Show Host: Mike Rodrick

Show Instructor: Adam Gordan

This Post should be considered an add-on or update to the excellent CEH v8 useful links by Michala Liavaag

Before reading look at:
CEH v8 useful linkks

Introduction and Footprinting

Quick sentence for sequence of Reconnaissance, Scanning, Gain Access, Maintain Access, Cover Tracks:
Re-Scan to Gain and Maintain Cover

Notes : Thanks to M. Wylie

  • 10 steps:
    Search Engines, Advanced Google Hacking, Social Networks, Website Footprinting, Email Footprinting, Competitive Intel, WHOIS, DNS, Network Footprinting, and Social Engineering
  • you may find this scrip useful when scanning your network. It will do a full TCP scan of checking all ports and enumerate the OS, services, etc. It will put each host into its own txt file in whatever directory your pwd is. Feel free to adjust the switches to be more stealth if it's a pentest. for i in {1..255}; do nmap -sT -p- 192.168.1.$i -A 192.168.1.$i.nmap.scan; done

  • for i in {1..10}; do nmap -sT -n -p80 192.168.1.$i -v -o 192.168.1.$i.nmap.scan; done

Scanning & Enumeration

Notes: To know for exam

  • syn/stealth scan also known as "half open scan" for exam
  • EXAM: know the difference between passive and active scanning/sniffing
  • Exam: know the three types of scanning. Port, Networking, and Vulnerability
  • Exam: know types of scan & differences. Tcp, Xmas, Null, Idle, Ack, Windows, Syn/Stealth/half-open
  • Exam: three way handshake. Syn - syn-ack – ack
  • Exam: know flags and what each does: syn, ack, psh, urg, fin, rst
  • Exam: Know scanning methodology: Check for live systems, check for open ports, service identification, banner grabbing (OS fingerprinting), vulnerability scanning, draw/nap vulnerable host, prepare proxies, attack.

Chapter 3

Chapter 4

Notes :

  • Sigverif: windows built in signature checker

System Hacking

Notes :

Cloud Computing