EHCS-Main-Cover-iLearn

Ethical Hacking Core Skills | EHCS

Ethical Hacking Core Skills (EHCS)

In this course you will learn the core skills to build a solid security foundation. You will examine in detail the traffic that traverses the network at the packet and binary level. You will build a solid knowledge of the lowest layers of the network. In the course, you will conduct extensive hands-on exercises. You will learn to master the TCP/IP protocol. You will learn essential UNIX and Linux survival skills that separate you from the many security professionals who are Windows centric..

Additionally, you will be introduced to vulnerability assessment and the hacking methodology. When you finish this course you will have a solid security foundation to pursue more advanced security training. For many, when you take a class like the Certified Ethical Hacker (CEH) you have not established the foundation that is needed to get the most from the course, this is where ethical hacking core skills come in, it is the bridge between a beginning level security course and CEH; furthermore, it focuses on the main concepts required to build a foundation in security.

 Road Map To Certification

EHCS-LPT-Master-Cert-Track

Course Objectives

Students who successfully complete this class will be able to:

  • Explain the foundations of security to include in-depth knowledge of the TCP/IP protocol
  • Analyze packets for irregularities
  • Detect signs of crafted packets
  • Perform advanced protocol analysis techniques
  • Conduct low-level protocol analysis
  • Display functional skills in Unix and Linux
  • Deply virtualization and build your own virtual labs
  • Identify the steps of vulnerability assessment and the hacking methodology

Who is it For?

In this course you will learn the core skills to build a solid security foundation. You will examine in detail the traffic that traverses the network at the packet and binary level. You will build solid knowledge on the lowest layers of the network. In the course, you will conduct extensive hands-on exercises. You will learn to master the TCP/IP protocol. You will learn essential UNIX and Linux survival skills that separate you from the many security professionals who are Windows centric.

Additionally, you will be introduced to vulnerability assessment and the hacking methodology. When you finish this course you will have a solid security foundation to pursue more advanced security training. For many, when you take a class like the Certified Ethical Hacker (CEH) you have not established the foundation that is needed to get the most from the course, this is where the Core Concepts course comes in, it is the bridge between a beginning level security course and CEH; furthermore, it focuses on the main concepts required to build a foundation in security.

Course Outline

Module 1Module 2Module 3Module 4Module 5Module 6Module 7Module 8

Introduction To Required Skills For Security

  • TCP/IP
  • Unix/linux
  • Introduction to the hacking process
  • Virtualization

LAB: Security Skills Introduction

Security Model

  • Authentication
  • Confidentiality
  • Integrity
  • Availability
  • Authorization

LAB: Security Model

Security Posture

  • Promiscuous
  • Paranoid
  • Permissive
  • Prudent

Security Posture

  • Identifying services and allowing them

Risk Management

  • Defining types of risk
  • Types of risk


Introduction & Overview

  • Introducing TCP/IP networks
  • What TCP/IP Networks
  • What TCP/IP provides: Key application services & multivendor capabilities TCP/IP & the internet
  • Internet RFC’s & STDs
  • TCP/IP Protocol architecture
  • Protocol layering concepts
  • TCP/IP layering
  • Components of TCP/IP networks
  • Network protocols (IP, TCP, UDP, ICMP)

LAB: TCP/IP

Transport protocols

  • Packet headers

Encapsulation

LAB: The Layers

Analyzing Network Traffic

  • Examining the data at the packet level
  • Control flags of TCP

Identifying the characteristics of network connections

LAB: Analyzing Packets

Advanced Protocol Analysis

Using Protocol Analyzers

  • tcpdump
  • dsniff
  • Wireshark
  • Etherape
  • Ettercap

LAB: Protocol Analysis I

Wireshark

  • Leveraging the filter capabilities
  • Working within the GUI
  • Low level analysis
  • Following session communication
  • Customizing the interface
  • Using the statistics features within the tool
  • Text-based Wireshark
  • Packet decomposition

LAB: Protocol Analysis II

Tcpreplay

  • Using traffic replay for training & advanced analysis

Customizing & crafting packets

  • Command line tools
  • GUI based tools

LAB: Protocol Analysis III

Advanced features of Wireshark

  • Filters
  • Sessions
  • Graphs
  • Endpoints
  • Statistics
  • Custom

LAB: Advanced Wireshark

  • Colasoft
  • Hping

LAB: Crafting Packets

UNIX/Linux

  • Interacting with UNIX
  • Graphical user interfaces
  • The Common Desktop Environment (CDE)
  • GNOME, Java Desktop System, others
  • The command line interface
  • Entering commands to the shell
  • Browsing online documentation
  • Displaying man pages
  • Managing Files
  • Essential file housekeeping tools
  • Copying: cp
  • Renaming: mv
  • Removing: rm
  • Linking: ln
  • Editing: vi
  • Printing: lp, lpr

