting Rootkits
            • How to Defend against Rootkits
            • Anti-Rootkit: Stinger and UnHackMe
            • Anti-Rootkits
          • NTFS Data Stream
            • How to Create NTFS Streams
            • NTFS Stream Manipulation
            • How to Defend against NTFS Streams
            • NTFS Stream Detector: StreamArmor
            • NTFS Stream Detectors
          • What Is Steganography?
            • Classification of Steganography
            • Types of Steganography based on Cover Medium
              • Whitespace Steganography Tool: SNOW
              • Image Steganography
              • Least Significant Bit Insertion
              • Masking and Filtering
              • Algorithms and Transformation
              • Image Steganography: QuickStego
              • Image Steganography Tools
              • Document Steganography: wbStego
              • Document Steganography Tools
              • Video Steganography
              • Video Steganography: OmniHide PRO and Masker
              • Video Steganography Tools
              • Audio Steganography
              • Audio Steganography: DeepSound
              • Audio Steganography Tools
              • Folder Steganography: Invisible Secrets 4
              • Folder Steganography Tools
              • Spam/Email Steganography: Spam Mimic
            • Steganography Tools for Mobile Phones
          • Steganalysis
            • Steganalysis Methods/Attacks on Steganography
            • Detecting Text and Image Steganography
            • Detecting Audio and Video Steganography
            • Steganography Detection Tool: Gargoyle Investigator™ Forensic Pro
            • Steganography Detection Tools
          • Covering Tracks
            • Covering Tracks
            • Disabling Auditing: Auditpol
            • Clearing Logs
            • Manually Clearing Event Logs
            • Ways to Clear Online Tracks
            • Covering Tracks Tool: CCleaner
            • Covering Tracks Tool: MRU-Blaster
            • Track Covering Tools
          • Penetration Testing
            • Password Cracking
            • Privilege Escalation
            • Executing Applications
            • Hiding Files
            • Covering Tracks

 

Malware Threats

  • Introduction to Malware
    • Different Ways a Malware can Get into a System
    • Common Techniques Attackers Use to Distribute Malware on the Web
  • Trojan Concepts
    • Financial Loss Due to Trojans
    • What is a Trojan?
    • How Hackers Use Trojans
    • Common Ports used by Trojans
    • How to Infect Systems Using a Trojan
    • Wrappers
    • Dark Horse Trojan Virus Maker
    • Trojan Horse Construction Kit
    • Crypters: AIO FUD Crypter, Hidden Sight Crypter, and Galaxy Crypter
    • Crypters: Criogenic Crypter, Heaven Crypter, and SwayzCryptor
    • How Attackers Deploy a Trojan
      • Exploit Kit
      • Exploit Kit: Infinity
      • Exploit Kits: Phoenix Exploit Kit and Blackhole Exploit Kit
      • Exploit Kits: Bleedinglife and Crimepack
    • Evading Anti-Virus Techniques
  • Types of Trojans
    • Command Shell Trojans
    • Defacement Trojans
    • Defacement Trojans: Restorator
    • Botnet Trojans
      • Tor-based Botnet Trojans: ChewBacca
      • Botnet Trojans: Skynet and CyberGate
    • Proxy Server Trojans
      • Proxy Server Trojan: W3bPrOxy Tr0j4nCr34t0r (Funny Name)
    • FTP Trojans
    • VNC Trojans
      • VNC Trojans: WinVNC and VNC Stealer
    • HTTP/HTTPS Trojans
      • HTTP Trojan: HTTP RAT
    • Shttpd Trojan – HTTPS (SSL)
    • ICMP Tunneling
    • Remote Access Trojans
      • Optix Pro and MoSucker
      • BlackHole RAT and SSH – R.A.T
      • njRAT and Xtreme RAT
      • SpyGate – RAT and Punisher RAT
      • DarkComet RAT, Pandora RAT, and HellSpy RAT
      • ProRat and Theef
      • Hell Raiser
      • Atelier Web Remote Commander
    • Covert Channel Trojan: CCTT
    • E-banking Trojans
      • Working of E-banking Trojans
      • E-banking Trojan
        • ZeuS and SpyEye
        • Citadel Builder and Ice IX
      • Destructive Trojans: M4sT3r Trojan
      • Notification Trojans
      • Data Hiding Trojans (Encrypted Trojans)
    • Virus and Worms Concepts
      • Introduction to Viruses
      • Stages of  Virus Life
      • Working of  Viruses:
        • Infection Phase
        • Attack Phase
      • Why Do People Create Computer Viruses
      • Indications of Virus Attack
      • Virus Hoaxes and Fake Antiviruses
      • Ransomware
      • Types of Viruses
        • System or Boot Sector Viruses
        • File and Multipartite Viruses
        • Macro Viruses
        • Cluster Viruses
        • Stealth/Tunneling Viruses
        • Encryption Viruses
        • Polymorphic Code
        • Metamorphic Viruses
        • File Overwriting or Cavity Viruses
        • Sparse Infector Viruses
        • Companion/Camouflage Viruses
        • Shell Viruses
        • File Extension Viruses
        • Add-on and Intrusive Viruses
        • Transient and Terminate and Stay Resident Viruses
      • Writing a Simple Virus Program
        • Sam’s Virus Generator and JPS Virus Maker
        • Andreinick05’s Batch Virus Maker and DeadLine’s Virus Maker
        • Sonic Bat – Batch File Virus Creator and Poison Virus Maker
      • Computer Worms
        • How Is a Worm Different from a Virus?
        • Computer Worms: Ghost Eye Worm
        • Worm Maker: Internet Worm Maker Thing
      • Malware Reverse Engineering
        • What is Sheep Dip Computer?
        • Anti-Virus Sensor Systems
        • Malware Analysis Procedure: Preparing Testbed
        • Malware Analysis Procedure
        • Malware Analysis Tool: IDA Pro
        • Online Malware Testing: VirusTotal
        • Online Malware Analysis Services
        • Trojan Analysis: Neverquest
        • Virus Analysis: Ransom Cryptolocker
        • Worm Analysis: Darlloz (Internet of Things (IoT) Worm)
      • Malware Detection
        • How to Detect Trojans
          • Scanning for Suspicious Ports
            • Tools: TCPView and CurrPorts
          • Scanning for Suspicious Processes
            • Process Monitoring Tool: What’s Running
            • Process Monitoring Tools
          • Scanning for Suspicious Registry Entries
            • Registry Entry Monitoring Tool: RegScanner
            • Registry Entry Monitoring Tools
          • Scanning for Suspicious Device Drivers
            • Device Drivers Monitoring Tool: DriverView
            • Device Drivers Monitoring Tools
          • Scanning for Suspicious Windows Services
            • Windows Services Monitoring Tool: Windows Service Manager (SrvMan)
            • Windows Services Monitoring Tools
          • Scanning for Suspicious Startup Programs
            • Windows 8 Startup Registry Entries
            • Startup Programs Monitoring Tool: Security AutoRun
            • Startup Programs Monitoring Tools
          • Scanning for Suspicious Files and Folders
            • Files and Folder Integrity Checker: FastSum and WinMD5
            • Files and Folder Integrity Checker
          • Scanning for Suspicious Network Activities
          • Detecting Trojans and Worms with Capsa Network Analyzer
        • Virus Detection Methods
      • Countermeasures
        • Trojan Countermeasures
        • Backdoor Countermeasures
        • Virus and Worms Countermeasures
      • Anti-Malware Software
        • Anti-Trojan Software
          • TrojanHunter
          • Emsisoft Anti-Malware
        • Anti-Trojan Software
        • Companion Antivirus: Immunet
        • Anti-virus Tools
      • Penetration Testing
        • Pen Testing for Trojans and Backdoors
        • Penetration Testing for Virus

