Hacking and security
- Forms of attacks, procedures, actors, challenges.
- Audits and intrusion tests, place in an ISMS.
Sniffing, interception, analysis, network injection
- Anatomy of a packet, tcpdump, Wireshark, tshark.
- Hijacking and intercepting communications (Man-in-the-Middle, VLAN attacks, honeypots).
- Packets: Sniffing, reading/analyzing from a pcap, extracting useful data, graphical representations.
- Scapy: Architecture, capacities, use.
Hands-on work
Listening to the network with sniffers. Creating a mini packet interceptor in C. Using scapy (command line, Python script): injections, interception, pcap reading, scanning, DoS, MitM.
Recognition, scanning, and enumeration
- Intelligence gathering, hot reading, operating the darknet, social engineering.
- Recognizing services, systems, topology, and architectures.
- Types of scans, filtering detection, firewalking, fuzzing.
- Camouflage using spoofing and bouncing, identifying paths with traceroute, source routing.
- Evading IDS and IPS: Fragmentations, covert channels.
- Nmap: Scanning and exporting results, options.
- Other scanners: Nessus, OpenVAS.
Hands-on work
Using the tool nmap, writing an NSE script in LUA. Filtering detection.
Web attacks
- OWASP: Organization, chapters, Top 10, manuals, tools.
- Discovering infrastructure and the corresponding technologies, strengths and weaknesses.
- Client-side: Clickjacking, CSRF, stealing cookies, XSS, components (flash, java). New vectors.
- Server-side: Authentication, session theft, injections (SQL, LDAP, files, commands).
- Including local and remote files, cryptographic attacks and vectors.
- Evading and bypassing protections: Example techniques for bypassing WAF.
- Burp Suite tools, ZAP, Sqlmap, BeEF
Hands-on work
Implementing different Web attacks under actual conditions, both server-side and client-side.
Application and post-operation attacks
- Microsoft authentication attack, PassTheHash.
- From C to the machine code assembler. Shellcodes.
- Encoding shellcodes, deleting null bytes
- Rootkits. Using processes: Buffer Overflow, ROP, Dangling Pointers.
- Protections and bypassing: Flag GS, ASLR, PIE, RELRO, Safe SEH, DEP. Shellcodes with hardcoded addresses/LSD.
- Metasploit: Architecture, features, interfaces, workspaces, writing exploits, generating Shellcodes.
Hands-on work
Metasploit: Operating and using the database. Msfvenom: Generating Shellcodes, file trapping. Buffer overflow in Windows or Linux, exploit with shellcode Meterpreter.