Certified Penetration Testing Specialist

Iniciado por jpmo4, 9 Febrero 2009, 00:54 AM

0 Miembros y 1 Visitante están viendo este tema.

jpmo4

Certified Penetration Testing Specialist



Detalles en:
http://www.mile2.com/Certified_Penetration_Testing_Specialist_CPTS.html

http://rapidshare.com/files/167651603/Certified_Penetration_Testing_Specialist__CPTS_.part01.rar
http://rapidshare.com/files/167663331/Certified_Penetration_Testing_Specialist__CPTS_.part02.rar
http://rapidshare.com/files/167675074/Certified_Penetration_Testing_Specialist__CPTS_.part03.rar
http://rapidshare.com/files/167686833/Certified_Penetration_Testing_Specialist__CPTS_.part04.rar
http://rapidshare.com/files/167698484/Certified_Penetration_Testing_Specialist__CPTS_.part05.rar
http://rapidshare.com/files/167710266/Certified_Penetration_Testing_Specialist__CPTS_.part06.rar
http://rapidshare.com/files/167721204/Certified_Penetration_Testing_Specialist__CPTS_.part07.rar
http://rapidshare.com/files/167732062/Certified_Penetration_Testing_Specialist__CPTS_.part08.rar
http://rapidshare.com/files/167741584/Certified_Penetration_Testing_Specialist__CPTS_.part09.rar
http://rapidshare.com/files/167750214/Certified_Penetration_Testing_Specialist__CPTS_.part10.rar
http://rapidshare.com/files/167758372/Certified_Penetration_Testing_Specialist__CPTS_.part11.rar
http://rapidshare.com/files/167765730/Certified_Penetration_Testing_Specialist__CPTS_.part12.rar
http://rapidshare.com/files/167772547/Certified_Penetration_Testing_Specialist__CPTS_.part13.rar
http://rapidshare.com/files/167779160/Certified_Penetration_Testing_Specialist__CPTS_.part14.rar
http://rapidshare.com/files/167785313/Certified_Penetration_Testing_Specialist__CPTS_.part15.rar
http://rapidshare.com/files/167479956/Certified_Penetration_Testing_Specialist__CPTS_.part16.rar
http://rapidshare.com/files/167567396/Certified_Penetration_Testing_Specialist__CPTS_.part17.rar
http://rapidshare.com/files/167577620/Certified_Penetration_Testing_Specialist__CPTS_.part18.rar
http://rapidshare.com/files/167588144/Certified_Penetration_Testing_Specialist__CPTS_.part19.rar
http://rapidshare.com/files/167599352/Certified_Penetration_Testing_Specialist__CPTS_.part20.rar
http://rapidshare.com/files/167610569/Certified_Penetration_Testing_Specialist__CPTS_.part21.rar
http://rapidshare.com/files/167622701/Certified_Penetration_Testing_Specialist__CPTS_.part22.rar
http://rapidshare.com/files/167634296/Certified_Penetration_Testing_Specialist__CPTS_.part23.rar
http://rapidshare.com/files/167640123/Certified_Penetration_Testing_Specialist__CPTS_.part24.rar

Megaupload

http://www.megaupload.com/?d=3SIT0V4C
http://www.megaupload.com/?d=HP1RJ41S
http://www.megaupload.com/?d=DRJ75W60
http://www.megaupload.com/?d=1VOTOXQ6
http://www.megaupload.com/?d=NI7WBG44
http://www.megaupload.com/?d=8K3WUAE1
http://www.megaupload.com/?d=2M0VSQ69
http://www.megaupload.com/?d=WDQBX0V0
http://www.megaupload.com/?d=G9IB9PYE
http://www.megaupload.com/?d=6HKCYAAB
http://www.megaupload.com/?d=MLPN98MB
http://www.megaupload.com/?d=O59PR72O
http://www.megaupload.com/?d=R5HQKU8L
http://www.megaupload.com/?d=5GP0F16W
http://www.megaupload.com/?d=9GMSORJ0
http://www.megaupload.com/?d=6LJL5LCL
http://www.megaupload.com/?d=NPYZH83X
http://www.megaupload.com/?d=HOX451L6
http://www.megaupload.com/?d=JVYV6AEC
http://www.megaupload.com/?d=99OJB0R3
http://www.megaupload.com/?d=9GOIC4CU
http://www.megaupload.com/?d=NC1H94YW
http://www.megaupload.com/?d=OAISPX2J
http://www.megaupload.com/?d=W27BWB4G



