Ethical Hacking Essentials Labs

Ethical Hacking Lab Content

• Scanning Options

  Students will leverage Nmap, a network discovery and mapping tool, to identify the systems on a network of responsibility. Students will utilize non-traditional scans to attempt avoiding an Intrusion Detection System (IDS).

   

• Analyze Browser-Based Heap Spray Attack

  Students will identify a browser-based attack used against a corporate asset using a network protocol analyzer. Students will determine the type of attack used and pinpoint exploit code in network traffic.

   

• Analyze SQL Injection Attack

  Students will Identify the use of an SQL Injection through the use of Wireshark. The students will also isolate the different aspects of the SQL Injection and execute the selected code.

   

• Analyze Various Data Sources to Confirm Suspected Infection

  Students will review network traffic to confirm the presence of malicious activity using various tools including Wireshark and VirusTotal.com.

   

• Automated Vulnerability Assessments

  Students will use Core Impact to conduct an automated vulnerability scan of specific systems in order to identify potential threat vectors.

   

• Core Impact Vulnerability Scan

  This exercise will introduce students to the advanced settings within the Core Impact. Students will modify scan settings to perform different types of scans and to learn about the different functionalities Core Impact provides. Students will then compare the results of a Core Impact scan to the results of a port scan against the same target and discuss the differences and similarities between the two tools. Lastly, students will use the reporting feature to generate Core Impact reports.

   

• Core Impact Web Application Penetration Testing

  This lab introduces students to the web application penetration testing suite within the Core Impact application.

   

• Creating a Baseline Using the Windows Forensic Toolchest (WFT)

  Students will run Windows Forensic Toolchest against an existing system to create a baseline that will be used for future analysis.

   

• Creating a List of Installed Programs, Services and User Accounts from a WIN2K12 Server

  Students will create a list of installed programs, services, and accounts in a Windows 2012 server environment using various tools and methods.

• Creating Recommendations Based on Vulnerability Assessments

  Students will use nmap and OpenVAS / Greenbone Vulnerability Scanner to confirm old vulnerable systems and discover new ones. They will perform a risk analysis of the findings and determine steps to be taken to mitigate the issues discovered. Finally, armed with a previously completed audit report as an example, they will fill out the necessary audit documentation to provide details on their findings and any suggested mitigations.

• Cybersecurity Testing with Core Impact

  Students will use Core Impact to enumerate a LAN and determine any vulnerable virtual machines through the use of a vulnerability scan. Based on the results of the vulnerability scan, students continue to use Core Impact to conduct a penetration test against a previously identified vulnerable machine. Finally, students use the reporting mechanism built into Core Impact to create a host-based assessment outlining the entire vulnerability/penetration test process with a focus on possible remediation actions.

• DNS as a Remote Shell

  This lab exercise is designed to allow the trainee to become familiar with recognizing remote shells that operate using well known ports such as DNS.

• Identifying System Vulnerabilities with OpenVAS

  Students will scan a system in OpenVAS (Open Vulnerability Assessment) to discover and identify systems on the network that have vulnerabilities.

• Manual Vulnerability Assessments

  Students will learn how to conduct manual scanning against systems using command line tools such as Netcat then they will login to a discovered system and enable object access verify that auditing to the object is enabled.

• Network Discovery

  The Network Discovery lab is designed to help students facilitate open source collection by teaching them how to use more intimate network discovery techniques.

• Open Source Collection

  The Open Source Collection lab is designed to familiarize students with the advanced functionality of Google, default webpages used for web-servers, and the specifics of Google Hacking database. This allows the students to understand how open source information can be used for exploitation purposes.

• Open Source Password Cracking

  Students will use John the Ripper and Cain and Abel to crack password protected files.

• Preliminary Scanning

  Students will utilize Nmap, a network discovery and mapping tool, to identify the systems on a network of responsibility. Using the tool, students will identify other devices on the laboratory network, to include computers and network infrastructure devices, such as routers.

• Scanning from Windows

  Students will leverage Scalnline, a windows network discovery and mapping tool, to identify the systems on a network of responsibility. Students will utilize non-traditional scans to attempt avoiding an Intrusion Detection System (IDS).

• Vulnerability Scan Analysis

  Students will run a Core Impact or Nessus Scan and identify vulnerabilities. Students will then view the report and prioritize vulnerabilities according to risk.

• Vulnerability Scanner Set-up and Configuration

  Students will setup and configure Core Impact in preparation of a vulnerability scan against an internal network.

• Vulnerability Scanner Set-up and Configuration, Pt. 2

  Students will utilize OpenVAS to identify hosts on a network and assess their vulnerabilities.