Practice Exams:

View All

312-50: CEH Certified Ethical Hacker (312-50v9)

PDFs and exam guides are not so efficient, right? Prepare for your ECCouncil examination with our training course. The 312-50 course contains a complete batch of videos that will provide you with profound and thorough knowledge related to ECCouncil certification exam. Pass the ECCouncil 312-50 test with flying colors.

Rating

4.6

Students

404

Duration

15:48:58 h

$16.49

$14.99

Curriculum for 312-50 Certification Video Course

Build Your Lab - In the Future We will offer an Online Solution

10 Lectures

Time 00:51:11

Ethical Hacking Overview

22 Lectures

Time 01:09:44

FootPrinting - Reconnaissance and Information Gathering

21 Lectures

Time 01:31:42

Linux Overview

9 Lectures

Time 00:25:57

Detecting Live Systems - Port Scanning

9 Lectures

Time 00:29:19

Enumernation - What Can We Get For Free?

7 Lectures

Time 00:32:20

Cryptography

8 Lectures

Time 00:39:05

Malware - Sofware Goes Undercover

17 Lectures

Time 01:41:53

System Hacking

24 Lectures

Time 03:03:08

Advanced Hacking and Explotiation Techniques

11 Lectures

Time 01:13:49

Attacking Databases

8 Lectures

Time 00:53:06

Attacking Wireless Networks and Mobile Phones

9 Lectures

Time 00:44:37

Networks - Sniffing, ARP Poisioning, and Breaking SSL

9 Lectures

Time 00:48:43

Firewalls, IDS and IPS and some New Age Protection

5 Lectures

Time 00:22:57

Attacking Web Technologies

11 Lectures

Time 01:08:57

So Your Ready To Take Your Test

1 Lectures

Time 00:07:16

Bonus Section

1 Lectures

Time 00:05:14

Name of Video	Time
1. Create A VeraCrypt Container to Protect Your Laptop or Desktop	10:48
2. Build a Manual Lab 01	03:48
3. Lab Legalities	02:44
4. Getting to Know Your Win2k VM	05:25
5. Getting to Know Your XPAttacker VM	03:04
6. Getting to Know You Win7 VM	03:57
7. Getting to Know Your Win2k3-AD	01:27
8. Getting to Know Your WebApp	01:31
9. Putting Our Lab Together Step By Step	12:30
10. Tying everying together in our Lab	05:44

Name of Video	Time
1. Introduction to Pentesting and Ethical Hacking	00:31
2. Teaser-How Hackers Obtain Serial Numbers Even VMware Workstation Pro	04:58
3. Defintion of a Penetration Test	01:46
4. The Evolving Threat	01:49
5. The Vulnerabilty Lifecycle	02:16
6. Map.Norsecorp.com	01:56
7. Botnet Definition	05:12
8. Defense in Depth	04:47
9. MetaData	03:30
10. Types of PenTests	04:47
11. Types of Hackers	01:32
12. Common Definitions	01:43
13. Hacker vs. Penetration Tester	05:27
14. Penetration Testing Terminology	03:10
15. Essential Terminology	03:51
16. OSSTMM Methodology	08:43
17. Tools vs Technique	04:45
18. Things are not always as they seem	01:13
19. Calculating Risk & Formulas	02:48
20. Analyzing Findings	00:45
21. Calculating SLE, ARO, ALE	01:06
22. Other Penetration Testing Methodologies	03:15

Name of Video	Time
1. Introduction to Footprinting	00:43
2. What Information is Gathered by the Hacker	05:37
3. Methods of Obtaining Information And Physical Access	01:24
4. Social Access	04:27
5. Digital Access	03:02
6. Passive vs Active Reconnaissance	02:14
7. Footprinting Defined	01:32
8. Exercise: Footprinting Tool: Maltego	02:03
9. Most Powerful Hacking Tool on the Internet Today	04:16
10. Instructor Demonstration - The Power of Google -A	05:44
11. Instructor Demonstration - The Power of Google -B	10:16
12. Instructor Demo: GoogleAlerts	04:24
13. Removing Searchable Content	04:55
14. Internet Archive: The WayBack Machine	06:44
15. Domain Name Registration-WhoIs Information	01:20
16. Instructor Demonstation - CentralOps	06:14
17. DNS Databases	03:21
18. Traceroute Operation	05:30
19. InstructorDemonstration: Online Tools	04:19
20. Spokeo - No Refuge for the Wealthy	04:59
21. Netcraft, DoaminsbyProxy, Countermeasures	08:43

