Oreilly - Certified Ethical Hacker (CEH): Platform Penetration
by Chad Russell | Publisher: O'Reilly Media, Inc. | Release Date: December 2017 | ISBN: 9781492032168
This is part three of a four-part series designed to help you prepare for the International Council of E-Commerce Consultant's Certified Ethical Hacker (CEH) exam. It teaches you how to exploit operating systems, applications, networks, databases, and mobile devices. You'll come away with the knowledge you need to master the CEH exam objectives related to system hacking, denial of service, hacking Web apps, SQL injection, and cross site scripting.Course participants should have a basic understanding of TCP/IP and Ethernet networking, plus core familiarity with the Windows and Linux operating systems.Learn how to craft the exploits used by ethical hackers to perform real world pen testsDiscover how to build and deliver exploit payloads using techniques like buffer overflowsUnderstand the methods for conducting SQL Injection based exploitsExplore attack techniques like fuzzing and know how to ethically hack mobile devices Chad Russell (CISSP, CCNP, MCSE) has been in the cyber security industry for over 15 years, working for companies such as Oracle, Microsoft, and SAP. He conducts security risk assessments for customers throughout North America, teaches cyber security at Vatterott College, holds a Bachelor of Computer Science degree from Excelsior College, and is the author of O'Reilly Media's Certifed Ethical Hacking series.
- Introduction
- Welcome to the Course 00:00:49
- About the Author 00:00:32
- System Hacking
- Introduction to System Hacking 00:05:47
- Password Cracking 00:05:35
- Escalating Privileges 00:05:04
- Spyware 00:05:38
- Denial of Service
- DDoS 00:06:29
- DDoS Countermeasures 00:04:02
- Hacking Webservers
- Web Server Attacks 00:08:10
- Web Server Attack Methodologies 00:04:46
- Countermeasures 00:09:25
- Patch Management 00:04:12
- Ethically Hacking Web Applications
- Web Threats 00:02:41
- Forgery, Buffer Overflows, and Cookies 00:04:21
- Web App Hacking Methodology 00:05:41
- Web App Hacking Tools 00:03:29
- Hacking Web Services 00:07:45
- Countermeasures 00:07:00
- Web App Pen Testing 00:05:12
- SQL Injection
- SQL Injection Concepts 00:05:49
- Bad SQL and SQL Injection 00:04:00
- Types of SQL Injection 00:06:22
- SQL Injection Methodology 00:02:48
- Advanced SQL Injection 00:05:06
- SQL Injection Tools and Countermeasures 00:01:55
- Conclusion
- Course Wrap Up and Next Steps 00:01:27