Ethical Hacking Core Skills (EHCS)

In this course you will learn the core skills to build a solid security foundation. You will examine in detail the traffic that traverses the network at the packet and binary level. You will build a solid knowledge of the lowest layers of the network. In the course, you will conduct extensive hands-on exercises. You will learn to master the TCP/IP protocol. You will learn essential UNIX and Linux survival skills that separate you from the many security professionals who are Windows centric..

Additionally, you will be introduced to vulnerability assessment and the hacking methodology. When you finish this course you will have a solid security foundation to pursue more advanced security training. For many, when you take a class like the Certified Ethical Hacker (CEH) you have not established the foundation that is needed to get the most from the course, this is where ethical hacking core skills come in, it is the bridge between a beginning level security course and CEH; furthermore, it focuses on the main concepts required to build a foundation in security.

Road Map To Certification

Course Objectives

Students who successfully complete this class will be able to:

Explain the foundations of security to include in-depth knowledge of the TCP/IP protocol
Analyze packets for irregularities
Detect signs of crafted packets
Perform advanced protocol analysis techniques
Conduct low-level protocol analysis
Display functional skills in Unix and Linux
Deply virtualization and build your own virtual labs
Identify the steps of vulnerability assessment and the hacking methodology

Who is it For?

In this course you will learn the core skills to build a solid security foundation. You will examine in detail the traffic that traverses the network at the packet and binary level. You will build solid knowledge on the lowest layers of the network. In the course, you will conduct extensive hands-on exercises. You will learn to master the TCP/IP protocol. You will learn essential UNIX and Linux survival skills that separate you from the many security professionals who are Windows centric.

Additionally, you will be introduced to vulnerability assessment and the hacking methodology. When you finish this course you will have a solid security foundation to pursue more advanced security training. For many, when you take a class like the Certified Ethical Hacker (CEH) you have not established the foundation that is needed to get the most from the course, this is where the Core Concepts course comes in, it is the bridge between a beginning level security course and CEH; furthermore, it focuses on the main concepts required to build a foundation in security.

Course Outline

Module 1Module 2Module 3Module 4Module 5Module 6Module 7Module 8

Introduction To Required Skills For Security

TCP/IP
Unix/linux
Introduction to the hacking process
Virtualization

LAB: Security Skills Introduction

Security Model

Authentication
Confidentiality
Integrity
Availability
Authorization

LAB: Security Model

Security Posture

Promiscuous
Paranoid
Permissive
Prudent

Security Posture

Identifying services and allowing them

Risk Management

Defining types of risk
Types of risk

Introduction & Overview

Introducing TCP/IP networks
What TCP/IP Networks
What TCP/IP provides: Key application services & multivendor capabilities TCP/IP & the internet
Internet RFC’s & STDs
TCP/IP Protocol architecture
Protocol layering concepts
TCP/IP layering
Components of TCP/IP networks
Network protocols (IP, TCP, UDP, ICMP)

LAB: TCP/IP

Transport protocols

Packet headers

Encapsulation

LAB: The Layers

Analyzing Network Traffic

Examining the data at the packet level
Control flags of TCP

Identifying the characteristics of network connections

LAB: Analyzing Packets

Advanced Protocol Analysis

Using Protocol Analyzers

tcpdump
dsniff
Wireshark
Etherape
Ettercap

LAB: Protocol Analysis I

Wireshark

Leveraging the filter capabilities
Working within the GUI
Low level analysis
Following session communication
Customizing the interface
Using the statistics features within the tool
Text-based Wireshark
Packet decomposition

LAB: Protocol Analysis II

Tcpreplay

Using traffic replay for training & advanced analysis

Customizing & crafting packets

Command line tools
GUI based tools

LAB: Protocol Analysis III

Advanced features of Wireshark

Filters
Sessions
Graphs
Endpoints
Statistics
Custom

LAB: Advanced Wireshark

Colasoft
Hping

LAB: Crafting Packets

UNIX/Linux

Interacting with UNIX
Graphical user interfaces
The Common Desktop Environment (CDE)
GNOME, Java Desktop System, others
The command line interface
Entering commands to the shell
Browsing online documentation
Displaying man pages
Managing Files
Essential file housekeeping tools
Copying: cp
Renaming: mv
Removing: rm
Linking: ln
Editing: vi
Printing: lp, lpr