 

Sniffing

  • Sniffing Concepts
    • Network Sniffing and Threats
    • How a Sniffer Works
    • Types of Sniffing
      • Passive Sniffing
      • Active Sniffing
    • How an Attacker Hacks the Network Using Sniffers
    • Protocols Vulnerable to Sniffing
    • Sniffing in the Data Link Layer of the OSI Model
    • Hardware Protocol Analyzer
    • Hardware Protocol Analyzers
    • SPAN Port
    • Wiretapping
    • Lawful Interception
    • Wiretapping Case Study: PRISM
  • MAC Attacks
    • MAC Address/CAM Table
    • How CAM Works
    • What Happens When CAM Table Is Full?
    • MAC Flooding
    • Mac Flooding Switches with macof
    • Switch Port Stealing
    • How to Defend against MAC Attacks
  • DHCP Attacks
    • How DHCP Works
    • DHCP Request/Reply Messages
    • IPv4 DHCP Packet Format
    • DHCP Starvation Attack
    • DHCP Starvation Attack Tools
    • Rogue DHCP Server Attack
    • How to Defend Against DHCP Starvation and Rogue Server Attack
  • ARP   Poisoning
    • What Is Address Resolution Protocol (ARP)?
    • ARP Spoofing Attack
    • How Does ARP Spoofing Work
    • Threats of ARP Poisoning
    • ARP Poisoning Tool
      • Cain & Abel and WinArpAttacker
      • Ufasoft Snif
    • How to Defend Against ARP Poisoning
    • Configuring DHCP Snooping and Dynamic ARP Inspection on Cisco Switches
    • ARP Spoofing Detection: XArp
  • Spoofing Attack
    • MAC Spoofing/Duplicating
    • MAC Spoofing Technique: Windows
    • MAC Spoofing Tool: SMAC
    • IRDP Spoofing
    • How to Defend Against MAC Spoofing
  • DNS Poisoning
    • DNS Poisoning Techniques
    • Intranet DNS Spoofing
    • Internet DNS Spoofing
    • Proxy Server DNS Poisoning
    • DNS Cache Poisoning
    • How to Defend Against DNS Spoofing
  • Sniffing Tools
  • Sniffing Tool: Wireshark
  • Follow TCP Stream in Wireshark
  • Display Filters in Wireshark
  • Additional Wireshark Filters
  • Sniffing Tool
    • SteelCentral Packet Analyzer
    • Tcpdump/Windump
  • Packet Sniffing Tool: Capsa Network Analyzer
  • Network Packet Analyzer
    • OmniPeek Network Analyzer
    • Observer
    • Sniff-O-Matic
  • TCP/IP Packet Crafter: Colasoft Packet Builder
  • Network Packet Analyzer: RSA NetWitness Investigator
  • Additional Sniffing Tools
  • Packet Sniffing Tools for Mobile: Wi.cap. Network Sniffer Pro and FaceNiff
  • Counter measures
    • How to Defend Against Sniffing
  • Sniffing Detection Techniques
    • How to Detect Sniffing
    • Sniffer Detection Technique
      • Ping Method
      • ARP Method
      • DNS Method
    • Promiscuous Detection Tool
      • PromqryUI
      • Nmap
    • Sniffing Pen Testing

 

 

