EC-Council Certified Security Analyst - ECSA | EC-Council Module 1 Need for security Analysis thory --------------------------------------------------------- Module 2 Advanced googling 1.goohost 2.window tool google hack 3.google dorks 4.google hacking ------------------------------------------------------------ Module 3 TCPIP Packet Analysis 1.tool wirshark ---------------------------------------------------------- Module 04 Advanced Sniffing Techniques 1.wireshark - 3 way handshke example using wireshark 2.cain/able 1 type of sniffing 3.ettercap ----> etherape 4.websploit 5.dsinff 6.ssl scritping 7.urlsnarf 8.HAMSTER 9.easy-creds ------------------------------------------------------------- Module 05 Vulnerability Analysis with Nessus nessus nessus how be download in windows nessus how be download in backtrack scan with nusses ----------------------------------------------------------- Module 06 Advanced Wireless Testing airmon-ng reaver brute force dictnary attack girex fern ---------------------------------------------------------------- Module 7 Designing a DMZ 1.how be design dmz in firewall 2.thory --------------------------------------------------------------- Module 08 Snort Analysis 1.tools snort in backtrack , window 2.honeypot --------------------------------------------------------------- Module 09 Log Analysis 1.url snarf comman log format 2.BlindElephant 3.crawler 4.cms-exploere 5 dirbuster gui 6.plecast 7.htexploit ---------------------------------------------------------------- Module 10 Advanced Exploits and Tools 1.metasploit 2.buffer overflow 3.webexploit 5.armitage ----------------------------------------------------------------- Module 11 - Penetration Testing Methodologies thory ---------------------------------------------------------------- Module 12 Customers and Legal Agreements thory -------------------------------------------------------------------- Module 14 Penetration Testing Planning and Scheduling.ppt thory ------------------------------------------------------------ Module 15 Pre Penetration Testing Checklist 1.LookLAN Network Monitor 2.email tracker 3.super scan 4.nmap 5.winfingerprint-0.6.2 6.ADVANCE IP SCANNER AND IP PORT SCAN ------------------------------------------------------------- Module 16 Information Gathering 1.whois 2.dnsenum 3.dnsmap 4.dnsrecon 5.meltego 6.dig 7.firce 8.thehavester 9.dnsdict6 10.dmitry 11.jigshah 12.xpoobe2 13.dnswalk 14.dnstracer 15.0trace 16.goohost 17.metasploit ---------------------------------------------------------- Module 17 Vulnerability Analysis ip:123.49.59.173 *.php?id= scanning 1.nikto 2.uniscan 3.w3af gui 4.vega gui 5.websurify gui 6.webshag gui 7.wstool for sql scanner 8.webscarab 9.wapiti.py 10.owasp gui 11.grabber.py for sql injaction 12.openvas 13.wbox 14.nussus 15.acunetix window gui 16.cms-exploer 17.nexpose 18.grendal scan 19.ratina window gui 20.fimap for lfi rfi scanner 21.asp-auditor 22.golismero 23.wpscan 24.websorrow 25.joomlscan 26.wmap 28.arachni 29.nmap 31.devtest 32.htexploit 33.sql scan win gui --------------------------------------------------------- Module 18 External Penetration Testing 1.dnstracer 2.Httprint 3.dnswalk 4.urlcrazy 5.meltego 6.0trace 7.goohost 8.Smtpscan 9.ip forwording 10.nmap 11.httptrack 12.list url 13.whatweb --------------------------------------------------------- Module 19 Internal Network Penetration Testing 1.network discover 2.netifera 3.ipcalc 4.httptrack 5.Protos 6.Lanmap 7.Itrace 8.arping 9.ssldump 10.Tctrace 11.fping 12.unicornscaner 13.autoscan 14.smtpscan 15.samrdump 16.Smtpscan 17.nmap ------------------------------------------------------ Module 20 Router and Switches Penetration Testing 1.brute force on router 2.arpspoofing 3.ettercap 4.nslookup 5.hack router using dictionary attack 6.cisco-auditing 7.hack open router with hydra --------------------------------------------------------- Module 21 Firewall Penetration Testing 1.firewall 2.iptables in backtrack 3.how be use iptables in backtrack for createing inboud ,outbound, forward, dorp, reject rules 4.how be download firewall in