Lynda – Ethical Hacking Session Hijacking

One of the most sophisticated forms of cyberattacks is session hijacking. Hackers take over network, web, or service sessions-the valid interactions of unsuspecting users-in order to gain unauthorized access to data and systems and attack an organization from the inside. The root failure is weaknesses in common protocols. To prevent these attacks, IT security professionals need to know which protocols are vulnerable and how to test their systems for exposure. This course teaches you what session hijacking is, and how black-hat hackers use it to attack an organization. Learn how TCP, web, and wireless protocols work and how hackers exploit them. Find out how to use built-in Windows and Linux tools, as well as specialized third-party solutions such as Zed Attack Proxy (ZAP) and Cain, to detect and shore up vulnerabilities. Author and cybersecurity expert Malcolm Shore also discusses remote hijacking, which allows hackers to take control of drones or even vehicles. Note: This course maps to the Session Hijacking domain of the Certified Ethical Hacking exam. Review the exam objectives at the EC-Council’s website.

Topics include:
* Hijacking a network session, such as a Telnet session
* Understand web sessions
* Intercepting sessions via man-in-the-middle or man-in-the-browser attacks
* Downgrading a session by stripping SSL
* Using ARP poisoning through Subterfuge
* Hijacking an HTTP session through cookies
* Using hijacking defense tools: Zed Attack Proxy and Cain
* Service hijacking (DNS and SSH)
* Hijacking in the physical world: cars and drones

Direct Download

Share on Facebook0Share on Google+0Tweet about this on TwitterShare on LinkedIn0

You may also like...