Name of Video	Time
1. Introduction to Linux	00:24
2. Linux History - Linus + Minux = Linux	02:29
3. Linux GUI Desktops	02:09
4. Linux Shell Linux Bash Shell	02:31
5. Passwd & Shadow File Formats	01:52
6. InstructorDemo:User Account Management	06:20
7. Tarballs & Zips & Installing VMware Tools	05:30
8. Compiling Programs in Linux, Shell Shock, Poodle Vulnerability	02:44
9. Most Popular Linux Security Distribution	01:58

Name of Video	Time
1. Introduction to Port Scanning	00:15
2. Introduction to Port Scanning	02:32
3. TCP/IP Stack	06:22
4. TCP 3-Way HandShake	07:00
5. NMap ServiceVersion Detection And Demo	01:44
6. Instructor Demonstration-Engage, NmapScans	01:24
7. Hping3, NMap -O	01:32
8. Fuzzy Logic	01:30
9. Countermeasures: Scanning	02:21

Name of Video	Time
1. Intro to Enumeration	00:17
2. Grabbing Banners	04:25
3. Shodan	05:20
4. ZoneTransfers	05:01
5. DNS Enumeration	04:26
6. SNMP Countermeasures, AD and AD Countermeasures	04:13
7. Null Sessions	08:40

Name of Video	Time
1. Intro Into Cryptography	00:31
2. Beginings of Cryptography	04:36
3. Implementation, Stream Cipher, Block Cipher and the Enigima	08:54
4. Asymetric Encryption, Hybrid Encryption, Comparison of Algorithims, Key Exchange	05:07
5. Hashing, Hashing Collisions, Common Hash Algorithms	09:38
6. Ransomware	03:07
7. IPSec and SSH	03:46
8. PKI Applications, Quantum Crypto and VeraCrypt	03:27

Name of Video	Time
1. Introduction to Malware and How The Internet Makes Money	00:23
2. Things that make the World Go Around - Well as far as the Internet is concerned	09:10
3. Trojans and Back Doors	06:17
4. Defining Malware: Viruses and Worms	07:14
5. Defining Malware: Spyware	05:35
6. Data Loss Prevention (DLP) and other Creepy things	10:31
7. Distributing Malware	06:19
8. Malware Capabilities	05:27
9. Auto Starting Malware	01:44
10. Tool: Netcat	03:41
11. Demo: NetCat Procedure	10:28
12. Executable Wrappers	04:22
13. Instructor Demo: Executeable Wrappers 1	08:51
14. Instructor Demo: Executeable Wrappers 2	01:53
15. Malware Avoiding Detection	04:33
16. Malware Countermeasures 1	08:10
17. Malware Countermeasures 2	06:39

Name of Video	Time
1. Introduction to System Hacking Introduction	01:00
2. Types of Password Attacks, Keystroke Loggers	05:44
3. Password Guessing Online	07:44
4. Cracking Windows Passwords - A	03:25
5. Cracking Windows Passwords - B	08:32
6. Cracking Windows Passwords - C	07:00
7. Cracking Windows Passwords - D	08:00
8. Cracking Windows Passwords - E	08:25
9. Countermeasures: Stealing the Passwords, Syskey, Salting	08:41
10. Cloud Cracking Techniques	01:55
11. Generating Rainbow Tables, Free Rainbow Tables	03:17
12. Password Hash Insertion Attack	09:21
13. Demonstration MimiKatz	10:59
14. Privilege Escalation, Countermeasures	05:37
15. Covering Tracks, Disable Auditing, Clearing the Event Log	03:04
16. Alternate Data Streams Demonstration - A	08:07
17. Alternate Data Streams Demonstration - B	11:55
18. Alternate Data Streams Demonstration - C	10:39
19. Anonymizers - JAP	03:42
20. Steganography	11:41
21. Virtually Complete Secrecy, TOR	11:02
22. RootKits - Overview	08:39
23. RootKits - Frightening Demo	13:22
24. Root Kit Countermeasures, Tokens and Smart Cards	11:19

Name of Video	Time
1. Introduction to Advanced System Explotation	01:00
2. How do Exploits Work?	05:08
3. Buffer Over Flows Introduction I do when Speaking at a Conference	05:59
4. Processors and Stacks	10:23
5. Basic Types of Buffer Overflows And Demo 01	11:12
6. Basic Types of Buffer Overflows And Demo 02	09:27
7. Basic Types of Buffer Overflows And Demo 03	01:37
8. Stages of Exploit Development	07:54
9. Buffer Overflow Prevention	05:08
10. The Metasploit Project	05:10
11. Core Impact Overview	12:54

