In this course on “Ethical Hacking Foundation – Part 4” you will learn most of the common tools used in IT Companies. We aim to keep adding more tools to make this course as comprehensive as possible.
Section1:
You will go through a live demo on SYN flooding attach using hping3 command
Hping3 is a useful tool to test the target system’s resilience to the TCP SYN attack. A variation of the TCP SYN attack is the local area network denial attack, which uses the TCP SYN attack on an open port, with the source and destination IP addresses and ports the same
Section2:
You will go through a live demo on Metasploit test. Metasploit is a penetration testing framework that makes hacking simple. It’s an essential tool for many attackers and defenders.
Metasploit is a penetration testing framework that makes hacking simple. It’s an essential tool for many attackers and defenders. Point Metasploit at your target, pick an exploit, what payload to drop, and hit Enter.
Section3:
You will start using Maltego Tool after you go through a demo of the Maltego community edition 4.2.4.
Maltego is a comprehensive tool for graphical link analyses that offers real-time data mining and information gathering, as well as the representation of this information on a node-based graph, making patterns and multiple order connections between said information easily identifiable.
With Maltego, you can easily mine data from dispersed sources, automatically merge matching information in one graph, and visually map it to explore your data landscape.
Section4:
You will get clarity on web application security and that it is a branch of information security that deals specifically with security of websites, web applications and web services.
Web application security is the process of protecting websites and online services against different security threats that exploit vulnerabilities in an application’s code. Common targets for web application attacks are content management systems (e.g., WordPress), database administration tools (e.g., phpMyAdmin) and SaaS applications.
Section 5:
You will learn what SIEM and Log Management mean for businesses and how to use them more effectively to mitigate risk for your company.
Security Information and Event Management (SIEM) and Log Management are two examples of software tools that allow IT organizations to monitor their security posture using log files, detect and respond to Indicators of Compromise (IoC) and conduct forensic data analysis and investigations into network events and possible attacks.
Section 6:
Introduction to Splunk’s user interface
The Splunk web interface consists of all the tools you need to search, report and analyse the data that is ingested. The same web interface provides features for administering the users and their roles. It also provides links for data ingestion and the in-built apps available in Splunk.
Section 7:
Assignment: You need to complete reading two books. One is on Network Security and the other is on SIEM