Module 0: Introduction
Module 1: Business and Technical Logistics of Penetration Testing
Module 2: Information Gathering
Module 3: Linux Fundamentals
Module 4: Detecting Live Systems
Module 5: Reconnaissance -- Enumeration
Module 6: Cryptography
Module 7: Vulnerability Assessments
Module 8: Malware – Software Goes Undercover
Module 9: Hacking Windows
Module 10: Advanced Vulnerability and Exploitation Techniques
Module 11: Attacking Wireless Networks
Module 12: Networks, Firewalls, Sniffing and IDS
Module 13: Injecting the Database
Module 14: Attacking Web Technologies


Module 1: Business and Technical Logistics of Pen Testing

• Definition of a Penetration Test
• Benefits of a Penetration Test
• ID Theft Statistics
• Recent Hacking News
• The Evolving Threat
• Vulnerability Life Cycle
• Exploit Time Line
• Zombie Statistics
• Zombie Definition
• Botnet Definition
• Types of Penetration Testing
• Pen Testing Methodology
• Hacker vs. Penetration Tester
• Tools vs. Technique
• Penetration Testing Methodologies
• OSSTMM - Open Source Security Testing Methodologies
• Website Review
• SecurityNOW! SX
• Case Study and Lab

Module 2: Information Gathering

• What Information is Gathered by the Hacker
• Methods of Obtaining Information
• Physical Access
• Social Access
• Digital Access
• Passive vs. Active Reconnaissance
• Footprinting Defined
• Footprinting Tool: Kartoo Website.
• Footprinting Tools
• Google and Query Operators
Johnny.Ihackstuff.com.
• Aura
• Wikto
• Websites used for Information Gathering
• Internet Archive: The WayBack Machine
• Domain Name Registration
• Whois
• Websites used to Gather Whois Information
• DNS Databases
• Using NSlookup
• Dig for Unix / Linux
• Traceroute Operation
• EDGAR for USA Company Info.
• Company House For British Company Info
• Intelius info and Background Check Tool
• Web Server Info Tool: Netcraft
• Countermeasure: Domainsbyproxy.com
• Footprinting Countermeasures
• Review White Papers/Templates
• Case Study and Lab.

Module 3: Linux Fundamentals

• History of Linux
• The GNU Operating System
• Linux Introduction
• Desktop Environment
• Linux Shell
• Linux Bash Shell
• Recommended Linux Book
• Password and Shadow File Formats
• User Account Management
• Changing a user account password
• Configuring the Network Interface
• Mounting Drives
• Tarballs and Zips
• Compiling Programs
• Typical Linux Operating Systems
• Gentoo = Simple Software Install Portal
• VLOS and Emerge
• Why Use Live Linux Boot CDs
• Security Live Linux CDs
• FrozenTech's Complete Distro List
• Most Popular: BackTrack
• My Slax Creator
• Slax Modules (Software Packages)
• Case Study and Lab

Module 4: Detecting Live Systems

• Port Scanning Introduction
• Port Scan Tips
• What are the Expected Results
• How Do We Organize the Results
• Ping
• NMAP Introduction
• The TCP/IP Stack
• Ports and Services
• The TCP 3-way Handshake
• TCP Flags
• Vanilla Scan
• NMAP TCP Connect Scan
• Half-open Scan
• Tool Practice : TCP half-open and Ping Scan
• Fire-walled Ports
• NMAP Service Version Detection
• UDP Port Scanning
• Advanced Scanning Technique
• Popular Port Scanning Tools
• Tool: Superscan
• Tool: LookatLan
• Tool: Hping2
• Tool: Auto Scan
• Packet Crafting and Advanced Scanning Methods
• OS Fingerprinting
• OS Fingerprinting: Xprobe2 – Auditor Distro
• Xprobe Practice
• Fuzzy Logic
• Tool: P0f – Passive OS Finger Printing Utility
• Tool Practice: Amap
• Packet Crafting
• Tool Fragrouter: Fragmenting Probe Packets
• Countermeasures: Scanning
• Scanning Tools Summary
• Case Study and Lab