Social Engineering

  • Social Engineering Concepts
    • What is Social Engineering?
    • Behaviors Vulnerable to Attacks
    • Factors that Make Companies Vulnerable to Attacks
    • Why Is Social Engineering Effective?
    • Warning Signs of an Attack
    • Phases in a Social Engineering Attack
  • Social Engineering Techniques
    • Types of Social Engineering
      • Human-based Social Engineering
      • Impersonation
        • Impersonation Scenario
          • Over-Helpfulness of Help Desk
          • Third-party Authorization
          • Tech Support
          • Internal Employee/Client/Vendor
          • Repairman
          • Trusted Authority Figure
        • Eavesdropping and Shoulder Surfing
        • Dumpster Diving
        • Reverse Social Engineering, Piggybacking, and Tailgating
      • Watch these Movies
      • Watch this Movie
      • Computer-based Social Engineering
        • Phishing
        • Spear Phishing
      • Mobile-based Social Engineering
        • Publishing Malicious Apps
        • Repackaging Legitimate Apps
        • Fake Security Applications
        • Using SMS
      • Insider Attack
      • Disgruntled Employee
      • Preventing Insider Threats
      • Common Social Engineering Targets and Defense Strategies
    • Impersonation on Social Networking Sites
      • Social Engineering Through Impersonation on Social Networking Sites
      • Social Engineering on Facebook
      • Social Engineering on LinkedIn and Twitter
      • Risks of Social Networking to Corporate Networks
    • Identity Theft
      • Identity Theft Statistics
      • Identify Theft
      • How to Steal an Identity
        • STEP 1
        • STEP 2
        • Comparison
        • STEP 3
      • Real Steven Gets Huge Credit Card Statement
      • Identity Theft – Serious Problem
    • Social Engineering Countermeasures
      • How to Detect Phishing Emails
      • Anti-Phishing Toolbar
        • Netcraft
        • PhishTank
      • Identity Theft Countermeasures
    • Penetration Testing
      • Social Engineering Pen Testing
        • Using Emails
        • Using Phone
        • In Person
        • Social Engineering Toolkit (SET)

 

Denial-of-Service    

  • DoS/DDoS Concepts
    • DDoS Attack Trends
    • What is a Denial of Service Attack?
    • What Are Distributed Denial of Service Attacks?
    • How Distributed Denial of Service Attacks Work
  • DoS/DDoS Attack Techniques
    • Basic Categories of DoS/DDoS Attack Vectors
    • DoS/DDoS Attack Techniques
      • Bandwidth Attacks
      • Service Request Floods
      • SYN Attack
      • SYN Flooding
      • ICMP Flood Attack
      • Peer-to-Peer Attacks
      • Permanent Denial-of-Service Attack
      • Application Level Flood Attacks
      • Distributed Reflection Denial of Service (DRDoS)
    • Botnets
      • Organized Cyber Crime: Organizational Chart
      • Botnet
      • A Typical Botnet Setup
      • Botnet Ecosystem
      • Scanning Methods for Finding Vulnerable Machines
      • How Malicious Code Propagates?
      • Botnet Trojan
        • Blackshades NET
        • Cythosia Botnet and Andromeda Bot
        • PlugBot
      • DDoS Case Study
        • DDoS Attack
        • Hackers Advertise Links to Download Botnet
      • DoS/DDoS Attack Tools
        • Pandora DDoS Bot Toolkit
        • Dereil and HOIC
        • DoS HTTP and BanglaDos
        • DoS and DDoS Attack Tools
        • DoS and DDoS Attack Tool for Mobile
          • AnDOSid
          • Low Orbit Ion Cannon (LOIC)
        • Counter-measures
          • Detection Techniques
          • Activity Profiling
          • Wavelet Analysis
          • Sequential Change-Point Detection
          • DoS/DDoS Countermeasure Strategies
          • DDoS Attack Countermeasures
            • Protect Secondary Victims
            • Detect and Neutralize Handlers
            • Detect Potential Attacks
            • Deflect Attacks
            • Mitigate Attacks
          • Post-Attack Forensics
          • Techniques to Defend against Botnets
          • DoS/DDoS Countermeasures
          • DoS/DDoS Protection at ISP Level
          • Enabling  TCP Intercept on Cisco IOS Software
          • Advanced DDoS Protection Appliances
        • DoS/DDoS Protection Tools
          • DoS/DDoS Protection Tool: FortGuard Anti-DDoS Firewall 2014
          • DoS/DDoS Protection Tools
        • DoS/DDoS Attack Penetration Testing

 

Session Hijacking

  • Session Hijacking Concepts
    • What is Session Hijacking?
    • Why Session Hijacking is Successful?
    • Session Hijacking Process
    • Packet Analysis of a Local Session Hijack
    • Types of Session Hijacking
    • Session Hijacking in OSI Model
    • Spoofing vs. Hijacking
  • Application Level Session Hijacking
    • Compromising Session IDs using Sniffing
    • Compromising Session IDs by Predicting Session Token
    • How to Predict a Session Token
    • Compromising Session IDs Using Man-in-the-Middle Attack
    • Compromising Session IDs Using Man-in-the-Browser Attack
    • Steps to Perform Man-in-the-Browser Attack
    • Compromising Session IDs Using Client-side Attacks
    • Compromising Session IDs Using Client-side Attacks: Cross-site Script Attack
    • Compromising Session IDs Using Client-side Attacks: Cross-site Request Forgery Attack
    • Compromising Session IDs Using Session Replay Attack
    • Compromising Session IDs Using Session Fixation
    • Session Fixation Attack
    • Session Hijacking Using Proxy Servers
  • Network-level Session Hijacking
    • The 3-Way Handshake
    • TCP/IP Hijacking
    • TCP/IP Hijacking Process
    • IP Spoofing: Source Routed Packets
    • RST Hijacking
    • Blind Hijacking
    • MiTM Attack Using Forged ICMP and ARP Spoofing
    • UDP Hijacking
  • Session Hijacking Tools
    • Session Hijacking Tool
      • Zaproxy
      • Burp Suite and Hijack
    • Session Hijacking Tools
    • Session Hijacking Tools for Mobile: DroidSheep and DroidSniff
  • Counter-measures
    • Session Hijacking Detection Methods
    • Protecting against Session Hijacking
    • Methods to Prevent Session Hijacking
      • To be Followed by Web Developers
      • To be Followed by Web Users
    • Approaches Vulnerable to Session Hijacking and their Preventative Solutions
    • IPSec
    • Modes of IPsec
    • IPsec Architecture
    • IPsec Authentication and Confidentiality
    • Components of IPsec
  • Session Hijacking Pen Testing