Name of Video	Time
1. Introduction to Database Management Systems	00:23
2. Overview of Databases, Types of Databases, Relations of Databases	07:16
3. View of DBMS, Injecting a DBMS, Why SQL Injection, SQL Connection Properties	06:40
4. SQL Injection Types, Stored Procedures, Shutdown, Locating SQL, Sensitive Info	09:21
5. Hardening SQL Server	09:21
6. SQL Injection Demo 1	09:54
7. SQL Injection Demo 2	06:10
8. SQL Injection Demo 3	04:03

Name of Video	Time
1. Introduction to WiFi and Mobile Hacking	00:26
2. WiFiNetwork Types, Widely Deployed Standards, A, B, G, 802.11n - MIMO, 802.11ac,	04:09
3. 802.11n - MIMO, 802.11ac, SSID, MAC Filtering, WEP, Weak IV Packets	05:44
4. XOR Basics, WEP Weaknesses	03:26
5. TKIP, WPA vs WEP, WPA MIC Vulnerabilty, WPA-PSK Encryption	03:26
6. Kismet, Aircrack-ng, Aireplay	02:54
7. EAP Types, EAP Advantages/DisAdvantages, Typical Wired/Wireless Network	02:47
8. Exercise/Assignment; Cracking WPA/WPA2 Password Preparation	12:45
9. Exercise/Assignment; Cracking WPA/WPA2 Password - Solution	05:19

Name of Video	Time
1. Introduction to Sniffing	00:17
2. Packet Sniffers, PCap & WinPcap, Wireshark, TCP Reassembly, Packetyzer	07:34
3. TCP Dump & WinDump, Network Miner Wildpackets, Cain and Able, Passive Sniffing	04:16
4. Active Sniffing & Methods, Switch Table Flooding	04:22
5. Arp Cache Posioning	06:00
6. Arp Cache Posioning Tools and Countermeasures	05:35
7. Breaking SSL Traffic, Intercepting VoIP, Routing Protocols, RDP, Passwords and M	06:18
8. Exercise/Assignment Breaking SSL - Preparation	09:03
9. Exercise/Assignment Breaking SSL - Solution	05:19

Name of Video	Time
1. Introduction tp Firewalls, IDS and IPS WAF	00:08
2. Firewall - Your First Line of Defense	06:35
3. IDS Your Second Line of Defense	04:55
4. Web Application Firewall and Evasion Techniques'	07:45
5. Behavioural Firewalls and IPS Systems	03:35

Name of Video	Time
1. Introduction to Web Application	00:42
2. Common Security Threats, Need for Monitoring, SANS Seven MGT Errors	06:35
3. Anatomy of a Web Attack, Web Attack Techniques, Typical Web App Componets	05:12
4. Logs Cancanolization and Other Attacks	03:36
5. Web App Scanner, HTTrack,HTTPrint, Proxies	07:07
6. Directory Traversal & Other Common Vulnerabilties	09:44
7. XSS Demo and Countermeasures	08:50
8. Common Ways to Attack Web Technologies, Cross Site Scripting (XSS)	08:50
9. Cross Site Request Forgery	06:03
10. Cookies and Session Management	05:19
11. OWASP Top 10	07:05

Name of Video	Time
1. So your Ready To Take Your Test 1?	07:16

Name of Video	Time
1. Backing Up our Veracrypt Storage Enclosure for Saftey	05:14

ECCouncil CEH 312-50 Exam Dumps, Practice Test Questions

100% Latest & Updated ECCouncil CEH 312-50 Practice Test Questions, Exam Dumps & Verified Answers!
30 Days Free Updates, Instant Download!

$69.97

$49.99

312-50 Premium Bundle

Premium File: 614 Questions & Answers. Last update: Jun 5, 2023
Training Course: 182 Video Lectures
Study Guide: 545 Pages

Latest Questions
100% Accurate Answers
Fast Exam Updates

312-50 Premium Bundle

Premium File: 614 Questions & Answers. Last update: Jun 5, 2023
Training Course: 182 Video Lectures
Study Guide: 545 Pages

Latest Questions
100% Accurate Answers
Fast Exam Updates

$69.97

$49.99

Free 312-50 Exam Questions & 312-50 Dumps

File Name	Size	Votes
File Name eccouncil.test-inside.312-50.v2023-04-21.by.elsie.360q.vce	Size 1.47 MB	Votes 1
File Name eccouncil.real-exams.312-50.v2021-04-26.by.maria.360q.vce	Size 1.47 MB	Votes 2

ECCouncil 312-50 Training Course

Want verified and proven knowledge for CEH Certified Ethical Hacker (312-50v9)? Believe it's easy when you have ExamSnap's CEH Certified Ethical Hacker (312-50v9) certification video training course by your side which along with our ECCouncil 312-50 Exam Dumps & Practice Test questions provide a complete solution to pass your exam Read More.