Module 5: Reconnaissance – Enumeration

• Overview of Enumeration
• Web Server Banner
• Practice: Banner Grabbing with Telnet
• Sam Spade Tool: Banner Grabbing
• SuperScan 4 Tool: Banner Grabbing
• SMTP Banner
• DNS Enumeration Methods
• Zone Transfers
• Countermeasure: DNS Zone Transfser
• SNMP Insecurity
• SNMP Enumeration
• SNMP Enumeration Countermeasures
• Active Directory Enumeration
• AD Enumeration countermeasures
• Null Session
• Syntax for a Null Session
• Viewing Shares
• Tool: DumpSec
• Tool: USE42
• Tool: Enumeration with Cain and Abel
• NAT Dictionary Attack Tool
• Injecting the Able Service
• Null Session Countermeasures
• Enumeration Tools Summary
• Case Study and Lab

Module 6: Cryptography

• Cryptography Introduction
• Encryption
• Encryption Algorithm
• Implementation
• Symmetric Encryption
• Symmetric Algorithms
• Crack Times
• Asymmetric Encryption
• Key Exchange
• Hashing
• Hash Collisions
• Common Hash Algorithms
• Hybrid Encryption
• Digital Signatures
• SSL Hybrid Encryption
• IPSEC
• Transport Layer Security – SSH
• PKI ~ Public Key Infrastructure Models
• PKI-Enabled Applications
• Quantum Cryptography
• Hardware Encryption: DESlock
• Attack Vectors
• Case Study & Lab

Module 7: Vulnerability Assessments

• Vulnerability Assessments Introduction
• Testing Overview
• Staying Abreast: Security Alerts
• Vulnerability Scanners
• Qualys Guard
• Nessus Open Source
• Nessus Interface
• Scanning the Network
• Nessus Report
• Retina
• Nessus for Windows
• LANguard
• Analyzing the Scan Results
• Microsoft Baseline Analyzer
• MBSA Scan Report
• Dealing with the Assessment Results
• Patch Management
• Patching with LANguard Network Security Scanner
• Case Study and Lab

Module 8: Malware - Software Goes Undercover

• Defining Malware: Trojans and Backdoors
• Defining Malware: Virus & Worms
• Defining Malware: Spyware
• Company Surveillance Software
• Malware Distribution Methods
• Malware Capabilities
• Auto Start Methods
• Countermeasure: Monitoring Autostart Methods.
• Tool: Netcat
• Netcat Switches
• Executable Wrappers
• Benign EXEs Historically Wrapped with Trojans
• Tool: Restorator
• Tool: Exe Icon
• The Infectious CD-ROM Technique
• Backdoor.Zombam.B
• JPEG GDI+ All in One Remote Exploit
• Advanced Trojans: Avoiding Detection
• Malware Countermeasures
• Gargoyle Investigator
• Spy Sweeper Enterprise
www.Glocksoft.com
• Port Monitoring Software
• File Protection Software
• Windows File Protection
• Windows Software Restriction Policies
• Hardware-based Malware Detectors
• Countermeasure: User Education
• Case Study and Lab

