Scribd
Upload
299 views82 pages

CEHV8 - References

Uploaded by

phsgb1
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
299 views82 pages

CEHV8 - References

Uploaded by

phsgb1
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 82

Exam 312-50 Certified Ethical Hacker Ethical Hacking and Countermeasures

References
Module 01: Introduction to Ethical Hacking
1. Zero-day attacks are meaner, more rampant than we ever thought, from
http://arstechnica.com/security/2012/ 10/zero-day-attacks-are-meaner-and-more-plentiful-than-
thought/.
2. SECURITY POLICY: TARGET, CONTENT, & LINKS, from
http://csrc.nist.gov/nissc/1998/proceedings/paperG4.pdf.
3. Anatomy of the Hack - Hands-on Security, from http://www.slideshare.net/NewBU/anatomy-of-the-
hack-handson-security-information-assurance-dub.
4. Hacker methodology, from http://www.hackersecuritymeasures.com/.
5. Ethical Hacking, from www.securedeath.com.
6. C. C. Palmer, Ethical hacking from http://researchweb.watson.ibm.com/journal/sj/403/palmer.html.
7. An Overview of Computer Security, from
www.cc.gatech.edu/classes/AY2005/cs4803cns_fall/security_overview.ppt.
8. Dr. Death, (2006), Ethical Hacking, from http://www.securedeath.com.
9. Ethical Hacking, from http://neworder.box.sk/news/921.
10. How are Penetrating Testing conducted?, from www.corsaire.com.
11. Ethical Hacking: The Security J ustification Redux, from
http://www.sosresearch.org/publications/ISTAS02ethicalhack.PDF.
12. Ethical Hacking, from www.sosresearch.org/publications.
13. Ethical Hacking, from www.research.ibm.com.
14. Covering Tracks, from http://rootprompt.org.
15. Attack, from http://www.linuxsecurity.com/content/view/17/70/.
16. Security Issues in Wireless MAGNET at Networj Layer, from
http://csce.unl.edu/~jaljaroo/publications/TR02-10-07.pdf.
17. Glossary of Security and Internet terms, from
http://wssg.berkeley.edu/Securitylnfrastructure/glossary.html.
18. Glossary of Vulnerability Testing Terminology, from
http://www.ee.oulu.fi/research/ouspg/sage/glossary/.
19. Information about hackers, from http://www.antionline.com/.
20. Information about hackers, from http://w2.eff.org/Net_culture/Hackers/.
21. LEX LUTHOR, information about hackers, from http://bak.spc.org/dms/archive/britphrk.txt.
22. Information about hackers, from http://directory.google.com/Top/Computers/Hacking/.
23. Information about hackers, from http://directory.google.com/Top/Computers/Security/Hackers/.
24. Information about hackers, from http://bak.spc.org/dms/archive/profile.html.
References Page 2976 Ethical Hacking and Countermeasures Copyright by EC-COUIICil
All Rights Reserved. Reproduction is Strictly Prohibited.
Ethical Hacking and Countermeasures Exam 312-50 Certified Ethical Hacker
References
25. Information about hackers, from
http://dir.yahoo.com/Computers_and_lnternet/Security_and_Encryptior1/Hacking/.
Module 02: Footprinting and Reconnaissance
26. Search Operators, from http://www.googleguide.com/advanced_operators.html.
27. The Complete Windows Trojans Paper, from
http://www.windowsecurity.com/whitepapers/trojans/The_Complete_Windows_Trojans_Paper.html.
28. Naples, (2008), Information Gathering Tools, Available from
http://it.toolbox.com/wiki/index.php/lnformation_Gathering_Tools.
29. Extract Website Information from archive.org, Available from www.archive.org.
30. Footprinting, from
http://www.ethicalhacker.net/component/option,com_smf/ltemid,49/topic,228.msg672.
31. Simson Garfinkel and David Cox, (2009), Finding and Archiving the Internet Footprint,
http://simson.net/clips/academic/2009.BL.lnternetFootprint.pdf.
32. CHAPTER 2 [FOOTPRINTING], from http://www.ecqurity.com/wp/footprinting-encored.pdf.
33. Donna F. Cavallini and Sabrina 1. PACIFICI, Got COMPETITIVE INTELLIGENCE,
http://www.llrx.com/features/gotci.ppt.
34. Spammers & hackers: using the APNIC Whois Database to find in their network, from
http://www.apnic.net/info/faq/abuse/using_whois.html.
35. P. Mockapetris, (1987), DOMAIN NAMES - CONCEPTS AND FACILITIES, from
h tt p ://www. i e tf. 0 rg/ rf c/ rf c 1034. txt.
36. Manic Velocity, Footprinting And The Basics Of Hacking, from
http://web.textfiles.com/hacking/footprinting.txt.
37. Dean, (2001), Windows 2000 Command Prompt Troubleshooting Tools, from
http://www.pcmech.com/show/troubleshoot/192/.
38. nslookup Command, from
http://publib. boulder. ibm.com/infocenter/pseries/v5r3/index.jsp?topic=/com.ibm.aix.doc/cmds/aixcmd
s4/nslookup.htm.
39. The nslookup Manual Page, from http://www.stopspam.org/usenet/mmf/man/nslookup.html.
40. Bob Hillery, (2001), Neohapsis Archives - Incidents list - Re: Finding out who owns ..., from
http://archives.neohapsis.com/archives/incidents/2001-01/0032.html.
41. Ryan Spangler, (2003), Analysis of Remote Active Operating System Fingerprinting Tools, from
http://www.packetwatch.net/documents/papers/osdetection.pdf.
42. Ryan Spangler, (2003), Analysis of Remote Active Operating System Fingerprinting Tools, from
http://www.securiteam.com/securityreviews/5ZP010UAAI.html.
43. Fingerprint methodology: 1PID sampling, from http://www.insecure.org/nmap/nmap-fingerprinting-
old.html.
44. Fyodor, (1998), Remote OS detection via TCP/IP Stack Fingerprinting, from
http://www.donkboy.com/html/fingerprt.htm.
45. Remote OS Detection, from http://nmap.org/book/osdetect.html.
46. Regional Internet Registry, from http://en.wikipedia.org/wiki/Regional_lnternet_Registry.
47. Boy Scouts, Fingerprinting from http://onin.eom/fp/fpmeritbdg.html#top.
48. The Hacker's Choice, from http://freeworld.thc.org/welcome/.
49. THC Fuzzy Fingerprint, from http://freeworld.thc.org/thc-ffp/.
References Page 2977 Ethical Hacking and Countermeasures Copyright by EC-COUIICil
All Rights Reserved. Reproduction is Strictly Prohibited.
Ethical Hacking and Countermeasures Exam 312-50 Certified Ethical Hacker
References
50. Katherine Knickerbocker, CJ 625 Student Paper, from http://all.net/CID/Attack/papers/Spoofing.html.
51. Arik R. J ohnson, What is competitive intelligence? How does competitive ..., from
http://aurorawdc.com/whatisci.htm.
52. Guangliang (Benny), (2006), Spamming and hacking, from
http://www.apnic.net/info/faq/abuse/using_whois.html.
53. Dhillon, (2006), Footprinting: The Basics of Hacking: Hack In The Box, from
http://www.hackinthebox.org/modules.php?op=modload&name=News&file=article&sid=5359&mode=t
hread&order=0&thold=0.
54. Roshen, (2006), Paladion - Customers - Success Stories - Penetration Testing, from
http://paladion.net/pentration_testing.php.
55. Paul Thompson, (2006), Cognitive Hacking and Digital Government: Digital Identity, from
http://www.ists.dartmouth.edu/library/chd0803.pdf.
56. Greg Sandoval, (2006), MPAA accused of hiring a hacker, from
http://news.com.com/MPAA+accused+of+hiring+a+hacker/2100-1030_3-6076665.html.
57. Kurt Seifried, (2005), Closet20001213 Backdoors, Back Channels and HTTP(S), from
http://www.seif ried.org/security/index.php/Closet20001213_Backdoors,_Back_Channels_and_HTTP(S).
58. Happy Browser, (2005), from http://www.hotscripts.com/Detailed/39030.html.
59. Client-server architecture, from http://www.networkintrusion.co.uk/N_scan.htm.
60. Elegant architecture: NASI, from http://www.nessus.org/features/.
61. The Signatures, from http://www.honeynet.org/papers/finger/.
62. Ryan Spangler, (2003), Analysis of Remote Active Operating System Fingerprinting Tools, Nmap tool:
technique, from http://www.securiteam.com/securityreviews/5ZP010UAAI.html.
63. Beware!: War dialing, Sandstorm Sandtrap 1.5 Wardialer Detector Plus 16 and Basic Detectors, from
http://www.data-connect.com/Santstorm_PhoneSweep.htm.
64. Appendix A - Glossary of Terms: IPSEC, from
http://www.imsglobal.org/gws/gwsvlpO/imsgws_securityProfvlpO.html.
65. Def. and info. Vulnerability scanning, from
http://www.webencanto.com/computer_glossary/Communications/Ethics/vulnerability_scanning.html.
66. Footprinting, from http://books.mcgraw-
hill. com/downloads/products//0072193816/0072193816_ch01. pdf].
67. P. Mockapetris, Zvon - RFC 1034 [DOMAIN NAMES - CONCEPTS AND FACILITIES] - DOMAIN..., from
http://www.zvon.org/tmRFC/RFC1034/Output/chapter3.html.
68. Gaurav, (2006), The Domain Name System (DNS), from
http://people.csa.iisc.ernet.in/gaurav/np/rfcs/dns.html.
69. Using the Internet for Competitive Intelligence, from
http://www.cio.com/CIO/arch_0695_cicolumn.html.
70. Reporting network abuse: Spamming and hacking, from
http://www.apnic.net/info/faq/abuse/using_whois.html.
71. Bastian Ballmann, (2011), Information gathering tools, from http://www2.packetstormsecurity.org/cgi-
bin/search/search.cgi?searchvalue=information+gathering&type=archives&[search].x=0&[search].y=0.
72. Google Earth, from http://www.google.com/earth/index.html.
73. pipl,from https://pipl.com/.
74. spokeo, from http://www.spokeo.com.
75. Zaba Search, from http://www.zabasearch.com.
References Page 2978 Ethical Hacking and Countermeasures Copyright by EC-COUIICil
All Rights Reserved. Reproduction is Strictly Prohibited.
Ethical Hacking and Countermeasures Exam 312-50 Certified Ethical Hacker
References
76. 123 People Search, from http://www.123people.com.
77. Zoomlnfo, from http://www.zoominfo.com.
78. PeekYou, from http://www.peekyou.com.
79. Wink People Search, from http://wink.com.
80. Intelius, from http://www.intelius.com.
81. AnyWho, from http://www.anywho.com.
82. PeopleSmart, from http://www.peoplesmart.com.
83. People Lookup, from https://www.peoplelookup.com.
84. WhitePages, from http://www.whitepages.com.
85. Facebook, from https://www.facebook.com/.
86. Linkedln, from http://www.linkedin.com.
87. Google+, from https://plus.google.com.
88. Twitter, from http://twitter.com.
89. Google Finance, from http://finance.google.com/finance.
90. Yahoo Finance, from http://finance.yahoo.com.
91. Zaproxy, from https://code.google.eom/p/zaproxy/downloads/list.
92. Burp Suite, from http://portswigger.net/burp/download.html.
93. Firebug, from https://getfirebug.com/downloads/.
94. HTTrack Website Copier, from http://www.httrack.c0m/page/2/ .
95. BlackWidow, from http://softbytelabs.com/us/downloads.html.
96. Webripper, from http://www.calluna-software.com/Webripper.
97. SurfOffline, from http://www.surfoffline.com/.
98. Website Ripper Copier, from http://www.tensons.com/products/websiterippercopier/.
99. PageNest, from http://www.pagenest.com.
100. Teleport Pro, from http://www.tenmax.com/teleport/pro/download.htm.
101. Backstreet Browser, from http://www.spadixbd.com/backstreet/.
102. Portable Offline Browser, from http://www.metaproducts.com/Portable_Offline_Browser.htm.
103. Offline Explorer Enterprise, from http://www.metaproducts.com/offline_explorer_enterprise.htm.
104. Proxy Offline Browser, from http://www.proxy-offline-browser.com/.
105. GNU Wget, from ftp://ftp.gnu.org/gnu/wget/.
106. iMiser, from http://internetresearchtool.com.
107. Hooeey Webprint, from http://www.hooeeywebprint.com.s3-website-us-east-
l.amazonaws.com/download.html.
108. Wayback Machine, from http://archive.org/web/web.php.
109. WebSite-Watcher, from http://aignes.com/download.htm.
110. eMailTrackerPro, from http://www.emailtrackerpro.com.
111. PoliteMail, from http://www.politemail.com.
112. Email Lookup - Free Email Tracker, from http://www.ipaddresslocation.org.
113. Read Notify, from http://www.readnotify.com.
114. Pointofmail, from http://www.pointofmail.com.
References Page 2979 Ethical Hacking and Countermeasures Copyright by EC-COUIICil
All Rights Reserved. Reproduction is Strictly Prohibited.
Ethical Hacking and Countermeasures Exam 312-50 Certified Ethical Hacker
References
115. DidTheyReadlt, from http://www.didtheyreadit.com.
116. Super Email Marketing Software, from http://www.bulk-email-marketing-software.net.
117. Trace Email, from http://whatismyipaddress.com/trace-email.
118. WhoReadMe, from http://whoreadme.com.
119. MSGTAG, from http://www.msgtag.com/download/free/.
120. GetNotify, from http://www.getnotify.com.
121. Zendio, from http://www.zendio.com/download.
122. G-Lock Analytics, from http://glockanalytics.com.
123. EDGAR Database, from http://www.sec.gov/edgar.shtml.
124. Hoovers, from http://www.hoovers.com.
125. LexisNexis, from http://www.lexisnexis.com.
126. Business Wire, from http://www.businesswire.com.
127. Market Watch, from http://www.marketwatch.com.
128. The Wall Street Transcript, from http://www.twst.com.
129. Upper Marketplace, from http://www.lippermarketplace.com.
130. Euromonitor, from http://www.euromonitor.com.
131. Fagan Finder, from http://www.faganfinder.com.
132. SEC Info, from http://www.secinfo.com.
133. The Search Monitor, from http://www.thesearchmonitor.com.
134. Compete PRO, from http://www.compete.com.
135. Copernic Tracker, from http://www.copernic.com.
136. ABI/INFORM Global, from http://www.proquest.com.
137. SEMRush, from http://www.semrush.com.
138. AttentionMeter, from http://www.attentionmeter.com.
139. J obitorial, from http://www.jobitorial.com.
140. Google Hacking Database, from http://www.hackersforcharity.org.
141. MetaGoofil, from http://www.edge-security.com.
142. Google Hack Honeypot, from http://ghh.sourceforge.net.
143. Goolink Scanner, from http://www.ghacks.net.
144. GMapCatcher, from http://code.google.com.
145. SiteDigger, from http://www.mcafee.com.
146. SearchDiggity, from http://www.stachliu.com.
147. Google Hacks, from http://code.google.com.
148. Google HACK DB, from http://www.secpoint.com.
149. BiLE Suite, from http://www.sensepost.com.
150. Gooscan, from http://www.darknet.org.uk.
151. WHOIS Lookup at DomainTools.com, from http://whois.domaintools.com/.
152. Domain Dossier, from http://centralops.net/co.
153. SmartWhois, from http://www.tamos.com/download/main/index.php.
154. CountryWhois, from http://www.tamos.com/products/countrywhois/.
References Page 2980 Ethical Hacking and Countermeasures Copyright by EC-COUIICil
All Rights Reserved. Reproduction is Strictly Prohibited.
Ethical Hacking and Countermeasures Exam 312-50 Certified Ethical Hacker
References
155. Whois Analyzer Pro, from http://www.whoisanalyzer.com/download.opp.
156. LanWhols, from http://lantricks.com/download/.
157. HotWhois, from http://www.tialsoft.com/download/?url=http://www.tialsoft.com/hwhois.exe.
158. Batch IP Converter, from http://www.networkmost.com/download.htm.
159. Whois 2010 Pro, from http://lapshins.com/.
160. CallerIP, from http://www.callerippro.com/download.html.
161. ActiveWhois, from http://www.johnru.com/.
162. Whois Lookup Multiple Addresses, from http://www.sobolsoft.com/.
163. WhoisThisDomain, from http://www.nirsoft.net/utils/whois_this_domain.html.
164. SmartWhois, from http://smartwhois.com.
165. Whois, from http://tools.whois.net.
166. Better Whois, from http://www.betterwhois.com.
167. DNSstuff, from http://www.dnsstuff.com.
168. Whois Source, from http://www.whois.se.
169. Network Solutions Whois, from http://www.networksolutions.com.
170. Web Wiz, from http://www.webwiz.co.uk/domain-tools/whois-lookup.htm.
171. WebToolHub, from http://www.webtoolhub.com/tn561381-whois-lookup.aspx.
172. Network-Tools.com, from http://network-tools.com.
173. Ultra Tools, from https://www.ultratools.com/whois/home.
174. dnsstuff, from http://www.dnsstuff.com/.
175. network-tools, from http://network-tools.com/.
176. DNS Queries, from http://www.dnsqueries.com/en/.
177. DIG, from http://www.kloth.net/services/dig.php.
178. myDNSTools, from http://www.mydnstools.info/nslookup.
179. DNSWatch, from http://www.dnswatch.info.
180. DomainTools, from http://www.domaintools.com.
181. Professional Toolset, from http://www.dnsstuff.com/tools.
182. DNS, from http://e-dns.org.
183. DNS Records, from http://network-tools.com.
184. DNS Lookup Tool, from http://www.webwiz.co.uk/domain-tools/dns-records.htm.
185. DNSData View, from http://www.nirsoft.net.
186. DNS Query Utility, from http://www.webmaster-toolkit.com.
187. WHOIS-RWS, from http://whois.arin.net/ui.
188. Netcraft, from http://searchdns.netcraft.com/Phost.
189. Shodan, from http://www.shodanhq.com/.
190. Path Analyzer Pro, from http://www.pathanalyzer.com/download.opp.
191. VisualRoute 2010, from http://www.visualroute.com/download.html.
192. Network Pinger, from http://www.networkpinger.eom/en/downloads/#download.
193. Magic NetTrace, from http://www.tialsoft.com/download/?url=http://www.tialsoft.com/mNTr.exe.
194. GEO Spider, from http://oreware.com/viewprogram.php?prog=22.
References Page 2981 Ethical Hacking and Countermeasures Copyright by EC-COUIICil
All Rights Reserved. Reproduction is Strictly Prohibited.
Ethical Hacking and Countermeasures Exam 312-50 Certified Ethical Hacker
References
195. 3D Traceroute, from http://www.d3tr.de/download.html.
196. vTrace, from http://vtrace.pl/download.html.
197. AnalogX HyperTrace, from
http://www.analogx.com/contents/download/Network/htrace/Freeware.htm.
198. Trout, from http://www.mcafee.com/apps/free-tools/termsofuse.aspx?url=/us/downloads/free-
tools/trout.aspx.
199. Network Systems Traceroute, from http://www.net.princeton.edu/traceroute.html.
200. Roadkil's Trace Route, from http://www.roadkil.net/program.php/P27/Trace%20Route
201. Ping Plotter, from http://www.pingplotter.com.
202. myiptest, from http://www.myiptest.com/staticpages/index.php/how-about-you.
203. Maltego, from http://www.paterva.com/web6/products/download4.php.
204. Domain Name Analyzer Pro, from http://www.domainpunch.com/domain-name-analyzer-
pro/download.php.
205. Web Data Extractor, from http://www.webextractor.com.
206. Prefix Whois, from http://pwhois.org.
207. Netmask (IRPAS), from http://www.phenoelit.org/irpas/download.html.
208. Binging, from http://www.blueinfy.com/tools.html.
209. Tctrace (IRPAS), from http://www.phenoelit.org/irpas/download.html.
210. Spiderzilla, from http://spiderzilla.mozdev.org/installation.html.
211. Autonomous System Scanner (ASS) (IRPAS), from http://www.phenoelit.org/irpas/download.html.
212. Sam Spade, from http://www.majorgeeks.com/Sam_Spade_d594.html.
213. DNS DIGGER, from http://www.dnsdigger.com.
214. Robtex, from http://www.robtex.com.
215. Dig Web Interface, from http://www.digwebinterface.com
216. SpiderFoot, from http://sourceforge.net/projects/spiderfoot/?so.urce=dlp.
217. Domain Research Tool, from http://www.domainresearchtool.com.
218. CallerIP, from http://www.callerippro.com/download.html.
219. ActiveWhois, from http://www.johnru.com.
220. Zaba Search, from http://www.zabasearch.com/.
221. yoName, from http://yoname.com.