 

Hacking Webservers

  • Webserver Concepts
    • Web Server Security Issue
    • Why Web Servers Are Compromised
    • Impact of  Webserver Attacks
    • Open Source Webserver Architecture
    • IIS Webserver Architecture
  • Webserver Attacks
    • DoS/DDoS Attacks
    • DNS Server Hijacking
    • DNS Amplification Attack
    • Directory Traversal Attacks
    • Man-in-the-Middle/Sniffing Attack
    • Phishing Attacks
    • Website Defacement
      • Webserver Misconfiguration
    • Webserver Misconfiguration Example
    • HTTP Response Splitting Attack
    • Web Cache Poisoning Attack
    • SSH Bruteforce Attack
    • Webserver Password Cracking
      • Webserver Password Cracking Techniques
    • Web Application Attacks
  • Attack Methodology
    • Webserver Attack Methodology
      • Information Gathering
      • Information Gathering from Robots.txt File
      • Webserver Footprinting
    • Webserver Footprinting Tools
    • Enumerating Webserver Information Using Nmap
    • Webserver Attack Methodology
      • Mirroring a Website
      • Vulnerability Scanning
      • Session Hijacking
      • Hacking Web Passwords
    • Webserver Attack Tools
      • Metasploit
        • Metasploit Architecture
        • Metasploit Exploit Module
        • Metasploit Payload Module
        • Metasploit Auxiliary Module
        • Metasploit NOPS Module
      • Webserver Attack Tools: Wfetch
      • Web Password Cracking Tool: THC-Hydra and Brutus
    • Counter-measures
      • Place Web Servers in Separate Secure Server Security Segment on Network
      • Countermeasures
        • Patches and Updates
        • Protocols
        • Accounts
        • Files and Directories
      • Detecting Web Server Hacking Attempts
      • How to Defend Against Web Server Attacks
      • How to Defend against HTTP Response Splitting and Web Cache Poisoning
      • How to Defend against DNS Hijacking
    • Patch Management
      • Patches and Hotfixes
      • What Is Patch Management?
      • Identifying Appropriate Sources for Updates and Patches
      • Installation of a Patch
      • Implementation and Verification of a Security Patch or Upgrade
      • Patch Management Tool: Microsoft Baseline Security Analyzer (MBSA)
      • Patch Management Tools
    • Webserver  Security Tools
      • Web Application Security Scanner: Syhunt Dynamic and N-Stalker Web Application Security Scanner
      • Web Server Security Scanner: Wikto and Acunetix Web Vulnerability Scanner
      • Web Server Malware Infection Monitoring Tool
        • HackAlert
        • QualysGuard Malware Detection
      • Webserver Security Tools
    • Webserver  Pen Testing
      • Web Server Pen Testing Tool
        • CORE Impact® Pro
        • Immunity CANVAS
        • Arachni

 

 

Hacking Web Applications<

  • Web App Concepts
    • Introduction to Web Applications
    • How Web Applications Work?
    • Web Application Architecture
    • Web 2.0 Applications
    • Vulnerability Stack
  • Web App Threats
    • Unvalidated Input
    • Parameter/Form Tampering
    • Directory Traversal
    • Security Misconfiguration
    • Injection Flaws
    • SQL Injection Attacks
      • Command Injection Attacks
    • Command Injection Example
    • File Injection Attack
    • What is LDAP Injection?
      • How LDAP Injection Works?
    • Hidden Field Manipulation Attack
    • Cross-Site Scripting (XSS) Attacks
      • How XSS Attacks Work
      • Cross-Site Scripting Attack Scenario: Attack via Email
      • XSS Example: Attack via Email
      • XSS Example: Stealing Users’ Cookies
      • XSS Example: Sending an Unauthorized Request
      • XSS Attack in Blog Posting
      • XSS Attack in Comment Field
      • Websites Vulnerable to XSS Attack
    • Cross-Site Request Forgery (CSRF) Attack
      • How CSRF Attacks Work?
    • Web Application Denial-of-Service (DoS) Attack
    • Denial of Service (DoS) Examples
    • Buffer Overflow Attacks
    • Cookie/Session Poisoning
      • How Cookie Poisoning Works?
    • Session Fixation Attack
    • CAPTCHA Attacks
    • Insufficient Transport Layer Protection
    • Improper Error Handling
    • Insecure Cryptographic Storage
    • Broken Authentication and Session Management
    • Unvalidated Redirects and Forwards
    • Web Services Architecture
    • Web Services Attack
    • Web Services Footprinting Attack
    • Web Services XML Poisoning
  • Web App Hacking Methodology
    • Footprint Web Infrastructure
      • Server Discovery
      • Service Discovery
      • Server Identification/Banner Grabbing
        • Detecting Web App Firewalls and Proxies on Target Site
      • Hidden Content Discovery
      • Web Spidering Using Burp Suite
      • Web Crawling Using Mozenda Web Agent Builder
    • Attack Web Servers
      • Hacking Web Servers
      • Web Server Hacking Tool: WebInspect
    • Analyze Web Applications
      • Identify Entry Points for User Input
      • Identify Server-Side Technologies
      • Identify Server-Side Functionality
      • Map the Attack Surface
    • Attack Authentication Mechanism
      • Username Enumeration
      • Password Attacks
        • Password Functionality Exploits
        • Password Guessing
        • Brute-forcing
      • Session Attacks: Session ID Prediction/ Brute-forcing
      • Cookie Exploitation: Cookie Poisoning
    • Authorization Attack Schemes
      • Authorization Attack
      • HTTP Request Tampering
      • Authorization Attack: Cookie Parameter  Tampering
    • Attack Session Management Mechanism
      • Session Management Attack
      • Attacking Session Token Generation Mechanism
      • Attacking Session Tokens Handling Mechanism: Session Token Sniffing
    • Perform Injection Attacks
      • Injection Attacks/Input Validation Attacks
    • Attack Data Connectivity
      • Connection String Injection
      • Connection String Parameter Pollution (CSPP) Attacks
      • Connection Pool DoS
    • Attack Web App Client
    • Attack Web Services
      • Web Services Probing Attacks
      • Web Service Attacks
        • SOAP Injection
        • XML Injection
      • Web Services Parsing Attacks
      • Web Service Attack Tool: soapUI and XMLSpy
    • Web Application Hacking Tools
      • Web Application Hacking Tools
        • Burp Suite Professional
        • CookieDigger
        • WebScarab
      • Web Application Hacking Tools
    • Countermeasures
      • Encoding Schemes
      • How to Defend Against SQL Injection Attacks?
      • How to Defend Against Command Injection Flaws?
      • How to Defend Against XSS Attacks?
      • How to Defend Against DoS Attack?
      • How to Defend Against Web Services Attack?
      • Guidelines for Secure CAPTCHA Implementation
      • Web Application Countermeasures
      • How to Defend Against Web Application Attacks?
    • Security Tools
      • Web Application Security Tool
        • Acunetix Web Vulnerability Scanner
        • Watcher Web Security Tool
        • Netsparker
        • N-Stalker Web Application Security Scanner
        • VampireScan
      • Web Application Security Tools
      • Web Application Firewall
        • dotDefender
        • ServerDefender VP
      • Web Application Firewall
    • Web App Pen Testing
      • Web Application Pen Testing
        • Information Gathering
        • Configuration Management Testing
        • Authentication Testing
        • Session Management Testing
        • Authorization Testing
        • Data Validation Testing
        • Denial of Service Testing
        • Web Services Testing
        • AJAX Testing
      • Web Application Pen Testing Framework
        • Kali Linux
        • Metasploit
        • Browser Exploitation Framework (BeEF)
        • PowerSploit

