omareldin
Anime Game Developer
2
MONTHS
2 2 MONTHS OF SERVICE
LEVEL 2
900 XP
Personal Reddit Comments Below | CEH v9 Notes - Dads Man Cave.pdf | CEH Cheatsheet.pdf | CEH Cheatsheet 2.pdf | CEH Read Topics.pdf | CEH Impt | Cmd Line Programs.txt | CEH Tools.pdf
* common port numbers and their purposes
* semi-recent vulnerabilities: shellshock (appeared in 3+ questions), heartbleed and poodle
* popular cmd line tools (nmap (tcp, syn, ack [for firewalls], fin [xmas, null], idle scans), netcat, hping3, firewalk, nslookup, dig, john, ssh, tcpdump, metasploit)
* popular GUI programs (roughly know how they work) (wireshark (+ filters), zenmap (nmap gui), maltego, burpsuite, ettercap, cain & abel, nessus, kismet wireless, colasoft packet builder)
* white/gray/blackbox pentesting (all three came out, free marks) (corresponds to: full/partial/no knowledge of internal organization respectively)
* cross site scripting and cross site request forgery
* firewall/ids evasion techniques
* snort ids rule format (came out in a question)
* icmp codes
* regional whois registries (Arin (america), LAcnic (latin america), ripEncc (europe), AFRnic (africa), APnic (asia pacific))
* offline human based attacks (~3+ questions) - social engineering, dumpster diving, tailgating
* wireless - wep (24 bit IV, RC4), wpa (48 bit IV, TKIP), wpa2 (48 bit IV, AES CCMP)
* crypto - symmetric ([3]des, aes), asymmetric (public key) (rsa, diffie hellman), hash (md5 - 128bit, sha1 - 160 bit, sha256 - 256 bit, etc)
skype ID : gray hathackin
= Dis,cord ID: holyhck#1248
* common port numbers and their purposes
* semi-recent vulnerabilities: shellshock (appeared in 3+ questions), heartbleed and poodle
* popular cmd line tools (nmap (tcp, syn, ack [for firewalls], fin [xmas, null], idle scans), netcat, hping3, firewalk, nslookup, dig, john, ssh, tcpdump, metasploit)
* popular GUI programs (roughly know how they work) (wireshark (+ filters), zenmap (nmap gui), maltego, burpsuite, ettercap, cain & abel, nessus, kismet wireless, colasoft packet builder)
* white/gray/blackbox pentesting (all three came out, free marks) (corresponds to: full/partial/no knowledge of internal organization respectively)
* cross site scripting and cross site request forgery
* firewall/ids evasion techniques
* snort ids rule format (came out in a question)
* icmp codes
* regional whois registries (Arin (america), LAcnic (latin america), ripEncc (europe), AFRnic (africa), APnic (asia pacific))
* offline human based attacks (~3+ questions) - social engineering, dumpster diving, tailgating
* wireless - wep (24 bit IV, RC4), wpa (48 bit IV, TKIP), wpa2 (48 bit IV, AES CCMP)
* crypto - symmetric ([3]des, aes), asymmetric (public key) (rsa, diffie hellman), hash (md5 - 128bit, sha1 - 160 bit, sha256 - 256 bit, etc)
skype ID : gray hathackin
= Dis,cord ID: holyhck#1248