222. GeoTrace, from http://www.nabber.org/projects/geotrace/.
223. Ping-Probe, from http://www.ping-probe.com/Ping-Probe/index.html.
224. DomainHostingView, from http://www.nirsoft.net.
Module 03: Scanning Networks
225. Explanation of the Three-Way Handshake via TCP/IP, from http://support.microsoft.com/kb/172983.
226. Appendix G. Lists of reserved ports, ICMP types and codes, and Internet protocols, from
http://www.ingate.com/files/422/fwmanual-en/xal0285.html.
227. The Art of Port Scanning - by Fyodor, from http://nmap.org/nmap_doc.html.
228. Methods of IP Network Scanning - Stealth TCP Scanning Methods, from
http://www.c0dewalkers.c0m/c/a/Server-Administrati0n/Meth0ds-0f-IP-Netw0rk-Scanning/3/ .
References Page 2982 Ethical Hacking and Countermeasures Copyright by EC-COUIICil
All Rights Reserved. Reproduction is Strictly Prohibited.
Ethical Hacking and Countermeasures Exam 312-50 Certified Ethical Hacker
References
229. What is Port Scanning and Types of Port Scanning, from http://www.hackillusion.com/what-is-port-
scanning-and-types-of-port-scanning/.
230. UDP Scan, from http://www.networkuptime.com/nmap/page3-10.shtml.
231. Hacking Exposed, from http://www.scribd.com/doc/62708034/Hacking-Exposed-Book.
232. Network Security Assessment, from
https://www.trustmatta.com/downloads/pdf/Matta_IP_Network_Scanning.pdf.
233. Quick-Tip: SSH Tunneling Made Easy, from http://www.revsys.com/writings/quicktips/ssh-tunnel.html.
234. Detecting Spoofed Packets, from http://seclab.cs.ucdavis.edu/papers/DetectingSpoofed-DISCEX.pdf.
235. Scanning modes: FIN, Xmas, Null, from http://www.openxtra.co.uk/support/howto/nmap-scan-
modes.php.
236. Port scanning techniq:sW (Window scan), from http://www.paulisageek.com/nmap/index.html.
237. Prabhaker Mateti, UDP Scanning, from http://www.cs.wright.edu/~pmateti/Courses/499/Probing/.
238. FTP server bounce attack, TCP Fragmenting, Intrusion detection systems use signature-based
mechanisms, from http://www.in-f-or.it/informatica/docs/portscan.pdf.
239. Laura Chappell, (2003), OS Fingerprinting With ICMP: ICMP echo, from
http://www.securitypronews.com/it/security/spn-23-200309290SFingerprintingwithlCMP.html.
240. Scan Type-sF -sX -sN, from http://content.ix2.net/arc/t-4370.html.
241. Unixo3/introduction to Nmap, from http://www.samhart.com/cgi
bin/classnotes/wiki.pl?UNIX03/lntroduction_To_Nmap.
242. Fyodor, (2006), Art of port scanning: Features, Ideal scanning and related IPID games, Nmap: discription,
Fingerprint methadology: IPID samplingBounce attacks worked, Techniqe: TCP reverse ident scanning,
from http://www.insecure.org/nmap/nmap_doc.html.
243. Antirez, hping2(8) - Linux man page: Discription, Hping2 Commands, from
http://www.hping.org/manpage.html.
244. Chris McNab, (2008), Third Party IP Network Scanning Methods, Available from
http://www.c0dewalkers.c0m/c/a/Server-Administrati0n/Third-Party-IP-Netw0rk-Scanning-Meth0ds/.
245. Thierry Lagarde , AutoScan Network, Available from http://autoscan-
network.com/index.php?option=com_content&task=view&id=48&ltemid=32.
246. Onion Routing, Available from http://dictionary.zdnet.com/definition/onion+routing.html.
247. Van Geelkerken F.W.J , (2006), Digital Mixing (MIX nets), Available from
http://www.iusmentis.com/society/privacy/remailers/onionrouting/.
248. Keith J. J ones, Mike Shema, & Bradley C. J ohnson, Vulnerability Scanners, from
www.foundstone.com/pdf/books/AntiHackerSample.pdf.
249. Examining Port Scan Methods- Analysing Audible Techniques, from http://www.in-f-
or.it/informatica/docs/portscan.pdf.
250. IMS General Web Services Security Profile,
http://www.imsglobal.org/gws/gwsvlpO/imsgws_securityProfvlpO.html.
251. Beware!: War dialing, from http://www.castlecops.com/al361-War_dialing.html.
252. Simson L. Garfinkel, Automatic Parity Detection, from http://archive.cert.uni-
stuttgart.de/archive/bugtraq/1998/12/msg00215.html.
253. Lance Mueller, CREATE A REVERSE SSH TUNNEL,
http://www.lancemueller.com/blog/Create%20Reverse%20SSH%20to%20reach%20servlet%20inside%2
Ofirewall.pdf.
References Page 2983 Ethical Hacking and Countermeasures Copyright by EC-COUIICil
All Rights Reserved. Reproduction is Strictly Prohibited.
Ethical Hacking and Countermeasures Exam 312-50 Certified Ethical Hacker
References
254. Avi Kak, (2010), Port Scanning, Vulnerability Scanning, Packet Sniffing, and Intrusion Detection,
http://cobweb.ecn.purdue.edu/~kak/compsec/NewLectures/Lecture23.pdf.
255. Renaud Deraison, Ron Gula, and Todd Hayton, (2009), Passive Vulnerability Scanning Introduction,
http://nessus.org/whitepapers/passive_scanning_tenable.pdf.
256. Cheng Guang, TCP Analysis Based on Flags, http://www.nordu.net/development/2nd-cnnw/tcp-analysis-
based-on-flags.pdf.
257. Cheng Tang & J onathan Gossels, (1999), Wardialing: Practical Advice to Understand Your Exposure,
http://www.systemexperts.com/assets/tutors/wardial0299.pdf.
258. Network Security Library, from
http://www.windowsecurity.com/whitepapers/misc/Examining_port_scan_methods__Analyzing_Audibl
e_Te.
259. Lance Cottrell, Anonymizer Limitations: Logs, from http://www.livinginternet.eom/i/is_anon.htm.
260. Michel Leconte, (2006), Network security consulting, from http://www.activsupport.com/Small-
Business-Network-Security-Soluti.
261. Angry IP Scanner, from http://angryip.0rg/w/D0wnl0ad.
262. SolarWinds Engineer's Toolset, from http://downloads.solarwinds.com/solarwinds/Release/Toolset/ZP-
Toolset/ZP-Toolset-Ol.html.
263. Colasoft Ping Tool, from http://www.colasoft.com/download/products/download_ping_tool.php.
264. PacketTrap MSP, from http://www.packettrap.com/download?hsCtaTracking=e95ec5b5-069f-4cd5-
962c-9c0e6e32a6da%7C072dfe23-353f-46c2-9ab0-la27d39c01fl.
265. Visual Ping Tester - Standard, from http://www.pingtester.net.
266. Ping Sweep (Integrated into WhatsupGold), from
http://www.whatsupgold.com/products/download/network_management.aspx?k_id=ping-sweep-tool.
267. Ping Scanner Pro, from http://www.digilextechnologies.com.
268. Network Ping, from http://www.greenline-soft.com/product_network_ping/index.aspx.
269. Ultra Ping Pro, from http://ultraping.webs.com/downloads.htm.
270. Ping Monitor, from http://www.niliand.com.
271. PinglnfoView, from http://www.nirsoft.net/utils/multiple_ping_tool.html.
272. Pinkie, from http://www.ipuptime.net/category/download/.
273. Colasoft Packet Builder, from
http://www.colasoft.com/download/products/download_packet_builder.php.
274. NetScanTools Pro, from http://www.netscantools.com/nstprodemorequestform.html.
275. PRTG Network Monitor, from http://www.paessler.com/download/prtg.
276. Global Network Inventory Scanner, from
http://www.magnetosoft.com/products/global_network_inventory/gni_features.htm.
277. Net Tools, from http://mabsoft.com/nettools.htm.
278. SoftPerfect Network Scanner, from http://www.softperfect.com/products/networkscanner/.
279. IP Tools, from http://www.ks-soft.net/ip-tools.eng/downpage.htm.
280. Advanced Port Scanner, from http://www.radmin.com/download/previousversions/portscanner.php.
281. MegaPing, from http://www.magnetosoft.com/products/megaping/megaping_features.htm.
282. Netifera, from http://netifera.com.
283. Network Inventory Explorer, from http://www.10-
strike.com/networkinventoryexplorer/download.shtml.
References Page 2984 Ethical Hacking and Countermeasures Copyright by EC-COUIICil
All Rights Reserved. Reproduction is Strictly Prohibited.
Ethical Hacking and Countermeasures Exam 312-50 Certified Ethical Hacker
References
284. Free Port Scanner, from
http://www.nsauditor.eom/network_tools/free_port_scanner.html#.UWJ RvqLzvrw.
285. ID Serve, from http://www.grc.com.
286. Netcraft, from http://toolbar.netcraft.com.
287. Netcat, from http://sourceforge.net/projects/netcat/files/latest/download?source=files.
288. GFI LanGuard, from http://www.gfi.com/downloads/mirrors.aspx?pid=lanss.
289. SAINT, from http://www.saintcorporation.com/products/software/saintScanner.html.
290. Retina CS, from http://www.beyondtrust.com/Landers/TY-Page-RetinaCSCommunity/index.html.
291. OpenVAS, from http://www.openvas.org.
292. Core Impact Professional, from http://www.coresecurity.com.
293. Security Manager Plus, from http://www.manageengine.com/products/security-
manager/download, html.
294. Nexpose, from http://www.rapid7.com/products/nexpose/compare-downloads.jsp.
295. Shadow Security Scanner, from http://www.safety-lab.com/en/download.htm.
296. QualysGuard, from http://www.qualys.com.
297. Nsauditor Network Security Auditor, from
http://www.nsaudit0r.c0m/netw0rk_security/netw0rk_security_audit0r.html#.UWKEx6Lzvrw.
298. Security Auditor's Research Assistant (SARA), from http://www-arc.com/sara/.
299. LANsurveyor, from
http://www.solarwinds.com/register/MoreSoftware.aspx?External=false&Program=17592&c=70150000
OOOPjNE.
300. OpManager, from http://www.manageengine.com/network-monitoring/download.html.
301. NetworkView, from http://www.networkview.com/html/download.html.
302. The Dude, from http://www.mikrotik.com/thedude.
303. LANState, from http://www.10-strike.com/lanstate/download.shtml.
304. HP Network Node Manager i software, from http://www8.hp.com/us/en/software-
solutions/software. html?compURI=1170657#.
305. FriendlyPinger, from http://www.kilievich.com/fpinger/download.htm.
306. NetMapper, from http://www.opnet.com.
307. Ipsonar, from http://www.lumeta.com/product/product.html.
308. NetBrain Enterprise Suite, from http://www.netbraintech.com/instant-trial/.
309. CartoReso, from http://cartoreso.campus.ecp.fr.
310. Spiceworks-Network Mapper, from http://www.spiceworks.com/download/.
311. Switch Center Enterprise, from http://www.lan-secure.c0m/d0wnl0ads.htrn#netw0rk.
312. NetCrunch, from http://www.adremsoft.com/demo/download-
product. php?product=nc7&file=NCServer7Premium. exe.
313. Proxy Workbench, from http://proxyworkbench.com/.
314. Proxifier, from http://www.proxifier.com/download.htm.
315. Proxy Switcher, from http://www.proxyswitcher.com/.
316. SocksChain, from http://ufasoft.com/socks/.
317. TOR (The Onion Routing), from https://www.torproject.org/download/download.
References Page 2985 Ethical Hacking and Countermeasures Copyright by EC-COUIICil
All Rights Reserved. Reproduction is Strictly Prohibited.
Ethical Hacking and Countermeasures Exam 312-50 Certified Ethical Hacker
References
318. Proxy, from http://www.analogx.com/contents/download/Network/proxy/Freeware.htrn.
319. Proxy Commander, from http://www.dlao.com/proxycmd/.
320. Protoport Proxy Chain, from http://www.protoport.com.
321. Proxy Tool Windows App, from http://webproxylist.com/proxy-tool-windows-app/.
322. Proxy+, from http://www.proxyplus.cz/.
323. Gproxy, from http://gpassl.com/gproxy.php.
324. FastProxySwitch, from http://www.affinity-tools.com/fps/.
325. Fiddler, from http://www.fiddler2.com/fiddler2/version.asp.
326. ProxyFinder Enterprise, from http://www.proxy-tool.com.
327. Socks Proxy Scanner, from http://www.mylanviewer.com.
328. ezProxy, from https://www.0clc.0rg/ezpr0xy/d0wnl0ad.en.h.tml.
329. Charles, from http://www.charlesproxy.com/.
330. J AP Anonymity and Privacy, from http://anon.inf.tu-dresden.de/win/download_en.html.
331. UltraSurf, from http://www.ultrasurf.us.
332. CC Proxy Server, from http://www.youngzsoft.net/ccproxy/proxy-server-download.htm.
333. WideCap, from http://widecap.ru.
334. FoxyProxy Standard, from https://addons.mozilla.org.
335. ProxyCap, from http://www.proxycap.com.
336. Super Network Tunnel, from http://www.networktunnel.net.
337. HTTP-Tunnel, from http://www.http-tunnel.com.
338. Bitvise, from http://www.bitvise.com.
339. Psiphon, from http://psiphon.ca.
340. Your-Freedom, from http://www.your-freedom.net.
341. J ust Ping, from http://www.just-ping.com.
342. WebSitePulse, from http://www.websitepulse.com.
343. G-Zapper, from http://www.dummysoftware.com/gzapper.html.
344. Mowser, from http://www.mowser.com.
345. Spotflux, from http://www.spotflux.com.
346. Anonymous Web Surfing Tool, from http://www.anonymous-surfing.com.
347. U-Surf, from http://ultimate-anonymity.com.
348. Hide Your IP Address, from http://www.hideyouripaddress.net.
349. WarpProxy, from http://silent-surf.com.
350. Anonymizer Universal, from http://www.anonymizer.com.
351. Hope Proxy, from http://www.hopeproxy.com.
352. Guardster, from http://www.guardster.com.
353. Hide My IP, from http://www.privacy-pro.com/features.html.
Module 04: Enumeration
354. rpcinfo, from http://www.usoft.spb.ru/commands/rpcinfo/.
355. RPCCLIENT, from http://www.sarata.com/manpages/manl/rpcclient.html.
References Page 2986 Ethical Hacking and Countermeasures Copyright by EC-COUIICil
All Rights Reserved. Reproduction is Strictly Prohibited.
Ethical Hacking and Countermeasures Exam 312-50 Certified Ethical Hacker
References
356. Enumeration, from http://www.edenofire.com/tutes/hack.php.
357. smtp-user-enum User Documentation, from http://pentestmonkey.net/tools/user-enumeration/smtp-
user-enum.
358. Chris Gates, (2006), Windows Enumeration: USER2SID & SID2USER, from
http://www.windowsecurity.com/whitepaper/Windows-Enumeration-USER2SID-SID2USER.html.
359. What is SNMP?, from http://www.wtcs.org/snmp4tpc/snmp.htm.
360. SNMP, from http://www.cisc0.c0m/univercd/cc/td/d0c/cisintwk/it0_d0c/snmp.htm#xt0cid5.
361. SNMPForDummies, from http://wiki.outboundindex.net/SNMPForDummies.
362. J an van Oorschot, J eroen Wortelboer and Dirk Wisse, (2001), SNMP - The Mission Statement,
http://www.securityfocus.com/infocus/1301.
363. rpcinfo(lM), from http://docs.hp.com/en/B2355-90692/rpcinfo.lM.html.
364. GRAPE- INFO- DOT- COM, from http://www.grape-info.com.
365. J oris Evers, (2006), AT&T hack exposes 19,000 identities, from http://news.cnet.com/2100-1029_3-
6110765.html.
366. SNMP from http://www.iss.net/security_center/advice/Reference/Networking/SNMP/default.htm.
367. Simple Network Management Protocol (SNMP), from
http://www.cisco.com/en/US/docs/internetworking/technology/handbook/SNMP.html.
368. Linux / Unix finger command, from http://www.computerhope.com/unix/ufinger.htm.
369. Chris Gates, (2006), Windows Enumeration: USER2SID & SID2USER
http://www.windowsecurity.com/whitepapers/Windows-Enumeration-USER2SID-SID2USER.html.
370. SuperScan, from http://www.mcafee.com/us/downloads/free-tools/superscan.aspx.
371. Hyena, from http://www.systemtools.com/hyena/trial_download.htm.
372. Winfingerprint, from http://www.winfingerprint.com.
373. NetBIOS Enumerator, from http://nbtenum.sourceforge.net/.
374. PsTools, from http://technet.microsoft.com/en-us/sysinternals/bb897553.aspx.
375. OpUtils, from http://www.manageengine.com/products/oputils/download.html.
376. SolarWind's IP Network Browser, from http://www.solarwinds.com/engineers-toolset/ip-network-
browser.aspx.
377. Getif, from http://www.wtcs.org/snmp4tpc/getif.htm.
378. OiDViEW SNMP MIB Browser, from http://www.oidview.com/mibbrowser.html.
379. iReasoning MIB Browser, from http://ireasoning.com/mibbrowser.shtml.
380. SNScan, from http://www.mcafee.com/us/downloads/free-tools/snscan.aspx.
381. SNMP Scanner, from http://www.secure-bytes.com/SNMP+Scanner.php.
382. SNMP Informant, from http://www.snmp-informant.com/.
383. Net-SNMP, from http://net-snmp.sourceforge.net/download.html.
384. Nsauditor Network Security Auditor, from
http://www.nsaudit0r.c0m/netw0rk_security/netw0rk_security_audit0r.html#.UV7LH5NHLZ4.
385. Spiceworks, from http://www.spiceworks.com/free-snmp-network-management-software/.
386. Enum4linux, from http://labs.portcullis.co.uk/application/enum4linux/.
387. Softerra LDAP Administrator, from http://www.ldapadministrator.com/.
388. J Xplorer, from http://www.jxplorer.org/.
389. LDAP Admin Tool, from http://www.ldapsoft.com/ldapbrowser/ldapadmintool.html.
References Page 2987 Ethical Hacking and Countermeasures Copyright by EC-COUIICil
All Rights Reserved. Reproduction is Strictly Prohibited.
Ethical Hacking and Countermeasures Exam 312-50 Certified Ethical Hacker
References
390. LDAP Account Manager, from https://www.ldap-account-manager.org/lamcms/.
391. LEX - The LDAP Explorer, from http://www.ldapexplorer.com/.
392. LDAP Admin, from http://www.ldapadmin.org/.
393. Active Directory Explorer, from http://technet.microsoft.com/en-us/sysinternals/bb963907.aspx.
394. LDAP Administration Tool, from http://sourceforge.net/projects/ldap-at/.
395. LDAP Search, from http://securityxploded.com/ldapsearch.php.
396. Active Directory Domain Services Management Pack, from http://www.microsoft.com/en-
us/download/details.aspx?id=21357.
397. LDAP Browser/Editor, from http://www.novell.com/coolsolutions/tools/13765.html.
398. NSLookup, from http://www.kloth.net/services/nslookup.php.
Module 05: System Hacking
399. Why Keyloggers are extremely dangerous?, from http://gamecreator.hubpages.com/hub/Why-
Keyloggers-are-extremely-dangerous.
400. Steganography in Depth, from http://www.crcnetbase.com/doi/abs/10.1201/9780203504765.ch4.
401. Detecting spoofed packets, from http://ieeexplore.ieee.0rg/xpl/articleDetails.jsp?arnumber=1194882.
402. NTLM Authentication in J ava, from http://www.luigidragone.com/software/ntlm-authentication-in-java/.
403. A Tutorial Review on Steganography, from http://www.jiit.ac.in/jiit/ic3/IC3_2008/IC3-
2008/APP2_21.pdf.
404. network scanning, from http://searchmidmarketsecurity.techtarget.com/definition/network-scanning.
405. Ricky M. Magalhaes, (2004), Using passwords as a defense mechanism to improve Windows security,
from www.windowsecurity.com/artides/Passwords_lmprove_Windows_Security_Part2.html.
406. Piazza & Peter, (2002), Hybrid threats have rosy future: attacks that combine virus ...,
http://findartides.com/p/articles/mi_hb6380/is_200207/ai_n25618875?tag=content;coll.
407. Andreas Westfeld and Andreas Pfitzmann, Attacks on Steganographic Systems, citeseerx.ist.psu.edu/.
408. DaijiSanai and HidenobuSeki, (2004), Optimized Attack for NTLM2 Session Response
http://www.blackhat.com/presentations/bh-asia-04/bh-jp-04-pdfs/bh-jp-04-seki.pdf.
409. Zhi Wang, Xuxian J iang, Weidong Cui, and Xinyuan Wang, Countering Persistent Kernel Rootkits Through
Systematic Hook Discovery, http://research.microsoft.com/en-us/um/people/wdcui/papers/hookmap-
raid08.pdf.