Ethical Hacking Overview

20. Analyzing Findings

Now, when you go through and actually stumble across some particular finding, you need to analyse that finding. It's really interesting because this is kind of a tongue twister. It can really kind of turn you around backward if you're not really careful. So I'm going to give you some examples of this in the questions that you're going to use. But the thing that you need to understand is that a false positive is something that's incorrectly identified. A false negative is something that's incorrectly rejected. A true negative is something that is correctly rejected. And a true positive is something that is correctly identified.

21. Calculating SLE, ARO, ALE

Okay, guys, just one last calculation, and we're going to end up wrapping this thing up. This is going to give us the capability, with some of these formulas, to calculate the single loss expectancy, an annualised rate of occurrence, and an annual loss expectancy, right? So let's give us an example for this. The single loss expectation is, in this example, $50,000 per event. Maybe something happens where a server is taken out and it's going to cost us $50,000 to fix it. With an annualised rate of occurrence of about 50%, the risk is expected to occur once every other year on average. So the annualised loss expectancy is equal to $50,000 times the aro, which is the annualised rate of occurrence, or $25,000.

22. Other Penetration Testing Methodologies

Okay, guys, we're just about ready to wrap this particular section up. And one of the last things we're going to talk about are the penetration testing methodologies. And you probably thought, "Well, wait a minute, Tim." We've already talked about that. That was the one you said was the most popular, the O.S.S. model. And you're absolutely right. We did. We talked about this because it is indeed the most popular. It was written by a gentleman by the name of Peter Herzog. It's not necessarily the only methodology. There are other ones that can be used in a penetration test as well. There's one. For example, the NIST methodology for the National Institute of Standards and Technology They provide a guideline on network security testing. Financial institutions tend to have their own. So this one happens to be for the Federal Financial Institution Examination Council, or FFIEC. And then lastly, we have one of these from the Information System Security Assessment Framework, all right? And you'll typically see it written as "open system" or "Oissg." Now, you may be asking yourself, "Do I need to use all of these?" And the answer is, no, you don't. You are typically told which methodology you should be using in the particular environment that you're bidding on. So if it's a bank or financial institution, it's very likely you're going to be using the FFIEC if it's pretty much anything else. In my experience, it's always been the OSS TMM, but that doesn't mean you couldn't create your own methodology. Now remember, a methodology is nothing more than a described series of steps to get to or achieve some goal. And so if everyone is doing the same steps and we're in sync, that means that we both should arrive at the same determination. So there are companies that may take some things from the OSSM and maybe some other things from this. You can move things around if you would like to, unless there is some reason in your organisation why they want to have it done in a particular way. But the biggest thing is that you've got to be consistent. You've got to do it this way every time, because you're going to be using these penetration tests—the one from last year, the one from six months ago, and so on to compare to the results you have today. And it's interesting because some people look at things that need to be fixed right away, while others sometimes tend to shrug some of this off. and we'll talk about that more in the next particular section.

FootPrinting - Reconnaissance and Information Gathering

1. Introduction to Footprinting

In this section, we'll talk about information that is gathered by the hacker. We'll discuss methods of obtaining information: physical access, social engineering access, digital access, passive versus active reconnaissance foot printing, and we'll discuss tools like Reconciliation and G foot printing tools like Multigo, the most powerful hacking tool on the internet today, and foot printing tools like in his Lookup traceroute and the Edge database. We'll discuss Google and its query operators, the Internet Arcade, the Wayback Machine, the domain name registration, and who is the operator, as well as demonstrations on various topics.

2. What Information is Gathered by the Hacker

In this particular lecture, we're going to take a look at what information is gathered by the hacker. The idea behind "foot printing" a network is to get an idea of how much of the layout and specifications we have without altering the target. Like a bank robber in a heist film, you would look to obtain blueprints of the network and company, including what type of alarm system they have and those kinds of things. Think of Ocean's Eleven or one of those types of films where they plan this out meticulously. They know exactly how much time it takes to get from point A to point B. That's the whole idea behind Foot printing in our Footprinting that we're going to do ourselves. This is going to include things like what servers and versions of software they're running, how the internal network is actually configured, and what formats they use for internal usernames and email addresses.

