Certified Ethical Hacker & Cyber Crime Investigator Training Syllabus

Overview of Cyber Law.

Key issues plaguing the information security world, incident management process, and penetration testing.

Various types of foot printing, foot printing tools, competitive intelligence gathering and countermeasures.

Network scanning techniques and scanning countermeasures.

Enumeration techniques and enumeration countermeasures.

System hacking methodology, steganography, steganalysis attacks, and covering tracks.

Windows OS Security. Hacking Into System By Changing Passwords & Getting Access To System By Elevating Privileges and to bypass The Windows Security.

Operating System Attacks, Misconfiguration Attacks, Application-Level Attacks, Examples of Application-Level Attacks, Shrink Wrap Code Attacks.

Different types of Trojans, Trojan analysis, and Trojan countermeasures.

Working of viruses, virus analysis, computer worms, malware analysis procedure, and countermeasures.

Virus creation in computer using Batch file programing, HTML & VB Script.

Packet sniffing techniques and how to defend against sniffing.

Social Engineering techniques, identify theft, and social engineering countermeasures.

DoS/DDoS attack techniques, botnets, DDoS attack tools, and DoS/DDoS countermeasures.

Find security issues, verify vulnerability mitigations & manage security assessments with Metasploit.

The cross-site scripting (XSS) vulnerability to exploit client side web application vulnerability.

Web server Attacks - Directory Traversal Attacks, HTTP Response Splitting Attack, Web Cache Poisoning Attack ,HTTP Response Hijacking, SSH Brute force Attack, Web server Password Cracking, Web Application Attacks.

Session hijacking techniques and countermeasures.

Different types of web server attacks, attack methodology, and countermeasures.

Different types of web application attacks, web application hacking methodology, and countermeasures.

SQL injection attacks and injection detection tools.

Performing MAC, DHCP & Spoofing attacks. Poisoning using ARP and DNS.

Wireless Encryption, wireless hacking methodology, wireless hacking tools, and wi-fi security tools.

Mobile platform attack vector, android vulnerabilities, jailbreaking iOS, windows phone 8 vulnerabilities, mobile security guidelines, and tools.

Firewall, IDS and honeypot evasion techniques, evasion tools, and countermeasures.

Various cloud computing concepts, threats, attacks, and security techniques and tools.

Different types of cryptography ciphers, Public Key Infrastructure (PKI), cryptography at-tacks, and cryptanalysis tools.

Hacking Web Applications - Web Attack Vectors, Command Injection Attacks, File Injection Attack, Hidden Field Manipulation Attack, Stealing Users' Cookies, Cookie/Session Poisoning, Broken Authentication and Session Management.

Monitoring Keyloggers -Spytech Spy Agent, All In One Keylogger, Keyloggers for Windows, Amac Keylogger for Mac, Hardware Keyloggers.

Spyware usage - Desktop Spyware, Activity Monitor, Email and Internet Spyware, Power Spy, Internet and Email Spyware, Child Monitoring Spyware, Net Nanny Home Suite, Screen Capturing Spyware, USB Spyware, Audio Spyware, Video Spyware, Print Spyware.

Various types of penetration testing, security audit, vulnerability assessment, and penetration testing roadmap.

Introduction to IT laws & Cyber Crimes – Internet, Hacking, Cracking, Viruses, Virus Attacks, Pornography, Software Piracy, Intellectual property, Legal System of Information Technology, Social Engineering, Mail Bombs, Bug Exploits, and Cyber Security

Analysis of Cyber Crimes against Individuals, organizations, society, government, Logic bombs, Web jacking, Cyber stalking, Defamation, Identity Theft, Online Scams, and Credit Card Fraud

Cyber investigation process - Roles and Responsibilities of the Cybercrime Investigator, Incident Response Triage and Forensic Acquisitions, Incident Responder's Forensic Acquisition Process

Corporate Audits - Risk Assessment, Compliance audit, Information Security audit. Reporting Methodologies