Ethical Hacking


ABOUT

SLOT 1:
Date: 30th-31st December 2017
Venue: LA301
Reporting Time: 8am
Time: 9am-5pm

SLOT 2:
Date: 30th-31st December 2017
Venue: LH301
Reporting Time: 8am
Time: 9am-5pm

Penetration tests are employed by organizations that hire certified ethical hackers to penetrate networks and computer systems with the purpose of finding and fixing security vulnerabilities.

DETAILS

Date: 30-31st December 2017

Duration: 2 Days [8 hrs per day]

Venue: IIT Bombay

Cost of Workshop:₹ 1,500/- per person

No. of Team Members: 1

Refund Deadline: 1st November 2017, No Refunds will be entertained after the Deadline.

**Limited number of seats

**If the Workshop gets cancelled, all the participants will be given full refund, irrespective of the Deadline.

CONTENT

Session 1

Ethics & Hacking

    Hacking history : How it all began
  • Why is security needed?
  • What is ethical hacking?
  • Ethical Hacker Vs Malicious hacker
  • Types of Hackers
  • Building an approach for ethical hacking
  • Steps in Ethical hacking
    Basics of Internet, Networking & Hacking
  • What is a Network?
  • Types of network – LANs, WANs & WLANs
  • What is Internet?
  • History of the Internet
  • Basic Structure
  • What is a Server?
  • What is an IP Address?
  • What is a domain name?
  • IP-Domain Relation
  • Client-Server Relationship Model
  • Internet networking
  • What is a port?
  • What is Programming?
  • Types of programming languages.
  • What is a Programming loophole or error?

Session 2

    Information gathering & Google Hacking
  • Whois access (Demo)
  • Maltego (Demo)
  • 123people.com (Demo)
  • Ip scaning (Demo)
  • Port scaning (Demo)
  • Network scaning & its tools (Demo)
  • What is Google and how does it work?
  • Google tricks (Demo)
  • Basic hacks (Demo)
  • How can Google hacking help an Ethical Hacker? (Demo)
  • Accesing online remote cameras
    Windows security
  • Windows security (Demo)
  • Registry (Demo)
  • Port & Services (Demo)

Session 3

    SQL injections attacks (Practical)
  • Introduction of SQL
  • What is SQL injection
  • Checking SQL injection vulnerability (demo)
  • Basic strategy of SQL injection (Demo)
  • Getting login credientials using SQL injections (Live Demo)
  • Using SQL to login via middleware language (Demo)
  • URL and Forms (Demo)
  • SQL Query SELECT, DROP etc. (Demo)
  • SQL cheat sheets (Demo)
  • Using source changes to bypass client side validation (Demo)
  • Live demonstration of the attack (Demo)
  • Using SQL injection tools (Demo)
  • Importance of server side validation (Demo)
  • How to protect your system from SQL Injections (Demo)
    Man-in-the-middle attack (MITM Attack) (Practical)
  • What is Man-in-the-middle attack?
  • What is Backtrack linux (Most common unix system for ethical hacking)?
  • Preparation for Man-in-the-middle attack (Demo)
    Identifying victim (Demo)
  • Cache poisining (Demo)
  • Routing table modification (Demo)
  • Eveasdroping (Demo)
  • Countermeasures against MITM attack (Demo)

Session 4

    Phishing, Trojan & Viruses
  • What is phishing?
  • Social engineering used in phishing (Demo)
  • Phishing attack (Demo)
  • Phishing sites (Demo)
  • Protection against phishing (Demo)
  • Viruses: Trojans, Worms, Malware, Spyware
  • Modes of spreading
  • Different Ways a Trojan can Get into a System (Demo)
  • Creation of Trojan using cybergate (Demo)
  • Attacking a system using our created trojan (Demo)
  • Indications of a Trojan Attack (Demo)
  • Some Famous Trojans and Ports They Use (Demo)
  • How to Detect Trojans? (Demo)
  • How to Determine which Ports are Listening (Demo)
  • Netstat
    Session hijacking & Cookie grabbing
  • What are cookies? (Demo)
  • Reading and writing cookies (Demo)
  • Passive Vs Active session hijack (demo)
  • TCP sessions and HTTP sessions (Demo)
  • TCP session hijacking: Telnet (Demo)
  • Stealing Cookies to hijack session using: XSS (Demo)
  • Sniffers (Demo) - Spoofing (Demo)
  • Spoofing Vs Hijacking
  • Types of Hijacking
  • Protection against session Hijacking (Demo)

