Textbook

CNIT 123
Ethical Hacking and Network Defense

Spring 2009 Sam Bowne

Final Scores posted 5-29-09

Open Lab Hours for Sci 214

Schedule · Lecture Notes · Projects · Links · Forum · Bookshelf · Home Page 



CRN 38013  Mon 6 - 9 pm  Science 200 (note room change)

Catalog Description

Students learn how hackers attack computers and networks, and how to protect systems from such attacks, using both Windows and Linux systems. Students will learn legal restrictions and ethical guidelines, and will be required to obey them. Students will perform many hands-on labs, both attacking and defending, using port scans, footprinting, exploiting Windows and Linux vulnerabilities, buffer overflow exploits, SQL injection, privilege escalation, Trojans, and backdoors.

Prerequisites: CNIT 106 and 120 or equivalent familiarity with the fundamentals of networking and security.

video1a (18K)

Videos of lectures now available!



Upon successful completion of this course, the student will be able to:
  1. Explain what an ethical hacker can and can not do legally, and explain the credentials and roles of penetration testers.
  2. Define the types of malicious software found in modern networks.
  3. Explain the threats and countermeasures for physical security and social engineering.
  4. Perform footprinting to learn about a company and its network.
  5. Perform port scans to locate potential entry points to servers and networks.
  6. Perform enumeration (finding resources, accounts, and passwords) on Microsoft, Netware, and Unix/Linux targets.
  7. Perform very simple programming in C, HTML, and Perl, specifically oriented towards the needs of network security professionals.
  8. Learn how to identify Microsoft Windows vulnerabilities and to harden systems.
  9. Learn how to identify Linux vulnerabilities and to protect servers.
  10. Describe how to take control of Web Servers, and how to protect them.
  11. Locate and hack into wireless networks, and protect them.
  12. Explain how cryptography and hashing work, and perform attacks against them such as password cracking and man-in-the-middle attacks.
  13. Describe and deploy security devices, including routers, firewalls, Intrusion Detection Systems, and honeypots.

Textbooks

Hands-On Ethical Hacking and Network Defense by Michael T. Simpson -- ISBN: 0-619-21708-1 Buy from Amazon

CNIT 123: Ethical Hacking and Network Defense -- Lecture Notes and Projects (Spring 2009 Revision) by Sam Bowne (buy it at the CCSF Bookstore)


Schedule

DateQuizTopic
Mon 1-12  Ch 1: Ethical Hacking Overview
Mon 1-19 Holiday - No Class
Mon 1-26 Holiday - No Class
Mon 2-2  Ch 2: TCP/IP Concepts Review
Fri 2-6 Last Day to Add Monday-Only Classes
Mon 2-9Quiz on Ch 1 & 2   
Proj 1-3 due		 Ch 3: Network and Computer Attacks
Mon 2-16 Holiday - No Class
Tue 2-17 Last Day to Request pass/no pass Grading
Mon 2-23Quiz on Ch 3  
Proj 4 & 5 due		 Ch 4: Footprinting and Social Engineering Ch 4 & 5 Notes
Mon 3-2Quiz on Ch 4 
Proj 6 & 7 due		 Ch 5: Port Scanning
Mon 3-9Quiz on Ch 5 
Proj 8 & 9 due		 Ch 6: Enumeration
Mon 3-16Quiz on Ch 6 
Proj 10 & 11 due		 Ch 7: Programming for Security Professionals
Mon 3-23Quiz on Ch 7 
Proj 12 & 13 due		 Ch 8: Microsoft Operating System Vulnerabilities
Mon 3-30Quiz on Ch 8
Proj 14 & 15 due		 Ch 9: Linux Operating System Vulnerabilities
Mon 4-6 Holiday - No Class
Mon 4-13Quiz on Ch 9
Proj 16 & Proj 17 due		 Ch 10: Hacking Web Servers
Fri 4-17 Last Day to Withdraw
Mon 4-20Quiz on Ch 10 
Proj 18&19 due		 Ch 11: Hacking Wireless Networks
Mon 4-27Quiz on Ch 11 
Proj 20 due		 Ch 12: Cryptography
Mon 5-4Quiz on Ch 12
Proj 21 & 22 due		 Ch 13: Protecting Networks with Security Devices
Mon 5-11Quiz on Ch 13 - Last Class
All Extra Credit Projects Due		 Lectures 14 & 15: Cracking WEP Encryption & Man-in-the-Middle Attack (not in textbook)
Mon 5-18  Final Exam: 6 pm Room 215




Lecture Notes

Policy
Student Agreement
Code of Ethics
Ch 1: Ethical Hacking Overview      Powerpoint      Google video
Ch 2: TCP/IP Concepts Review      Powerpoint      Google video (Part 1)      Google video (Part 2)
Ch 3: Network and Computer Attacks      Powerpoint      Google video
Ch 4: Footprinting and Social Engineering     Powerpoint (revised 2-23-09)
Ch 5: Port Scanning     Powerpoint
Ch 6: Enumeration     Powerpoint
Ch 7: Programming for Security Professionals     Powerpoint
           hello.c    hello2.c    hello3.c    loopdemo.c    pingscan.c
           branch.plx    hello.plx    hello2.plx    leet.plx    pingscan.plx
Ch 8: Microsoft Operating System Vulnerabilities     Powerpoint
Ch 9: Linux Operating System Vulnerabilities     Powerpoint     Linux Notes for Lecture
Ch 10: Hacking Web Servers     Powerpoint        Process Utility for Classroom Demo
Ch 11: Hacking Wireless Networks     Powerpoint
Ch 12: Cryptography     Powerpoint
Ch 13: Protecting Networks with Security Devices (rev. 12-4-08)     Powerpoint
Lecture 14: More Wireless Hacking: Cracking Wired Equivalent Privacy (WEP) (rev. 5-11-09)     Powerpoint
Lecture 15: Stealing Passwords from HTTPS Sessions with a Man-in-the-Middle Attack (rev. 5-11-09)     Powerpoint
The lectures are in Word and PowerPoint formats.
If you do not have Word or PowerPoint you will need to install the
Free Word Viewer 2003 and/or the Free PowerPoint Viewer 2003.


Back to Top

Projects

The projects are the heart of the course. We will use virtual and physical machines running Windows XP, Vista, Windows 2000, and Ubuntu Linux on closed private networks, performing real network attacks and intrusions which would be illegal on public networks. We will use both wired and wireless networks. We will also perform countermeasures to prevent, detect, and mitigate the damage done by these attacks.

How to Read Your CCSF Email
How to Get your Windows XP Activation Code from MSDNAA
Downloading MSDNAA Software
Virtual Machines at Home
Fixing Problems with Ubuntu on VMware

Project 1: Preparing a Trusted Windows XP Virtual Machine (10 pts.) (revised 1-28-09)
Project 2: Using Metasploit 3 to Take Over a Windows XP Computer (Ch 3, 15 pts.)
Project 3: Stealing Passwords with a Packet Sniffer (Ch 3, 15 pts.)
Project 4: Installing Ubuntu Linux (20 pts.) (revised 9-10-08)
Project 5: Port Scans and Firewalls (Ch 5, 15 pts.)
Project 6: Analyzing Types of Port Scans (Ch 5, 20 pts.)
Project 7: Using a Software Keylogger (10 pts.)
     Download SC Keylog Pro Demo
Project 8: Programming in C on Ubuntu Linux (Ch 7, 15 pts.)
Project 9: Programming in Perl on Ubuntu Linux (Ch 7, 10 pts.)
Project 10: Programming with Python on Windows (Ch 7, 15 pts.)
Project 11: Rootkitting Windows (Ch 7, 15 pts.)
     hxdef100r (you need to use 7-zip to open it, with password sam
Project 12: Cracking Windows XP Passwords with Ophcrack (15 pts.)
Project 13: Using the Ultimate Boot CD to Create Administrator Accounts (10 pts.)
Project 14: Rootkitting Ubuntu Linux (Ch 9, 20 pts.)      fix-fu
Project 15: Using a Hardware Keylogger (10 pts.)
Project 16: Setting up a Web Server (15 pts.) (revised 10-17-08)      Big Image
Project 17: Performing a Denial of Service Attack With Nmap (15 pts.)
Project 18: Nessus Vulnerability Scanner (15 pts.)
Project 19: John the Ripper on Ubuntu Linux (Ch 12, 10 pts.)
Project 20: Cracking WEP with BackTrack 2 (20 pts.)
Project 21: Sniffing Passwords with ettercap on Ubuntu Linux (15 pts.) (revised 10-16-08)
Project 22: Stealing Passwords from HTTPS Sessions with a Man-in-the-Middle Attack Using Cain (15 pts.)

Project X1: Subnet Exercises (Ch 2, 10 pts. extra credit)
Project X2: HackThisSite (Ch 10, 15 pts. extra credit)
Project X3: Getting into Ubuntu Linux Without a Password (15 pts. extra credit)
Project X4: Protecting Your Privacy with The Onion Router (TOR) (10 pts. extra credit)
Project X5: Sniffing Cleartext Passwords with Cain and Abel (Ch 12, 10 pts. extra credit)
Project X6: Microsoft Baseline Security Analyzer (MBSA) (Ch 8, 10 pts. extra credit)
Project X7: Winfingerprint (Ch 8, 10 pts. extra credit)
Project X8: OpenPGP on Ubuntu Linux (Ch 12, 15 pts. extra credit)
Project X9: Cracking Windows Passwords with Cain and Abel (Ch 12, 15 pts. extra credit)
Project X10: Cracking WPA (15 pts)
Project X11: Installing Windows 7 (10 pts. extra credit)


Back to Top

Links

Links From Lectures

Ch 1a: Robert Bruen's review of the textbook
Ch 1b: Wired News: Ethical Hacking Is No Oxymoron
Ch 1c: EC-Council | Certified Ethical Hacker Certification
Ch 1d: EC-Council | Code of Ethics
Ch 1e: Run Away From The CEH Certification
Ch 1f: ISECOM - OPST Accredited Certification
Ch 1g: Rate My Network Diagram
Ch 1h: RE: OPST and CEH Certifications
Ch 1i: SANS Institute - Network and Computer Security Training
Ch 1j: SANS Top-20 Internet Security Attack Targets (2006 Annual Update)
Ch 1k: CCSF COMPUTER USAGE POLICY
Ch 1l1: Lycos starts anti-spam screensaver plan: Dec 2, 2004
Ch 1l2: Lycos Pulls Anti-Spam 'Vigilante' Campaign -- Dec 3, 2004
Ch 1l3: Lycos's Spam Attack Network Dismantled -- Spammers sent the DOS packets back to Lycos -- Dec 6, 2004
Ch 1m: Blue Frog begins its "vigilante approach" to fight spam -- July, 2005
Ch 1n: Russian spammer fights back, claims to have stolen Blue Frog's database, sends threating email -- DOS attack in progress -- May 2, 2006
Ch 1o: Blue Frog compromised and destroyed by attacks, urgent instructions to uninstall it, the owners have lost control -- May 17, 2006
Ch 1p: Call for help creating distributed, open-source Blue Frog replacement -- May 17, 2006
Ch 1q: Linux update becomes terminal pain
Ch 1r: Permission Memo for Penentration Testing
Ch 2a: Header Format
Ch 2b: List of assigned /8 IP address blocks
Ch 2c: A Binary Primer
Ch 2d: Classful network
Ch 2e: How to Obscure Any URL
Ch 2f: Obscuring a URL (demonstration for lecture)
Ch 2g: Warriors of the Net - The Story
Ch 2h: Statistical Weaknesses in TCP/IP Initial Sequence Numbers
Ch 3 Lecture Demo: Companion Trojan 1
Ch 3 Lecture Demo: Companion Trojan 2
Ch 3 Lecture Demo: Hacker Defender Rootkit Part 1
Ch 3 Lecture Demo: Hacker Defender Rootkit Part 2
Ch 3a: Base64 Encoding Explained
Ch 3b: Base64 Online - base64 decode and encode
Ch 3c: Melissa Worm and I Love You Worm Source Codes
Ch 3d: Computer Virus Generator Kits
Ch 3e: Animated GIF of Code Red Spreading (4 MB)
Ch 3f: CAIDA : analysis : security : code-red
Ch 3g: Worm infects ATM machines of two US financial institutions (Nov. 26, 2003)
Ch 3h: Trend brings out ATM Antivirus Product
Ch 3i: ATM Machine and Windows XP Images
Ch 3j: Worm hits Windows-based ATMs
Ch 3k: Shortcut Trojan
Ch 3l: Microsoft takes down barrier in Vista firewall
Ch 3m: Zonelabs ZoneAlarm vs Windows Vista Firewall vs XP SP2
Ch 3n: Ping of death - Wikipedia
Ch 3o: Bump Keys
Ch 3p: IC Card Locks
Ch 3q: How to unlock a car with a tennis ball
Ch 3q: Windows Trojan Vulnerability: MS00-052: Registry-Invoked Programs Use Standard Search Path
Ch 4a1: Download Java SE Development Kit 6 Update 4
Ch 4a: Parosproxy.org - Web Application Security
Ch 4b: Bugnosis Web Bug Detector
Ch 4c: RFC 2616 (rfc2616) - Hypertext Transfer Protocol -- HTTP/1.1
Ch 4d: Specification of HTTP/1.1 OPTIONS messages
Ch 4e: Lock IT Down: Block DNS zone transfers to protect your servers
Ch 4f: Web Bugs: Nearly undetectable tracking device raises concern
Ch 4g: The Web Bug FAQ
Ch 4h: Demonstration Page with a Web Bug
Ch 5a: Port scans legal, judge says (12/18/2000)
Ch 5b: Port Scanning and its Legal Implications (2004)
Ch 5c: Nmap Tutorial
Ch 5d: A Simple Guide to Nmap Usage
Ch 5e: YouTube - Trinity Nmap Hack - Matrix Reloaded
Ch 5f: Unicornscan
CH 5g: NetScanTools
Ch 5h: Nessus Vulnerability Scanner
Ch 5i: Nessus Technical Guide
Ch 5j2: A very simple nessus installation [Archive] - Ubuntu Forums
Ch 5j: How to install the vulnerability scanner Nessus | Ubuntu Linux
Ch 5k: fping - a program to ping hosts in parallel
Ch 5m: Hping - Wikipedia, the free encyclopedia
Ch 5n: Tutorial: Hping2 Basics
Ch 5o: Smurf attack - Wikipedia, the free encyclopedia
Ch 5p: Preventing Smurf Attacks
Ch 5q: Advanced Bash-Scripting Guide
Ch 5r: Kon-Boot -- Reset Windows & Linux Passwords
Ch 6a: NetBios Howto
Ch 6b: NetBIOS NULL Sessions: The Good, The Bad, and The Ugly
Ch 6c: Null session attacks: Who's still vulnerable?
Ch 6d: NULL sessions restrictions of server and workstation RPC operations
Ch 6e: Null session in Windows XP
Ch 6f: Listing usernames via a null session on Windows XP
Ch 6g: Download Winfo -- NetBIOS Null Session Enumeration Tool
Ch 6h: NetBIOS Suffixes (16th Character of the NetBIOS Name)
Ch 6i: NetScanTools.com
Ch 6j: SystemTools.com - DumpSec and Hyena
Ch 6k: Description of the Windows File Protection feature
Ch 6l: OpenVAS emerges as free alternative to Nessus
Ch 6m: OpenVAS - OpenVAS - Open Vulnerability Assessment System Community Site
Ch 7a: Where are the C libraries? [Archive] - Ubuntu Forums
Ch 7b: Why Windows is less secure than Linux--Comparing system call diagrams
Ch 7c: The Linux Kernel Map
Ch 7d: Cprogramming.com - Programming Tutorials: C++ Made Easy and C Made Easy
Ch 7e: We Are Morons: a quick look at the Win2k source || kuro5hin.org
Ch 7f: Linux: Fewer Bugs Than Rivals
Ch 7g: An IDA Primer--Disassembler
Ch 7h: Ubuntu Software - GHexedit | Hexeditor
Ch 7i: The GNU C Programming Tutorial -- scanf and avoiding buffer overflows
Ch 7j: Robert's Perl Tutorial
Ch 7k: Free Online Web Tutorials - CGI Perl Tutorial - How to use HTML with Perl for Web Data Collection and Processing
Ch 7l: Python On XP: 7 Minutes To 'Hello World!'
Ch 7m: ActiveState - ActivePython free Python open source language distribution
Ch 7n: Python Babysteps Tutorial
Ch 7o: The GNU Netcat -- Official homepage
Ch 7p: Opening TCP Sockets in ActivePython 2.4
Ch 7q: Writing Buffer Overflow Exploits - a Tutorial for Beginners
Ch 7r: Simple Package management with Synaptic Package Manager in Ubuntu -- Debian Admin
Ch 7s: PEBrowse Professional Windows Disassembler
Ch 7t: codepad - Online interpreter for C, Perl, Ruby, and many other languages
Ch 8a: Microsoft Baseline Security Analyzer (MBSA)
Ch 8a: Microsoft Baseline Security Analyzer (MBSA)
Ch 8b: Winfingerprint.com
Ch 8c: CVE - Common Vulnerabilities and Exposures
Ch 8d: NetBIOS protocol, netbeui over TCP, server message blocks
Ch 8e: NetBIOS - Wikipedia
Ch 8f: NetBios NetBEUI NBF Networking Introduction
Ch 8g: How To Configure TCP/IP Networking While NetBIOS Is Disabled in Windows 2000 Server
Ch 8h: samba without netbios
Ch 8i: The SMB Man-In-the-Middle Attack -- Example hashes here
Ch 8j: SmbRelay captures NTLM hashes
Ch 8k: L0phtCrack - It's over
Ch 8l: ettercap - man in the middle attacks on LAN
Ch 8l: Irongeek's Wall of Social Science Majors (inspired by the Wall of Shame/Wall of Sheep)
Ch 8m: Ettercap tips and tricks
Ch 8n: CIFS: A Common Internet File System
Ch 8o: CIFS: Common Insecurities Fail Scrutiny
Ch 8o: Winsock - Wikipedia
Ch 8p: Microsoft Security: IIS Lockdown Tool
Ch 8q: Top 10 Vulnerability Scanners
Ch 8r: Wall of Sheep - I see stupid people
Ch 8s: Wall of Sheep at DEFCON illustrates what not to do
Ch 8w: Tripwire Tutorial -- Signature-based intrusion detection
Ch 8x:Null session in Windows XP
Ch 8y: Null session attacks: Who's still vulnerable?
Ch 9a: no eth0 in /dev - LinuxQuestions.org
Ch 9b1: Controlling your Linux system processes
Ch 9b: Linux Demo for Lecture
Ch 9c: Securing Linux by breaking it with Damn Vulnerable Linux
Ch 9d: Damn Vulnerable Linux - The most vulnerable and exploitable operating system ever
Ch 9e: Linux.com | CLI Magic: Trojan Scan
Ch 9f: Trojan-Spy.Linux.Logftp
Ch 9g: Trojan horses plague open source: ZDNet Australia: News: Business
Ch 9h: LRK: Linux Rootkit Information and source code
Ch 9i: Hiding code -- details about Linux Rootkits
Ch 9j: tornkit: a Linux Rootkit for Red Hat 6 & 7
Ch 9k: trapkit.de - Rootkit Profiler LX (RKProfiler LX) -- Versions for Ubuntu and Ubuntu on VMware
Ch 9l: Rootkit detector app..? - Ubuntu Forums -- chkrootkit and Rootkit Hunter included in Ubuntu archives
Ch 9m: Linux Kernel PRCTL Core Dump Handling Privilege Escalation Vulnerability
Ch 9n: Easy Rootkit Crontab Exploit Found
Ch 9o: Security on Ubuntu
Ch 9p: Detecting Rootkits under Linux
Ch 9q: debian.org compromise cleanup status -- How the SuckIt Rootkit was used to take over the debian.org main servers in 2003
Ch 9r: Suckit Source Code -- a Linux Rootkit
Ch 9s: VMware 4.0 and Redhat 9 - How to get ethernet working
Ch 9t: Analysis of a Suckit detection and removal
Ch 9u: Downloadable Linux Rootkits -- A good list
Ch 9w: Tripwire Tutorial
Ch 9x: Linux File Structure
Ch 9y: Unix/Linux Command Reference
Ch 9z: How to change font colours in Gnome Terminal window
Ch 9za: Trojan programs improve attack methods -- the Sheepshank Trojan Explained
Ch 9zb: The Ultimate Linux Reference Guide for Newbies
Ch_10 zm2: An overly informative error message I saw on 1-22-08
Ch_10a: Sam's Feedback Form (HTML)
Ch_10b: Sam's CGI Script in Perl
Ch_10c: Netcraft: Web Server Survey Archives
Ch_10d: ASP Examples
Ch_10e: ASP Basic Example -- Source code for clock
Ch_10f: ASP Clock Running (source code is not visible)
Ch_10g: Apache HTTP Server - Wikipedia, the free encyclopedia
Ch_10h: The Apache Software Foundation
Ch_10i: PHP - Wikipedia, the free encyclopedia
Ch_10j: Recursive acronym
Ch_10k a: PHP Demos on the free T35 Server
Ch_10k: Hello World in PHP (source code not visible)
Ch_10l: Source Code for Hello World in PHP
Ch_10m: M-049: Multiple PHP Vulnerabilities
Ch_10n: Hardened-PHP Project - PhP Security - Advisory 01/2004
Ch_10o: ColdFusion - Wikipedia
Ch_10p: Macromedia ColdFusion Vulnerabilities
Ch_10q: ColdFusion Error Page Cross-Site Scripting Vulnerability
Ch_10r: VBScript Example -- works in IE, not in Firefox
Ch_10s: Firefox FAQ -- no support for VBScript
Ch_10t: Microsoft Security Bulletin MS02-009 -- Incorrect VBScript Handling in IE can Allow Web Pages to Read Local Files
Ch_10u: Stack overflow vulnerability in Internet Explorer exploitable trough VBScript and JScript scripting engines.
Ch_10v: JavaScript Example -- Works in IE and Firefox
Ch_10w: JavaScript vulnerabilities surface in multiple browsers
Ch_10x: ODBC, OLE DB, and ADO Explained by a Microsoft Developer
Ch_10y: Form Demonstration -- maxlength property and GET method
Ch_10za: Cross-site scripting - Wikipedia
Ch_10zb: How to install Java on Ubuntu Linux
Ch_10zc: Installing Sun Java(TM) JRE 1.6.0 (Mustang) in Ubuntu Edgy and Dapper � Tuxicity%u2019s source
Ch_10zd: Install tomcat 5.5 - Ubuntu Document Storage Facility
Ch_10ze: WebGoat Installation - OWASP
Ch_10zf: Space Program Blog: Installing Java 5 JDK and Tomcat on Ubuntu (using VMWare)
Ch_10zg: Radarhack -- Getting Started with WebGoat
Ch_10zh: IIS Unicode Vulnerability Explained
Ch_10zi: Download cgiscan.c here
Ch_10zj: phfscan.c source code
Ch_10zk: Explanation of the PHF bug
Ch_10zl: HOW TO: Use Wfetch.exe to Troubleshoot HTTP Connections
Ch_10zm: An example of an overly informative error message on SourceForge
Ch_10zn: Introduction to Input Validation with Perl
Ch_10zo: The Unexpected SQL Injection
Ch_10zp: Hello PHP page - running PHP code
Ch_10zq: Hello PHP Page - Source Code
Ch_11a: Wlan defaults - Rexploit (archived from 2005)
Ch_11b: 3Com OfficeConnect ADSL Wireless 11g Firewall Router Authentication Bypass Vulnerability
Ch_11c: Channel Deployment Issues for 2.4-GHz 802.11 WLANs - Cisco Systems
Ch_11d1: Direct-sequence spread spectrum - Wikipedia
Ch_11d: Spread spectrum - Wikipedia
Ch_11e: Cheating CHAP Authentication -- works like session hijacking
Ch_11f: Point-to-Point Protocol - Wikipedia
Ch_11g: ASLEAP -- Cracks Cisco's LEAP Authentication
Ch_11h: Extensible Authentication Protocol - Wikipedia
Ch_11i: Wireless LAN Security Site -- 802.11 Vulnerabilities
Ch_11j: X.509 - Wikipedia
Ch_11k: IEEE 802.1X - Wikipedia
Ch_11l: Cracking WEP with Windows XP
Ch_11m: How to crack a WEP key using Ubuntu
Ch_11n: New attack cracks WEP in record time
Ch_11o: NetStumbler.com
Ch_11p: AirSnort Homepage
Ch_11q: SourceForge.net: AirSnort
Ch_11r: AirSnort and WEPCrack compared
Ch_11s: fakeAP
Ch_11t: Installing Wireless Cards in Ubuntu
Ch_11u: Orinoco Drivers With Monitor Mode In 6.10 (Edgy Eft) - Ubuntu Forums
Ch_11v: How To Crack WEP - Part 1: Setup & Network Recon
Ch_11w: Remote-Exploit.org - Supplying offensive security products to the world
Ch_11x: Aircrack-2.3 Windows (Wireless WEP crack)
Ch_11y: Orinoco Monitor Mode Patch Page -- Shmoo Group
Ch_11z: Red Hat 8.0 Kismet - HOWTO - Includes Orinoco Cards in Monitor Mode
Ch_11za: BackTrack 2 Final : how to make Fake Access Points with fakeap.pl
Ch_11zb: Debunking the Myth of SSID Hiding
Ch_11zc: IEEE 802.11 - Wikipedia
Ch_11zd: Aerohive 802.11n Access Point Fastest--264 Mbps
Ch_11ze: Download VistaStumbler 1.10 - A powerful network discovery tool optimized for Windows Vista
Ch_11zf: Changing Your MAC Address In Window XP/Vista, Linux And Mac OS X (Sometimes known as MAC spoofing)
Ch_11zg: Bluetooth - Wikipedia
Ch_123q: Capture - The High Interaction Client Honeypot/ Honeyclient
Ch_12a: Enigma machine - Wikipedia
Ch_12b: Enigma Simulator
Ch_12c: First Steganographic Image in the Wild
Ch_12d: A Brute Force Search of DES Keyspace
Ch_12e: DeCSS - Wikipedia
Ch_12f: Why the DVD Hack Was a Cinch -
Ch_12g: Illegal prime - Wikipedia
Ch_12h: EFF: DES Cracker Project
Ch_12i: Triple DES - Wikipedia
Ch_12j: Advanced Encryption Standard - Wikipedia
Ch_12j: Oracle Weblogic Server - Wikipedia
Ch_12k: International Data Encryption Algorithm - Wikipedia
Ch_12l: RC5 - Wikipedia
Ch_12m: distributed.net--Cracking RC5-72
Ch_12n: Diffie-Hellman key exchange - Wikipedia
Ch_12o: Digital signature - Wikipedia
Ch_12p: SHA hash functions - Wikipedia
Ch_12q: Cryptographic hash functions Compared
Ch_12r: Birthday attack - Wikipedia
Ch_12s: oxid.it - Home of Cain & Abel Windows Password Cracker
Ch_12za: LM hash - Wikipedia - Excellent explanation of how Ophcrack works
Ch_12zb: How to prevent Windows from storing a LAN manager hash of your password in Active Directory and local SAM databases
Ch_12zc: Ophcrack--Windows password cracker
Ch_12zd: Recover A Password in Linux | Ubuntology
Ch_12ze: 109-bit Elliptic Curve Cryptography knocked over with brute force
Ch_12zf: Pretty animated demonstration of the Rindjael encryption algorithm
Ch_12zg: The Hash Function Lounge
Ch12zh: Explanation of key sizes: 1024 bit RSA is like 80-bit symmetric
Ch 12zi: Moore\\\'s Law - Wikipedia
Ch 12zj: SSLSTRIP attack documents (From Sam Bowne\'s Defcon Presentation 2009)
Ch 12zk: Null Character Hack Allows SSL Spoofing
Ch 12zl: Good explanation of the renegotiation SSL/TLS Vulnerability
Ch_13a: Router - Wikipedia
Ch_13b: Cisco 2600 Series Multiservice Platforms
Ch_13c: Cisco 2600 Series Security Advisories
Ch_13d: Michael Lynn - Wikipedia
Ch_13e: Michael Lynn's controversial Cisco security presentation
Ch_13f: Schneier on Security: Cisco Harasses Security Researcher
Ch_13g: Michael Lynn's PDF file is linked near the bottom of this page
Ch_13h: Juniper hires Cisco hacker -- fixes flaws in IOS
Ch_13i: Firewall Debate: Hardware vs. Software
Ch_13j: Firewall Access Control List Rules
Ch_13k: Cisco PIX Firewall and VPN Configuration Guide
Ch_13l: Teardrop Attack - Wikipedia
Ch_13m: Microsoft ISA Server: Product Overview
Ch_13n: Application Filters Provided with ISA Server 2006
Ch_13o: Intrusion Detection FAQ: How do you implement IDS (network based) in a heavily switched environment?
Ch_13p: Project Honey Pot
Ch_13q: Capture - The High Interaction Client Honeypot/ Honeyclient
Ch_13r: Open Source Honeypots: Learning with Honeyd
Ch_13s: ISA Server and Forefront Threat Management Gateway Public Beta Available Here (as of 12-4-08)
Ch 13t: Web Application Firewall - OWASP
Ch 13u: Web Application Firewall - The Market Leading Web Application Firewall
l_14a: compatible_cards [Aircrack-ng]
l_14b: Cant get orinoco into monitor mode with NG
l_14c: Wi-Foo: The Secrets of Wireless Hacking: Books: Andrew Vladimirov,Konstantin V. Gavrilenko,Andrei A. Mikhailovsky
l_14d: PRISM GT Technical Information
l_14e: Injection Test Results: WUSB54Gv4, WT111v2, Edimax EW-7318USG, and Intel IPW2200
l_14f: Question regarding usb adapter and linux
l_14g: Driver found for PrismGT Chipset
l_14h: Host AP Linux driver for Intersil Prism2/2.5/3 wireless LAN cards and WPA Supplicant
l_14i: How to get the TEW424ubv2 Wi-Fi Dongle working in Linux with NDISwrapper
l_14j: Wireless Card Modes Explained: Master, Manager, Ad-hoc, Monitor
l_14l: Orinoco Monitor Mode Patch Page
l_14m: MadWifi - Drivers for many wireless NICs
l_14n: BackTrack from Remote-Exploit.org - Supplying offensive security products to the world
l_14n: Linuxant - DriverLoader for Wireless LAN devices
l_14o: NDISwrapper - Use Windows Drivers in Linux
l_14p: How To Crack WEP with Linux and Packet Injection
l_14q: Aircrack-ng -- WEP cracker for Windows or Linux
l_14r: Tutorial - Cracking WEP with Windows XP pro.
l_14s: How to crack WEP with BackTrack 2
l_14t: WLAN Adapter Chipset Directory
l_14u: Yet Another Easier Workaround for Packet Injection with Aireplay in Windows
l_14v: Re: Legality of WEP Cracking
l_14w: E-Mail Privacy in the Workplace
l_15a: About SSL/TLS
l_15b: Huge Collection Of Hack Tutorial Videos
l_15c: dsniff -- Linux Package for Man-in-the-Middle Attacks
l_15d: Old SSL Vulnerability in Internet Explorer - Certificate Chain
l_15e: Circumventing SSL with Ettercap Video

Other Links

Hacking Into a Computer (With Pictures)
ScratchDrive.com- list of hacking tools
10 quick tips to make Linux networking easier
How to change eth1 to eth0 with Ubuntu on VMware
Security and Hacking Documentation - Machine code exploit info, SQL injection, and much more
US subway hackers still gagged
Screenshots of the Constructor/YFakeCreator tool that creates fake YouTube websites
A Hacking Odyssey: Part Two – Network Scanning & Nmap Part 1
Adeona: A Free, Open Source System for Helping Track and Recover Lost and Stolen Laptops
Bachelor of Science in Ethical Hacking Degree in Scotland
Best Online Documentaries - especially the hacking one
Biometrics: Hacking into a Fingerprint Scanner Video
Case of a wireless hack
Certified Ethical Hacker Exam Availability
Computer Hacking and Ethics
coWPAtty Main Page - Cracking WPA
Cracking - Brute Forcing - Dictionary and Cryptanalysis attacks
Cracking Syskey and the SAM on Windows Using Samdump2 and John (Hacking Illustrated Series)
Cracking Syskey and the SAM on Windows XP, 2000 and NT 4 using Open Source Tools
Cracking Tutorial for Newbies by FlOrEsTaN. -- Caution - Some of this is not legal to do
Cracking Windows Admin pass with Backtrack2, using John
Cyber War - Discovery Channel Video about Chinese Hackers
Damn Vulnerable Linux - The most vulnerable and exploitable operating system ever - Damn Vulnerable Linux - 2006 Edition
Debian Grimoire: DM-Crypt -- Encrypt partitions in Debian Linux
Decode your drivers license barcodes
Detecting, Analyzing, and Exploiting Intranet Applications using JavaScript
DEVILS FUNHOUSE: Best hacking videos
Digital Attacks Archive: today's verified attacks -- 20,000 Web sites defaced in a day (3-2007)
Discovery_Channel_-_The_History_Of_Hacking - Google Video
Discovery_Channel_-_The_History_Of_Hacking_Documentary.avi - Google Video
EffeTech Packet Sniffer, HTTP Sniffer, Password Sniffer, MSN Sniffer - EffeTech
Enough With The Rainbow Tables: What You Need To Know About Secure Password Schemes
EtterCap ARP Spoofing and Beyond
Express Recovery for Excel and Word Password Protected Documents
Fail2ban -- bans IP addresses that make too many password failures
Featured Ethical Hacking Schools - Computer Training Schools
Firewall Leak-tests results
Five Hackers Who Left a Mark on 2006
Fping for Windows
Free Linux+ Study Guide : CompTIA : IT Certification :
Free Password Crackers
Google Hacking Database
Google Zone » Hack: Get username and password with google
Hack This Site!
HackBar | Firefox Add-ons | Mozilla Corporation
Hackers Center : Ethical Hacker Course by Doz
Hackers Selling Vista Zero-Day Exploit
HackersLab @ Free Hacking Zone
Hacking into cell phones with Bluetooth
Hacking Library - Online Tutorials Section (pretty elementary and not very accurate from my brief scanning)
Hacking Movies :: Y! Underground ::
Hacking WEP with Kismac
Hash: reverse engineer md5 hashes
Hash: Web Based MD5 / SHA1 / SHA-256 / SHA-384 / SHA-512 Cryptographic Hash Calculator Function
Hashing: Free online hash calculator, does MD5, SHA-1, and more
Hide Your Files In A JPEG
How Does The Hacker Economy Work? - News by InformationWeek
How Hackers Are Using Google To Pwn Your Site
How Secure is WEP, Anyway?
How Skype gets through firewalls and NAT
How To Become A Hacker
How to create a new admin account on a Mac without knowing the current administrator password
How to Hack Into a Windows XP Computer Without Changing Password � Raymond.CC Blog
How to install VMware Server on Ubuntu Linux
How to safely connect from anywhere to your closed Linux firewall -- Port Knocking
How to sniff plain-text passwords in 13 steps
HowNetWorks - A high-level network analyzer
INFOSECDIARY - Your Free Calendar of Information Security Events
Install Ruby Rails on Ubuntu Edgy Eft
Instructions for WPA and WEP attacks
Interesting Hacking Videos -- milw0rm.com
Intrusion Detection For Dummies
Is whitelisting a practical final line of malware defense?
KeePass Password Safe -- Free Open-Source Password Management System
Keylogger: Download SC-KeyLog Free 2.25 - A compact, reliable keylogger with mailing options and easy remote deployment - Softpedia
l14v: aircrack-ng instructions
Learn Networking - An Introduction to TCP/IP
Learn Security Online - Hack Videos
Learn Security Online - MSF v3 VNCinject Video - unlocking a locked desktop
Learn Security Online - Using MSF v3 Meterpreter -- How to get LM hashes remotely, migrate your process ID, and use timestomp to hide your trail
Leptons's Crack FrontEnd
Linux Shadow Password HOWTO: Why shadow your passwd file?
LinuxCommand.org: Learning the shell.
LivecdRecovery - Ubuntu Wiki
Lockpicking - by Deviant Ollam
Lockpicking: BMW decoder tool
Locksport International -- ANNOUNCING THE LSI GUIDE TO LOCKPICKING!
Long PDF file with a summary of the hacking world from 2007
Lost Domain Admin Password Panic
Main [Aircrack-ng]
Many hacking PDFs
Many hacking pdfs
Metasploit 3.0 Beta 3 Released �
Metasploit Web Interface in Action Video
MR01001101 :: cryptography steganography resources and challenges
MS Office - How does Microsoft Word password recovery work?
MS Office - 'Unfixable' Word password hole exposed - ZDNet UK
MS Office -- AccessData Product Line - PRTK
MS Office -- ELCOMSOFT: Advanced Office Password Recovery
MS Office: Cracking lost Access, Excel, Word passwords is as easy as a pie!
Netcat - a couple of useful examples
Netstat Tricks -- Very Useful for Port Scan Projects
Nmap Tutorial
Nmap Usage
Offensive-security.com -- WEP tips and Metasploit instructions
Online Tool for URL Encoding/Decoding