410. Elia Florio, When Malware Meets Rootkits,
http://www.symantec.com/avcenter/reference/when.malware.meets.rootkits.pdf.
411. Peter Piazza, (2002), SMO: Tech Talk, from http://www.securitymanagement.com/library/001272.html.
412. Brute force attack - Wikipedia, the free encyclopedia, from
http://en.wikipedia.org/wiki/Brute_force_attack.
413. Talk:Brute force attack - Bvio, from http://bvio.ngic.re.kr/Bvio/index.php/Talk:Brute_force_attack.
414. Passwords, from
http://searchsecurity.techtarget.com/searchSecurity/downloads/HackingforDummiesCh07.pdf.
415. Authernative, Inc. | Products | FAQs, from http://www.authernative.com/faqs.shtml.
416. CIAC Notes, from http://www.ciac.org/ciac/notes/Notes03a.shtml.
417. Path: newshost.uwo.caluwovax.uwo.calmneville From: mneville@uwovax ..., from
http://www.uwo.ca/its/doc/newsletters/lnTouch/voll-9495/winl8.txt.
418. The Hack FAQ: Password Basics, from http://www.nmrc.org/pub/faq/hackfaq/hackfaq-04.html.
References Page 2988 Ethical Hacking and Countermeasures Copyright by EC-COUIICil
All Rights Reserved. Reproduction is Strictly Prohibited.
Ethical Hacking and Countermeasures Exam 312-50 Certified Ethical Hacker
References
419. Luigi Dragone, NTLM Authentication in J ava, from http://www.luigidragone.com/networking/ntlm.html.
420. Hardening the Base Windows 2000 Server, from
http://www.microsoft.com/technet/security/prodtech/windows2000/secwin2k/swin2k06.mspx.
421. Bill Wall, Sunbelt TECH BRIEFING, from http://www.stratvantage.com/security/ntpass.htm.
422. Security Options, from
http://www.microsoft.com/technet/security/topics/serversecurity/tcg/tcgch05n.mspx.
423. Technical Explanation of Network SMB Capture, from
http://ebook.coolersky.com/hack/lc5.04_doc/smb_capture.html.
424. Detecting Alternate Data Streams, from
http://www.windowsitpro.com/Article/ArtidelD/16189/16189.html.
425. Bojan Smojver, Linux Today - ZDNet Australia: Threats Move Beyond Linux to Windows,
http://www.linuxtoday.com/security/2002121100426SCSVNT.
426. Neohapsis Archives - NTBugtraq - Proposal for protection from ..., from
http://archives.neohapsis.com/archives/ntbugtraq/2000-q2/0245.html.
427. Russell Kay, (2006), Sidebar: A Simple Rootkit Example,
http://www.computerworld.eom/securitytopics/security/hacking/story/0,10801,108116,00. html?from=s
tory_package.
428. Russell Kay, (2006), Rootkits offer the lure of total control, from
http://www.tech world. com/security/features/index.cfm?featureid=2219.
429. Paladion Networks, from http://www.paladion.net/media/insights/ihfaq.htm.
430. NTFS Streams - Everything you need to know (demos and tests included), from
http://www.diamondcs.com.au/streams/streams.htm.
431. H. Carvey, (2002), The Dark Side of NTFS (Microsoft's Scarlet Letter), from
http://www.infosecwriters.com/texts.php?op=display&id=53.
432. Stegonography (a secretly hidden coding that dates back to ancient...), from
http://www.wordinfo.info/words/index/info/view_unit/3403/?letter=S&spage=9.
433. Ravindranath AV, Steganography: Hiding Data in Images, from
http://www.asptoday.com/Content.aspx?id=2347.
434. Paul Robertson, (2005), CS 450 Homework 4, from
http://www.cs.umb.edu/~paulr/CS450/assignments/ass4.html.
435. NBTdeputy (v 1.0.1), from http://www.securityfriday.com/Topics/winxpl.html.
436. Sir Dystic, (2002), NBName, from
http://www.securityfocus.com/comments/tools/1670/12751/threaded.
437. Fred B. Schneider, Authentication, from http://www.cs.cornell.edu/Courses/cs513/2000sp/NL10.html.
438. CS513: System Security - Topic Outline, from
http://www.cs.cornell.edu/courses/cs513/2005fa/02.outline.html.
439. Security Options from
http://www.microsoft.com/technet/security/guidance/serversecurity/tcg/tcgch05n.mspx.
440. Hardening the Base Windows 2000 Server, http://technet.microsoft.com/hi-in/library/cc751216(en-
us).aspx.
441. Brute force attack, from http://www.reference.com/browse/wiki/Brute_force_attack.
442. What is pwdump2, from
http://www.bindview.com/Services/razor/Utilities/Windows/pwdump2_readme.cfm.
443. Derogee, Steganography and Steganalysis, from http://www.liacs.nl/home/tmoerlan/privtech.pdf.
References Page 2989 Ethical Hacking and Countermeasures Copyright by EC-COUIICil
All Rights Reserved. Reproduction is Strictly Prohibited.
Ethical Hacking and Countermeasures Exam 312-50 Certified Ethical Hacker
References
444. Techworld.com - Rootkits offer the lure of total control, from
http://www.tech world. com/websecurity/features/index.cfm?featureid=2219&pagtype=samecatsamech
an.
445. Dasmith, Software Analysis, from http://www.unc.edu/~smithdr/inlsl87/sr.html.
446. Hacking Windows-Specific Services, from
http://awkwardalliteration.com/ebooks/Computers/Hacking%20Exposed-
%20Windows%202003%20Chapter%205.pdf.
447. Ricky M. Magalhaes, (2003), Using passwords as a defense mechanism to improve Windows security,
from http://www.windowsecurity.com/articles/Passwords_lmprove_Windows_Security_Part2.html.
448. Winrtgen, from http://www.oxid.it/projects.html.
449. RainbowCrack, from http://pr0ject-rainb0wcrack.c0m/index.htm#d0wnl0ad.
450. Elcomsoft Distributed Password Recovery, from http://www.elcomsoft.com/edpr.html.
451. Securityoverride, from http://securityoverride.org/default-password-list.
452. Cirt, from http://cirt.net.
453. Default-password, from http://default-password.info.
454. Defaultpassword, from http://www.defaultpassword.us.
455. Passwordsdatabase, from http://www.passwordsdatabase.com.
456. W3dt, from https://w3dt.net/tools/defaultpasswords/.
457. Virus, from http://www.virus.org/default_passwds.
458. Open-sez.me, from http://open-sez.me/passwd.htm.
459. Routerpasswords, from http://www.routerpasswords.com/.
460. Fortypoundhead, from http://www.fortypoundhead.com/tools_dpw.asp.
461. pwdump7, from http://www.tarasco.org/security/pwdump_7/.
462. fgdump, from http://www.foofus.net/~fizzgig/fgdump/.
463. LOphtCrack, from http://www.IOphtcrack.com/download.html.
464. Ophcrack, from http://ophcrack.sourceforge.net/download.php.
465. RainbowCrack, from http://pr0ject-rainb0wcrack.c0m/index.htm#d0wnl0ad.
466. Password Unlocker Bundle, from http://www.passwordunlocker.com/password-recovery-bundle.html.
467. Proactive System Password Recovery, from http://www.elcomsoft.com/pspr.html.
468. J ohn the Ripper, from http://www.openwall.com/john/.
469. Windows Password Cracker, from http://www.windows-password-cracker.com/download.html.
470. WinPassword, from http://lastbit.com/ntpsw/default.asp.
471. Passware Kit Enterprise, from http://www.lostpassword.com/kit-enterprise.htm.
472. PasswordsPro, from http://www.insidepro.com/eng/passwordspro.shtml.
473. LSASecretsView, from http://www.nirsoft.net/utils/lsa_secrets_view.html.
474. LCP, from http://www.lcpsoft.com/english/download.htm.
475. Password Cracker, from http://www.amlpages.com/pwdcrack.shtml.
476. Kon-Boot, from http://www.thelead82.com/kon-boot/konbootWIN.html.
477. Windows Password Recovery Tool, from http://www.windowspasswordsrecovery.com/.
478. Hash Suite, from http://hashsuite.openwall.net/download.
479. SAMInside, from http://www.insidepro.com/eng/saminside.shtml.
References Page 2990 Ethical Hacking and Countermeasures Copyright by EC-COUIICil
All Rights Reserved. Reproduction is Strictly Prohibited.
Ethical Hacking and Countermeasures Exam 312-50 Certified Ethical Hacker
References
480. Windows Password Recovery, from http://www.passcape.com/windows_password_recovery.
481. Password Recovery Bundle, from http://www.top-password.com/password-recovery-bundle.html.
482. krbpwguess, from http://www.cqure.net/wp/tools/password-recovery/krbpwguess/.
483. Windows Password Breaker Enterprise, from http://www.recoverwindowspassword.com/windows-
password-breaker.html.
484. Rekeysoft Windows Password Recovery Enterprise, from http://www.rekeysoft.com/reset-windows-
password.html.
485. Active(Password Changer, from http://www.password-changer.com/.
486. Offline NT Password & Registry Editor, from http://pogostick.net/~pnh/ntpasswd/.
487. Windows Password Reset Kit, from http://www.reset-windows-password.net/.
488. Windows Password Recovery Tool, from http://www.windowspasswordsrecovery.com/.
489. ElcomSoft System Recovery, from http://www.elcomsoft.eom/esr.html#forgot administrator password.
490. Trinity Rescue Kit, from
http://trinityhome.org/Home/index.php?content=TRINITY_RESCUE_KIT_DOWNLOAD&front_id=12&lang
=en&locale=en.
491. Windows Password Recovery Bootdisk, from http://www.rixler.com/windows-password-recovery-
bootdisk.htm.
492. PasswordLastic, from http://www.passwordlastic.com/windows-password-recovery-lastic.
493. Stellar Phoenix Password Recovery, from http://www.stellarinfo.com/password-recovery.htm.
494. Windows Password Recovery Personal, from http://www.windows-passwordrecovery.com/.
495. Windows Administrator Password Reset, from http://www.systoolsgroup.com/windows-adminstrator-
password-reset.html.
496. RemoteExec, from http://www.isdecisions.com/products/remoteexec.
497. PDQ Deploy, from http://www.adminarsenal.com/download-pdq.
498. DameWare NT Utilities, from http://www.dameware.ru/nt_utilities.html.
499. Spytech SpyAgent, from http://www.spytech-web.com/spyagent.shtml.
500. All In One Keylogger, from http://www.relytec.com/.
501. Ultimate Keylogger, from http://www.ultimatekeylogger.com/download/.
502. Advanced Keylogger, from http://www.mykeylogger.com/perfect-keylogger.
503. The Best Keylogger, from http://www.thebestkeylogger.com/.
504. SoftActivity Keylogger, from http://www.softactivity.com/download-al.asp.
505. Elite Keylogger, from http://www.widestep.com/elite-keystroke-recorder-info.
506. Powered Keylogger, from http://www.mykeylogger.com/undetectable-keylogger/.
507. StaffCop Standard, from http://www.staffcop.com/download/.
508. iMonitorPC, from http://www.imonitorpc.com/.
509. PC Activity Monitor Standard, from http://www.pcacme.com/download.html.
510. KeyProwler, from http://keyprowler.com/download.aspx.
511. Keylogger Spy Monitor, from http://ematrixsoft.com/download.php?p=keylogger-spy-monitor-software.
512. REFOG Personal Monitor, from http://www.refog.com/personal-monitor.html.
513. Actual Keylogger, from http://www.actualkeylogger.com/download-free-key-logger.html.
514. Spytector, from http://www.spytector.com/download.html.
References Page 2991 Ethical Hacking and Countermeasures Copyright by EC-COUIICil
All Rights Reserved. Reproduction is Strictly Prohibited.
Ethical Hacking and Countermeasures Exam 312-50 Certified Ethical Hacker
References
515. KidLogger, from http://kidlogger.net/download.html.
516. PC Spy Keylogger, from http://www.pc-spy-keylogger.com.
517. Revealer Keylogger, from http://www.logixoft.com/free-keylogger-download.
518. Spy Keylogger, from http://www.spy-key-logger.com/download.html.
519. Actual Spy, from http://www.actualspy.com/download.html.
520. SpyBuddy2013, from http://www.exploreanywhere.com/products/spybuddy/.
521. Amac Keylogger, from http://www.amackeylogger.com/.
522. Aobo Mac OS X KeyLogger, from http://www.keylogger-mac.com/.
523. Perfect Keylogger for Mac, from http://www.blazingtools.com.
524. Award Keylogger for Mac, from http://www.award-soft.com/content/view/275/136.
525. Mac Keylogger, from http://www.award-soft.com/Mac_Keylogger/.
526. REFOG Keylogger for MAC, from http://www.refog.com/mac-keylogger.html.
527. KidLogger for MAC, from http://kidlogger.net/download.html.
528. MAC Log Manager, from http://www.keylogger.in/keylogger/madogmanager.html.
529. logkext, from https://c0de.g00gle.c0m/p/l0gkext/.
530. Keyboard Spy, from http://alphaomega.software.free.fr/keyboardspy/Keyboard%20Spy.html.
531. FreeMacKeylogger, from http://www.hwsuite.com/free-mac-keylogger/.
532. KeyGrabber, from http://www.keydemon.com.
533. KeyGhost, from http://www.keyghost.com.
534. Activity Monitor, from http://www.softactivity.com/download.asp.
535. Remote Desktop Spy, from http://www.global-spy-software.com/download.php.
536. SSPro, from http://www.gpsoftdev.com/download-monitoring-software/.
537. RecoveryFix Employee Activity Monitor, from http://www.recoveryfix.com/download-employee-
monitoring.html.
538. Employee Desktop Live Viewer, from http://www.nucleustechnologies.com/download-employee-
desktop-live-viewer.php.
539. NetVizor, from http://www.netvizor.net/download.htm.
540. Net Spy Pro, from http://www.net-monitoring-software.com/windows/trial.html.
541. REFOG Employee Monitor, from http://www.refog.com/employee-computer-monitoring-software.html.
542. OsMonitor, from http://www.os-monitor.com/download.htm.
543. LANVisor, from http://www.lanvisor.com/download.htm.
544. Work Examiner Standard, from http://www.workexaminer.com/download.html.
545. Power Spy, from http://ematrixsoft.com/index.php.
546. eBLASTER, from http://www.$pectorsoft.com/products/eBlaster_Windows/index.asp?source=nav-hs-
eBwin.
547. !monitor Employee Activity Monitor, from http://www.employee-monitoring-software.ee/.
548. Employee Monitoring, from http://www.employeemonitoring.net/download.asp.
549. OsMonitor, from http://www.os-monitor.com/download.htm.
550. Ascendant NFM, from http://www.ascendant-security.com/download.shtml.
551. Spylab WebSpy, from http://www.spylab.org/download.htm.
References Page 2992 Ethical Hacking and Countermeasures Copyright by EC-COUIICil
All Rights Reserved. Reproduction is Strictly Prohibited.
Ethical Hacking and Countermeasures Exam 312-50 Certified Ethical Hacker
References
552. Personal Inspector, from http://www.spyarsenal.com/personal-inspector/.
553. CyberSpy, from http://www.cyberspysoftware.com/download.html.
554. AceSpy, from http://www.acespy.com/features.html.
555. EmailObserver, from http://www.softsecurity.com/prod_D7_more.html.
556. Net Nanny Home Suite, from
http://www.netnanny.com/products/netnanny_home_suite/detail/technical.
557. Aobo Filter for PC, from http://www.aobo-porn-filter.com/downloads.
558. CyberSieve, from http://www.softforyou.com/cs-download.php.
559. Child Control, from http://salfeld.com/download/child-control/index.html.
560. SentryPC, from http://www.sentrypc.com/trial.htm.
561. iProtectYou Pro, from http://www.softforyou.com/ip-index.html.
562. K9 Web Protection, from http://wwwl.k9webprotection.com/getk9/download-software.
563. Verity Parental Control Software, from http://www.nchsoftware.com/childmonitoring/index.html.
564. Profil Parental Filter, from http://www.profiltechnology.com/en/home/profil-parental-filter.
565. PC Pandora, from http://www.pcpandora.com/download/.
566. KidsWatch, from http://www.kidswatch.com/.
567. SoftActivity TS Monitor, from http://www.softactivity.com/downloadtsm.aspx.
568. Desktop Spy, from http://www.spyarsenal.com/download.html.
569. IcyScreen, from http://www.16software.com/icyscreen/screenshots.php.
570. Spector Pro, from http://www.spectorsoft.com/products/SpectorPro_Windows/index.asp?source=nav-
hs-ProWin.
571. PC Tattletale, from http://www.pctattletale.com/.
572. Computer Screen Spy Monitor, from http://www.mysuperspy.com/download.htm.
573. PC Screen Spy Monitor, from http://ematrixsoft.com/download.php?p=pc-screen-spy-monitor-software.
574. Kahlown Screen Spy Monitor, from http://www.lesoftrejion.com/.
575. Guardbay Remote Computer Monitoring Software, from http://www.guardbay.com.
576. HT Employee Monitor, from http://www.hidetools.com/employee-monitor.html.
577. Spy Employee Monitor, from http://www.spysw.com/employee-monitor-software.htm.
578. USBSpy, from http://www.everstrike.com/usb-monitor/.
579. USB Monitor, from http://www.hhdsoftware.com/usb-monitor.
580. USB Grabber, from http://usbgrabber.sourceforge.net/.
581. USBTrace, from http://www.sysnudeus.com/usbtrace_download.html.
582. USBDeview, from http://www.nirsoft.net/utils/usb_devices_view.html.
583. Advanced USB Port Monitor, from http://www.aggsoft.com/usb-port-monitor.htm.
584. USB Monitor Pro, from http://www.usb-monitor.com/.
585. USB Activity Monitoring Software, from http://www.datadoctor.org/partition-recovery/downloads.html.
586. Stealth iBot Computer Spy, from
http://www.brickhousesecurity.com/product/stealth+ibot+computer+spy.do.
587. KeyCarbon USB Hardware Keylogger, from http://www.spywaredirect.net/keycarbon-usb.html.
588. USB 2GB Keylogger, from http://diij.com/KL2-Keylogger-2GB-USB-Hardware-keelog/prod_24.html.
References Page 2993 Ethical Hacking and Countermeasures Copyright by EC-COUIICil
All Rights Reserved. Reproduction is Strictly Prohibited.
Ethical Hacking and Countermeasures Exam 312-50 Certified Ethical Hacker
References
589. Spy Voice Recorder, from http://www.mysuperspy.com/recorder.htm.
590. Sound Snooper, from http://www.sound-snooper.com/en/download.php.
591. WebCam Recorder, from http://webcamrecorder.com/.
592. WebcamMagic, from http://www.robomagic.com/webcammagic.htm.
593. MyWebcam Broadcaster, from http://www.eyespyfx.com/broadcast.php.
594. I-Can-See-You, from http://www.internetsafetysoftware.com.
595. Digi-Watcher, from http://www.digi-watcher.com/.
596. NET Video Spy, from http://www.sarbash.com/download.shtml.
597. Eyeline Video Surveillance Software, from http://www.nchsoftware.com/surveillance/index.html.
598. Capturix VideoSpy, from http://www.capturix.com/default.asp?target=consumer&product=cvs.
599. WebCam Looker, from http://felenasoft.com/webcamlooker/en/.
600. SecuritySpy, from http://www.bensoftware.com/securityspy/download.html.
601. iSpy, from http://www.ispyconnect.com/download.aspx.
602. Printer Activity Monitor, from http://www.redline-software.com/eng/products/pam/.
603. Print Monitor Pro, from http://www.spyarsenal.com/printer-monitoring-software/print-monitor-pro/.
604. Accurate Printer Monitor, from http://www.aggsoft.com/printer-monitor.htm.
605. Print Censor Professional, from http://usefuls0ft.c0m/print-cens0r/#.UWPW8J NHLZ4.
606. All-Spy Print, from http://www.all-spy.com/all-spy-print.html.
607. O&K Print Watch, from http://www.prnwatch.com/okpw.html.
608. Print J ob Monitor, from http://www.imonitorsoft.com/product-print-job-monitor.htm.
609. PrintTrak, from http://www.lygil.com/printtrak/printtrak.htm.
610. Printer Admin - Copier Tracking System, from http://www.printeradmin.com/copy-management.htm.
611. Print Inspector, from http://www.softperfect.com/products/pinspector/.
612. Print365, from http://krawasoft.com/index.html.
613. Mobile Spy, from http://www.phonespysoftware.com/.
614. VRS Recording System, from http://www.nch.com.au/vrs/index.html.
615. Modem Spy, from http://www.modemspy.com/en/download.php.
616. MobiStealth Cell Phone Spy, from http://www.mobistealth.com/mobile-phone-spy-software.
617. SPYPhone GOLD, from http://spyera.com/products/spyphone-gold-internet.
618. SpyPhoneTap, from http://www.spyphonetap.com/.
619. FlexiSPY OMNI, from http://www.flexispy.com/en/flexispy-omni-spy-app-cell-phone.htm.
620. SpyBubble, from http://www.spybubble.com/cell-phone-spy.php.
621. MOBILE SPY, from http://www.mobile-spy.com/.
622. StealthGenie, from http://www.stealthgenie.com/.
623. CellSPYExpert, from http://www.cellspyexpert.com/.
624. SPYPhone, from http://spyera.com/products/spy-phone-basic-internet.
625. EasyGPS, from http://www.easygps.com/.
626. FlexiSPY PRO-X, from http://www.flexispy.com/spyphone-call-interceptor-gps-tracker-symbian.htm.
627. GPS TrackMaker Professional, from http://www.trackmaker.com/dwlpage.php.
628. MOBILE SPY, from http://www.mobile-spy.com/.
References Page 2994 Ethical Hacking and Countermeasures Copyright by EC-COUIICil
All Rights Reserved. Reproduction is Strictly Prohibited.