Session 5

    Social Network Attacks (Facebook, WhatsApp & Gmail)
  • Overview of Social Engineering - Case Study
  • Example of Social Engineering Attack
  • Java Applet Attack (Demo) -WhatsApp Security -Facebook Security -Gmail Security
    Call & SMS Spoofing
  • What is Fake SMS & Call?
  • Method of generating fake SMS & Calls (Demo)
    DNS Spoofing:
  • What is DNS Spoofing?
  • How does it work?
  • How to secure yourself?
  • DNS Spoofing (Demo)

Session 6

    Email Forging & Tracing
  • How does an email work?
  • Tracing an email (Demo)
  • Spam
    Firewalls & Keyloggers (Demo)
  • Detecting fake emails (Demo)
  • What is a firewall? & How can it help you
  • How a firewall works
  • What are key loggers? (Demo)
  • Types of key loggers? (Demo)

Session 7

  • Understanding of an Organization's IT Environment
  • Concept of Zoning – Demilitarized Zone
  • Militarized Zone Basic Servers being used in the IT Environment
  • Positioning in different Zones
  • Brief Insight of the IT Security Devices used
  • What is Computer Forensics all about?
  • Difference between Computer Crime & Un-authorized activities
  • 6 steps involved in Computer Forensics
  • Description of what is to be carried in each step
  • Need for forensics investigator

Session 8

  • Security Incident Response
  • What is a Security Incident?
  • Role of the Investigator in investigating a Security Incident Evidence
  • Control and Documentation
  • Skills and Training of a Forensics Investigator
  • Technical, Presentation, Professional

For more detail Content Click Here

RULES

Eligibility :
Participants having a valid ID card of their respective educational institutions are eligible for the workshop.

Team specifications :
Participants will have to register in a team with maximum of one members in it.

Prerequisites :
Each participant should bring one laptop with CD-ROM drive, a dongle/Jio and a working laptop Webcam preferably with Windows 8 OS or above (No VISTA).

Certificate criterion :
Participants should be present in all the sessions. Failing this, no certificate will be awarded to the participant.

CONTACT US

Anirudh Poddar
anirudh@techfest.org
+91 9920198901

Date
30-31st December 2017

Ethical Hacking


ABOUT

SLOT 1:
Date: 30th-31st December 2017
Venue: LA301
Reporting Time: 8am
Time: 9am-5pm

SLOT 2:
Date: 30th-31st December 2017
Venue: LH301
Reporting Time: 8am
Time: 9am-5pm

Penetration tests are employed by organizations that hire certified ethical hackers to penetrate networks and computer systems with the purpose of finding and fixing security vulnerabilities.

DETAILS

Date: 30-31st December 2017

Duration: 2 Days [8 hrs per day]

Venue: IIT Bombay

Cost of Workshop:₹ 1,500/- per person

No. of Team Members: 1

Refund Deadline: 1st November 2017, No Refunds will be entertained after the Deadline.

**Limited number of seats

**If the Workshop gets cancelled, all the participants will be given full refund, irrespective of the Deadline.

CONTENT

    Session 1

    Ethics & Hacking
      Hacking history : How it all began
    • Why is security needed?
    • What is ethical hacking?
    • Ethical Hacker Vs Malicious hacker
    • Types of Hackers
    • Building an approach for ethical hacking
    • Steps in Ethical hacking
      Basics of Internet, Networking & Hacking
    • What is a Network?
    • Types of network – LANs, WANs & WLANs
    • What is Internet?
    • History of the Internet
    • Basic Structure
    • What is a Server?
    • What is an IP Address?
    • What is a domain name?
    • IP-Domain Relation
    • Client-Server Relationship Model
    • Internet networking
    • What is a port?
    • What is Programming?
    • Types of programming languages.
    • What is a Programming loophole or error?

