Pervec njohjes se programimit per te qene nje hacker duhet pasur njohje per subjektet e meposhtme te ndara ne kategori
Cfare eshte me e ekeqjave e gjithe te keqiave 1 Exploit?
trekendeshi funksional i sigurise
procesi i nje sulmi
Passive reconnaissance
Active reconnaissance
llojet e sulmeve
kategorite e exploits
qellimet qe nje sulmus kerkon te arrije
2: Footprinting
cfare eshte Footprinting
Whois
Sam Spade
Analyze i rezultateve Whois
NSLookup
gjetja e grupeve ne seri ( address range)te rrjetit
ARIN
Traceroute
NeoTrace
Visual Route
Visual Lookout
Smart Whois
eMailTracking Pro
MailTracking.com
3: Skanim
eshte serveri gjalle?
Active stack fingerprinting
Passive stack fingerprinting
Pinger
Friendly Pinger
WS_Ping_Pro
Netscan Tools Pro 2000
Hping2
KingPing
icmpenum
SNMP Scanner
Detecting Ping sweeps
ICMP Queries
netcraft.com
Port Skanim
TCPs 3-way handshake
TCP Scan tipet
IPEye
IPSECSCAN
nmap
Port Scan countermeasures
Hacker Tool: HTTrack Web Copier
Network Management Tools
SolarWinds Toolset
NeoWatch
War Dialing
THC-Scan
PhoneSweep War Dialer
Telesweep
Queso
Cheops
Proxy Servers
Hacker Tool: SocksChain
Surf the web anonim
TCP/IP qe deperton neper HTTP Tunneling
HTTPort
Tunneld
BackStealth
4: Enumeration
What is Enumeration
NetBios Null Sessions
Null Sesion Countermeasures
NetBIOS Enumeration
DumpSec
Hyena
NAT
SNMP Enumertion
SNMPUtil
Hacker Tool: IP Network Browser
SNMP Enumeration Countermeasures
Windows 2000 DNS Zone transfer
Identifying Win2000 Accounts
mjet hackimi:
User2SID
SID2User
Enum
UserInfo
GetAcct
smbbf
SMB Auditing Tools
Active Directory Enumeration
W2K Active Directory attack
5. hack sistemesh
Administrator Password Guessing
Performing Automated Password Guessing
Legion
NTInfoScan
Defending Against Password Guessing
Monitoring Event Viewer Logs
VisualLast
Eavesdroppin on Network Password Exchange
L0phtCrack
KerbCrack
Privilege Escalation
GetAdmin
mjet hakimi: hk
Manual Password Cracking Algorithm
Automatic Password Cracking Algorithm
Password Tipet
Types of Password Attacks
Dictionary Attack
Brute Force Attack
Distributed Brute Force Attack
Password Change Interval
Hybrid Attack
Cracking Windows 2000 Passwords
Retrieving the SAM file
Redirecting SMB Logon to the Attacker
SMB Redirection
SMBRelay
SMBRelay2
pwdump2
SAMdump
C2MYAZZ
Win32 Create Local Admin User
Offline NT Password Resetter
psexec
remoxec
SMBRelay Man-in-the-Middle (MITM)
SMBRelay MITM Countermeasures
SMBGrinder
SMBDie
NBTDeputy
NetBIOS DoS Attack
nbname
John the Ripper
LanManager Hash
Password Cracking Countermeasures
Keystroke Logger
Spector
AntiSpector
eBlaster
SpyAnywhere
IKS Software Logger
Fearless Key Logger
E-mail Keylogger
Hardware Key Logger
Rootkit
Planting Rootkit on Windows 2000 Machine
_rootkit_ embedded TCP/IP Stack
Rootkit Countermeasures
MD5 Checksum utility
Tripwire
mbulues gjurmesh(covering Tracks )
Caktivizimi i Auditing
Auditpol
Pastrimi i ditarit te ngjarjeve
Elslave
Winzapper
Evidence Eliminator
fshehje skedaresh
NTFS File Streaming
makestrm
NTFS Streams Countermeasures
LNS
Steganography
mjete hakimi
ImageHide
BlindSide
MP3Stego
Snow
Camera/Shy
Steganography Detection
StegDetect
Stealth Files
Encrypted File System
dskprobe
EFSView
Buffer Overflows
krijimi i Buffer Overflow Exploit
Outlook Buffer Overflow
: Outoutlook
6: Trojan dhe Backdoors
Overt and Covert
QAZ
Tini
Netcat
Donald Dick
SubSeven
BackOrifice 2000
Back Oriffice Plug-ins
BoSniffer
NetBus
ComputerSpy Key Logger
Beast Trojan
CyberSpy Telnet Trojan
SubRoot Telnet Trojan
LetMeRule
Wrappers
Graffiti
Silk Rope 2000
EliteWrap
IconPlus
Packaging Tool: Microsoft WordPad
Whack a Mole
Trojan Construction Kit
si te shkruash Trojans ne Java
Hacker Tool: FireKiller 2000
Covert Channels
ICMP Tunneling
Hacker Tool: Loki
Reverse WWW Shell
Backdoor Countermeasures
BO Startup and Registry Entries
NetBus Startup and Registry Keys
Port Monitoring Tools
fPort
TCPView
Process Viewer
Inzider - Tracks Processes and Ports
Trojan Maker
Hard Disk Killer