Ethical Hacking and Countermeasures Exam 312-50 Certified Ethical Hacker
References
629. World-Tracker, from http://www.world-tracker.com/v4/.
630. ALL-in-ONE Spy, from http://www.thespyphone.com/allinone.html.
631. Trackstick, from http://www.trackstick.com/download.html.
632. MobiStealth Pro, from http://www.mobistealth.com.
633. mSpy, from http://www.buymspy.com/.
634. GPS Retriever, from http://www.mobilebugstore.com/Blackberry_gps_retriver.aspx.
635. Zemana AntiLogger, from http://www.zemana.com/Download.aspx.
636. Anti-Keylogger, from http://www.anti-keyloggers.com/.
637. PrivacyKeyboard, from http://www.anti-
keylogger.eom/products/privacykeyboard/overview.html#download.
638. DefenseWall HIPS, from http://www.softsphere.com/programs/.
639. KeyScrambler, from http://www.qfxsoftware.com/download.htm.
640. 1Hate Keyloggers, from http://dewasoft.com/privacy/i-hate-keyloggers.htm.
641. SpyShelter STOP-LOGGER, from http://www.spyshelter.com/download-spyshelter.
642. DataGuard AntiKeylogger Ultimate, from http://www.maxsecuritylab.com/dataguard-anti-
keylogger/download-anti-keyloger.php.
643. PrivacyKeyboard, from http://www.privacykeyboard.com/privacy-keyboard.html.
644. Elite Anti Keylogger, from http://www.elite-antikeylogger.com/free-download.html.
645. CoDefender, from https://www.encassa.com/downloads/default.aspx.
646. PC Tools Spyware Doctor, from http://www.pctools.com/spyware-doctor/.
647. SUPERAntiSpyware, from http://superantispyware.com/index.html.
648. Spyware Terminator 2012, from http://www.pcrx.com/spywareterminator/.
649. Ad-Aware Free Antivirus+, from http://www.lavasoft.com/products/ad_aware_free.php.
650. Norton Internet Security, from http://in.norton.com/downloads-trial-norton-internet-security.
651. SpyHunter, from http://www.enigmasoftware.com/products/.
652. Kaspersky Internet Security 2013, from http://www.kaspersky.com/internet-security-free-trial.
653. SecureAnywhere Complete 2012, from http://www.webroot.com/En_US/consumer-products-
secureanywhere-complete.html.
654. MacScan, from http://macscan.securemac.com/.
655. Spybot - Search & Destroy, from http://www.safer-networking.org/dl/.
656. Malwarebytes Anti-Malware PRO, from http://www.malwarebytes.org/products/malwarebytes_pro/.
657. Fu, from http://www.f-secure.com/v-descs/fu.shtml.
658. KBeast, from http://core.ipsecs.com/rootkit/kernel-rootkit/kbeast-vl/.
659. Hacker Defender HxDef Rootkit, from http://vishnuvalentino.com/hacking-tutorial/hacker-defender-
hxdef-rootkit-tutorial-in-10-steps-nostalgia/.
660. Stinger, from http://www.mcafee.com/us/downloads/free-tools/how-to-use-stinger.aspx.
661. UnHackMe, from http://www.greatis.com/unhackme/download.htm.
662. Virus Removal Tool, from http://www.sophos.com/en-us/products/free-tools/virus-removal-tool.aspx.
663. Hypersight Rootkit Detector, from http://northsecuritylabs.com/.
664. Avira Free Antivirus, from http://www.avira.com/en/avira-free-antivirus.
665. SanityCheck, from http://www.resplendence.com/downloads.
References Page 2995 Ethical Hacking and Countermeasures Copyright by EC-COUIICil
All Rights Reserved. Reproduction is Strictly Prohibited.
Ethical Hacking and Countermeasures Exam 312-50 Certified Ethical Hacker
References
666. GMER, from http://www.gmer.net/.
667. Rootkit Buster, from
http://downloadcenter.trendmicro. com/index. php?regs=NABU&dk=result_page&dkval=drop_list&catid
=6&prodid=155.
668. Rootkit Razor, from http://www.tizersecure.com/.
669. RemoveAny, from http://www.free-anti-spy.com/en/index.php.
670. TDSSKiller, from http://support.kaspersky.com/5350?el=88446.
671. Prevx, from http://www.prevx.com/freescan.asp.
672. StreamArmor, from http://securityxploded.com/streamarmor.php.
673. ADS Spy, from http://www.merijn.nu/programs.php#adsspy.
674. ADS Manager, from http://dmitrybrant.com/adsmanager.
675. Streams, from http://technet.microsoft.com/en-us/sysinternals/bb897440.aspx.
676. AlternateStreamView, from http://www.nirsoft.net/utils/alternate_data_streams.html.
677. NTFS-Streams: ADS manipulation tool, from http://sourceforge.net/projects/ntfs-ads/.
678. Stream Explorer, from http://www.rekenwonder.eom/streamexplorer.htm#Streams.
679. ADS Scanner, from http://www.pointstone.com/products/ADS-Scanner/.
680. RKDetector, from http://www.rkdetector.com/.
681. GMER, from http://www.gmer.net/.
682. HijackThis, from http://www.trendmicro.com/us/security/products/index.html.
683. SNOW, from http://www.darkside.com.au/snow/index.html.
684. QuickStego, from http://quickcrypto.com/free-steganography-software.html.
685. Hide In Picture, from http://sourceforge.net/projects/hide-in-picture/.
686. gifshuffle, from http://www.darkside.com.au/gifshuffle/index.html.
687. CryptaPix, from http://www.briggsoft.com/cpix.htm.
688. BMPSecrets, from http://bmpsecrets.com/.
689. OpenPuff, from http://embeddedsw.net/OpenPuff_Steganography_Home.html.
690. OpenStego, from http://openstego.sourceforge.net/.
691. PHP-Class StreamSteganography, from http://www.phpclasses.org/package/6027-PHP-Store-and-
hidden-information-in-PNG-images.html.
692. Red J PEG, from http://www.totalcmd.net/plugring/redjpeg.html.
693. Steganography Studio , from http://stegstudio.sourceforge.net/.
694. Virtual Steganographic Laboratory (VSL), from http://vsl.sourceforge.net/.
695. wbStego, from http://wbstego.wbailer.com/.
696. Merge Streams, from http://www.ntkernel.com/w&p.php?id=23.
697. Office XML, from http://www.irongeek.com/i.php?page=security/ms-office-stego-code.
698. Data Stash, from http://www.skyjuicesoftware.com/software/ds_info.html.
699. FoxHole, from http://foxhole.sourceforge.net.
700. Xidie Security Suite, from http://www.stegano.ro.
701. StegParty, from http://www.fasterlight.com.
702. Hydan, from http://www.crazyboy.com/hydan/.
References Page 2996 Ethical Hacking and Countermeasures Copyright by EC-COUIICil
All Rights Reserved. Reproduction is Strictly Prohibited.
Ethical Hacking and Countermeasures Exam 312-50 Certified Ethical Hacker
References
703. StegJ , from http://sourceforge.net/projects/stegj/files/.
704. StegoStick, from http://stegostick.sourceforge.net/.
705. SNOW, from http://www.darkside.com.au/snow/index.html.
706. OmniHide PRO, from http://omnihide.com/.
707. Our Secret, from http://www.securekit.net/oursecret.htm.
708. RT Steganography, from http://rtstegvideo.sourceforge.net/.
709. Masker, from http://www.softpuls.com/masker/.
710. Max File Encryption, from http://www.softeza.com/fileencryption/.
711. MSU StegoVideo, from http://www.compression.ru/video/stego_video/index_en.html.
712. BDV DataHider, from http://www.bdvnotepad.com/products/bdv-datahider/.
713. StegoStick, from http://stegostick.sourceforge.net/.
714. OpenPuff, from http://embeddedsw.net/OpenPuff_Steganography_Home.html.
715. Stegsecret, from http://stegsecret.sourceforge.net/.
716. PSM Encryptor, from http://demo.powersoftmakers.com/psme.zip.
717. DeepSound, from http://jpinsoft.net/DeepSound/Download.aspx.
718. Mp3stegz, from http://mp3stegz.sourceforge.net/.
719. MAXA Security Tools, from http://www.maxa-tools.com/mst.php?lang=en.
720. BitCrypt, from http://bitcrypt.moshe-szweizer.com/.
721. MP3Stego, from http://www.petitcolas.net/fabien/steganography/mp3stego/.
722. Hide4PGP, from http://www.heinz-repp.onlinehome.de/.
723. CHAOS Universal, from http://safechaos.com/cu.htm.
724. SilentEye, from http://www.silenteye.org/.
725. QuickCrypto, from http://www.quickcrypto.com/download.html.
726. CryptArkan, from
http://www.kuskov.com/component/option,com_remository/ltemid,30/func,fileinfo/id,l/.
727. StegoStick, from http://stegostick.sourceforge.net/.
728. Invisible Secrets 4, from http://www.invisiblesecrets.com/.
729. Folder Lock, from http://www.newsoftwares.net/folderlock/.
730. A+Folder Locker, from http://www.giantmatrix.com/products/aplus-folder-locker/.
731. Toolwiz BSafe, from http://www.toolwiz.com/products/toolwiz-bsafe/.
732. Hide Folders 2012, from http://fspro.net/hide-folders/.
733. GiliSoft File Lock Pro, from http://www.gilisoft.com/product-file-lock-pro.htm.
734. Universal Shield, from http://www.everstrike.com/shield.htm.
735. WinMend Folder Hidden, from http://www.winmend.com/folder-hidden/.
736. Encrypted Magic Folders , from http://www.pc-magic.c0m/des.htm#emf.
737. QuickCrypto, from http://www.quickcrypto.com/download.html.
738. Max Folder Secure, from http://www.maxfoldersecure.com/.
739. Spam Mimic, from http://www.spammimic.com/.
740. Sams Big G Play Maker, from http://www.scramdisk.clara.net/.
741. Gargoyle Investigator Forensic Pro, from http://wetst0netech.c0m/pr0duct/2/d0wnl0ads.
References Page 2997 Ethical Hacking and Countermeasures Copyright by EC-COUIICil
All Rights Reserved. Reproduction is Strictly Prohibited.
Ethical Hacking and Countermeasures Exam 312-50 Certified Ethical Hacker
References
742. XStegsecret, from http://stegsecret.sourceforge.net/.
743. Stego Suite, from http://www.wetst0netech.c0m/pr0duct/l/d0wnl0ads.
744. StegAlyzerAS, from http://www.sarc-wv.com/products/stegalyzeras/.
745. StegAlyzerRTS, from http://www.sarc-wv.com/products/stegalyzerrts/.
746. StegSpy, from http://www.spy-hunter.com/stegspy.
747. StegAlyzerSS, from http://www.sarc-wv.com/products/stegalyzerss/.
748. StegMarkSDK, from http://www.datamark.com.sg/downloads-sdk.htm.
749. Steganography Studio, from http://stegstudio.sourceforge.net/.
750. Virtual Steganographic Laboratory (VSL), from http://vsl.sourceforge.net/.
751. Stegdetect, from http://www.outguess.org/detection.php.
752. Auditpol, from http://technet.microsoft.com/en-us/library/cc755264(v=ws.l0).aspx.
753. CCIeaner, from http://www.piriform.com/download.
754. MRU-Blaster, from http://www.brightfort.com/mrublaster.html.
755. Wipe, from http://privacyroot.com/software/www/en/wipe.php.
756. Tracks Eraser Pro, from http://www.acesoft.net/features.htm.
757. BleachBit, from http://bleachbit.sourceforge.net/news/bleachbit-093.
758. AbsoluteShield Internet Eraser Pro, from http://www.internet-track-eraser.com/ineteraser.php.
759. Clear My History, from http://www.hide-my-ip.com/clearmyhistory.shtml.
760. EvidenceEraser, from http://www.evidenceeraser.com/.
761. WinTools.net Professional, from http://www.wintools.net/.
762. RealTime Cookie & Cache Cleaner (RtC3), from http://www.kleinsoft.co.za/buy.html.
763. AdvaHist Eraser, from http://www.advacrypt.cjb.net/.
764. Free Internet Window Washer, from http://www.eusing.com/Window_Washer/Window_Washer.htm.
Module 06: Trojans and Backdoors
765. Placing Backdoors through Firewalls, from http://www.cyberwarzone.com/cyberwarfare/placing-
backdoors-through-firewalls.
766. A Deep Look into Netcat - The TCP/IP Swiss Army Knife, from http://www.linux-support.com/cms/a-
deep-look-into-netcat-the-tcpip-swiss-army-knife/.
767. Trojans Revealed: Hackers Center: Internet Security Archive ...,
http://www.hackerscenter.com/archive/view.asp?id=24717.
768. Dancho Danchev, The Complete Windows Trojans Paper, from
http://www.frame4.com/content/pubs/comp_trojans.txt.
769. The corporate threat posed by email Trojans, from http://www.gfisoftware.de/whitepapers/network-
protection-against-trojans.pdf.
770. Trojan Horses, from http://www-i4.informatik.rwth-aachen.de/lufg/teaching/ss2004/dependability-
seminar/paper/final8.pdf.
771. Trojans - and how to protect your network against them, from
http://www.windowsecurity.com/whitepapers/trojans_protect_your_network.html.
772. Fausi Qattan & Fredrik Thernelius, (2004), Master's Thesis, from
http://www.dsv.su.se/research/seclab/pages/pdf-files/04-34.pdf.
773. Malicious Intrusion Techniques, http://www.telecomworx.com/Adobe/Files39087.pdf.
References Page 2998 Ethical Hacking and Countermeasures Copyright by EC-COUIICil
All Rights Reserved. Reproduction is Strictly Prohibited.
Ethical Hacking and Countermeasures Exam 312-50 Certified Ethical Hacker
References
774. Increased use of Trojan Horse Programs, from http://www.niscc.gov.uk/niscc/docs/tn-20040216-
00080.html?lang=en.
775. Anti Trojan source - How to protect your network against trojans ..., from http://news.my-
install.com/news/45/.
776. Dancho Danchev, Trojan White Paper, from http://www.anti-trojan-software-reviews.com/trojan-white-
paper-p2.htm.
777. Trojans, from http://www.emailprivacy.info/trojans.
778. Remote Access Trojan FAQ and Port List Computer Security - Network ..., from
http://www.infosyssec.com/infosyssec/trojanportlist.html.
779. WINSNORT.com: Intrusion Detection, from
http://www.winsnort.com/modules.php?op=modload&name=FAQ&file=index&myfaq=yes&id_cat=13.
780. Trojan Horse Computer Infection Symptoms, from http://hacker-eliminator.com/trojansymptoms.html.
781. LockDown Millennium Advanced Online Help, from
http://lockdowncorp.com/manual/TrojanlnfectionSymptoms.htm.
782. Commodon Communications - Threats to your Security on the Internet, from
http://www.commodon.com/threat/threat-detect.htm.
783. Van Hauser/THC, Placing Backdoors Through Firewalls, from
http://www.cgisecurity.com/lib/placing_backdoors_through_firewalls.txt.
784. Mikejc, (2004), Tech-Recipes.com - Use System File Checker to Solve Problems, from http://www.tech-
recipes.com/windows_tips602.html.
785. Exploring the Explodable, from http://www.guninski.com/browsers.html.
786. David Wells, (1996), Wrappers, from http://www.objs.com/survey/wrap.htm.
787. Milly, Steve A., Stan, Ojatex, Gordon, Darius and Buzz, (2000), WordPad, from www.pc-
help.org/security/scrap.htm.
788. Trojans FAQ http://www.windowsecurity.com/faqs/Trojans/.
789. Information on Computer Viruses, from http://www-rohan.sdsu.edu/viruses.html.
790. Advanced Network Configuration and Troubleshooting, from http://snow.nl/dist/xhtmlc/ch05s02.html.
791. Tom Armstrong, (2001), Netcat - The TCP/IP Swiss Army Knife, from
http://rn.nu/program/util/netcat/netcat.html.
792. Microsoft - Windows File, from Protection, from
http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-
us/system_file_protection.mspx?mfr=true.
793. Scott W. Hotaling's, Placing Backdoors Through Firewalls, from http://masc2279.no-ip.org/gadgets-
toys/internet/placing-backdoors-through-firewalls.
794. How to block ICMP tunneling?, from https://listserv.icsalabs.com/pipermail/firewall-wizards/1999-
J uly/006060.html.
795. Newbie: Security, from http://www.unixgeeks.org/security/newbie/security/firewall.html.
796. Phrack Magazine 00. Volume Seven, Issue Forty-Nine File 06 o f..., from
http://www.phrack.org/phrack/49/P49-06.
797. Dancho Danchev dancho, The Complete Windows Trojans Paper, from
http://www.astalavista.com/index.php?section=directory&linkid=640.
798. Declan McCullagh, (2006), Case 2:00-cr-00170-WHA-VPM, from
http://www.politechbot.com/docs/feds.trojan.hacking.brief.082406.pdf.
799. TCPView, from http://technet.microsoft.com/en-us/sysinternals/bb897437.aspx.
References Page 2999 Ethical Hacking and Countermeasures Copyright by EC-COUIICil
All Rights Reserved. Reproduction is Strictly Prohibited.
Ethical Hacking and Countermeasures Exam 312-50 Certified Ethical Hacker
References
800. CurrPorts, from http://www.nirsoft.net/utils/cports.html.
801. Process Monitor, from http://technet.microsoft.com/en-in/sysinternals/bb896645.aspx.
802. What's Running, from http://www.whatsrunning.net/.
803. PrcView, from http://www.teamcti.com.
804. Winsonar, from http://www.fewbyte.com/winsonar.html.
805. HiddenFinder, from http://www.wenpoint.com/download/.
806. Autoruns for Windows, from http://technet.microsoft.com/en-us/sysinternals/bb963902.aspx.
807. KillProcess, from http://orangelampsoftware.com/products_killprocess.php.
808. Security Task Manager, from http://www.neuber.com/taskmanager/.
809. Yet Another (remote) Process Monitor, from http://yaprocmon.sourceforge.net/.
810. MONIT, from http://mmonit.com/monit/.
811. OpManager, from http://www.manageengine.com/network-monitoring/process-monitoring.html.
812. jv l6 PowerTools 2012, from http://www.macecraft.com/jvl6-powertools-2012/.
813. PC Tools Registry Mechanic, from http://www.pctools.com/registry-mechanic/.
814. Reg Organizer, from http://www.chemtable.com/organizer.htm.
815. Registry Shower, from http://www.registryshower.com/download.htm.
816. Comodo Cloud Scanner, from http://www.comodo.com/home/internet-security/cloud-scanner.php.
817. Buster Sandbox Analyzer, from http://bsa.isoftware.nl/.
818. All-Seeing Eyes, from http://www.fortego.com/en/ase.html.
819. MJ Registry Watcher, from http://www.jac0bsm.c0m/mjs0ft.htm#rgwtchr.
820. Active Registry Monitor, from http://www.devicelock.com/arm/.
821. SpyMe Tools, from http://www.lcibrossolutions.com/spyme_tools.htm.
822. Regshot, from http://regshot.sourceforge.net/.
823. Registry Live Watch, from http://leelusoft.blogspot.in/2009/ll/registry-live-watch-10.html.
824. DriverView, from http://www.nirsoft.net/utils/driverview.html.
825. Driver Detective, from http://www.drivershq.com/.
826. Unknown Device Identifier, from http://www.zhangduo.com/udi.html.
827. DriverGuide Toolkit, from http://www.driverguidetoolkit.com/.
828. DriverMax, from http://www.innovative-sol.com/drivermax/index.htm.
829. Driver Magician, from http://www.drivermagician.com/.
830. Driver Reviver, from http://www.reviversoft.com/driver-reviver/.
831. DriverScanner, from http://www.uniblue.com/software/driverscanner/.
832. Double Driver, from http://www.boozet.org/dd.htm.
833. My Drivers, from http://www.zhangduo.com/driverbackup.html.
834. DriverEasy, from http://www.drivereasy.com/.
835. Windows Service Manager (SrvMan), from http://tools.sysprogs.org/srvman/.
836. SMART Utility, from http://www.thewindowsclub.com/smart-a-utility-for-tweaking-windows-7-vista-xp-
services.