 

 

SQL Injection

  • SQL Injection Concepts
    • What is SQL Injection?
    • Why Bother about SQL Injection?
    • How Web Applications Work?
    • SQL Injection and Server-side Technologies
    • Understanding HTTP Post Request
    • Example: Normal SQL Query
    • Understanding an SQL Injection Query
      • Code Analysis
    • Example of a Web App Vulnerable to SQL Injection
      • aspx
      • Attack Analysis
    • Example of SQL Injection
      • Updating Table
      • Adding New Records
      • Identifying the Table Name
      • Deleting a Table
    • Types of SQL Injection
      • Error Based SQL Injection
      • Union SQL Injection
      • Blind SQL Injection
      • No Error Messages Returned
      • Blind SQL Injection: WAITFOR DELAY (YES or NO Response)
      • Boolean Exploitation Technique
    • SQL Injection Methodology
      • Information Gathering and SQL Injection Vulnerability Detection
        • Information Gathering
        • Identifying Data Entry Paths
        • Extracting Information through Error Messages
        • Testing for SQL Injection
        • Additional Methods to Detect SQL Injection
        • SQL Injection Black Box Pen Testing
        • Source Code Review to Detect SQL Injection Vulnerabilities
      • Launch SQL Injection Attacks
        • Perform Union SQL Injection
        • Perform Error Based SQL Injection
        • Perform Error Based SQL Injection: Using Stored Procedure Injection
        • Bypass Website Logins Using SQL Injection
        • Perform Blind SQL Injection – Exploitation (MySQL)
        • Blind SQL Injection
          • Extract Database User
          • Extract Database Name
          • Extract Column Name
          • Extract Data from ROWS
        • Perform Double Blind SQL Injection – Classical Exploitation (MySQL)
          • Perform Blind SQL Injection Using Out of Band Exploitation Technique
        • Exploiting Second-Order SQL Injection
      • Advanced SQL Injection
        • Database, Table, and Column Enumeration
        • Advanced Enumeration
        • Features of Different DBMSs
        • Creating Database Accounts
        • Password Grabbing
        • Grabbing SQL Server Hashes
        • Extracting SQL Hashes (In a Single Statement)
        • Transfer Database to Attacker’s Machine
        • Interacting with the Operating System
        • Interacting with the File System
        • Network Reconnaissance Using SQL Injection
        • Network Reconnaissance Full Query
      • SQL Injection Tools
        • BSQLHacker
        • Marathon Tool
        • SQL Power Injector
        • Havij
        • SQL Injection Tools
        • SQL Injection Tool for Mobile
          • DroidSQLi
          • sqlmapchik
        • Evasion Techniques
          • Evading IDS
          • Types of Signature Evasion Techniques
          • Evasion Technique
            • Sophisticated Matches
            • Hex Encoding
            • Manipulating White Spaces
            • In-line Comment
            • Char Encoding
            • String Concatenation
            • Obfuscated Codes
          • Counter-measures
            • How to Defend Against SQL Injection Attacks?
            • How to Defend Against SQL Injection Attacks: Use Type-Safe SQL Parameters
            • How to Defend Against SQL Injection Attacks
            • SQL Injection Detection Tool
              • dotDefender
              • IBM Security AppScan
              • WebCruiser
            • Snort Rule to Detect SQL Injection Attacks
            • SQL Injection Detection Tools

 

