-
Notifications
You must be signed in to change notification settings - Fork 1.2k
Hacking Course
This course is intended to train users in how hacking tools work, how a hacker approaches a target, identifying breaches and responding to incidents.
-
Analyze the structure of common attack techniques to evaluate an attacker's spread through a system and network, anticipating and thwarting further attacker activity
-
Gain access to a target machine using Metasploit, and then detecting the artifacts and impact of exploitation through process, file, memory, and log analysis
-
Analyze a system to see how malware is used to move files, create backdoors, and build relays through a target environment
-
Apply incident handling processes-including preparation, identification, containment, eradication, and recovery-to protect enterprise environments
-
Utilize tools and evidence to determine the kind of malware used in an attack, including rootkits, backdoors, and Trojan horses, choosing appropriate defenses and response tactics for each
- Use built-in command-line tools such as Windows tasklist, wmic, and reg, as well as Linux
netstat,ps, andlsofto detect an attacker's presence on a machine - Analyze router and system ARP tables along with switch CAM tables to track an attacker's activity through a network and identify a suspect
- Use memory dumps and memory analysis tools to determine an attacker's activities on a machine, the malware installed, and other machines the attacker used as pivot points across the network
- Run the
nmapport scanner and Nessus vulnerability scanner to find openings on target systems, and apply tools such astcpdumpandnetstatto detect and analyze the impact of the scanning activity - Apply the
tcpdumpsniffer to analyze network traffic generated by a covert backdoor to determine an attacker's tactics - Employ the
netstatandlsoftools to diagnose specific types of traffic-flooding denial-of-service techniques, and choose appropriate response actions based on each attacker's flood technique - Analyze shell history files to find compromised machines, attacker-controlled accounts, sniffers, and backdoors
- Use built-in command-line tools such as Windows tasklist, wmic, and reg, as well as Linux
Want to contribute to this wiki? Go right ahead! If it has to do with how the Enki software ecosystem works, or editorial guidelines for how to write, let us handle that. Anything else, edit away!
Curriculum Format:
- Topic Documentation
- Course Documentation
- Workout Documentation
- Insight Documentation
- Glossary Documentation
Contributor Resources:
Curriculum overview:
Topic pages: