Join Malcolm Shore for an in-depth discussion in this video What you should know before watching this course, part of Ethical Hacking: Session Hijacking.
- View Offline
- [Instructor] This is a practical course. And during this course, I'll be using a virtualized computing environment called VirtualBox. I'll also be using a number of tools, which are part of the Kali Linux framework, to test systems. If you're not familiar with Kali and virtualization, you should watch my Introduction to Kali Linux course, which will guide you through installing and using them. In addition, I'll be assuming that you understand basic computer and networking concepts, are familiar with Windows, and have a knowledge of basic Linux commands.
This course requires a number of tools to be downloaded and installed, and you can pre-install these tools to avoid unnecessary waiting during the course. The detailed list of tools required to be installed to support this course is available as a PDF in the associated course material.
This course teaches you what session hijacking is, and how black-hat hackers use it to attack an organization. Learn how TCP, web, and wireless protocols work and how hackers exploit them. Find out how to use built-in Windows and Linux tools, as well as specialized third-party solutions such as Zed Attack Proxy (ZAP) and Cain, to detect and shore up vulnerabilities. Author and cybersecurity expert Malcolm Shore also discusses remote hijacking, which allows hackers to take control of drones or even vehicles.
Note: This course maps to the Session Hijacking domain of the Certified Ethical Hacking exam. Review the exam objectives at the EC-Council's website.
- Hijacking a network session, such as a Telnet session
- Understand web sessions
- Intercepting sessions via man-in-the-middle or man-in-the-browser attacks
- Downgrading a session by stripping SSL
- Using ARP poisoning through Subterfuge
- Hijacking an HTTP session through cookies
- Using hijacking defense tools: Zed Attack Proxy and Cain
- Service hijacking (DNS and SSH)
- Hijacking in the physical world: cars and drones