CHAPTER
1: ESSENTIAL TERMINOLOGY
GOOD
TO KNOW
SECURITY
ELEMENTS OF SECURITY
THREAT
ATTACK
VULNERABILITY
EXPLOIT
HACKER
CRACKER
SCRIPT KIDDY
ETHICAL HACKERS
HACKER CLASSES
HACKING LIFE CYCLE
CHAPTER 2: RECONNAISSANCE
PASSIVE RECONNAISSANCE
NEWS GROUPS AND FORUMS
VACANCY ADVERTISEMENT & JOB SEARCH WEB SITES
VULNERABILITY DATABASES
VULNERABILITY
RESEARCH WEB SITES
HOW TO USE THE
SECURITYFOCUS.COM VULNERABILITY DATABASE?
PEOPLE SEARCH WEB SITES
COMPETITIVE
INTELLIGENCE
COMPANY WEB SITE & INTERNAL URLS
HTTRACK WEB SITE COPIER
WEB DATA EXTRACTOR
WEB SITE WATCHER
SAM SPADE
PHYSICAL
LOCATION
DOMAIN NAME SERVICE AND RECORDS
ACTIVE RECONNAISSANCE
TRACE DATA PACKETS &
DISCOVER NETWORK RANGE
NEOTRACE
CHAPTER 3: GOOGLE HACKING
WHAT
IS GOOGLE HACKING?
BEYOND VULNERABILITY
GOOGLE PROXY
GOOGLE CACHE
DIRECTORY LISTINGS
SPECIFIC
DIRECTORY
SPECIFIC FILE
ERROR PAGES
DEFAULT
PAGES
LOGIN PAGES
LOCATING CGI-BIN
ONLINE
DEVICES
GOOGLE HACKING DATABASE
CHAPTER 4: SCANNING
SCANNING TYPES
NETWORK SCANNING
ANGRY IP
SCANNER
LOOK@LAN
PORT SCANNING
PORT SCANNING TYPES
CONNECT SCAN ®.
SYN STEALTH SCAN / HALF OPEN
SCAN
FIN SCAN
ACK SCAN
WINDOW SCAN
XMAS
TREE SCAN
NULL SCAN
IDLE SCAN
UDP SCAN
FTP
SCAN
FRAGMENTED PACKET PORT SCAN
NETWORK MAPPER SECURITY SCANNER (NMAP)
SUPERSCAN 4
ADVANCED PORT SCANNER
LANVIEW
OPERATING SYSTEM FINGERPRINTING
ACTIVE STACK
FINGERPRINTING
PASSIVE FINGERPRINTING
ACTIVE
FINGERPRINTING BY TELNET
HTTPRINT
FINGERPRINTING
VULNERABILITY SCANNERS
NESSUS VULNERABILITY SCANNER
CORE IMPACT
PROFESSIONAL
SHADOW SECURITY SCANNER
CHAPTER 5: ENUMERATION
MICROSOFT WINDOWS OPERATING SYSTEM ENUMERATION
USING MICROSOFT OS UTILITIES FOR ENUMERATION
SUPPERSCAN 4
SNMP ENUMERATION
SMTP
ENUMERATION
LDAP ENUMERATION
LDAPENUM
DNS ENUMERATION
CHAPTER 6: PASSWORD CRACKING
PASSWORD TYPES
PASSWORD CRACKING TECHNIQUES
BRUTUS TOOL
RAINBOW CRACK
L0PHTCRACK
SALTED OR NOT SALTED
ELCOMSOFT
DISTRIBUTED PASSWORD RECOVERY TOOL
PASSWORD
CRACKING COUNTERMEASURES
CHAPTER 7: WINDOWS HACKING
NT
LAN MANAGER (NTLM)
NTLM V1
NTLM V2
LAN MANAGER
LAN
MANAGER ALGORITHM
KERBEROS
SYSKEY
WINDOWS HACKING TOOLS
PWDUMP
JOHN THE RIPPER
KERBCRACK
OPHCRACK
ASTERISK KEY
SECURE 1 PASSWORD RECOVERY
COUNTERMEASURES FOR MICROSOFT® WINDOWS
HACKING BY PASSWORD CRACKING
PRIVILEGE
ESCALATION
CHAPTER 8: MALWARE
KEYLOGGER
THE PERFECT KEYLOGGER
E-MAIL
KEYLOGGER
FTP KEYLOGGER
SC-KEYLOG PRO
SPYTECTOR
KEYLOGGER
COUNTERMEASURES
TROJAN
TINY TROJAN
ICMD
TROJAN
NETBUS TROJAN
TROJAN
COUNTERMEASURES
SPYWARES
HTTP COOKIES
COOLWEBSEARCH
ACTUAL SPY SPYWARE
007 SPY SOFTWARE
STEALTH RECORDER
TELEPHONE SPY
PRINT MONITOR
ADVANCED STEALTH EMAIL
REDIRECTOR
SPYWARE COUNTERMEASURES
ROOTKITS
ROOTKIT COUNTERMEASURES
COMPUTER
VIRUS
COMMON COMPUTER VIRUS TYPES
COMPUTER
WORMS
COMMON COMPUTER WORM TYPES
COMPUTER
WORMS COUNTERMEASURES
MALWARE INFECTIONS
MALWARE DETECTION
TCPVIEW
RUNNING
PROCESSES
PROCESSMONITOR
STARTUP ITEMS
SYSTEM DRIVERS
CHAPTER 9: DATA PACKET SNIFFERS
PROMISCUOUS MODE
PROMISCUOUS MODE DETECTION
PACKET SNIFFING TYPES
ARP SPOOFING
MAC
FLOODING
MAC ADDRESS DUPLICATION
WIRESHARK
TCPDUMP
MAC MAKEUP
CHAPTER 10: WEB SERVER & WEB APPLICATION HACKING
WEB SITE DEFACEMENT
IIS VULNERABILITIES
DEFAULT INSTALLATION OF OPERATING SYSTEM AND
APPLICATIONS
ACCOUNTS WITH WEAK OR
NONEXISTENT PASSWORDS
LARGE NUMBER OF OPEN
PORTS
WINDOWS LICENSE LOGGING SERVICE
OVERFLOW
IISXPLOIT.EXE
SEVER HACKING
COUNTERMEASURE
SERVERMASK
CACHERIGHT
LINKDENY
METASPLOIT
CROSS SITE SCRIPTING
(XSS)
XSS COUNTERMEASURE
ERROR MESSAGE
INTERCEPTION
INSTANT SOURCE
BLACKWIDOW
BURP
CURL
CHAPTER 11: DENIAL OF SERVICE (DOS)
PING
OF DEATH
TEARDROP ATTACK
SYN FLOODING
LAND ATTACK
SMURF ATTACK
FRAGGLE ATTACK
SNORK ATTACK
OOB ATTACK
MAIL BOMB ATTACK
DISTRIBUTED DENIAL OF SERVICE (DDOS) ATTACK
TARGA HACKING TOOL
NEMESY
PANTHER 2
CHAPTER 12: WIRELESS NETWORK HACKING
WARDRIVING
WARCHALKING
NETSTUMBLER
WIFI HOPPER
KISMET
BEFORE ATTACK TO WIRED EQUIVALENT PRIVACY (WEP)
BEFORE ATTACK TO WI-FI PROTECTED ACCESS (WPA
AND WPA2)
STEPS TO PERFORM AN ATTACK TO WEP &
WPA
MAC FILTERING
ROUGE ACCESS POINT
KARMA
REFERENCES
INDEX