Root

Ways to assume root

Lab: UNIX I

Working with the processes & jobs

ps
jobs
kill

Disk Commands

Mount
Unmount
df
du

Working with files

gunzip
zcat
tar

Searching files & directories

find
grep
strings

Compiling programs

Password storage

Networking

Address resolution

Editors

Lab: UNIX II

Introducing Linux

The UNIX heritage
Linux inception
Linux kernel & GNU tools
Open source licensing
Distributions
Accessing the system
The GNOME desktop
Customizing panels, launchers & applets
Examining graphical applications
Personalizing the terminal window
Starting at the command line

LAB: Linux

Overview of Virtual Machines

Defining virtual machines (servers & workstations)
Advantages of deploying VMs
Creating a Virtual Machine from a System Image or Another Virtual Machine
Conversion Process for Importing from Other Formats
VMware Converter Compared to the Conversion Wizard
Supported Source machines
Operating System Compatibility
Importing from Various Sources

Transferring Files & Text Between the Host & Guest

Using drag-and-drop
Enable or disable drag-and-drop
Using copy & paste
Enable or disable copy & paste
Using shared folders
Set up shared folders
Enabling and disabling shared folders
Viewing a shared folder

Preserving the State of a Virtual Machine

Using the suspend & resume features
Use hard suspend or soft suspend
Suspend or resume a virtual machine
Using snapshots
Scenarios for using multiple snapshots
Information captured by snapshots
Snapshot conflicts
Enable or disable background snapshots exclude a virtual disk from snapshots 193
Snapshot manager overview
Take a snapshot
Rename a snapshot or recording
Restore an earlier state from a snapshot
Delete a snapshot or a recording
Take or revert to a snapshot at power off

Configuring a Virtual Network

Components of the virtual network
Virtual switch
DHCP server
Netwrok adaptor
Common networking configurations

Building complex virtual architectures to emulate enterprise architectures

Introduction to Vulnerability Assessment

Defining vulnerability
Vulnerability scanners
Challenge of vulnerability assessment
Penetration testing defined
Enumeration

Introduction to the Hacking Process

Hacking Methodology

Surveillance
Foot printing
Scanning
Vulnerability assessment
Exploitation
Covering tracks
Evasion

Challenges of Staying Current

Books
Mailing lists
Videos
Professional organizations

Choose A Training Option

Self-Paced

In-Person

Online Live

Train Your Team

Self-Study, Courseware

Academic Credits

Mobile Security Tool Kit
From: $749.00 Select options

Add the Mobile Security Tool Kit to Your Training

For the past several years we have offered our training on a mobile device so that you can take your training with you and eliminate the need to stream the videos. This device is the next generation mobile device. This is a fully loaded pen test tool kit comes equipped with a custom Linux Hacking OS and, wait for it… we can load your course (or 2) onto the device. In the sage words of Ray Bradbury, “Something Wicked This Way Comes.”

Getting Started

Terms of Use

Note: The STORM mobile security tool kit contains the STORM Linux (a Raspbian based, customized distro of Linux) including all of the associated security tools. These tools are very powerful and all proper precautions should be adhered to at all times.

Always remember that the difference between illegal and ethical hacking comes down to one word; permission. It is illegal to utilize these or any other pen testing tools on a network or website without permission.

As stated in the terms and conditions, EC-Council is not responsible for illegal use of these tools and you accept the full liability for its usage. The entire code of ethics can be found here.

Specs

Broadcom BCM2837B0, Cortex-A53 (ARMv8) 64-bit SoC @ 1.4GHz Mobile System with Case
1GB LPDDR2 SDRAM
7 inch Touch Screen Display
2.4GHz and 5GHz IEEE 802.11.b/g/n/ac wireless LAN, Bluetooth 4.2, BLE
Gigabit Ethernet over USB 2.0 (maximum throughput 300 Mbps)
Extended 40-pin GPIO header
Full-size HDMI
4 USB 2.0 ports
CSI camera port for connecting a Raspberry Pi camera

DSI display port for connecting a Raspberry Pi touchscreen display
4-pole stereo output and composite video port
Micro SD port for loading your operating system and storing data, with Hacker StormOS, Raspbian-based OS included.
5V/2.5A DC power input
USB 2.0 A to B Micro Power Cable. [The Storm can be powered from a 5V micro-USB source, Power Supply not included with base package.]
Power-over-Ethernet (PoE) support (requires separate PoE HAT)
Rollup Water Resistant Keyboard
Field Case Organizer for all your gear

Introducing the STORM!

Hack like the Pros

Take Your Hacking by STORM!

Still have questions?

1-888-330-HACK Mon – Fri / 8:00 AM – 5:00 PM

Email Us