    Session 2

      Information gathering & Google Hacking
    • Whois access (Demo)
    • Maltego (Demo)
    • 123people.com (Demo)
    • Ip scaning (Demo)
    • Port scaning (Demo)
    • Network scaning & its tools (Demo)
    • What is Google and how does it work?
    • Google tricks (Demo)
    • Basic hacks (Demo)
    • How can Google hacking help an Ethical Hacker? (Demo)
    • Accesing online remote cameras
      Windows security
    • Windows security (Demo)
    • Registry (Demo)
    • Port & Services (Demo)

    Session 3

      SQL injections attacks (Practical)
    • Introduction of SQL
    • What is SQL injection
    • Checking SQL injection vulnerability (demo)
    • Basic strategy of SQL injection (Demo)
    • Getting login credientials using SQL injections (Live Demo)
    • Using SQL to login via middleware language (Demo)
    • URL and Forms (Demo)
    • SQL Query SELECT, DROP etc. (Demo)
    • SQL cheat sheets (Demo)
    • Using source changes to bypass client side validation (Demo)
    • Live demonstration of the attack (Demo)
    • Using SQL injection tools (Demo)
    • Importance of server side validation (Demo)
    • How to protect your system from SQL Injections (Demo)
      Man-in-the-middle attack (MITM Attack) (Practical)
    • What is Man-in-the-middle attack?
    • What is Backtrack linux (Most common unix system for ethical hacking)?
    • Preparation for Man-in-the-middle attack (Demo)
      Identifying victim (Demo)
    • Cache poisining (Demo)
    • Routing table modification (Demo)
    • Eveasdroping (Demo)
    • Countermeasures against MITM attack (Demo)

    Session 4

      Phishing, Trojan & Viruses
    • What is phishing?
    • Social engineering used in phishing (Demo)
    • Phishing attack (Demo)
    • Phishing sites (Demo)
    • Protection against phishing (Demo)
    • Viruses: Trojans, Worms, Malware, Spyware
    • Modes of spreading
    • Different Ways a Trojan can Get into a System (Demo)
    • Creation of Trojan using cybergate (Demo)
    • Attacking a system using our created trojan (Demo)
    • Indications of a Trojan Attack (Demo)
    • Some Famous Trojans and Ports They Use (Demo)
    • How to Detect Trojans? (Demo)
    • How to Determine which Ports are Listening (Demo)
    • Netstat
      Session hijacking & Cookie grabbing
    • What are cookies? (Demo)
    • Reading and writing cookies (Demo)
    • Passive Vs Active session hijack (demo)
    • TCP sessions and HTTP sessions (Demo)
    • TCP session hijacking: Telnet (Demo)
    • Stealing Cookies to hijack session using: XSS (Demo)
    • Sniffers (Demo) - Spoofing (Demo)
    • Spoofing Vs Hijacking
    • Types of Hijacking
    • Protection against session Hijacking (Demo)

    Session 5

      Social Network Attacks (Facebook, WhatsApp & Gmail)
    • Overview of Social Engineering - Case Study
    • Example of Social Engineering Attack
    • Java Applet Attack (Demo) -WhatsApp Security -Facebook Security -Gmail Security
      Call & SMS Spoofing
    • What is Fake SMS & Call?
    • Method of generating fake SMS & Calls (Demo)
      DNS Spoofing:
    • What is DNS Spoofing?
    • How does it work?
    • How to secure yourself?
    • DNS Spoofing (Demo)

    Session 6

      Email Forging & Tracing
    • How does an email work?
    • Tracing an email (Demo)
    • Spam
      Firewalls & Keyloggers (Demo)
    • Detecting fake emails (Demo)
    • What is a firewall? & How can it help you
    • How a firewall works
    • What are key loggers? (Demo)
    • Types of key loggers? (Demo)

    Session 7

    Understanding of an Organization's IT Environment

    Concept of Zoning – Demilitarized Zone
    Militarized Zone Basic Servers being used in the IT Environment
    Positioning in different Zones
    Brief Insight of the IT Security Devices used
    What is Computer Forensics all about?
    Difference between Computer Crime & Un-authorized activities
    6 steps involved in Computer Forensics
    Description of what is to be carried in each step
    Need for forensics investigator

    Session 8

    Security Incident Response
    What is a Security Incident?
    Role of the Investigator in investigating a Security Incident Evidence
    Control and Documentation
    Skills and Training of a Forensics Investigator
    Technical, Presentation, Professional

For more detail Content Click Here

RULES

    Eligibility :
    Participants having a valid ID card of their respective educational institutions are eligible for the workshop.

    Team specifications :
    Participants will have to register in a team with maximum of one members in it.

    Prerequisites :
    Each participant should bring one laptop with CD-ROM drive, a dongle/Jio and a working laptop Webcam preferably with Windows 8 OS or above (No VISTA).

    Certificate criterion :
    Participants should be present in all the sessions. Failing this, no certificate will be awarded to the participant.

Anirudh Poddar
anirudh@techfest.org
+91 9920198901
Div Six

Explore More

CLOSED !

×
×