Overview
We are living in a world of incredible modern conveniences. Computers, smart phones, game console, embedded system are involved in our daily lives and have made it possible to have access to all kinds of information where and when we need it.
Access control to these information systems if often implement via encryption & password. Passwords are the most commonly used security tool in the world today. Strong password are the single most important aspect of information security and weak password are the single greatest failure; hence attacking the password is one of the straight forward attack vectors. Password cracking is the process of attempting to guess or recovering secret passwords from data that has been stored in or transmitted by a computer system.
The objective of this seminar is to provide practical and useable information to professionals on how to protect both infrastructure and data from the destruction of cyber criminals.
Course Outline
Introduction
- Introduction to password & encryption
- What are the password attacks and how does it work?
- What systems are at risk?
- Why is it possible to bypass a password?
- Defining system password components
- Windows authentication protocols
- Introduction to various password cracking
- Breaking an encryption scheme
- Cracking into embedded devices
Strategies
- Reconnaissance
- Scanning
- Gaining access
Techniques
- Password cracking techniques
- Password Dump locally and remotely
- Sniff the password of the network
- Passive online attack
- Active online attack
- Offline attack
- Rainbow attack
- FTP, POP3, SNMP Brute Force
- Smart Phones security attack
Tools
- Network sniffing Tools
- Administration Password bypassing Tools
- Decryption Tools
- Password cracking tools
What you will take away from this course
- Key Elements of the Coaching process
- Lab scenarios and manual
- Course manual
Must Attend
This Master Class is specifically designed for key decision makers in both government agencies and private sectors:
- Senior officers from government & not-for- profit sector
- GMs, Profit-Centre Managers who have assumed security/IT
- Auditors who need to build deeper technical skills
- Penetration tester and Ethical hackers
- Corporate Attorneys / Legal Professionals
- Engineers / Technical Managers
- Product & Marketing Managers
- IT manager
- Security manager
Pre requirement
- A fair understanding of computer and network security
- Participants are required to bring along a laptop for training