Root

  • Ways to assume root

Lab: UNIX I

Working with the processes & jobs

  • ps
  • jobs
  • kill

Disk Commands

  • Mount
  • Unmount
  • df
  • du

Working with files

  • gunzip
  • zcat
  • tar

Searching files & directories

  • find
  • grep
  • strings

Compiling programs

Password storage

Networking

Address resolution

Editors

Lab: UNIX II

Introducing Linux

  • The UNIX heritage
  • Linux inception
  • Linux kernel & GNU tools
  • Open source licensing
  • Distributions
  • Accessing the system
  • The GNOME desktop
  • Customizing panels, launchers & applets
  • Examining graphical applications
  • Personalizing the terminal window
  • Starting at the command line

LAB: Linux

Overview of Virtual Machines

  • Defining virtual machines (servers & workstations)
  • Advantages of deploying VMs
  • Creating a Virtual Machine from a System Image or Another Virtual Machine
  • Conversion Process for Importing from Other Formats
  • VMware Converter Compared to the Conversion Wizard
  • Supported Source machines
  • Operating System Compatibility
  • Importing from Various Sources

Transferring Files & Text Between the Host & Guest

  • Using drag-and-drop
  • Enable or disable drag-and-drop
  • Using copy & paste
  • Enable or disable copy & paste
  • Using shared folders
  • Set up shared folders
  • Enabling and disabling shared folders
  • Viewing a shared folder

Preserving the State of a Virtual Machine

  • Using the suspend & resume features
  • Use hard suspend or soft suspend
  • Suspend or resume a virtual machine
  • Using snapshots
  • Scenarios for using multiple snapshots
  • Information captured by snapshots
  • Snapshot conflicts
  • Enable or disable background snapshots exclude a virtual disk from snapshots 193
  • Snapshot manager overview
  • Take a snapshot
  • Rename a snapshot or recording
  • Restore an earlier state from a snapshot
  • Delete a snapshot or a recording
  • Take or revert to a snapshot at power off

Configuring a Virtual Network

  • Components of the virtual network
  • Virtual switch
  • DHCP server
  • Netwrok adaptor
  • Common networking configurations

Building complex virtual architectures to emulate enterprise architectures

Introduction to Vulnerability Assessment

  • Defining vulnerability
  • Vulnerability scanners
  • Challenge of vulnerability assessment
  • Penetration testing defined
  • Enumeration

Introduction to the Hacking Process

Hacking Methodology

  • Surveillance
  • Foot printing
  • Scanning
  • Vulnerability assessment
  • Exploitation
  • Covering tracks
  • Evasion

Challenges of Staying Current

  • Books
  • Mailing lists
  • Videos
  • Professional organizations

Add the Mobile Security Tool Kit to Your Training

For the past several years we have offered our training on a mobile device so that you can take your training with you and eliminate the need to stream the videos. This device is the next generation mobile device. This is a fully loaded pen test tool kit comes equipped with a custom Linux Hacking OS and, wait for it… we can load your course (or 2) onto the device. In the sage words of Ray Bradbury, “Something Wicked This Way Comes.”

Terms of Use

Getting Started

Terms of Use

Note: The STORM mobile security tool kit contains the STORM Linux (a Raspbian based, customized distro of Linux) including all of the associated security tools. These tools are very powerful and all proper precautions should be adhered to at all times.

Always remember that the difference between illegal and ethical hacking comes down to one word; permission. It is illegal to utilize these or any other pen testing tools on a network or website without permission.

As stated in the terms and conditions, EC-Council is not responsible for illegal use of these tools and you accept the full liability for its usage. The entire code of ethics can be found here.

Specs

  • Broadcom BCM2837B0, Cortex-A53 (ARMv8) 64-bit SoC @ 1.4GHz Mobile System with Case
  • 1GB LPDDR2 SDRAM
  • 7 inch Touch Screen Display
  • 2.4GHz and 5GHz IEEE 802.11.b/g/n/ac wireless LAN, Bluetooth 4.2, BLE
  • Gigabit Ethernet over USB 2.0 (maximum throughput 300 Mbps)
  • Extended 40-pin GPIO header
  • Full-size HDMI
  • 4 USB 2.0 ports
  • CSI camera port for connecting a Raspberry Pi camera

  • DSI display port for connecting a Raspberry Pi touchscreen display
  • 4-pole stereo output and composite video port
  • Micro SD port for loading your operating system and storing data, with Hacker StormOS, Raspbian-based OS included.
  • 5V/2.5A DC power input
  • USB 2.0 A to B Micro Power Cable. [The Storm can be powered from a 5V micro-USB source, Power Supply not included with base package.]
  • Power-over-Ethernet (PoE) support (requires separate PoE HAT)
  • Rollup Water Resistant Keyboard
  • Field Case Organizer for all your gear

Introducing the STORM!

Hack like the Pros

Take Your Hacking by STORM!

Still have questions?

1-888-330-HACK Mon – Fri / 8:00 AM – 5:00 PM