Man-in-the-Middle Attack
dsniffer
Verifikues i System File
TripWire
7.Sniffers
Cfare eshte Sniffer/si funksionon
Ethereal
Snort
WinDump
EtherPeek
Passive Sniffing
Active Sniffing
EtherFlood
Si funksionon ARP
ArpSpoof
DSniff
Macof
mailsnarf
URLsnarf
Webspy
Ettercap
WebMiTM
IP Restrictions Scanner
sTerm
Cain and Abel
Packet Crafter
SMAC
MAC Changer
ARP Spoofing Countermeasures
WinDNSSpoof
Distributed DNS Flooder
WinSniffer
IRIS
NetInterceptor
SniffDet
WinTCPKill
8.(DOS) Denial of Service Attack
Typet e DoS Attacks
si funksionon DoS
Cfare eshte DDoS dhe funksionimi i tij
Mjete hakimi
Ping of Death
SSPing
Land
Smurf
SYN Flood
CPU Hog
Win Nuke
RPC Locator
Jolt2
Bubonic
Targa
Mjete per DDoS Attacks
Trinoo
WinTrinoo
TFN
TFN2K
Stacheldraht
Shaft
mstream
DDoS Attack Sequence
Preventing DoS Attack
DoS Scanning Tools
Find_ddos
SARA
DDoSPing
RID
Zombie Zapper
9.Inxhinjeria sociale
Art of Manipulation
Human Weakness
Common Types of Social Engineering
Human Based Impersonation
Important User
Tech Support
Third Party Authorization
In Person
Dumpster Diving
Shoulder Surfing
Computer Impersonation
Mail Attachments
Popup Windows
Website Faking
Reverse Social Engineering
Policies and Procedures
Social Engineering Security Policies
10 Session Hijacking
Cfare eshte Session Hijacking
Session Hijacking Steps
Spoofing Vs Hijacking
Active Session Hijacking
Passive Session Hijacking
TCP Concepts - 3 way Handshake
Sequence Numbers
Sequence Number Example
Guessing the Sequence Numbers
Juggernaut
Hunt
TTYWatcher
IP Watcher
T-Sight
Remote TCP Session Reset Utility
Rreziqet e Session Hijacking
mbrojtje kunder Session Hijacking
11: Hack Web Serverat
Apache Vulnerability
sulm kunder IIS
IIS Components
ISAPI DLL Buffer Overflows
IPP Printer Overflow
msw3prt.dll
Oversized Print Requests
Jill32
IIS5-Koei
IIS5Hack
IPP Buffer Overflow Countermeasures
ISAPI DLL expozim i kodit burim
ISAPI.DLL Exploit
Defacing (ndryshim i pamjes se Websajteve
IIS Directory Traversal
Unicode
Directory Listing
pastrimi i ditareve te programeve server IIS
LogAnalyzer
Attack Signature
krijimi i nje trojani ne Internet Explorer (IE)
IISExploit
UnicodeUploader.pl
cmdasp.asp
rritja e Privilegjeve ne programet server IIS
IISCrack.dll
ispc.exe
IIS WebDav Vulnerability
WB
RPC Exploit-GUI
DComExpl_UnixWin32
Plonk
Unspecified Executable Path Vulnerability
CleanIISLog
File System Traversal Countermeasures
problemet me HotFix te microsoftit
UpdateExpert
Cacls
Whisker
N-Stealth Scanner
WebInspect
Mjet skanimi serveri ne rrjet: Shadow Security Scanner
12:Aplikacionet ne websajte dhe Vulnerabilities
Documentimi dhe struktura e aplikacioneve
Inspectim manual i Applikacioneve
perdorimi i googles per te inspektuar aplikacionet
Directori Strukture
Instant Source
Java klasat dhe miniprogramet( Applets )
Jad
HTML komente dhe permbajtje
Lynx
Wget
Black Widow
WebSleuth
Cross Side Scripting
Sesion Hijacking using XSS
Cookie Stealing
IEEN
IEflaw
Gjetja e informacioneve sensitive nepermjet Google
13 Teknika krakimi paswordesh ne websajte
Bazat e besushmerise se origjinales( Authentication )
Message Digest Authentication
NTLM Authentication
Certifikata te bazuara ne verifikime krahasime me origjinalen( Authentication)
Certifikata dixhitale
Microsoft Passport Authentication
Verifikim i origjinalit(Authentication) mbeshtetur ne forms/formulare
krijim Certifikatash fallco
WinSSLMiM
Password Guessing
Default Account Database
WebCracker
Brutus
ObiWan
Munga Bunga
Password dictionary Files
Attack Time
Variant
PassList
Query Strings
Post data
Mjete hakimi:
cURL
Stealing Cookies
CookieSpy
ReadCookies
SnadBoy
14: SQL Injection
Cfare eshte SQL Injection Vulnerability
SQL Insertion Discovery
Blank sa Password
Simple Input Validation
SQL Injection
OLE DB Errors
1=1
blah' or 1=1
Parandalimi SQL Injeksion
Databaze Specific SQL Injeksion
Mjete hakimi databazeSQL
SQLDict
SQLExec
SQLbf
SQLSmack
SQL2.exe
Oracle password buster
15: Wireless rrjetet wireless standarti kryesor
802.11
Cfare eshte WEP?