Module 9: Hacking Windows

• Types of Password Attacks
• Keystroke Loggers
• Password Guessing
• Password Cracking LM/NTLM Hashes
• LanMan Password Encryption
• NT Password Generation
• SysKey Encryption
• Password Salting
• Password Extraction and Password Cracking
• Precomputation Detail
• Cain and Abel's Cracking Methods
• Free LM Rainbow Tables
• NTPASSWD:Hash Insertion Attack
• Password Sniffing
• Windows Authentication Protocols
• Hacking Tool: Kerbsniff & KerbCrack
• Countermeasure: Monitoring Event Viewer Log
• Hard Disk Security
• Free HD Encryption Software
• Tokens & Smart Cards.
• Covering Tracks Overview
• Disabling Auditing
• Clearing the Event Log
• Hiding Files with NTFS Alternate Data Streams
• NTFS Streams Countermeasures
• Stream Explorer
• What is Steganography?
• Steganography Tools
• Shredding Files Left Behind
• Leaving No Local Trace
• SecurSURF
• StealthSurfer II Privacy Stick
• Tor: Anonymous Internet Access
• Encrypted Tunnel Notes
• Rootkits
• Rootkit Countermeasures
• Case Study and Lab.

Module 10: Advanced Vulnerability & Exploitation Techniques

• How Do Exploits Work?
• Memory Organization
• Buffer Overflows
• Stages of Exploit Development
• Prevention
• The Metasploit Project
• Defense in Depth
• Core Impact
• Case Study Lab

Module 11: Attacking Wireless Networks

• Wireless LAN Network Types
• Deployed Standards
• A vs. B vs. G
• 802.11n - MIMO
• SSID - Service Set Identifier
• MAC Filtering
• WEP – Wired Equivalent Privacy
• Weak IV Packets
• XOR Basics
• WEP Weaknesses
• TKIP
• How WPA improves on WEP
• The WPA MIC Vulnerability
• 802.11i - WPA2
• WPA and WPA2 Mode Types
• WPA-PSK Encryption
• Tool: NetStumbler
• Tool: KNSGEM
• Tool: Kismet
• Analysis Tool: OmniPeek Personal
• Tool: Aircrack
• DOS: Deauth/disassociate attack
• Tool: Aireplay
• ARP Injection (Failure)
• ARP Injection (Success)
• EAP Types
• EAP Advantages/Disadvantages
• Typical Wired/Wireless Network
• EAP/TLS Deployment
• Case Study and Lab

Module 12: Networks, Firewalls, Sniffing and IDS

• Packet Sniffers
• WinPcap / Pcap
• Tool: Wireshark (Ethereal)
• Re-assembling TCP Session Packets
• Tool: Packetyzer
• tcpdump & windump
• Tool: OmniPeek
• Sniffer Detection
• Passive Sniffing Methods
• Active Sniffing Methods
• Flooding the Switch Forwarding Table
• ARP Cache Poisoning in Detail
• ARP Normal Operation
• ARP Cache Poisoning
• Technique: ARP Cache Poisoning (Linux)
• ARP Countermeasures
• Tool: Cain and Abel
• Ettercap
• Dsniff Suite
• MailSnarf, MsgSnarf, FileSnarf
• What is DNS Spoofing?
• DNS Spoofing Tools
• Intercepting and Cracking SSL
• Tool: Breaking SSL Traffic
• Tool: Cain and Abel
• VoIP Systems
• Intercepting VoIP
• Intercepting RDP
• Cracking RDP Encryption
• Routing Protocols Analysis
• Countermeasures for Sniffing
• Firewalls, IDS and IPS
• Firewall ~ 1st Line of Defense
• IDS ~ 2nd Line of Defense
• IPS ~ Last Line of Defense
• Evading The Firewall and IDS
• Evasive Techniques
• Firewall – Normal Operation
• Evasive Technique –Example
• Evading With Encrypted Tunnels
• 'New Age' Protection
• SpySnare - Spyware Prevention System (SPS)
• Intrusion 'SecureHost' Overview
• Intrusion Prevention Overview
• Secure Surfing or Hacking?
• Case Study and Lab

Module 13: Injecting the Database

• Overview of Database Servers
• Types of Databases
• Tables, Records, Attributes, Domains
• Data Normalization, SQL , Object-Oriented Database Management
• Relational Database Systems
• Vulnerabilities and Common Attacks
• SQL Injection
• Why SQL "Injection
• SQL Connection Properties
• SQL Injection: Enumeration
• Extended Stored Procedures
• Shutting Down SQL Server
• Direct Attacks
• Attacking Database Servers
• Obtaining Sensitive Information
• Hacking Tool: SQL Ping2
• Hacking Tool: osql.exe
• Hacking Tool: Query Analyzers
• Hacking Tool: SQLExec
• Hacking Tool: Metasploit
• Hardening Databases
• Case Study and Lab