backtrack 5.how be use firewall in windows 6.hping 7.wafwoof ---------------------------------------------------------- Module 22 IDS Penetration Testing 1.snort 2.pentbox honeypot ---------------------------------------------------------------- Module 23 Wireless Network Penetration Testing 1.airmon-ng 2.reaver 3.brute force 4.dictnary attack 5.girex 6.fern 7.kismat -------------------------------------------------------- Module 24 Denial of Service Penetration Testing 1.loic 2.hoic 3.slowries in backtrack 4.with botnet 5.webkiller 6.websploit 7.mail bomber 8.proxy sniffer ------------------------------------------------------- Module 25 Password Cracking Penetration Testing 1.hydra 2.brute force 3.hack win 7 admin password 4.hack win 7 admin password using backtrack 5.crack win 8 admin password 6.crack win xp admin password 7.crack syskey 8.break bois 9.how be brute force in rar , zip file 10.brute force on facebook account 11.brute force on gmail account 12.cmospwd on Backtrack 5 for break bois 13.samdump for syskey 13.chnptw for system password ---------------------------------------------------- Module 26 Social Engineering Penetration Testing set toolkit in backtrack 5 --------------------------------------------------- Module 28 Application Penetration Testing 1.devtest 2.appscan -------------------------------------------------------- Module 29 Physical Security Penetration Testing u3 pwn in backtrack -------------------------------------------------------- Module 30 Database Petetration Testing blind sql error base sql string base sql waf bypass ms error base sql ms string base sql sqlmap darkmysql ------------------------------------------------- Module 32 VPN Penetration Testing 1.proxpn 2.Cyberghost 3.AnonymoX Add Ons 4.CGWebInstall-en 5.hideman-install 6.VPNReactor 7.privatetunnel 8.vpn mointer 9.ikescan ----------------------------------------------- Module 33 WarDilaing Tools 1.autoscan network 2.modem scan ---------------------------------------------- Module 34 Trojans and Viruses 1.botnet 2.keyloger 3.how be fud virus for by pass antivirus 4.how be bind 5.prorat 6.darkcommet 7.ringloger 8.spyeye keyloger in backtrack 9.rkhunter 10.anti keyloger 11.anti trojons 12.netcat 13.chkrootkit 14.antispyeye 15.antvirus 16.weevly 17.Webacoo – Web Backdoor Cookie Script-Kit -------------------------------------------------- Module 35 Log Management Penetration Testing --------------------------------------------------- Module 36 File Integrity Checking 1.truecrypt 2.hash type 3.crypter 4.bitlocker 5.recover lost file 6.recover deleted image 7.recover deleted movies 8.mopest 9.hash cut 10.ewizard BackTrack > Miscellaneous Clients > ewizard ------------------------------------------------ Module 37 Bluetooth and Mobile Penetration testing ----------------------------------------------- Module 38 Broadband communication and Telecommunication Penetration Testing 1.aircrack 2.wifi hacking --------------------------------------------------- Module 39 Email Security Penetration Testing 1.fake mail 2.mail bomber 3.email tracker 4.how be send password portrect mail 5.how be send time limited email 6.phishing 7.how be protect from phishing attack 8.anti phishing 9.mopest 10.tabnaping 11.set ------------------------------------------------ Module 40 Patch Management 1.gfi lan gruad 2.how be patch sql 3.how be safe from symlink 4.how be protect from ddos attack 5.how be patch lfi /rfi 6.how be patch wifi 7.how be patch iis attack ---------------------------------------------- Module 41 Data Leakage Penetration Testing 1.keyloager 2.stergnography 3.how be hide data 4.file protection 5.true crypt 6.image hide ---------------------------------------------- Module 42 Penetration Testing Report Analysis thory -------------------------------------------------- Module 43 Penetration Testing Report and Documentation Writing 1.how be make report ------------------------------------------------- Module 44 Penetration Testing Deliverables and Conclusion thory ----------------------------------------------------- thanks bye bye bye









