System Hacking Concepts

6.1 CEH Hacking Methodology (CHM)
6.2 System Hacking Goals

Cracking Passwords

6.3 Password Cracking
6.4 Types of Password Attacks

• • Non-Electronic Attacks
  • Active Online Attack
    • Dictionary, Brute Forcing and Rule-based Attack
    • Password Guessing
    • Default Passwords
    • Trojan/Spyware/Keylogger
    • Example of Active Online Attack Using USB Drive
    • Hash Injection Attack
    • LLMNR/NBT-NS Poisoning
  • Passive Online Attack
    • Wire Sniffing
    • Man-in-the-Middle and Replay Attack
  • Offline Attack
    • Rainbow Table Attack
    • Tools to Create Rainbow Tables: rtgen and Winrtgen
    • Distributed Network Attack

6.5 Password Recovery Tools
6.6 Microsoft Authentication
6.7 How Hash Passwords Are Stored in Windows SAM?
6.8 NTLM Authentication Process
6.9 Kerberos Authentication
6.10 Password Salting
6.11 Tools to Extract the Password Hashes
6.12 Password Cracking Tools
6.13 How to Defend against Password Cracking
6.14 How to Defend against LLMNR/NBT-NS Poisoning

Escalating Privileges

6.15 Privilege Escalation
6.16 Privilege Escalation Using DLL Hijacking
6.17 Privilege Escalation by Exploiting Vulnerabilities
6.18 Privilege Escalation Using Dylib Hijacking
6.19 Privilege Escalation using Spectre and Meltdown Vulnerabilities
6.20 Other Privilege Escalation Techniques
6.21 How to Defend Against Privilege Escalation

Executing Applications

6.22 Executing Applications

• • Tools for Executing Applications

6.23 Keylogger

• • Types of Keystroke Loggers
  • Hardware Keyloggers
  • Keyloggers for Windows
  • Keyloggers for Mac

6.24 Spyware

• • Spyware
  • USB Spyware
  • Audio Spyware
  • Video Spyware
  • Telephone/Cellphone Spyware
  • GPS Spyware

6.25 How to Defend Against Keyloggers

• • Anti-Keylogger

6.26 How to Defend Against Spyware

• • Anti-Spyware

Hiding Files

6.27 Rootkits

• • Types of Rootkits
  • How Rootkit Works
  • Rootkits
    • Horse Pill
    • GrayFish
    • Sirefef
    • Necurs
  • Detecting Rootkits
  • Steps for Detecting Rootkits
  • How to Defend against Rootkits
  • Anti-Rootkits

6.28 NTFS Data Stream

• • How to Create NTFS Streams
  • NTFS Stream Manipulation
  • How to Defend against NTFS Streams
  • NTFS Stream Detectors

6.29 What is Steganography?

• • Classification of Steganography
  • Types of Steganography based on Cover Medium
    • Whitespace Steganography
    • Image Steganography
      • Image Steganography Tools
    • Document Steganography
    • Video Steganography
    • Audio Steganography
    • Folder Steganography
    • Spam/Email Steganography
  • Steganography Tools for Mobile Phones
  • Steganalysis
  • Steganalysis Methods/Attacks on Steganography
  • Detecting Steganography (Text, Image, Audio, and Video Files)
  • Steganography Detection Tools

Covering Tracks

6.30 Covering Tracks
6.31 Disabling Auditing: Auditpol
6.32 Clearing Logs
6.33 Manually Clearing Event Logs
6.34 Ways to Clear Online Tracks
6.35 Covering BASH Shell Tracks
6.36 Covering Tracks on Network
6.37 Covering Tracks on OS
6.38 Covering Tracks Tools

Penetration Testing

6.39 Password Cracking
6.40 Privilege Escalation
6.41 Executing Applications
6.42 Hiding Files
6.43 Covering Tracks