Once this blueprint is complete, you'll be in a much better position to see what methods, routes, and specifications your attack will actually take and how to exploit it. The first thing the hacker is going to want to know is who owns this system. Is it going to be someone who would perhaps chase after them if they attempt to try and break in? Let's take the example of Kindergartner Day Center and compare that with BankofAmerica.com. If we broke into a kindergarten daycare, it's very unlikely that someone is going to be chasing after us, trying to figure out what we're doing. But boy, the Bank of America, that would be the place where somebody would be doing that. They're going to be interested in who owns these systems. They're going to be interested in what kinds of systems are being used. If we just simply go out to Monster.com or Dice.com, if they're advertising somebody, we need somebody to get off of. We need someone to help move our system from this version of Active Directory to this version of Active Directory. They're actually telling you what kind of systems they actually have. How many offices do we have? The more offices that we have, the more our IT infrastructure is spread out. When I worked at the mortgage company in Dallas, we had 987 branches around the US.

We had our main sport in Dallas. So if I were to attack one of those mortgage branches, it would make sense to attack one of the branches and then ride back in on that connection to the Dallas office. What sort of connectivity do we have between the sites? Are we connected via leased lines, tone lines, or fractional T-1 lines? In other words, connections that we would get from the phone company? Or are we leveraging things over the Internet, perhaps things over the Internet where we're encrypting the connection between them? What type of telephone PABX systems are being used? Now I'm going to take a different approach to this on the next slide, and I'm going to get into that one. Central or decentralised It support. Centralized Support may be easier or less easy to fool, but you need to know where your support is actually located and what servers and services are accessible from the internet. I want to do this really quick example and explain to you that when we were talking about the telephone and PABX system, this is something called walking the ORG chart. When I say "walking the ORG chart," I'm talking about walking the organisational chart of the company. Let's say, for example, we call in at two in the morning and call into the help desk, where Bill is the person we're trying to target. He answers the phone.

This is Bill's cheer at extension 44 21. I'm sorry, I'm not available right now. If you need meeting assistance, you can call my boss, John Sears, at extension 412. Then we hang up the phone and call John Sears. John Sears answers the phone. Hello, this is John Sears at extension 4412. I'm not available right now. If you need immediate assistance, you can call my boss, Greg Simmons, at extension 44 32. We have all of the information needed to pull off what we're trying to do. We call Bill back in, and we explain to Bill.Bill, this is Greg Simmons. Do you know who I am? Yes, Mr. Simmons. Of course I do. Unfortunately, we have a problem with your boss, John Sears. Can I definitely depend on you to keep this conversation between just us? Oh, yes, of course I can do that. I need you to reset John's password, and please do not give him another one until I say so. Can you do that for me? Yes, of course I could do that. Now we've just laid out the fact that Bill can expect to get ahead if he keeps up with and moves ahead of John. Now, this is not going to work if Bill and John are good friends, but you know, any time you're trying to do footprinting or reconnaissance, you have to take a few chances. And so this is what's referred to as "walking the ORG chart."

Prepared by Top Experts, the top IT Trainers ensure that when it comes to your IT exam prep and you can count on ExamSnap CEH Certified Ethical Hacker (312-50v9) certification video training course that goes in line with the corresponding ECCouncil 312-50 exam dumps, study guide, and practice test questions & answers.

Comments (5)

Add Comment

Please post your comments about 312-50 Exams. Don't share your email address asking for 312-50 braindumps or 312-50 exam pdf files.

Drake17
Australia
May 09, 2023

the course was wonderful but I think the instructor should have clearly distinguished between black-hat hackers and white-hat hackers. these two terms are a little bit confusing for me.

Zedong泽
United Kingdom
Apr 20, 2023

The instructor has truly simplified what we thought to be complex. The truth is that the instructor is a genius in this field and I believe he is one of the best hackers on this planet. Many thanks!

braxton Randall
United Kingdom
Apr 05, 2023

this course hasn't let me down at all! I thought someone must go to a higher institution of learning and pay a lot of money to get this. thanks so much to the people who have made this video course.

ULMER
Ireland
Mar 18, 2023

fantastic! I have gained the skills to interact with the Unix terminal. I can read all the IP addresses of the computers connected to my system. I can deny or give access.

corin
Singapore
Mar 01, 2023

This tutorial is the most sought by many computer experts outside. I can now refer all my friends to join this course since it has all that hackers need.