Open Masterlocks
Ophcrack -- automatic password cracker
Password Dictionaries: Word lists - download wordlists for free - language dictionary translation cracking passwords
Password stealing by Cross-site scripting for dummies
PhreakVids.com - Videos Related To Phreaking
Police blotter: Google searches nab wireless hacker | CNET News.com
Proj X15a: Upgrading your existing Ubuntu installation | Ubuntu
Proj X15b: EdgyUpgrades - Community Ubuntu Documentation
Proj X15c: Preview: Ubuntu Gutsy Gibbon, GNOME 2.20 - OSNews.com
Proj X15d: Ubuntu: One More Release, Yet More Polish - OSNews.com
Proj X15e: Review of Ubuntu 7.10 (gutsy) new features and changes
Proj X15f: Ubuntu Test Releases | Ubuntu
Proj X15g: GrubHowto/BootFloppy - Community Ubuntu Documentation
Project RainbowCrack
Proj_15: How to fis the "expiration date" error when constructing the Ultimate Boot CD for Windows
Proj_16a: Firewall Leak Tester
Proj_16b: Leak-tests results - matousec.com
Proj_16c: Download HView 2000 v1.00 Freeware software - Softlookup Downloads
Proj_16e: Freeware Hex Editor XVI32
Proj_X3: Installing VMware Tools with VMware Player
Python On XP: 7 Minutes To "Hello World"
Rainbow Hash Cracking with Ophcrack - Good explanation of how it works
Recovering Your Lost Passwords with Cain and Abel
Researcher Hacks Microsoft Fingerprint Reader
Reset a Lost OS X Account Password | General, System Prefs., Terminal | Mac OS X Tips
Resetting the Root Password in Linux
Salting passwords to make better hashes
SANS Institute - SANS Information Security Reading Room - Security White Papers
Security Engineering - A Guide to Building Dependable Distributed Systems -- Free Online Book
Security Technology Classes Including Ethical Hacking
Security+ Glossary of terms: Ports, Cryptography, Wireless, Ftp
Security+ Study Guides, Practice Exams, Training Resources, and Forums
Similar course at Minnesota State College -- CCIS2410: Hacker Techniques & Tools
Similar course offered at George Mason University, VA
Similar course offered at Georgia Tech
Similar course offered at Minot State University ND (see CIS 146)
Similar course offered at Southern Polytechnic State University, GA
Similar course offered at Syracuse University, NY
Snare EventLog Agent for Windows - Event Log transfer to Snare & Syslog servers - Open Source
SQL Injection Cheat Sheet
SQL Injection Paper [BlackSecurity.org]
SQL Injection Walkthrough
Stripe Snoop--Magnetic Stripe Hacking Software
Talisker Computer Network Defense Operational Picture
tcpdump recipes
tcpdump tutorial
The Best Linux Security Tools � foogazi.com
The Complete History of Hacking
The Ethical Hacker Network - Tutorial: Metasploit v2.6 Web Interface
The Ethical Hacker Network - Tutorial: Rainbow Tables and RainbowCrack
The Hacker FAQ
The Metasploit Project -- Documentation
The Real Hustle: Credit Card Cloning
The Sirkus System: Viral Tech -- virus coding, virus tutorials, virus source code -- and Assembly Language Resources
Three charged in online brokerage scam -- they hacked into servers and manipulated the stock of Google, Sun and other companies
Tools: www.marcinmx.republika.pl ] :::... ...::: [ kontakt: marcinmx@op.pl ] :::...
TOOOL: The Open Organization Of Lockpickers (Netherlands)
Top 10 Black Hat Hackers
Top 100 Network Security Tools
Top Five (5) Best Criminal Computer Hackers of All Time | MarvQuin, LLC
Top Five (5) Best Non-Criminal Hackers of All Time | MarvQuin, LLC
Turning Firefox to an Ethical Hacking Platform. - Security Database Tools Watch
Tutorial: Cracking WEP Using Backtrack 3 | Whats the w0rd?
Ubuntu & WEP Cracking - home - | p a s s i v e m o d e |
Ubuntu - How To Install Ubuntu on VMware on OS X
Ubuntu - How to reset admin password
Ubuntu 3d desktop effects
Ubuntu 7.04 and VMware Tools (on Mac OS X)
Ubuntu Howtos
Ubuntu Quality Control Problems
USB Hacks: Endpoint Insecurity
USB Switchblade - Hak5
Using CIA Commander and Rainbow Tables to crack Win XP Passwords (video)
VMmanager - Create and Modify Virtual Machines
Wardriver on a budget attaches a laptop to his minibike -- DON'T TRY THIS AT HOME
What the Hack ?! - the temptation of the Dark Side
Windows Honeypot Solution - HoneyBOT
Windows Key Enterprise 7.9.2141 -- Resets passwords on Windows, even Vista, even in Domains
Windows NTFS Alternate Data Streams
Wired News: I Was a Cybercrook for the FBI
Wireless Linux Tools Index
Wireless Packet Injection used for image prank at DEFCON 12
Wireless: Chipsets for Wireless Cards -- Big Database
XSS (Cross Site Scripting) Cheat Sheet CTF-qlal-link
http://quals.ddtek.biz/quals/files/6db079ca91c4860f78bd096b9db30671
Forensics 100 file (link fixed)
CTF-PacketMadness100
Securely Erasing Partitions | Novell User Communities
Wardriving software for Windows XP: inSSIDer: Copy and Paste Results Into Excel
The Router Hacking Contest Results
All CNIT 123 Projects in a single Zip file (from 2009)
Security Cheat Sheets
VistaNuke--complete instructions for the SMB 2.0 attack *** USE FOR CLASSROOM DEMONSTRATION ***
VMware on Ubuntu: Installing VMware Workstation 6.5 in Ubunu
VMware on Ubuntu: A \\\"no hassle\\\" Linux install for VMware Workstation 6.5
VMware on Ubuntu: VMware/Workstation - Community Ubuntu Documentation
How to install VMware on Ubuntu
Introduction to Forensics--Kyle Rankin\'s Slides
Forensic Discovery--recommended book
HackThis!! -- Another online hacking game, good for extra credit in CNIT 123
How to REALLY erase a hard drive
Windows Password Renew Tool

New Unsorted Links

Robtex - great DNS analysis tool

          
Back to Top
Last Updated: 6-16-09 3 pm