Hacking Wireless Networks

  • Wireless Concepts
    • Wireless Terminologies
    • Wireless Networks
    • Wi-Fi Networks at Home and Public Places
    • Wireless Technology Statistics
    • Types of Wireless Networks
    • Wireless Standards
    • Service Set Identifier (SSID)
    • Wi-Fi Authentication Modes
    • Wi-Fi Authentication Process Using a Centralized Authentication Server
    • Wi-Fi Chalking
      • Wi-Fi Chalking Symbols
    • Types of Wireless Antenna
      • Parabolic Grid Antenna
    • Wireless Encryption
      • Types of Wireless Encryption
        • WEP Encryption
          • How WEP Works?
        • What is WPA?
          • How WPA Works?
          • Temporal Keys
        • What is WPA2?
          • How WPA2 Works?
        • WEP vs. WPA vs. WPA2
        • WEP Issues
        • Weak Initialization Vectors (IV)
        • How to Break WEP Encryption?
        • How to Break WPA Encryption?
        • How to Defend Against WPA Cracking?
      • Wireless Threats
        • Access Control Attacks
        • Integrity Attacks
        • Confidentiality Attacks
        • Availability Attacks
        • Authentication Attacks
        • Rogue Access Point Attack
        • Client Mis-association
        • Misconfigured Access Point Attack
        • Unauthorized Association
        • Ad Hoc Connection Attack
        • HoneySpot Access Point Attack
        • AP MAC Spoofing
        • Denial-of-Service Attack
        • Jamming Signal Attack
        • Wi-Fi Jamming Devices
      • Wireless Hacking Methodology
        • Wi-Fi Discovery
          • Footprint the Wireless Network
          • Find Wi-Fi Networks to Attack
          • Wi-Fi Discovery Tool
            • inSSIDer and NetSurveyor
            • Vistumbler and NetStumbler
          • Wi-Fi Discovery Tools
          • Mobile-based Wi-Fi Discovery Tool
        • GPS Mapping
          • GPS Mapping Tool
            • WIGLE
            • Skyhook
          • Wi-Fi Hotspot Finder
            • Wi-Fi Finder
            • WeFi
          • How to Discover Wi-Fi Network Using Wardriving?
        • Wireless Traffic Analysis
          • Wireless Cards and Chipsets
          • Wi-Fi USB Dongle: AirPcap
          • Wi-Fi Packet Sniffer
            • Wireshark with AirPcap
            • SteelCentral Packet Analyzer
            • OmniPeek Network Analyzer
            • CommView for Wi-Fi
          • What is Spectrum Analysis?
          • Wi-Fi Packet Sniffers
        • Launch Wireless Attacks
          • Aircrack-ng Suite
          • How to Reveal Hidden SSIDs
            • Fragmentation Attack
          • How to Launch MAC Spoofing Attack?
            • Denial of Service: Deauthentication and Disassociation Attacks
            • Man-in-the-Middle Attack
            • MITM Attack Using Aircrack-ng
            • Wireless ARP Poisoning Attack
            • Rogue Access Point
            • Evil Twin
              • How to Set Up a Fake Hotspot (Evil Twin)?
            • Crack  Wi-Fi Encryption
              • How to Crack WEP Using Aircrack
              • How to Crack WPA-PSK Using Aircrack
              • WPA Cracking Tool: KisMAC
              • WEP Cracking Using Cain & Abel
              • WPA Brute Forcing Using Cain & Abel
              • WPA Cracking Tool: Elcomsoft Wireless Security Auditor
              • WEP/WPA Cracking Tools
              • WEP/WPA Cracking Tool for Mobile: Penetrate Pro
            • Wireless Hacking Tools
              • Wi-Fi Sniffer: Kismet
              • Wardriving Tools
              • RF Monitoring Tools
              • Wi-Fi Traffic Analyzer Tools
              • Wi-Fi Raw Packet Capturing and Spectrum Analyzing Tools
              • Wireless Hacking Tools for Mobile: HackWifi and Backtrack Simulator
            • Bluetooth Hacking
              • Bluetooth Stack
              • Bluetooth Threats
              • How to BlueJack a Victim?
              • Bluetooth Hacking Tool
                • Super Bluetooth Hack
                • PhoneSnoop
                • BlueScanner
              • Bluetooth Hacking Tools
            • Counter-measures
              • How to Defend Against Bluetooth Hacking?
              • How to Detect and Block Rogue AP?
              • Wireless Security Layers
              • How to Defend Against Wireless Attacks?
            • Wireless Security Tools
              • Wireless Intrusion Prevention Systems
              • Wireless IPS Deployment
              • Wi-Fi Security Auditing Tool
                • AirMagnet WiFi Analyzer
                • Motorola’s AirDefense Services Platform (ADSP)
                • Adaptive Wireless IPS
                • Aruba RFProtect
              • Wi-Fi Intrusion Prevention System
              • Wi-Fi Predictive Planning Tools
              • Wi-Fi Vulnerability Scanning Tools
              • Bluetooth Security Tool: Bluetooth Firewall
              • Wi-Fi Security Tools for Mobile: Wifi Protector, WiFiGuard, and Wifi Inspector
            • Wi-Fi Pen Testing
              • Wireless Penetration Testing
              • Wireless Penetration Testing Framework
              • Wi-Fi Pen Testing Framework
              • Pen Testing LEAP Encrypted WLAN
              • Pen Testing WPA/WPA2 Encrypted WLAN
              • Pen Testing WEP Encrypted WLAN
              • Pen Testing Unencrypted WLAN

 