837. Netwrix Service Monitor, from http://www.netwrix.com/windows_services_monitoring_freeware.html.
838. Vista Services Optimizer, from http://www.smartpcutilities.com/servicesoptimizer.html.
References Page 3000 Ethical Hacking and Countermeasures Copyright by EC-COUIICil
All Rights Reserved. Reproduction is Strictly Prohibited.
Ethical Hacking and Countermeasures Exam 312-50 Certified Ethical Hacker
References
839. ServiWin, from http://www.nirsoft.net/utils/serviwin.html.
840. Windows Service Manager Tray, from http://winservicemanager.codeplex.com/.
841. AnVirTask Manager, from http://www.anvir.com/download.htm.
842. Process Hacker, from http://processhacker.sourceforge.net/downloads.php.
843. Free Windows Service Monitor Tool, from http://www.manageengine.com/free-windows-service-
monitor/free-windows-service-monitor-index.html.
844. Overseer Network Monitor, from http://www.overseer-network-monitor.com/Download.aspx.
845. Total Network Monitor, from http://www.softinventive.com/products/total-network-monitor/.
846. Starter, from http://codestuff.tripod.com/products_starter.html.
847. Security AutoRun, from http://tcpmonitor.altervista.org/startup-manager/.
848. Absolute Startup manager, from http://www.absolutestartup.com/.
849. ActiveStartup, from http://www.hexilesoft.com/activestartup.html.
850. StartEd Lite, from http://www.outertech.com/en/windows-startup.
851. Startup Inspector, from http://www.windowsstartup.com/startupinspector.php.
852. Program Starter, from http://www.ab-tools.com/de/software/programmstarter/.
853. Disable Startup, from http://www.disablestartup.com/.
854. StartupMonitor, from http://www.mlin.net/StartupMonitor.shtml.
855. Chameleon Startup Manager, from http://www.chameleon-managers.com/downloads.php.
856. Startup Booster, from http://www.smartpctools.com/startup_booster/.
857. FCIV, from http://www.microsoft.com/en-us/download/details.aspx?id=11533.
858. Tripwire, from http://www.tripwire.com/it-security-software/security-configuration-management/file-
integrity-monitoring/.
859. FastSum, from http://www.fastsum.com/download.php.
860. WinMD5, from http://www.blisstonia.eom/software/WinMD5/#download.
861. Advanced Checksum Verifier (ACSV), from http://www.irnis.net/.
862. Fsum Fronted, from http://fsumfe.sourceforge.net/.
863. Verisys, from http://www.ionx.co.uk/products/verisys.
864. AFICK (Another File Integrity Checker), from http://afick.sourceforge.net/.
865. File Integrity Monitoring, from http://www.ncircle.com/index.php?s=products_ccm_file-integrity-
monitoring.
866. Attribute Manager, from http://www.miklsoft.com/attrman/index.html.
867. PA File Sight, from http://www.poweradmin.com/file-sight/index3.aspx.
868. CSP File Integrity Checker, from http://www.tandemsecurity.com/solution_14.php.
869. ExactFile, from http://www.exactfile.com/downloads/.
870. OSSEC, from http://www.ossec.net/?page_id=19.
871. Windows Defender, from http://www.microsoft.com/en-in/download/details.aspx?id=17.
872. McAfee AntiVirus Plus, from http://home.mcafee.com/store/free-antivirus-trials.
873. Norton AntiVirus, from http://us.norton.com/downloads-trial-norton-
antivirus?inid=us_hho_topnav_download_detail_nav.
874. Trojan Horse Construction Kit, from
http://www.pestpatrol.eom/zks/pestinfo/t/trojan_horse_construction_kit.asp.
References Page 3001 Ethical Hacking and Countermeasures Copyright by EC-COUIICil
All Rights Reserved. Reproduction is Strictly Prohibited.
Ethical Hacking and Countermeasures Exam 312-50 Certified Ethical Hacker
References
875. Progenic Mail Trojan Construction Kit - PMT, from
http://www.simovits.com/trojans/tr_data/y2630.html.
876. Pandora's Box, from http://greece.mrdonn.org/greekgods/pandora.html.
877. TrojanHunter, from http://www.trojanhunter.com/trojanhunter/.
878. Emsisoft Anti-Malware, from http://www.emsisoft.in/en/software/antimalware/.
879. Anti-Trojan Shield (ATS), from http://www.atshield.com/?r=download.
880. Spyware Doctor, from http://www.pctools.com/spyware-doctor/download/?src=lp_sd.
881. Anti Malware BOCIean, from http://www.comodo.com/home/internet-security/anti-malware.php.
882. Anti Hacker, from http://www.hide-my-ip.com/antihacker.shtml.
883. XoftSpySE, from http://www.paretologic.com/xoftspy/se/newlp/xray/.
884. SPYWAREfighter, from http://www.spamfighter.com/SPYWAREfighter/.
885. Anti Trojan Elite, from http://www.remove-trojan.com/index_ate.php.
886. SUPERAntiSpyware, from http://www.superantispyware.com/index.html.
887. Trojan Remover, from http://www.simplysup.com/tremover/download.html.
888. Twister Antivirus, from http://www.filseclab.com/en-us/.
Module 07: Viruses and Worms
889. Types of Virus, from
http://www.mindpride.net/root/Extras/Viruses/virus_protection_and_removal_ii.htm.
890. Vulnerabilities in Network Infrastructures and Prevention/Containment Measures, from
http://proceedings.informingscience.org/lnSITE2012/lnSITE12p053-067Awodele0012.pdf.
891. Terminology, from http://www.f-secure.com/en/web/labs_global/terminology-f.
892. Virus Protection, from
http://www.mindpride.net/root/Extras/Viruses/virus_protection_and_removal_iii.htm.
893. Paul Boutin, (2003), An inside view of the worm that crashed the Internet in 15 minutes, founder from
http://www.wired.com/wired/archive/ll.07/slammer.html.
894. Case Study: Microsoft Network Hacked by QAZ Trojan, from http://www.msnbc.com/msn/482011.asp
Oct. 29, 2000.
895. Mark Russinovich, (2008), TCPView for Windows v2.53, from
http://www.sysinternals.com/Utilities/TcpView.html.
896. Mark Russinowich and Bryce Cogswell, (2008), Autoruns for windows (v 9.32), from
http://www.sysinternals.com/Utilities/Autoruns.html.
897. Merijn, (2005), Hijack This (System Checker) (v 1.99.1), from
http://www.majorgeeks.com/download.php?det=3155.
898. Norman Book on Computer Viruses, from http://download.norman.no/manuals/eng/BOOKON.PDF.
899. Carey Nachenberg, Understanding and Managing Polymorphic Viruses from
http://www.symantec.com/avcenter/reference/striker.pdf.
900. The Spread of the Sapphire/Slammer Worm, from
http://www.caida.org/publications/papers/2003/sapphire/sapphire.html.
901. Mike Gunderloy, (2003), Microsoft Certified Professional Magazine Online | Newsletters, vol 2 #8, from
http://mcpmag. com/newsletter/article. asp?EditorialslD=153.
902. R. A. Hettinga, (2003), Random Scanning Worms and Sapphire/Slammer's PRNG, from http://www.mail-
archive. com/[email protected]/msg03503.html.
References Page 3002 Ethical Hacking and Countermeasures Copyright by EC-COUIICil
All Rights Reserved. Reproduction is Strictly Prohibited.
Ethical Hacking and Countermeasures Exam 312-50 Certified Ethical Hacker
References
903. Information on a virus on campus, http://security.uwo.ca/antivirus/infoHistory.html.
904. Virus History The Senior Most Virus!!, from www.optusnet.com.au/learning/email/virus.
905. Computer Knowledge Virus Tutorial, from www.mpl.org.eg/doc/eBOOKs/vtutor.pdf.
906. Dr. Alan Solomon and Robert M. Slade, 1990 - VX BBS & Little Black Book (AT&T Attack), 1991 - Tequila,
2001 - Gnuman, Winux Windows/Linux Virus, 2004 - Trojan.Xombe, Randex, Bizex, Witty, from
www.cknow.com/vtutor/HistoryofViruses.html.
907. Michelangelo, DAME, & VCL, from http://library.thinkquest.org/04oct/00460/malwareHistory.html.
908. Honeypots, Honeynets, and Intrusion Detection, from http://www.honeypots.net/.
909. Featured Files, from http://packetstormsecurity.org/.
910. BinText, from http://www.mcafee.com/apps/free-tools/termsofuse.aspxPurh/us/downloads/free-
tools/bintext.aspx.
911. UPX, from http://upx.sourceforge.net/#downloadupx.
912. Process Explorer, from http://technet.microsoft.com/en-in/sysinternals/bb896653.aspx.
913. RegShot, from http://regshot.sourceforge.net/.
914. OllyDbg, from http://www.ollydbg.de/.
915. ProcDump, from http://technet.microsoft.com/en-us/sysinternals/dd996900.aspx.
916. IDA Pro, from https://www.hex-rays.com/products/ida/support/download_demo.shtml.
917. VirusTotal, from https://www.virustotal.com/en/.
918. Anubis: Analyzing Unknown Binaries, from http://anubis.iseclab.org.
919. Avast! Online Scanner, from http://onlinescan.avast.com.
920. Malware Protection Center, from http://www.microsoft.com/security/portal/.
921. ThreatExpert, from http://www.threatexpert.com.
922. Dr. Web Online Scanners, from http://vms.drweb.com.
923. Metascan Online, from http://www.metascan-online.com/.
924. Bitdefender QuickScan, from http://www.bitdefender.com/scanner/online/free.html.
925. GFI SandBox, from http://www.gfi.com/malware-analysis-tool.
926. UploadMalware.com, from UploadMalware.com.
927. Fortinet, from http://www.fortiguard.com/antivirus/virus_scanner.html.
928. Immunet, from http://www.immunet.com/free/index.html.
929. AVG Antivirus, from http://free.avg.com/in-en/homepage.
930. BitDefender, from http://www.bitdefender.com/Downloads/.
931. Kaspersky Anti-Virus, from http://www.kaspersky.com/trials.
932. Trend Micro Internet Security Pro, from http://apac.trendmicro.com.
933. Norton AntiVirus, from http://us.norton.com/downloads-trial-norton-
antivirus?inid=us_hho_topnav_download_detail_nav.
934. F-Secure Anti-Virus, from http://www.f-secure.com/en/web/home_global/anti-virus.
935. Avast Pro Antivirus, from http://www.avast.com/pro-antivirus.
936. McAfee AntiVirus Plus 2013, from http://home.mcafee.com/store/free-antivirus-trials.
937. ESET Smart Security 6, from http://www.eset.eom/download/home/detail/family/5/.
938. Total Defense Internet Security Suite, from http://www.totaldefense.com/shop/total-defense-internet-
security-suite.aspx.
References Page 3003 Ethical Hacking and Countermeasures Copyright by EC-COUIICil
All Rights Reserved. Reproduction is Strictly Prohibited.
Ethical Hacking and Countermeasures Exam 312-50 Certified Ethical Hacker
References
939. What's Running, from http://www.whatsrunning.net/.
940. Winsonar, from http://www.fewbyte.com/winsonar.html.
941. Reg Organizer, from http://www.chemtable.com/organizer.htm.
942. Windows Service Manager (SrvMan), from http://tools.sysprogs.org/srvman/.
943. ServiWin, from http://www.nirsoft.net/utils/serviwin.html.
944. Starter, from http://codestuff.tripod.com/products_starter.html.
945. Security AutoRun, from http://tcpmonitor.altervista.org/startup-manager/.
946. FCIV, from http://www.microsoft.com/en-u$/download/details.aspx?id=11533.
Module 08: Sniffing
947. What is Sniffer and how to detect sniffing in computer network, from
http://www.aboutonlinetips.com/sniffer-types-and-protecting-against-sniffing/.
948. Anatomy of an ARP Poisoning Attack, from http://www.unitedsystemsok.com/anatomy-of-an-arp-
poisoning-attack.
949. What is ARP?, from http://www.antiarp.com/english_94.html.
950. Modeling and Analysis of Wireless LAN Traffic, from
http://www.dmclab.hanyang.ac.kr/files/publication/journals/international/200911_08.pdf.
951. Dynamic ARP Inspection (DAI), from http://daxm.net/ccienotes/20100131/dynamic-arp-inspection-dai.
952. Overview of Layer 2 Switched Networks and Communication, from
http://www.sakunsharma.in/2011/07/overview-layer-2-switched-networks-communication/.
953. Application Protocol IPv6, from
http://www.ciscoexpo.ru/dub/sites/default/files/seminar_attachments/ipv6.pdf.
954. Dynamic Host Configuration Protocol, from http://www.ietf.org/rfc/rfc2131.txt.
955. Understanding,Preventing,Defending Against Layer 2 Attacks, from
http://www.sanog.org/resources/sanogl5/sanogl5-yusuf-l2-security.pdf.
956. A New Scheme to Check ARP Spoofing: Prevention of MAN-IN-THE-MIDDLE Attack, from
http://www.ijcsit.com/docs/Volume%202/vol2issue4/ijcsit2011020420.pdf.
957. LAYER 2 ATTACKS & MITIGATION TECHNIQUES, from http://www.sanog.org/resources/sanog7/yusuf-L2-
attack-mitigation.pdf.
958. Chris Martin, What is Sniffer and how to detect Sniffing in computer network, Available from
http://74.125.153.132/search?q=cache:Tu6yfsiaY3AJ :www.aboutonlinetips.com/sniffer-types-and-
protecting-against-sniffing/+wire+sniffing+techniques&cd=25&hl=en&ct=clnk&gl=in&client=fi refox-a.
959. Adam Barth, Secure content sniffing for Web browsers or How to stop papers from reviewing
themselves, Available from http://www.adambarth.com/papers/2009/barth-caballero-song.pdf.
960. Undetectable sniffing on Ethernet, Available from http://www.askapache.com/security/sniffing-on-
ethernet-undetected.html.
961. Suhas A Desai, (2007), Techniques for Preventing Sniffing, Packet Sniffing: Sniffing Tools Detection
Prevention Methods, Available from http://e-articles.info/e/a/title/Packet-Sniffing:-Sniffing-Tools-
Detection-Prevention-Methods/.
962. Suhas A Desai, (2007), Tool to Detect Sniffers, Packet Sniffing: Sniffing Tools Detection Prevention
Methods, Available from http://e-articles.info/e/a/title/Packet-Sniffing:-Sniffing-Tools-Detection-
Prevention-Methods/.
963. Identifying Nonessential Services and Attacks >Attacks, from
http://www.informit.com/articles/article.asp?p=98121&seqNum=2.
References Page 3004 Ethical Hacking and Countermeasures Copyright by EC-COUIICil
All Rights Reserved. Reproduction is Strictly Prohibited.
Ethical Hacking and Countermeasures Exam 312-50 Certified Ethical Hacker
References
964. ARP cache poisoning /ARP spoofing, from http://su2.info/doc/arpspoof.php.
965. Network management, network discovery, SNMP, MIB and WMI browsers, from
www.networkview.com/html/features.html.
966. Address Resolution Protocol (ARP), from www.erg.abdn.ac.uk/users/gorry/course/inet-pages/arp.html.
967. Angela D. Orebaugh, (2004), Top Ten Ethereal Tips and Tricks, from
http://www.onlamp.eom/pub/a/security/2004/05/13/etherealtips.html.
968. Packages, from http://packages.debian.org/.
969. Network Protocol Analysis, from http://www.maatec.com/.
970. The Hacker's Ethic, from http://web.textfiles.com/ezines/HWA/hwa-hn34.txt.
971. J aromil, Dyne:ll GNU/Linux User's Guide, from http://dynebolic.org/dynebolic-man.pdf.
972. Address Resolution Protocol (arp), from www.erg.abdn.ac.uk/users/gorry/course/inet-pages/arp.html.
973. Adam Barth, J uan Caballero and Dawn Song, Secure Content Sniffing for Web Browsers, or How to Stop
Papers from Reviewing Themselves, http://www.adambarth.com/papers/2009/barth-caballero-
song.pdf.
974. Alberto Ornaghi and Marco Valleri, Man in the middle attacks,
http://www.blackhat.com/presentations/bh-europe-03/bh-europe-03-valleri.pdf.
975. Tom Olzak, (2006), DNS Cache Poisoning: Definition and Prevention,
http://adventuresinsecurity.com/Papers/DNS_Cache_Poisoning.pdf.
976. Sean Whalen, (2001), An Introduction to Arp Spoofing,
http://www.rootsecure.net/content/downloads/pdf/arp_spoofing_intro.pdf.
977. Daiji Sanai, (2001), Detection of Promiscuous Nodes using ARP packets,
http://www.securityfriday.com/promiscuous_detection_01.pdf.
978. Network management, network discovery, SNMP, MIB and WMI browsers, from
www.networkview.com/html/what_s_new.html.
979. Source Address Spoofing, from
http://www.networkcomputing.com/shared/article/showArticle.jhtml?articleld=8702815&dassroom.
980. Keith Brown, (1999), Security Briefs, from
http://www.microsoft.com/msj/0299/security/security0299.aspx.
981. Corey Nachreiner, (2005), Anatomy of an ARP Poisoning Attack, from
http://www.watchguard.com/infocenter/editorial/135324.asp.
982. macof, from http://www.monkey.org.
983. Yersinia, from http://www.yersinia.net/download.htm.
984. Dhcpstarv, from http://dhcpstarv.sourceforge.net/.
985. Gobbler, from http://gobbler.sourceforge.net/.
986. Cain & Abel, from http://www.oxid.it/cain.html.
987. WinArpAttacker, from http://www.xfocus.org/index.html.
988. Ufasoft Snif, from http://ufasoft.com/sniffer/.
989. XArp, from http://www.chrismc.de/development/xarp/index.html.
990. SMAC, from http://www.klcconsulting.net/smac/index.html#download.
991. Cascade Pilot, from http://www.riverbed.com/products-solutions/products/performance-
management/network-infrastructure/High-Speed-Packet-Analysis.html.
992. Tcpdump, from http://www.tcpdump.org/.
993. WinDump, from http://www.winpcap.org/windump/default.htm.
References Page 3005 Ethical Hacking and Countermeasures Copyright by EC-COUIICil
All Rights Reserved. Reproduction is Strictly Prohibited.
Ethical Hacking and Countermeasures Exam 312-50 Certified Ethical Hacker
References
994. Capsa Network Analyzer, from http://www.colasoft.com/download/products/capsa_free.php.
995. OmniPeek Network Analyzer, from
http://www.wildpackets.com/products/omnipeek_network_analyzer.
996. Observer, from http://www.networkinstruments.com/products/observer/index.php?tab=download.
997. Sniff-O-Matic, from http://www.kwakkelflap.com/sniffer.html.
998. J itBit Network Sniffer, from http://www.jitbit.com/networksniffer/.
999. MSN Sniffer 2, from http://www.msnsniffer.com/download/index.htm.
1000. Ace Password Sniffer, from http://www.effetech.com/aps/.
1001. RSA NetWitness Investigator, from http://www.emc.c0m/security/rsa-netwitness.htm#lfreeware.
1002. Big-Mother, from http://www.tupsoft.com/download.htm.
1003. EtherDetect Packet Sniffer, from http://www.etherdetect.com/download.htm.
1004. dsniff, from http://monkey.org/~dugsong/dsniff/.
1005. EffeTech HTTP Sniffer, from http://www.effetech.com/download/.
1006. Ntop, from http://www.ntop.org/products/ntop/.
1007. Ettercap, from http://ettercap.sourceforge.net/downloads.html.
1008. SmartSniff, from http://www.nirsoft.net/utils/smsniff.html.
1009. EtherApe, from http://etherape.sourceforge.net/.
1010. Network Probe, from http://www.objectplanet.com/probe/.
1011. Snort, from http://www.snort.org/.
1012. Sniffem, from http://www.sniff-em.com/download.shtml.
1013. MaaTec Network Analyzer, from http://www.maatec.com/mtna/download.html.
1014. Alchemy Network Monitor, from http://www.mishelpers.com/network_monitor/index.html.
1015. CommView, from http://www.tamos.com/download/main/index.php.
1016. NetResident, from http://www.tamos.com/products/netresident/.
1017. AIM Sniffer, from http://www.effetech.com/aim-sniffer/index.htm.
1018. Netstumbler, from http://www.netstumbler.com/downloads/.
1019. IE HTTP Analyzer, from http://www.ieinspector.com/httpanalyzer/.
1020. MiniStumbler, from http://www.netstumbler.com/downloads.
1021. PacketMon, from http://www.analogx.com/contents/download/Network/pmon/Freeware.htm.
1022. NADetector, from http://www.nsauditor.com/network_monitoring/nadetector_traffic_analyzer.html.
1023. Microsoft Network Monitor, from http://www.microsoft.com/en-us/download/details.aspx?id=4865.
1024. NetworkMiner, from http://www.netresec.com/?page=NetworkMiner.
1025. Network Security Toolkit, from http://www.networksecuritytoolkit.org/nst/index.html.
1026. Ethereal, from http://www.ethereal.com/.
1027. KSniffer, from http://ksniffer.sourceforge.net/index.php?section=download.
1028. IPgrab, from http://ipgrab.sourceforge.net/.
1029. WebSiteSniffer, from http://www.nirsoft.net/utils/web_site_ sniffer.html.
1030. ICQ Sniffer, from http://www.etherboss.com/icq/download.htm.
1031. URL Helper, from http://www.urlhelper.com/index.htm.
1032. WebCookiesSniffer, from http://www.nirsoft.net/utils/web_cookies_sniffer.html.
References Page 3006 Ethical Hacking and Countermeasures Copyright by EC-COUIICil
All Rights Reserved. Reproduction is Strictly Prohibited.
Ethical Hacking and Countermeasures Exam 312-50 Certified Ethical Hacker
References
1033. York, from http://thesz.diecru.eu/content/york.php.
1034. IP Traffic Spy, from http://www.networkdls.com/Software/View/IP_Traffic_Spy/.
1035. SniffPass, from http://www.nirsoft.net/utils/password_sniffer.html.
1036. Cocoa Packet Analyzer, from http://www.tastycocoabytes.com/cpa/.
1037. vxSniffer, from http://www.cambridgevx.com/vxsniffer.html.
1038. PromqryUI, from http://www.microsoft.com/en-us/download/details.aspx?id=16883.
Module 09: Social Engineering
1039. The use of Detailed Explanation of the the the the the working principle of of the port scanning tool and
the the NMAP, from http://www.boxueshe.org/read.php?tid=36
1040. Sarah Granger, (2002), Social Engineering Fundamentals, Available from
www.securityfocus.com/infocus/1533.
1041. Mika Tolvanen, (2006), F-Secure Trojan Information Pages, Available from http://www.f-secure.com/v-
descs/redbrowser_a.shtml.
1042. Dancho Danchev, (2009), Social Engineering by a fake SMS spying tool, Available from
http://blogs.zdnet.com/security/?p=3162.
1043. Growth on Use of Social Networking Sites, Available from
http://www.pewinternet.0rg/~/media/Files/Reports/2009/PIP_Adult_social_networking_data_memo_FI
NAL.pdf.pdf.
1044. Linkedln, Available from http://www.linkedin.com/.
1045. Micha Pekrul, (2009), Rogue Linkedln Profiles Lead To Malware, Available from
http://www.avertlabs.com/research/blog/index.php/2009/01/06/rogue-linkedin-profiles-lead-to-
malware/.
1046. Bogdan Dumitru,(2009), Risks of Social Networking and the Corporate Network, Available from
http://www.itbusinessedge.com/cm/community/features/guestopinions/blog/the-risks-of-social-
networking-and-the-corporate-network/?cs=33877.
1047. Terry Turner, Social Engineering - Can Organizations Win the Battle?, from
http://www.infosecwriters.com/text_resources/pdf/Social_Engineering_Can_Organizations_Win.pdf.
1048. Bruce Schneier, (2005), Schneier on Security: Weakest Link Security, from
http://www.schneier.com/blog/archives/2005/12/weakest_link_se.html.
1049. Sharon Gaudin, Social Engineering: The Human Side Of Hacking, from http://www.crime-
research.org/library/Sharon2.htm.
1050. Social Engineering Hackers-LAN Times 11/6/95, from http://www.security-protocols.com/textfiles/social-
engineering/soc_eng2.html.
1051. Psychology of Social Engineering, from
http://cybercrimes.net/Property/Hacking/Social%20Engineering/PsychSocEng/PsySocEng.html.
1052. Michael L. Snider, Articles, from http://staff.rio.edu/msnider/?cat=7.
1053. Wylie Wong, (2000), Oracle chief defends Microsoft snooping | CNET News.com, from
http://news.com.com/Oracle+chief+defends+Microsoft+snooping/2100-1001_3-242560.html.
1054. Engineering Hackers-LAN, from http://www.security-protocols.com/textfiles/social-
engineering/soc_eng2.html.
1055. Examples of Phishing Emails, from http://www.banksafeonline.org.uk/phishing_examples.html.
1056. Anti-Phishing Resources, from http://www.antiphishing.org/resources.html.
References Page 3007 Ethical Hacking and Countermeasures Copyright by EC-COUIICil
All Rights Reserved. Reproduction is Strictly Prohibited.
Ethical Hacking and Countermeasures Exam 312-50 Certified Ethical Hacker
References
1057. Netcraft Toolbar, from http://toolbar.netcraft.com/install.
1058. PhishTank, from http://www.phishtank.com/.
1059. ReadNotify, from http://www.readnotify.com/.
1060. Social Engineering Toolkit (SET), from https://www.trustedsec.com/downloads/social-engineer-toolkit/.
Module 10: Denial-of-Service
1061. Distributed Denial of Service:Taxonomies of Attacks, Tools and Countermeasures, from
http://palms.ee.princeton.edu/PALMSopen/DDoS%20Final%20PDCS%20Paper.pdf.
1062. Denial of Service Attack Detection Techniques, from
https://www.evernote.com/shard/s9/note/blla8c31-8651-4d74-acf9-
Ifblb3c0f090/wishi/crazylazy#st=p&n=blla8c31-8651-4d74-acf9-lfblb3c0f090.
1063. Welcome to the new IP reality, from
http://lukasz.bromirski.net/docs/prezos/confidence2008/new_ip_reality_bp.pdf.
1064. What Happened to Blue Security, from http://slashdot.org/story/06/05/08/142229/what-happened-to-
blue-security.
1065. Remotely Triggered Black Hole Filtering in IP Version 6 for Cisco IOS, Cisco IOS XE, and Cisco IOS XR
Software, from http://www.cisco.com/web/about/security/intelligence/ipv6_ rtbh.html.
1066. Frank Kargl, J orn Maier, Stefan Schlott, and Michael Weber, Protecting Web Servers from Distrubuted
Denial of Service Attacks, from http://wwwl0.org/cdrom/papers/409/.
1067. Denial of Service Attacks, from http://www.cert.org/tech_tips/denial_of_service.html.
1068. Craig A. Huegen, (2000), Smurf Attack Information, from http://www.pentics.net/denial-of-
service/white-papers/smurf.cgi.
1069. Denial of service, from
http://searchappsecurity.techtarget.c0m/sDefinition/0,290660,sid92_gci213591,00.html.
1070. Solucom, VPN (Virtual Private Network) and Internet Firewall..., from
http://www.solucom.com/define.htm.
1071. Vladimir Golubev, (2005), DoS attacks: crime without penalty, http://www.crime-
research.org/artides/1049/.
1072. Gunter Ollmann, (2009), The Botnet vs. Malware Relationship,
http://www.damballa.com/downloads/d_pubs/WP%20Many-to-
many%20Botnet%20Relationships%20%282009-05-21%29.pdf.
1073. Gunter Ollmann, (2009), Botnet Communication Topologies,
http://www.damballa.com/downloads/r_pubs/WP%20Botnet%20Communications%20Primer%20%2820
09-06-04%29.pdf.
1074. Kasey Efaw, Installing Snort 2.8.5.2 on Windows 7,
http://www.sn0rt.0rg/assets/135/lnstalling_Sn0rt_2.8.5.2_0n_Wind0ws_7.pdf.
1075. Renaud BIDOU, Fighting the Botnet Ecosystem, http://www.iv2-
technologies.com/FightingBotnetEcosystem.pdf.
1076. Ping of death, from http://searchsecurity.techtarget.com/sDefinition/0sidl4_gci822096,00.html.
1077. Apostates of Islam :: View topic - FFI down again, from
http://www.apostatesofislam.com/forum/viewtopic.php?t=189&postdays=0&postorder=asc&start=225
&sid=0e55c35186bbe87c48bdfe6f62e0e4a5.
1078. J ason Anderson, An Analysis of Fragmentation Attacks, from http://www-
src.lip6.fr/homepages/Fabrice.Legond-Aubry/www.ouah.org/fragma.html.
References Page 3008 Ethical Hacking and Countermeasures Copyright by EC-COUIICil
All Rights Reserved. Reproduction is Strictly Prohibited.
Ethical Hacking and Countermeasures Exam 312-50 Certified Ethical Hacker
References
1079. [PDF] IEEE P1615/D2 Draft Recommended Practice for Network ...,
http://grouper.ieee.org/groups/sub/wgc3/C3TFl%20Documents/drafts/P1615_draft2.pdf.
1080. [DOC] Abstract, from http://www.bridgeport.edu/sed/projects/cs597/Spring_2004/juilan/J ui-
Lan_Network%20Security%20-%20Analysis%20of%20Attack%20and%20Defense%20Strategies.doc.
1081. Mariusz Burdach, (2003), Hardening the TCP/IP stack to SYN attacks, from
http://www.securityfocus.com/infocus/1729.
1082. Citations: TCP SYN Flooding and IP Spoofing Attacks (Researchlndex), from
http://citeseer.ist.psu.edu/context/141856/0-
1083. Lasse Huovinen and J ani Hursti, from Denial of Service Attacks: Teardrop and Land,
http://users.tkk.fi/~lhuovine/study/hacker98/dos.html.
1084. Underground security systems research, from http://www.ussrback.com/Win/.
1085. Stephen Specht & Ruby Lee, (2003), from Taxonomies of Distributed Denial of Service Networks, Attacks
..., from
http://www.princeton.edu/~rblee/ELE572Papers/Fall04Readings/DDoSSurveyPaper_20030516_Final.pdf
1086. David Dittrich, (1999), The DoS Project's "trinoo" distributed denial of service attack tool from
http://www.donkboy.com/html/stuff.htm.
1087. Anti Online's Fight- Back! Computer Security..., from http://www.antionline.com/fight-
back/What_Are_DDOS_Attacks.php.
1088. Sven Dietrich, Analysis of the Shaft distributed Denial of Service tool, from
http://www.securiteam.com/securitynews/5AP0F000IM.html.
1089. Analyzing Distributed Denial Of Service Tools: The Shaft Case, from
http://www.ece.cmu.edu/~adrian/630-f03/readings/shaft.pdf.
1090. Distributed Denial of Service Tools, from http://www.fz-juelich.de/jsc/net/security/infos/DDoS/IN-99-
07.html.
1091. David Moore Vern Paxson, Stefan Savage, Colleen Shannon, Stuart Staniford, and Nicholas, (2003),
Weaver Inside the Slammer Worm, from
http://csdl2. computer. org/persagen/DLAbsToc.jsp?resourcePath=/dl/mags/sp/&toc=comp/mags/sp/20
03/04/j4toc.xml&DOI=10.1109/MSECP.2003.1219056.
1092. RudhraKumar Venkatesan and ShashidharLakkavalli, TCP/IP Vulnerabilities, from
http://islab.oregonstate.edu/koc/ece478/00Report/LV.pdf.
1093. Dave Dittrich, Bugtraq: Analysis of trinOO, from http://seclists.org/lists/bugtraq/1999/Dec/0093.html
1094. Fravia denial of service attack tools, from www.searchlores.org/dodl.htm.
1095. David Dittrich, (1999), Trinoo Analysis, from http://staff.washington.edu/dittrich/misc/trinoo.analysis.
1096. J ohn Michalski, Carrie Price, Eric Stanton, Erik Lee, CHUA, Kuan Seah, Wong, Yip Heng and TAN, and
Chung Pheng, (2002), DYNAT TECHNOLOGIES ASSESSMENT REPORT, from
http://www.sandia.gov/iorta/docs/SAND%202002-3613%20DYNAT.pdf.
1097. <...... A.VERY..THING..IS..POSSIBLE..TO..ZEROGEEK........>, from http://mifwarz.blogspot.com/.
1098. J ason Barlow and Woody Thrower, (2000), TFN2K - An Analysis J ason Barlow and Woody Thrower AXENT
Security..., from http://packetst0rmsecurity.0rg/distributed/TFN2k_Analysis-l.3.txt.
1099. J ason Barlow and Woody Thrower, (2000), TFN2K - An Analysis (Revision : 1.3), from
http://www.symantec.com/avcenter/security/Content/2000_02_10_a.html.
1100. Gary C. Kessler, (2000), Distributed Denial-Of-Service, from
http://www.garykessler.net/library/ddos.html.
References Page 3009 Ethical Hacking and Countermeasures Copyright by EC-COUIICil
All Rights Reserved. Reproduction is Strictly Prohibited.
Ethical Hacking and Countermeasures Exam 312-50 Certified Ethical Hacker
References
1101. David Dittrich, (1999), Stacheldraht Analysis,
http://staff.washington.edu/dittrich/misc/stacheldraht.analysis.
1102. Bugtraq: Analysis of the Shaft distributed denial of service tool, from
http://seclists.org/lists/bugtraq/2000/Mar/0215.html.
1103. Sven Dietrich, Neil Long, & David Dittrich, Analyzing Distributed Denial Of Service Tools: The Shaft Case,
from http://www.usenix.org/event/lisa2000/full_papers/dietrich/dietrich_ html/.
1104. IP: new DoS attack, from http://www.interesting-people.org/archives/interesting-
people/200009/msg00006.html.
1105. Dave Farber, (2000), IP: new DoS attack, from
http://www.princeton.edu/~rblee/DDoS%20Survey%20Paper_v7final.doc.
1106. David Dittrich, George Weaver, Sven Dietrich, and Neil Long, The mstream distributed denial of service
attack tool, from http://www.linuxsecurity.c0m/content/view/107513/2/.
1107. The Distributed Reflection DoS Attack, from http://www.grc.com/dos/drdos.htm.
1108. Steve Gibson, (2002), Distributed Reflection Denial of Service Bandwidth Consumption, from http://cs-
www.cs.yale.edu/homes/arvind/cs425/doc/drdos.pdf.
1109. SYN Attack, from www.ieee.org.
1110. Hang Chau, (2004), Network Security - Defense Against D0S/DD0S Attacks, from
http://www.securitydocs.com/library/2576.
1111. Aaron Sullivan, 2001, An Audit of Active Directory Security, from
http://www.securityfocus.com/infocus/1293.
1112. Xatrix Security, from http://www.xatrix.org/download.php?id=28&r=l.
1113. Denail of Service, from http://www.mycert.org.my/network_abuse/dos.html.
1114. Denial of Service Attack in NetBIOS Services, from http://www.kb.cert.org/vuls/id/32650.
1115. J ames Middleton, (2001), Cloaking system poses new security threat, from
http://www.iwr.co.uk/vnunet/news/2114991/cloaking-system-poses-security-threat.
1116. NFR DDOS problems, from http://www.shmoo.com/mail/ids/may01/msg00038.shtml.
1117. Latest Windows Security Articles, from http://www.windowsecurity.com/.
1118. Gregg Keizer, (2006), Massive DoS Attacks Against ISPs On The Rise, from
http://www.informationweek.com/story/showArtide.jhtml?articlelD=192701817&cid=RSSfeed_IWK_Ne
ws.
1119. J ason Barlow and Woody Thrower, AXENT Security, from
http://packetst0rmsecurity.0rg/distributed/TFN2k_Analysis-l.3.txt.
1120. Fabrice LEGOND-AUBRY, An Analysis of Fragmentation Attacks, from http://www-
src.lip6.fr/homepages/Fabrice.Legond-Aubry.
1121. J ui-Lan Lai, Network Security-- Analysis of Attack and Defense, from
http://www.bridgeport.edu/sed/projects/cs597/Spring_2004/juilan/J ui-Lan_Network%20Security%20-
%20Analysis%20of%20Attack%20and%20Defense%20Strategies.doc Strategies.
1122. Targa: [PDF] security, from https://www.cis.strath.ac.uk/~gw/52507/security.pdf.
1123. WORM_MYDOOM.B, Description and solution, from
http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_MYDOO.M.B.
1124. Information on a virus on campus, from http://security.uwo.ca/antivirus/infoHistory.html.
1125. [PDF] Microsoft PowerPoint - ISi_Malware.ppt, from http://www-t.zhwin.ch/it/isi/v/ISi_Malware.pdf.
1126. R. A. Hettinga, (2003), Random Scanning Worms and Sapphire/Slammer's PRNG..., from
http://www.mail-archive.c0m/[email protected]/msg03503.html.
References Page 3010 Ethical Hacking and Countermeasures Copyright by EC-COUIICil
All Rights Reserved. Reproduction is Strictly Prohibited.
Ethical Hacking and Countermeasures Exam 312-50 Certified Ethical Hacker
References
1127. Mike Gunderloy, (2003), Microsoft Certified Professional Magazine Online | Newsletters ..., from
http://mcpmag.com/newsletter/artide. asp?EditorialslD=153.
1128. The Spread of the Sapphire/Slammer Worm, from
http://www.caida.org/publications/papers/2003/sapphire/sapphire.html.
1129. Norman Book on Computer Viruses, from http://download.norman.no/manuals/eng/BOOKON.PDF.
1130. IT Architect | Strategies & Issues: Honeypots - Sticking It to, from
http://www.itarchitect.com/article/NMG20030403S0005.
1131. Roger A. Grimes, (2005), Honeypots for Windows, from
http://www.gtpcc.org/gtpcc/honeypotsforwindows.htm.
1132. Honeypots [lnfosecwriters.com], from http://www.infosecwriters.com/texts.php?op=display&id=80.
1133. J .A. Hamilton, Reflection of the Exploit, from
http://www.eng.auburn.edu/users/hamilton/security/SE2/Directed_Reflection_DOS_Hamilton.pdf.
1134. Distributed Reflection Denial of Service Bandwidth Consumption ..., from
http://www.grc.com/files/drdos.pdf.
1135. Kevin Houle & Chad Dougherty, (2000), CERT Incident Note IN-99-07: Distributed Denial of Service Tools,
from http://www.cert.org/incident_notes/IN-2000-05.html.
1136. DDoS Resources, from http://www.anml.iu.edu/ddos/tools.html.
1137. J ason Barlow and Woody Thrower, (2000), AXENT : SWAT : TFN2K - An Analysis, from
http://www.symantec.com/avcenter/security/Content/2000_02_10_a.html.
1138. David Dittrich, (1999), Trinoo Analysis, from http://staff.washington.edu/dittrich/misc/trinoo.analysis.
1139. CERT warns of networked denial of service attacks - Computerworld, from
http://www.computerworld.com/action/pages.do?command=viewPage&pagePath=/404.
1140. Internet security, from
http://www.fsa.ulaval.ca/personnel/vernag/EH/F/manif/lectures/internet_security.htm.
1141. Solucom VPN (Virtual Private Network) and Internet Firewall..., from
http://www.solucom.com/define.htm.
1142. Library Computer and Network Security: Library Security Principles ..., from
http://www.infopeople.org/resources/security/basics/threats_vulnerabilities.html.
1143. Wireless DoS, from
http://www.cisco.c0m/en/US/docs/wireless/technology/wips/deployment/guide/wipsdep.html#wpl50
481.
1144. Gary C. Kessler, (2000), "Defenses Against Distributed Denial of Service Attacks", from
http://www.garykessler.net/library/ddos.html.
1145. Abhishek Singh, (2005), Demystifying Denial-Of-Service attacks, part one, from
http://www.symantec.com/connect/articles/demystifying-denial-service-attacks-part-one.
1146. Denial-of-service attack, from http://en.wikipedia.0rg/wiki/Denial-0f-service_attack#lncidents.
1147. Kevin Poulsen, (2010), New: Cyberattack Against WikiLeaks Was Weak, from
http://www.wired.com/threatlevel/2010/ll/wikileaks-attack/.
1148. PlugBot, from http://theplugbot.com.
1149. Illusion Bot and NetBot Attacker, from .
1150. DoS HTTP, from http://socketsoft.net/products.asp?p=doshttp.
1151. KFSensor, from http://www.keyfocus.net/kfsensor/download/.
1152. FortiDDoS-300A, from http://www.fortinet.com/products/fortiddos/300A.html.
1153. DDoS Protector, from http://www.checkpoint.com/products/ddos-protector/.
References Page 3011 Ethical Hacking and Countermeasures Copyright by EC-COUIICil
All Rights Reserved. Reproduction is Strictly Prohibited.
Ethical Hacking and Countermeasures Exam 312-50 Certified Ethical Hacker
References
1154. Cisco Guard XT 5650, from
http://www.cisco.com/en/US/prod/collateral/vpndevc/ps5879/ps6264/ps5888/product_data_sheet090
0aecd800fa55e.html.
1155. Arbor Pravail: Availability Protection System, from http://www.arbornetworks.com/products/pravail.
1156. D-Guard Anti-DDoS Firewall, from http://www.d-guard.com/.
1157. NetFlow Analyzer, from http://www.manageengine.com/products/netflow/download.html.
1158. FortiDDoS, from http://www.fortinet.com/products/fortiddos/.
1159. SDL Regex Fuzzer, from http://www.microsoft.com/en-us/download/confirmation.aspx?id=20095.
1160. DefensePro, from
http://www.radware.com/Products/ApplicationNetworkSecurity/DDoS_Attack_Protection.aspx.
1161. WANGuard Sensor, from https://www.andrisoft.com/store/evaluation-request.
1162. DOSarrest, from http://www.dosarrest.com.
1163. NetScaler Application Firewall, from http://www.citrix.com/products/netscaler-application-delivery-
controller/try. html?ntref=header_try.
1164. Anti DDoS Guardian, from http://www.beethink.com/antiddos.htm.
1165. FortGuard DDoS Firewall, from http://www.fortguard.com/ddosmonitor.html.
1166. DDoSDefend, from http://ddosdefend.com/ddos-protection.html.
1167. Webserver Stress Tool, from http://www.paessler.com/download/webstress.
1168. Web Stress Tester, from http://www.fastream.com/webstresstester.php.
1169. J Meter, from http://jmeter.apache.org/downloadJ meter.cgi.
1170. DoS HTTP, from http://socketsoft.net/products.asp?p=doshttp.
1171. Mail Bomber, from http://www.getfreefile.com/bomber.html.
1172. Advanced Mail Bomber, from http://www.softheap.com/abomber.html.
Module 11: Session Hijacking
1173. Steps in Session Hijacking, from http://www.hackguide4u.com/2010/03/steps-in-session-
hijacking.html.
1174. Session Hijacking, from http://www.imperva.com/resources/glossary/session_hijacking.html.
1175. IP Hijack, from http://dokfleed.net/duh/modules.php?name=News&file=article&sid=3.
1176. Spoofing Vs Hijacking, from http://www.hackguide4u.com/2010/03/spoofing-vs-hijacking.html.
1177. Lee Lawson, (2005), Session Hijacking Packet Analysis, Available from
http://www.securitydocs.com/library/3479.
1178. Dave Dittrich, Session hijack script, Available from http://blinky-lights.org/script.html.
1179. Session hijacking attack, Available from http://www.owasp.org/index.php/Session_hijacking_attack.
1180. Shray Kapoor, Session Hijacking Exploiting TCP, UDP and HTTP Sessions,
http://www.infosecwriters.com/text_resources/pdf/SKapoor_SessionHijacking.pdf.
1181. David Endler, (2001), Brute-Force Exploitation of Web Application Session IDs,
http://www.cgisecurity.com/lib/SessionlDs.pdf.
1182. Robert Auger, Credential and Session Prediction, Available from
http://projects.webappsec.org/Credential-and-Session-Prediction.
1183. Trojan horse, Available from
http://searchsecurity.techtarget.com/sDefinition/0sidl4_gci213221,00.html.
References Page 3012 Ethical Hacking and Countermeasures Copyright by EC-COUIICil
All Rights Reserved. Reproduction is Strictly Prohibited.
Ethical Hacking and Countermeasures Exam 312-50 Certified Ethical Hacker
References
1184. J amie.riden, (2008), CLIENT-SIDE ATTACKS, Available from http://www.honeynet.org/node/157.
1185. Lee Lawson, (2005), Session Hijacking Packet Analysis, Available from
http://www.securitydocs.com/library/3479.
1186. Addison Wesley, (2007), Fibre Channel and IP session hijacking assessment exercise, Available from
http://searchstoragechannel.techtarget.com/generic/0,295582,sid98_gcil250226,00.html.
1187. Prevention from Session Hijacking, Available from http://hydtechie.blogspot.com/2008/08/prevention-
from-session-hijacking.html.
1188. Session Hijacking, Available from http://www.cs.binghamton.edu/~steflik/cs455/sessionhijacking.htm.
1189. Hackerthreads.org security: View topic - Network Session Hijacking, from
www.hackerthreads.org/phpbb/viewtopic.php?t=745.
1190. OpenSSH - SwiK swik.net/OpenSSH MOM 2005: IP Security (IPSec), from
www.microsoft.com/technet/prodtechnol/mom/mom2005/Library/39cb2734-506c-4101-887c-
c2d2146621c0.mspx.
1191. Microsoft Security Bulletin (MS99-046): Frequently Asked Questions, from
www.microsoft.com/technet/security/bulletin/fq99-046.mspx.
1192. Laurent J oncheray, Simple Active Attack Against TCP Sequence Number Prediction, from
http://www.cert.org/advisories/CA-2001-09.html.
1193. Term: S/key, from www.webopedia.com.
1194. Attacks against IIS, from
http://www.microsoft.eom/technet/prodtechnol/WindowsServer2003/Library/IIS/0al99196-4ae9-41eb-
b8cl-572251f9f550.mspx?mfr=true.
1195. J oe J enkins, (2000), Internet Security and Your Business - Knowing the Risks, from
http://www.securityfocus.com/infocus/1194.
1196. Webapplication Attacks - Intro, from www.netprotect.ch/downloads/webguide.pdf.
1197. Alexia Tsotsis, (2010), How To Protect Your Login Information From Firesheep, from
http://techcrunch.com/2010/10/25/firesheep/.
1198. zaproxy, from https://code.google.eom/p/zaproxy/downloads/list.
1199. J Hijack, from http://sourceforge.net/projects/jhijack/files/latest/download?source=files.
1200. Hamster, from http://erratasec.blogspot.in/2009/03/hamster-20-and-ferret-20.html.
1201. Ferret, from http://erratasec.blogspot.in/2009/03/hamster-20-and-ferret-20.html.
1202. Surf J ack, from https://code.google.com/p/surfjack/downloads/detail?name=surfjack0.2b.zip.
1203. PerJ ack, from http://packetstormsecurity.org.
1204. Ettercap, from http://sourceforge.net/projects/ettercap/files/latest/download?source=dlp.
1205. WhatsUp Gold Engineer's Toolkit, from
http://www.whatsupgold.com/products/download/network_management.aspx?k_id=ping-sweep-tool.
1206. Hunt, from http://packetstormsecurity.com/files/download/21968/hunt-l.5bin.tgz.
1207. J uggernaut, from http://www.securiteam.com.
1208. TamperlE, from http://www.bayden.com/TamperlE/.
1209. Cookie Cadger, from https://www.cookiecadger.com/?page_id=19.
Module 12: Hacking Webservers
1210. Web Parameter Tampering, from https://www.owasp.org/index.php/Web_Parameter_Tampering.
References Page 3013 Ethical Hacking and Countermeasures Copyright by EC-COUIICil
All Rights Reserved. Reproduction is Strictly Prohibited.
Ethical Hacking and Countermeasures Exam 312-50 Certified Ethical Hacker
References
1211. Web Server Security and Database Server Security, from http://www.itura.net/trainir1g/19-web-server-
security-and-database-server-security.pdf.
1212. Configuring and organizing server security information, from
http://www.freepatentsonline.com/7712137.html.
1213. Internet Security, from http://wiki.winf.at/184216 .
1214. Securing applications, from http://www.slideshare.net/florinc/application-security-1831714.
1215. About Securing Applications, from
http://docs.oracle.com/cd/E16348_01/books/SecurHarden/SecurHarden_AppSecur2.html.
1216. Insecure Configuration Management, from
http://www.upenn.edu/computing/security/swat/SWAT_Top_Ten_A10.php .
1217. Server Misconfiguration, from
http://pr0jects.webappsec.0rg/w/page/13246959/Server%20Misc0nfigurati0n.
1218. Repairing system after following directions in attempt to clean virus, from
http://forum.hijackthis.de/archiv/18982-repairing-system-after-following-directions-attempt-clean-
virus.html.
1219. Header Manipulation, from
http://www.hpenterprisesecurity.com/vulncat/en/vulncat/sql/header_manipulation.html.
1220. Cache Poisoning, from https://www.owasp.org/index.php/Cache_Poisoning .
1221. Improving Web Application Security: Threats and Countermeasures, from
http://msdn.microsoft.com/en-us/library/aa302418.aspx.
1222. Best Practices for Applying Service Packs, Hotfixes and Security Patches, from
http://technet.microsoft.com/en-us/library/cc750077.aspx .
1223. Securing Your Web Server, from http://msdn.microsoft.com/en-us/library/ff648653.aspx .
1224. Web Server Security and Database Server Security, from
http://www.acunetix.com/websitesecurity/webserver-security.
1225. Windows IIS Server hardening checklist, from
http://media.techtarget.com/searchSecurity/downloads/Windows_IIS_Server_hardening_checklist.pdf7t
rack=LlAP .
1226. IIS Web Server Security, from http://www.acunetix.com/websitesecurity/iis-security.
1227. WEB SERVER SECURITY AND DATABASE SERVER SECURITY, from http://www.itura.net/training/19-web-
server-security-and-database-server-security.html.
1228. Checklist: Securing Your Web Server, from http://msdn.microsoft.com/en-us/library/ff648198.aspx .
1229. HTTP Response Splitting, Web Cache Poisoning Attacks, and Related Topics, from
http://www.ouah.org/whitepaper_httpresponse.pdf.
1230. Hacking Web Servers, from http://www.scribd.com/doc/35607686/hacking-Module-ll.
1231. Terms used by Microsoft to describe the various software updates released by it, from
http://www.thewindowsclub.com/terms-used-by-microsoft-to-describe-the-various-software-updates-
released-by-it.
1232. Patch Management Best Practices, from http://www.oracle.com/technetwork/systems/articles/patch-
management-jsp-135385.html.
1233. Directory Traversal Attacks, from http://www.acunetix.com/websitesecurity/directory-traversal.
1234. J ason Chan, (2004), Essentials of Patch Management Policy and Practice, from
http://www.patchmanagement.org/pmessentials.asp.
References Page 3014 Ethical Hacking and Countermeasures Copyright by EC-COUIICil
All Rights Reserved. Reproduction is Strictly Prohibited.
Ethical Hacking and Countermeasures Exam 312-50 Certified Ethical Hacker
References
1235. Managing Web Server Security, from
www.microsoft.com/technet/prodtechnol/windows2000serv/technologies/iis/maintain/featusability/c0
5iis.mspx.
1236. There are basically three overlapping types of risk:, from http://www.rduonline.com/webpolicy.mgi.
1237. Frank Kargl, J orn Maier, Stefan Schlott, Michael Weber, Protecting Web Servers from Distributed Denial
of Service Attacks, from http://wwwl0.org/cdrom/papers/409/.
1238. TCPflow (Analyzing Tool), from http://www.circlemud.org/.
1239. Radu State, (2008), Hacking Web2, http://www.aims-conference.org/issnsm-2008/01-WebHacking.pdf.
1240. J eremiah Grossman, (2010), 10th Website Security Statistics Report,
http://www.whitehatsec.com/home/assets/presentations/10PPT/PPT_stats0910.pdf.
1241. Reto E. Haeni, (1997), Firewall Penetration Testing,
http://bandwidthco.com/whitepapers/netforensics/penetration/Firewall%20Penetration%20Testing.pdf
1242. AMJ ahangiri, Google Hacking, http://www.alijahangiri.org/publication/Google-Hacking-by-Ali-
J ahangiri.pdf.
1243. Networking the networks, from http://www.terena.org/activities/tf-csirt/iodef/docs/i-
taxonomy_terms.ht.
1244. Network Computing, from
http://www.networkcomputing.com/shared/article/showArticle.jhtml?articleld=8702815&c.
1245. Barry Wheelbarger, Apache Security, from
http://www.cs.uwf.edu/~wilde/StuPres200301/Apache_Security.ppt.
1246. Security issues affecting Apache httpd 2.0.40, from http://www.apacheweek.com/features/security-
V2.0.40.
1247. Apache Web Server for Windows Lets Remote Users Crash the Web Server Application, from
http://www.securitytracker.com/alerts/2001/0ct/1002543.html.
1248. The World Wide Web Security FAQ, from http://www.zentek-international.com/mirrors/www-security-
faq/wwwsfl.html.
1249. HNS Newsletter, from http://www.net-security.org/dl/newsletter/txt/issue066.txt.
1250. Ethel the Blog, from http://stommel.tamu.edu/~baum/ethel/2000_12_03_ethel-archive.html.
1251. Survey and Analysis of Available Tools, from
http://www.securecoding.org/authors/artides/may202003/section7.php.
1252. Information Security Products, from http://www-
935.ibm.com/services/us/index.wss/offerfamily/iss/a 1029097.
1253. Family of Load Balancers, from http://www.redhillnetworks.com/products/webmux/load-balancer.htm.
1254. Advanced Defect Tracking Web Edition, from http://www.borderwave.com/.
1255. Internet Security and Warfare (ISAW), from http://technews-isaw.blogspot.com/.
1256. Experimental Computer System lab, from http://www.ecsl.cs.sunysb.edu/.
1257. An Internet Encyclopedia, from http://www.freesoft.org/CIE/Topics/ssl-draft/3-SPEC.HTM.
1258. Apache httpd 2.0 vulnerabilities, from http://httpd.apache.org/security/vulnerabilities_20.html.
1259. Apache httpd 1.3 vulnerabilities, from http://httpd.apache.org/security/vulnerabilities_13.html.
1260. Web Hosting, E-commerce, and Domain Registration..., from http://www.sidetrips.com/.
1261. Computers, Networking, and Security, from http://www.cromwell-intl.com/.
1262. Tony Bradley, (2006), Secure Internet and Network Security, from http://www.s3kur3.com/.
References Page 3015 Ethical Hacking and Countermeasures Copyright by EC-COUIICil
All Rights Reserved. Reproduction is Strictly Prohibited.
Ethical Hacking and Countermeasures Exam 312-50 Certified Ethical Hacker
References
1263. Saumil Shah, (2003), One-way Web Hacking, from http://net-
square.com/papers/one_way/one_way.html.
1264. (2010), Case Study: Congressional Web Site Defacements Follow the State of the Union, from
http://praetorianprefect.eom/archives/2010/ 01/congressional-web-site-defacements-follow-the-state-
of-the-union/.
1265. Definition: WEB-SITES DEFACEMENT, from http://www.freepatentsonline.com/y2010/0107247.html.
1266. Bodvoc, (2010), An Overview of a Web Server, from http://bodvoc.wordpress.com/2010/07/02/an-
overview-of-a-web-server/.
1267. (2009), IIS 7.0 Architecture, from http://www.gandhipritesh.com/2009/05/iis-70-architecture.html.
1268. (2001), Defaced Websites, from http://attrition.org/mirror/attrition/.
1269. Robert Auger, Server Misconfiguration, from http://pr0jects.webappsec.0rg/w/page/13246959/Server
Misconfiguration.
1270. Insecure Configuration Management, from
http://www.owasp.org/index.php/lnsecure_Configuration_Management.
1271. (2009), hostmap 0.2 - Automatic Hostname & Virtual Hosts Discovery Tool, from
http://www.darknet.org.uk/tag/web-server-hacking/.
1272. (2009), reDuh - TCP Redirection over HTTP, from http://www.darknet.org.uk/tag/web-server-hacking/.
1273. httprecon - Advanced Web Server Fingerprinting http://www.darknet.org.uk/tag/web-server-hacking/.
1274. Robert Auger, HTTP Response Splitting http://pr0jects.webappsec.0rg/w/page/13246931/HTTP
Response-Splitting.
1275. HTTP Response Splitting, from http://www.owasp.org/index.php/HTTP_Response_Splitting.
1276. Introduction to HTTP Response Splitting, from
http://www.securiteam.com/securityreviews/5WP0E2KFGK.html.
1277. Tunneling protocol, from http://en.wikipedia.org/wiki/Tunneling_protocol.
1278. Whois, from http://tools.whois.net.
1279. Traceroute, from http://whatismyipaddress.com/traceroute-tool.
1280. ActiveWhois, from http://www.johnru.com/.
1281. Netcraft, from http://searchdns.netcraft.com/7host.
1282. httprecon, from http://www.computec.ch/projekte/httprecon/?s=download.
1283. ID Serve, from http://www.grc.com.
1284. HTTrack Website Copier, from http://www.httrack.c0m/page/2/ .
1285. WebCopier Pro, from http://www.maximumsoft.com/products/wc_pro/overview.html.
1286. BlackWidow, from http://softbytelabs.com/us/downloads.html.
1287. Hamster, from http://erratasec.blogspot.in/2009/03/hamster-20-and-ferret-20.html.
1288. Firesheep, from http://codebutler.github.io/firesheep/.
1289. Brutus, from http://www.hoobie.net/brutus/brutus-download.html.
1290. Metasploit, from http://www.metasploit.com/download/.
1291. WFetch, from http://d0wnl0ad.micr0s0ft.c0m/d0wnl0ad/d/e/5/de5351d6-4463-4cc3-a27c
3e2274263c43/wfetch.exe (http://www.microsoft.com/downloads/details.aspx?FamilylD=56fc92ee-
a71a-4c73-b628-ade629c89499&DisplayLang=en).
1292. Brutus, from http://www.hoobie.net/brutus/brutus-download.html.
1293. Internet Password Recovery Toolbox, from http://www.rixler.com/password_recovery_toolbox.htm.
References Page 3016 Ethical Hacking and Countermeasures Copyright by EC-COUIICil
All Rights Reserved. Reproduction is Strictly Prohibited.
Ethical Hacking and Countermeasures Exam 312-50 Certified Ethical Hacker
References
1294. Microsoft Baseline Security Analyzer (MBSA), from http://www.microsoft.com/en-
us/download/details. aspx?id=7558.
1295. Altiris Client Management Suite, from http://www.symantec.com/client-management-suite/trialware.
1296. Prism Patch Manager, from http://www.newboundary.com/products/prism-patch-manager/trial.
1297. MaaS360Patch Analyzer Tool, from http://www.maas360.com/tools-and-trials/downloads/.
1298. Kaseya Security Patch Management, from http://www.kaseya.c0m/features/patch-management.aspx#.
1299. Secunia CSI, from http://secunia.com/products/corporate/csi/.
1300. ZENworksPatch Management, from http://www.novell.com.
1301. LumensionPatch and Remediation, from http://www.lumension.com.
1302. Security Manager Plus, from http://www.manageengine.com/products/security-
manager/download, html.
1303. VMware vCenter Protect, from http://www.shavlik.com/downloads.aspx.
1304. Syhunt Dynamic, from http://www.syhunt.com/?n=Syhunt.Dynamic.
1305. N-Stalker Web Application Security Scanner, from http://www.nstalker.com/products/editions/free/.
1306. Wikto, from http://www.sensepost.com.
1307. Acunetix Web Vulnerability Scanner, from http://www.acunetix.com/vulnerability-
scanner/down load.htm.
1308. HackAlert, from http://www.armorize.com/index.php?link_id=register.
1309. QualysGuard Malware Detection, from http://www.qualys.com/forms/trials/stopmalware/.
1310. Retina CS, from http://www.beyondtrust.com/Landers/TY-Page-RetinaCSCommunity/index.html.
1311. Nscan, from http://nscan.hypermart.net.
1312. NetlQ Secure ConfigurationManager, from https://www.netiq.com/products/secure-configuration-
manager/.
1313. SAINT, from http://www.saintcorporation.com/products/software/saintScanner.html.
1314. HP Weblnspect, from https://download.hpsmartupdate.com/webinspect/.
1315. Arirang, from http://www.monkey.org/~pilot/arirang/.
1316. N-Stalker Web Application Security Scanner, from http://www.nstalker.com/products/editions/free/.
1317. Infiltrator, from http://www.infiltration-systems.com/download.shtml.
1318. WebCruiser, from http://sec4app.com/download.htm.
1319. dotDefender, from http://www.applicure.com/Products/.
1320. Core Impact Professional, from http://www.coresecurity.com.
1321. Immunity CANVAS, from http://www.immunitysec.com/downloads.shtml.
Module 13: Hacking Web Applications
1322. Parameter Tampering, from http://www.imperva.com/resources/glossary/parameter_tampering.html.
1323. Connection String Injection Attacks, from http://msdn.microsoft.com/en-us/library/ms254947.aspx.
1324. A62004 Injection Flaws, from https://www.owasp.org/index.php/A6_2004_lnjection_Flaws.
1325. Connection String Parameter Pollution Attacks, from http://blackhat.com/presentations/bh-dc-
10/Alonso_Chema/Blackhat-DC-2010-Alonso-Connection-String-Parameter-Pollution-wp.pdf.