Module 14: Attacking Web Technologies

• Common Security Threats
• The Need for Monitoring
• Seven Management Errors
• Progression of The Professional Hacker
• The Anatomy of a Web Application Attack
• Web Attack Techniques
• Components of a generic web application system
• URL mappings to the web application system
• Web Application Penetration Methodologies
• Assessment Tool: Stealth HTTP Scanner
• HTTrack Tool: Copying the website offline
• Httprint Tool: Web Server Software ID
• Wikto Web Assessment Tool
• Tool: Paros Proxy
• Tool: Burp Proxy
• Attacks against IIS
• IIS Directory Traversal
• Unicode
• IIS Logs
• What is Cross Side Scripting (XSS?
• XSS Countermeasures
• Tool: Brutus
• Dictionary Maker
• Query String
• Cookies
• Top Ten Web Vulnerabilities
• Putting all this to the Test
• Case Study and Lab

Gracias a  modemhead .

Todos los links funcionales recien testeados. Salu2 espero que les guste
Podras llevarme a mi novia, incluso hasta a mi perro, pero a mi computadora... jamas

   

AlbertoBSD

Perfectisimo, pero Rapid ???

Me gustaria mas Megaupload.

Saludos.
Donaciones
1Coffee1jV4gB5gaXfHgSHDz9xx9QSECVW

Axus

MM no tenia idea de esta certificación xD...Desde hoy comienzo a descargar, gracias por el aporte jpmo4...Lo que mas me gusta de estas certificaciones es que tratan muchos temas y abarcan con mucha informacion.

jpmo4

Cita de: Anon en  9 Febrero 2009, 17:46 PM
Perfectisimo, pero Rapid ???
Me gustaria mas Megaupload.

Lo que pasa es que no soy el autor del upload compi, ahora cuando lo termine de bajar (me falta poco) veo si le hago un re-up en megaupload, pero con un 1MB de velocidad me voy a tardar mucho  :-[ :xD. Salu2
Podras llevarme a mi novia, incluso hasta a mi perro, pero a mi computadora... jamas

   

berz3k

Joder por que siempre RS? , mmm podrian comprimir todo y hacer un .iso ?

de modo que solo quede un pack, no tantos links...

-berz3k.

gerwin86

No seamos negativossss..... pedazo aporte macho...!!! genial, ahora a la gente que pide tutos a redireccionarlos aqui, el ingles corre de su cuenta, jejeje, muy buena, un saludo...!!!!
La enfermedad del ignorante es ignorar su propia ignorancia (lo que mas me asusta es que hay mucho enfermo)

jpmo4

Cita de: berz3k en 10 Febrero 2009, 08:23 AM
Joder por que siempre RS?

No soy el author del upload lo dije (aunque creo que aqui y la pagina  fuente de donde lo encontré no lo eh visto en ningun otro lado xD en DD),hay torrent por ahi tambien.

Cita de: berz3k en 10 Febrero 2009, 08:23 AM
podrian comprimir todo y hacer un .iso ?

No, por que tardaria mucho mas en subir, aparte que no soy premium  :¬¬ , en megaupload, por que si lo tendria q subir ,lo haria ahi xD, pero como dije, con 1MB de velocdad tardaria en subirlo. Salu2
Podras llevarme a mi novia, incluso hasta a mi perro, pero a mi computadora... jamas

   

dantemc

se ve interesante, pero reitero lo del hoster, igual voy a intentar bajarlos asi.

gracias men.
8-D

chihiro

Yo agradezco que nos pongas el material al alcanze, lo del host es lo de menos para mi  :xD (no se ofendan los demas) los pondre en mi lista del jdownlader, gracias  ;D

Saludos
F*** society

jpmo4

Podras llevarme a mi novia, incluso hasta a mi perro, pero a mi computadora... jamas