Hacking Mobile Platforms

  • Mobile Platform Attack Vectors
    • Vulnerable Areas in Mobile Business Environment
    • OWASP Mobile Top 10 Risks
    • Anatomy of a Mobile Attack
    • How a Hacker can Profit from Mobile when Successfully Compromised
    • Mobile Attack Vectors
    • Mobile Platform Vulnerabilities and Risks
    • Security Issues Arising from App Stores
    • App Sandboxing Issues
    • Mobile Spam
    • SMS Phishing Attack (SMiShing) (Targeted Attack Scan)
      • Why SMS Phishing is Effective?
      • SMS Phishing Attack Examples
    • Pairing Mobile Devices on Open Bluetooth and Wi-Fi Connections
  • Hacking Android OS
    • Android OS
    • Android OS Architecture
    • Android Device Administration API
    • Android Vulnerabilities
    • Android Rooting
      • Rooting Android Phones using SuperOneClick
      • Rooting Android Phones Using Superboot
      • Android Rooting Tools
    • Hacking Networks Using Network Spoofer
    • Session Hijacking Using DroidSheep
    • Android-based Sniffer
      • FaceNiff
      • Packet Sniffer, tPacketCapture, and Android PCAP
    • Android Trojan
      • ZitMo (ZeuS-in-the-Mobile)
      • FakeToken and TRAMP.A
      • Fakedefender and Obad
      • FakeInst and OpFake
      • AndroRAT and Dendroid
    • Securing Android Devices
    • Google Apps Device Policy
    • Remote Wipe Service: Remote Wipe
    • Android Security Tool
      • DroidSheep Guard
      • TrustGo Mobile Security and Sophos Mobile Security
      • 360 Security, AVL, and Avira Antivirus Security
    • Android Vulnerability Scanner: X-Ray
    • Android Device Tracking Tools
  • Hacking iOS
    • Apple iOS
    • Jailbreaking iOS
      • Types of Jailbreaking
      • Jailbreaking Techniques
      • App Platform for Jailbroaken Devices: Cydia
      • Jailbreaking Tool: Pangu
      • Untethered Jailbreaking of iOS 7.1.1/7.1.2 Using Pangu for Mac
      • Jailbreaking Tools
        • Redsn0w and Absinthe
        • evasi0n7 and GeekSn0w
        • Sn0wbreeze and PwnageTool
        • LimeRa1n and Blackra1n
      • Guidelines for Securing iOS Devices
      • iOS Device Tracking Tools
    • Hacking Windows Phone OS
      • Windows Phone 8 Architecture
      • Secure Boot Process
      • Guidelines for Securing Windows OS Devices
      • Windows OS Device Tracking Tool: FollowMee GPS Tracker
    • Hacking BlackBerry
      • BlackBerry Operating System
      • BlackBerry Enterprise Solution Architecture
      • Blackberry Attack Vectors
        • Malicious Code Signing
        • JAD File Exploits and Memory/ Processes Manipulations
        • Short Message Service (SMS) Exploits
        • Email Exploits
        • PIM Data Attacks and TCP/IP Connections Vulnerabilities
      • Guidelines for Securing BlackBerry Devices
      • BlackBerry Device Tracking Tools: MobileTracker and Position Logic Blackberry Tracker
      • Mobile Spyware: mSpy and StealthGenie
      • Mobile Spyware
    • Mobile Device Management (MDM)
      • MDM Solution: MaaS360 Mobile Device Management (MDM)
      • MDM Solutions
      • Bring Your Own Device (BYOD)
        • BYOD Risks
        • BYOD Policy Implementation
        • BYOD Security Guidelines for Administrator
        • BYOD Security Guidelines for Employee
      • Mobile Security Guidelines and Tools
        • General Guidelines for Mobile Platform Security
        • Mobile Device Security Guidelines for Administrator
        • SMS Phishing Countermeasures
        • Mobile Protection Tool
          • BullGuard Mobile Security
          • Lookout
          • WISeID
          • zIPS
        • Mobile Protection Tools
        • Mobile Anti-Spyware
      • Mobile Pen Testing
        • Android Phone Pen Testing
        • iPhone Pen Testing
        • Windows Phone Pen Testing
        • BlackBerry Pen Testing
        • Mobile Pen Testing Toolkit
          • zANTI
          • dSploit
          • Hackode (The Hacker’s Toolbox)

 

Evading IDS, Firewalls, and Honeypots

  • IDS, Firewall and Honeypot Concepts
    • Intrusion Detection Systems (IDS) and their Placement
      • How IDS Works?
      • Ways to Detect an Intrusion
      • General Indications of Intrusions
      • General Indications of System Intrusions
      • Types of Intrusion Detection Systems
      • System Integrity Verifiers (SIV)
    • Firewall
      • Firewall Architecture
      • DeMilitarized Zone (DMZ)
      • Types of Firewall
        • Packet Filtering Firewall
        • Circuit-Level Gateway Firewall
        • Application-Level Firewall
        • Stateful Multilayer Inspection Firewall
      • Honeypot
        • Types of Honeypots
      • IDS, Firewall and Honeypot System
        • Intrusion Detection Tool: Snort
        • Snort Rules
          • Rule Actions and IP Protocols
          • The Direction Operator and IP Addresses
          • Port Numbers
        • Intrusion Detection Systems: Tipping Point
        • Intrusion Detection Tools
        • Intrusion Detection Tools for Mobile
          • Firewall
          • ZoneAlarm PRO Firewall 2015
          • Comodo Firewall
        • Firewalls
        • Firewalls for Mobile: Android Firewall and Firewall iP
        • Firewalls for Mobile
        • Honeypot Tool: KFSensor and SPECTER
        • Honeypot Tools
        • Honeypot Tool for Mobile: HosTaGe
      • Evading IDS
        • Insertion Attack
        • Evasion
        • Denial-of-Service Attack (DoS)
        • Obfuscating
        • False Positive Generation
        • Session Splicing
        • Unicode Evasion Technique
        • Fragmentation Attack
          • Overlapping Fragments
        • Time-To-Live Attacks
        • Invalid RST Packets
        • Urgency Flag
        • Polymorphic Shellcode
        • ASCII Shellcode
        • Application-Layer Attacks
        • Desynchronization – Pre Connection SYN
        • Desynchronization – Post Connection SYN
        • Other Types of Evasion
      • Evading Firewalls
        • Firewall Identification
          • Port Scanning
          • Firewalking
          • Banner Grabbing
        • IP Address Spoofing
        • Source Routing
        • Tiny Fragments
        • Bypass Blocked Sites Using IP Address in Place of URL
        • Bypass Blocked Sites Using Anonymous Website Surfing Sites
        • Bypass a Firewall Using Proxy Server
        • Bypassing Firewall through ICMP Tunneling Method
        • Bypassing Firewall through ACK Tunneling Method
        • Bypassing Firewall through HTTP Tunneling Method
        • Why do I Need HTTP Tunneling
        • HTTP Tunneling Tools
          • HTTPort and HTTHost
          • Super Network Tunnel
          • HTTP-Tunnel
        • Bypassing Firewall through SSH Tunneling Method
        • SSH Tunneling Tool: Bitvise
        • Bypassing Firewall through External Systems
        • Bypassing Firewall through MITM Attack
        • Bypassing Firewall through Content
      • IDS/Firewall Evading Tools
        • IDS/Firewall Evasion Tool
          • Traffic IQ Professional
          • tcp-over-dns
        • IDS/Firewall Evasion Tools
        • Packet Fragment Generator: Colasoft Packet Builder
        • Packet Fragment Generators
      • Detecting Honeypots
        • Detecting Honeypots
        • Honeypot Detecting Tool: Send-Safe Honeypot Hunter
      • IDS/Firewall Evasion Counter-measures
        • Countermeasures
      • Penetration Testing
        • Firewall/IDS Penetration Testing
        • Firewall Penetration Testing
        • IDS Penetration Testing