gjetja e WLAN-eve
Krackim i celesaveWEP
Sniffing Trafikut
Wireless DoS Attacks
WLAN Scanners
WLAN Sniffers
MAC Sniffing
Access Point Spoofing
Siguria e rrjeteve wireless
Mjete hackimi NetTumbler
AirSnort
AirSnarf
AiroPeek
WEP Cracker
Kismet
AirSnarf
WIDZ- Wireless IDS
16 Viruset, Worms
Njohje e plote e virusave
si jane krijuar dhe si funksionojne
Cherobyl
ExploreZip
I Love You
Melissa
Pretty Park
Code Red Worm
W32/Klez
BugBear
W32/Opaserv Worm
Nimda
Code Red
SQL Slammer
krijim virusi si nje batch skedar
si te shkruash nje virus
Worms,kodet/instruksionet ndertimi i 1 wormi
17: Novell Hacker
llogarite dhe passwords
aksesimi i skedareve te passwordeve
crackimi passwordeve
Mjete hackimi per sistemet e serverave Novell
Chknull
NOVELBFH
NWPCRACK
Bindery
BinCrack
SETPWD.NLM
Kock
userdump
Burglar
Getit
Spooflog
Gobbler
Novelffs
Pandora
18 Linux
Linux Basics
Compiling Programs in Linux
Scanning Networks
Mapping Networks
Password Cracking in Linux
Linux Vulnerabilities
SARA
TARA
Sniffing
A Pinger in Disguise
Session Hijacking
Linux Rootkits
Linux Security Countermeasures
Zinxhirat dhe tabelat e IP-ve
19. IDS,Firewalls honeypotsIntrusion Detection System
Verifikues te integritetit te sistemit
Si diktohen nderhyrjet e paautorizuara(intrusions)
Diktim anomalish
njohja aprovimi i firmave
Si IDS krahason firmat (Signatures) e aplikacioneve/serviseve qe futen
Verifikim i nje staku te protokollit
Verifikim i protokollit te nje aplikacioni rrjeti
Cndodh pasi nje sistem IDS dikton nje sulm/nderhyrje te paautorizuar
Njohja e llojeve te ndryshme te sistemeve IDS
Njohja e sistemeve detektore ndaj nderhyrjeveSNORT
EvaZion komplet i IDS dhe teknikat
Mjete hacking: fragrouter
TCPReplay
SideStep
NIDSbench
ADMutate
Diktimi i sistemeve detectore te mbrojtjes nga nderhyrjet(IDS)
Mjete per te diktuar Packet Sniffers
Mjete per te injektuar packeta te formatizuara ne rrjet
Hack duke depertuar firewallet
vendosja e Backdoors duke care Firewallet
Fshehja mbrapa Covert Channels
Mjet hacking: Ncovert
Cfare eshte 1 Honeypot?
Honeypots Evasion
Honeypots vendor
mjet hacking: Honeyd
====
20.Buffer overflow
Njohje e plote e buffer overflow si funksionon pasojat teknikat etj Buffer
Buffer Eksploits
Bazat e gjuhes assemby
Si te diktosh Buffer Overflows ne 1 Program
aftesite qe kerkohen
Varesia CPU me OS
Cfare jane Stacks
Buffer Overflows me baze Stack
Teknikat per ta realizuar sic duhet 1 Buffer Overflow
Te shkruash vete ne C/C++ Eksploits Buffer Overflow
Mbrojtje kunder Buffer Overflows
Mjete kontrolli per tipin e Programeve perpilues(compiling)
StackGuard
Immunix
====
21.Kriptografia
Cfare eshte PKI?
Certifikatat digitale
RSA
MD-5
RC-5
SHA
SSL
PGP
SSH
Teknika te krakimit te encripsionit