 

Cloud Computing

  • Introduction to Cloud Computing
    • Types of Cloud Computing Services
    • Separation of Responsibilities in Cloud
    • Cloud Deployment Models
    • NIST Cloud Computing Reference Architecture
    • Cloud Computing Benefits
    • Understanding Virtualization
    • Benefits of Virtualization in Cloud
  • Cloud Computing Threats
  • Cloud Computing Attacks
    • Service Hijacking using Social Engineering Attacks
    • Service Hijacking using Network Sniffing
    • Session Hijacking using XSS Attack
    • Session Hijacking using  Session Riding
    • Domain Name System (DNS) Attacks
    • Side Channel Attacks or Cross-guest VM Breaches
      • Side Channel Attack Countermeasures
    • SQL Injection Attacks
    • Cryptanalysis Attacks
      • Cryptanalysis Attack Countermeasures
    • Wrapping Attack
    • Denial-of-Service (DoS) and Distributed Denial-of-Service (DDoS) Attacks
  • Cloud Security
    • Cloud Security Control Layers
    • Cloud Security is the Responsibility of both Cloud Provider and Consumer
    • Cloud Computing Security Considerations
    • Placement of Security Controls in the Cloud
    • Best Practices for Securing Cloud
    • NIST Recommendations for Cloud Security
    • Organization/Provider Cloud Security Compliance Checklist
  • Cloud Security Tools
    • Core CloudInspect
    • CloudPassage Halo
    • Cloud Security Tools
  • Cloud Penetration Testing
    • What is Cloud Pen Testing?
    • Key Considerations for Pen Testing in the Cloud
    • Scope of Cloud Pen Testing
    • Cloud Penetration Testing
    • Recommendations for Cloud Testing

 

 

Cryptography

  • Market Survey 2014: The Year of Encryption
  • Case Study: Heartbleed
  • Case Study: Poodlebleed
  • Cryptography Concepts
    • Cryptography
    • Types of Cryptography
    • Government Access to Keys (GAK)
  • Encryption Algorithms
    • Ciphers
    • Data Encryption Standard (DES)
    • Advanced Encryption Standard (AES)
    • RC4, RC5, RC6 Algorithms
    • The DSA and Related Signature Schemes
    • RSA (Rivest Shamir Adleman)
      • The RSA Signature Scheme
      • Example of RSA Algorithm
    • Message Digest (One-way Hash) Functions
      • Message Digest Function: MD5
    • Secure Hashing Algorithm (SHA)
    • What is SSH (Secure Shell)?
  • Cryptography Tools
    • MD5 Hash Calculators: HashCalc, MD5 Calculator and HashMyFiles
    • Hash Calculators for Mobile: MD5 Hash Calculator, Hash Droid, and Hash Calculator
    • Cryptography Tool
      • Advanced Encryption Package 2014
      • BCTextEncoder
    • Cryptography Tools
    • Cryptography Tools for Mobile: Secret Space Encryptor, CryptoSymm, and Cipher Sender
  • Public Key Infrastructure(PKI)
    • Certification Authorities
    • Signed Certificate (CA) Vs. Self Signed Certificate
  • Email Encryption
    • Digital Signature
    • SSL (Secure Sockets Layer)
    • Transport Layer Security (TLS)
    • Cryptography Toolkit
      • OpenSSL
      • Keyczar
    • Pretty Good Privacy (PGP)
  • Disk Encryption
    • Disk Encryption Tools: Symantec Drive Encryption and GiliSoft Full Disk Encryption
    • Disk Encryption Tools
  • Cryptography Attacks
    • Code Breaking Methodologies
    • Brute-Force Attack
    • Meet-in-the-Middle Attack on Digital Signature Schemes
    • Side Channel Attack
      • Side Channel Attack – Scenario
    • Cryptanalysis Tools
      • Cryptanalysis Tool: CrypTool
      • Cryptanalysis Tools
      • Online MD5 Decryption Tool

Call us to today to attend CEH Training:  08034121380

https://www.soutechventures.com/courses/