1326. Session Prediction, from https://www.owasp.org/index.php?title=Session_Prediction&setlang=en.
1327. Buffer Overflow, from http://pr0jects.webappsec.0rg/w/page/13246916/Buffer-0verfl0w.
References Page 3017 Ethical Hacking and Countermeasures Copyright by EC-COUIICil
All Rights Reserved. Reproduction is Strictly Prohibited.
Ethical Hacking and Countermeasures Exam 312-50 Certified Ethical Hacker
References
1328. Managed Application Firewall, from
http://www.secureworks.com/resources/articles/other_artides/2010-waf.
1329. Do you write secure code?, from http://www.slideshare.net/yuvalgo/do-you-write-secure-code-by-erez-
metula.
1330. Web Parameter Tampering, from https://www.owasp.org/index.php/Web_Parameter_Tampering.
1331. Path Traversal, from https://www.owasp.org/index.php/Path_traversal.
1332. Top 10 2010-A6-Security Misconfiguration, from https://www.owasp.org/index.php/Top_10_2010-A6-
Security_Misconfiguration.
1333. Common Security Mistakes in Web Applications, from http://roobon.net/2011/06/01/common-security-
mistakes-in-web-applications.
1334. LDAP Injection & BLIND LDAP Injection, from http://www.blackhat.com/presentations/bh-europe-
08/Alonso-Parada/Whitepaper/bh-eu-08-alonso-parada-WP.pdf.
1335. Parameter Manipulation, from http://www.cgisecurity.com/owasp/html/chlls04.html.
1336. Cross-site Scripting (XSS), from https://www.owasp.org/index.php/Cross-site_Scripting_(XSS).
1337. XSS Filter Evasion Cheat Sheet, from
https://www.owasp.org/index.php/XSS_Filter_Evasion_Cheat_Sheet.
1338. Cross-Site Request Forgery (CSRF) Attack Lab, from
http://www.cis.syr.edu/~wedu/seed/Labs/Attacks_CSRF/CSRF.pdf.
1339. Cross-Site Request Forgeries, from http://www.shiflett.org/articles/cross-site-request-forgeries.
1340. Webapplication Attack : DOS and DDOS attack, from
http://funwhichuwant.blogspot.in/2012/ 10/webapplication-attack-dos-and-ddos.html.
1341. Buffer Overflow, from http://pr0jects.webappsec.0rg/w/page/13246916/Buffer%200verfl0w.
1342. Cookie Poisoning, from http://www.imperva.com/resources/glossary/cookie_poisoning.html .
1343. Wen Application Vulnerabilities, from http://www.slideshare.net/technoplex/web-application-
vulnerabilities .
1344. Attacking XML Security Message Oriented Madness, XML Worms and Web Service Security Sanity, from
http://www.slideshare.net/yusufmotiwala/attacking-xml-security.
1345. Managing Web Services, from http://docs.oracle.com/cd/E19316-01/820-4335/gbbjk/index.html.
1346. Web Services Hacking And Hardening, from http://www.slideshare.net/rnewton/web-services-hacking-
and-hardening.
1347. Advanced Web Services Hacking, from http://www.slideshare.net/shreeraj/advanced-web-services-
hacking .
1348. Hacking Web 2.0 - Defending Ajax and Web Service, from http://www.slideshare.net/shreeraj/hacking-
web-20-defending-ajax-and-web-services-hitb-2007-dubai.
1349. All-Purpose Tools, from http://www.securnet.biz/tools.htm.
1350. Error executing child request for Chartlmg.axd, from http://social.msdn.microsoft.com/Forums/en-
US/MSWinWebChart/thread/115d7f31-e4a8-4c09-b558-4db2cfle83e7.
1351. Session Prediction, from https://www.owasp.org/index.php?title=Session_Prediction&setlang=en.
1352. Building Connection Strings, from http://msdn.microsoft.com/en-us/library/ms254947(v=vs.80).aspx .
1353. DOS ATTACKS USING SQL WILDCARDS, from http://hax.tor.hu/read/MSSQL_DoS/wildcard_attacks.pdf.
1354. Understanding Web Services Attacks, from
http://www.datacorn.cz/files_datacom/understanding_webservicesattacks_0.pdf.
1355. Spheon J SOAP - InterOp: MS SOAP ToolKit 3.0 (typed), from
http://soap.fmui.de/interop/interop2OOlMSSOAPToolKitTyped.html.
References Page 3018 Ethical Hacking and Countermeasures Copyright by EC-COUIICil
All Rights Reserved. Reproduction is Strictly Prohibited.
Ethical Hacking and Countermeasures Exam 312-50 Certified Ethical Hacker
References
1356. Web Services Attacks & Countermeasures, from
http://www.interop.com/lasvegas/2004/presentations/downloads/sc04_c_sima.pdf.
1357. Testing for HTTP Splitting/Smuggling (OWASP-DV-OI6), from
https://www.owasp.org/index.php/Testing_for_HTTP_Exploit.
1358. Testing for SQL Wildcard Attacks (OWASP-DS-OOl), from
https://www.owasp.org/index.php/Testing_for_SQL_Wildcard_Attacks_(OWASP-DS-001) .
1359. Testing for DoS User Specified Object Allocation (OWASP-DS-004), from
https://www.owasp.org/index. php/Testing_for_DoS_User_Specified_Object_Allocation_(OWASP-DS-
004).
1360. Testing for Storing too Much Data in Session (OWASP-DS-OO8), from
https://www.owasp.org/index.php/Testing_for_Storing_too_Much_Data_in_Session_(OWASP-DS-008).
1361. Testing for Naughty SOAP Attachments, from http://nilminus.wordpress.com/web-application-
penetration-testing/web-services-testing/testing-for-naughty-soap-attachments.
1362. Testing for AJ AX (OWASP-AJ -002), from
https://www.owasp.org/index.php?title=Testing_for_AJ AX_(OWASP-AJ -002)&setlang=es.
1363. Common Web-Based Applications Attacks, Available from
http://www.applicure.c0m/C0mm0n_Web_Based_Applicati0ns_Attacks#2._lnjecti0n_Flaws.
1364. Bart Puype, WGET for Windows (Win32), version 1.11.4, Available from
http://users.ugent.be/~bpuype/wget/.
1365. Andres Riancho, Web Application Attack and Audit Framework, Available from
http://w3af.sourceforge.net/.
1366. Market Leading Protection for Web Applications, Available from
http://www.imperva.com/products/web-application-firewall.html.
1367. Vulnerability, from http://www.citi.umich.edu/projects/itss/lectures/lecture-20.pdf.
1368. DATA IIS Vulnerability, from http://www.ciac.org/ciac/bulletins/k-068.shtml.
1369. RPC DCOM Vulnerability, from http://seclists.org/bugtraq/2003/0ct/0151.html.
1370. ASN Exploits, from www.itworldcanada.com.
1371. [PDF] Introduction to Web Applications and Security, from http://books.mcgraw-
hill.com/downloads/products//007222438X/007222438X_ch01.pdf.
1372. The behaviors and tools of today's hacker, from www.symantec.com/symadvantage/014/hacker.html.
1373. Paper -- Cross Site Scripting, from www.technicalinfo.net/papers/CSS.html.
1374. Host Vulnerability, from http://www.cit.cornell.edu/security/scanning/sample.html.
1375. J oseph Seaman, (2003), Web Application Security from
www.itsa.ufl.edu/slide_shows/2003/WebAppSec.ppt.
1376. Vulnerability Management Commitment and Disclosure Policy, from
http://www.symantec.com/security/.
1377. Bug Tracking Software Links, from http://www.bug-track.com/main/links.jsp.
1378. Mike Benham, (2002), Internet Explorer SSL Vulnerability, from
http://www.securiteam.com/windowsntfocus/5J P0E0081M.html.
1379. The 21 Primary Classes of Web Application Threats, from
www.netcontinuum.com/securityCentral/TopThreatTypes/index.cfm.
1380. Paper: HTML Code Injection and Cross-site scripting, from
http://www.technicalinfo.net/papers/CSS.html.
1381. IS YOUR WEBSITE HACKABLE?, from www.acunetix.com/vulnerability-scanner/wvsbrochure.pdf.
References Page 3019 Ethical Hacking and Countermeasures Copyright by EC-COUIICil
All Rights Reserved. Reproduction is Strictly Prohibited.
Ethical Hacking and Countermeasures Exam 312-50 Certified Ethical Hacker
References
1382. Regular Expressions: curl Simplifies Web Retrieval, from
http://www.unixreview.com/documents/s=1820/unil011713175619/0201i.htm.
1383. FWSM URL Filtering Solution TCP ACL Bypass Vulnerability, from www.cisco.com.
1384. Zero Day Exploits: The Holy Grail, from www.netsecurity.about.com.
1385. What is parameter tampering?, from www.imperva.com.
1386. AFITC 2001, from www.whitehatsec.com.
1387. Toelichting aanvalstechnieken, from www.nedsecure.nl.
1388. Cross-Site Scripting, Injection Flaws, OWASP Web Application Security Top Ten List and Buffer Overflow,
from www.owasp.org.
1389. Hacker Protection from SQL Injection - SPI Dynamics, from www.spidynamics.com.
1390. Changing Your Password, How Hackers Get Hold of Passwords, from
www.lockdown.co. uk/?pg=password_guide.
1391. George Shaffer, Modus Operandi of an Attacker Using a Password Cracker, from
http://geodsoft.com/howto/password/cracking_passwords.htm.
1392. Robert J . Shimonski, (2002), Hacking techniques, from www.ibm.com/developerworks/library/s-crack.
1393. Mark Curphey, Query String, from www.cgisecurity.com/owasp/html/chlls04.html.
1394. Edward Skoudis, Authforce, from (2005),
http://searchsecurity.techtarget.com/searchSecurity/downloads/Skoudis_ch07.pdf.
1395. Sarah Granger, (2002), A Guide To Better Password Practices, from
www.securityfocus.com/infocus/1537.
1396. Bad Password Examples, from http://www.spy-hill.com/~myers/help/Passwords.html.
1397. Microsoft Password Checker, from
http://www.microsoft.com/athome/security/privacy/password_checker.mspx.
1398. Mehdi Mousavi, What an ISAPI extension is?, from
http://www.codeproject.com/KB/ISAPI/isapi_extensions.aspx.
1399. Maximum Security - Chapter 10 - Password Crackers, from
http://www.windowsecurity.com/whitepapers/Maximum_Security__Chapter_10__Password_Crackers_.
html.
1400. Patch improves the TCP Initial Sequence Number Randomness, from
http://www.securiteam.com/windowsntfocus/3V5QBQKPPU.html.
1401. Mark Russinovich, (2008), TCP View for Windows, from http://technet.microsoft.com/hi-
in/sysinternals/bb897437(en-us).aspx.
1402. Admin Knowledge Base section, from
http://www.windowsnetworking.com/kbase/WindowsTips/WindowsTips/WindowsNT/AdminTips/Utiliti
es/TCPViewe.
1403. Web Application Security, from http://www.securityfocus.com/archive/107/223386/2001-10-28/2001-
11-02/ 0.
1404. Nikola Strahija, (2002), Introduction to password cracking, from
http://www.xatrix.org/article.php?s=1758.
1405. Password cracking, http://www-128.ibm.com/developerworks/security/library/s-
crack/password_cracking.html.
1406. Password cracker, from
http://searchfinancialsecurity.techtarget.com/sDefinition/0sidl85_gci536994,00.html.
References Page 3020 Ethical Hacking and Countermeasures Copyright by EC-COUIICil
All Rights Reserved. Reproduction is Strictly Prohibited.
Ethical Hacking and Countermeasures Exam 312-50 Certified Ethical Hacker
References
1407. David P. Kormann and Aviel D. Rubin, Risks of the Passport Single Signon Protocol, from
http://www.cs.jhu.edu/~rubin/courses/sp03/papers/passport.pdf.
1408. Abel Banda, (2003), ASP.NET Forms Authentication, from
http://www.ondotnet.eom/pub/a/dotnet/2003/01/06/formsauthpl.html.
1409. Erika, (2006), Microsoft Security Bulletin MS02-048, from
http://www.microsoft.com/technet/security/Bulletin/MS02-048.mspx.
1410. J eff Williams, (2006), Cross-Site Scripting, Injection Flaws, OWASP Web Application Security Top Ten List
and Buffer Overflow, from http://www.owasp.org/.
1411. Sarah Granger, (2002), A Guide To Better Password Practices, from
http://www.securityfocus.com/infocus/1537.
1412. Gaining Access Using Application and Operating System Attacks, from
http://searchsecurity.techtarget.com/searchSecurity/downloads/Skoudis_ch07.pdf.
1413. Rob Shimonski, (2002), Hacking techniques, from http://www-128.ibm.com/developerworks/library/s-
crack/.
1414. Password Guidelines, from http://www.lockdown.co.uk/?pg=password_guide.
1415. Biometric Education: Fingerprint, from http://www.barcode.ro/tutorials/biometrics/fingerprint.html.
1416. Kimon Rethis, (2006), Biometrics Authentication, from http://www.csun.edu/.
1417. IPSec Authentication and Authorization Models, from
http://www.ciscopress.com/articles/article.asp?p=421514&seqNum=4%20-%2031k%20-&rl=l.
1418. Digital Certificates, from http://www.bitpipe.com/tlist/Digital-Certificates.html.
1419. J ohn, HTTP Authentication: Basic and Digest Access Authentication, from
h tt p ://www. i etf. 0 rg/ rf c/ rf c 2617. txt.
1420. Authentication, Authorization, and Access Control, from http://httpd.apache.org/docs/.
1421. Functions and Procedures: Basic Authentication, from
http://www.zeitungsjunge.de/delphi/mime/Help/DIMime.htm.
1422. The Cross-Site Scripting (XSS) FAQ, from http://www.cgisecurity.com/xss-faq.html.
1423. Input Validation Cheat Sheet, from http://michaeldaw.org/input_validation_cheat_sheet.
1424. Quick Security Reference - Cross-Site Scripting.docx, from
http://download.microsoft.eom/download/E/E/7/EE7B9CF4-6A59-4832-8EDE
B018175F4610/Quick%20Security%20Reference%20-%20Cross-Site%20Scripting.docx.
1425. Web Application Penetration Testing, from
http://www.owasp.org/index.php/Web_Application_Penetration_Testing.
1426. J eff Orloff, The Big Website Guide to a Hacking Attack, from http://www.applicure.com/blog/big-
website-guide-to-a-hacking-attack.
1427. What is Cross-Site Scripting (XSS)?, from http://www.applicure.com/blog/what-is-cross-site-scripting.
1428. LDAP Filters, from http://www.selfadsi.org/ldap-filter.htm.
1429. Paul Lee, (2002), Cross-site scripting, from http://www.ibm.com/developerworks/tivoli/library/s-
csscript/.
1430. XSS (Cross Site Scripting) Prevention Cheat Sheet, from
http://www.owasp.org/index.php/XSS_%28Cross_Site_Scripting%29_Prevention_Cheat_Sheet.
1431. Amit Klein, (2005), DOM Based Cross Site Scripting or XSS of the Third Kind, from
http://www.webappsec.org/projects/articles/071105.shtml.
1432. Samoa: Formal Tools for Securing Web Services, from http://research.microsoft.com/en-
us/projects/samoa/.
References Page 3021 Ethical Hacking and Countermeasures Copyright by EC-COUIICil
All Rights Reserved. Reproduction is Strictly Prohibited.
Ethical Hacking and Countermeasures Exam 312-50 Certified Ethical Hacker
References
1433. RSnake"XSS (Cross Site Scripting) Cheat Sheet Esp: for filter evasion", from http://ha.ckers.org/xss.html.
1434. Microsoft's Anti-Cross Site Scripting Security Runtime Engine Sample - AntiXSS 3.1, from
http://davidhayden.com/blog/dave/archive/2009/09/22/antixsssample.aspx.
1435. Philip Tellis, (2010), Common Security Mistakes in Web Applications, from
http://www.smashingmagazine.com/2010/10/18/common-security-mistakes-in-web-applications/.
1436. J .D. Meier, Alex Mackman, Michael Dunner, Srinath Vasireddy, Ray Escamilla and Anandha Murukan,
(2003), Improving Web Application Security: Threats and Countermeasures, from
http://msdn.microsoft.com/en-us/library/ff649874.aspx.
1437. Alex Homer, Components and Web Application Architecture, from http://technet.microsoft.com/en-
us/library/bb727121.aspx.
1438. Ryan Barnett, (2011), Web-Hacking-lncident-Database, from http://projects.webappsec.org/Web-
Hacking-lncident-Database#TopApplication Weaknesses.
1439. (2009), Path Traversal, from http://www.owasp.org/index.php/Path_Traversal.
1440. (2010), Web Parameter Tampering, from
http://www.owasp.org/index.php/Web_Parameter_Tampering.
1441. Unvalidated Input, from
http://www.0wasp.0rg/index.php/Unvalidated_lnput#Exarnples_and_References.
1442. Kevin Beaver, The importance of input validation, from
http://searchsoftwarequality.techtarget. com/tip/0,289483, sid92_gcil214373_meml, 00. html.
1443. (2010), Validating Input, from
http://developer.apple.eom/library/ios/#documentation/Security/Conceptual/SecureCodingGuide/Articl
es/Validatinglnput.html.
1444. Seth Fogie, (2006), Code Injection Explained, from
http://www.informit.com/guides/content.aspx?g=security&seqNum=226.
1445. Code injection, from http://en.wikipedia.org/wiki/Code_injection.
1446. Injection Prevention Cheat Sheet, from
http://www.owasp.org/index.php/lnjection_Prevention_Cheat_Sheet.
1447. Remote file inclusion, from http://en.wikipedia.org/wiki/Remote_file_inclusion.
1448. Robert Auger, (2011), LDAP Injection, from http://projects.webappsec.org/LDAP-lnjection.
1449. Testing for LDAP Injection (OWASP-DV-OO6), from
http://www.owasp.org/index.php/Testing_for_LDAP_lnjection_%280WASP-DV-006%29.
1450. Shreeraj Shah, (2006), Top 10 Web 2.0 Attack Vectors, from http://www.net-
security.org/article. php?id=949.
1451. Robert Auger, (2010), Threat Classification, from http://projects.webappsec.org/Threat-Classification.
1452. (2006), Preventing HTML form tampering, from http://advosys.ca/papers/web/60-form-tampering.html.
1453. (2010), Cross-site Scripting (XSS), from http://www.owasp.org/index.php/Cross-
$ite_Scripting_%28XSS%29.
1454. Paul Lee, Cross-site scripting, from http://www.ibm.com/developerworks/tivoli/library/s-csscript/.
1455. Cross-site scripting, from http://en.wikipedia.org/wiki/Cross-site_scripting.
1456. DOM Based XSS, from http://www.owasp.org/index.php/DOM_Based_XSS.
1457. Phil Haack, (2009), CSRF Attacks and Web Forms, from http://haacked.com/archive/2009/04/02/csrf-
webforms.aspx.
1458. Chris Shiflettk, (2004), Cross-Site Request Forgeries, from http://shiflett.org/articles/cross-site-request-
forgeries.
References Page 3022 Ethical Hacking and Countermeasures Copyright by EC-COUIICil
All Rights Reserved. Reproduction is Strictly Prohibited.
Ethical Hacking and Countermeasures Exam 312-50 Certified Ethical Hacker
References
1459. Robert Auger, (2010), The Cross-Site Request Forgery (CSRF/XSRF) FAQ, from
http://www.cgisecurity.com/csrf-faq.html.
1460. Application Denial of Service, from http://www.owasp.org/index.php/Application_Denial_of_Service.
1461. Cookie Poisoning, from http://www.imperva.com/resources/glossary/cookie_poisoning.html.
1462. Cookie Poisoning howto, from http://forum.intern0t.net/security-tutorials-guides/2270-cookie-
poisoning-how.html.
1463. Broken Authentication and Session Management, from
http://www.owasp.org/index.php/Broken_Authentication_and_Session_Management.
1464. Robert Auger, (2010), Buffer Overflow, from http://pr0jects.webappsec.0rg/w/page/13246916/Buffer
Overflow.
1465. (2009), Buffer Overflow, from http://www.owasp.org/index.php/Buffer_Overflow.
1466. Free XML tools and software, from http://www.garshol.priv.no/download/xmltools/.
1467. SYS-CON tv, (2005), Anatomy of a Web Services Attack, from http://education.sys-con.com/node/80899.
1468. Robert Auger, (2010), Brute Force, from http://pr0jects.webappsec.0rg/w/page/13246915/Brute-F0rce.
1469. Ian de Villiers, sensepost j-baah, from http://www.sensepost.com/labs/tools/pentest/j-baah.
1470. (2009), Session Prediction, from http://www.owasp.org/index.php/Session_Prediction.
1471. Robert Auger, (2010), XPath Injection, from http://projects.webappsec.0rg/w/page/13247005/XPath
Injection.
1472. (2009), XPATH Injection, from http://www.owasp.org/index.php/XPATH_lnjection.
1473. SmartWhois, from http://www.tamos.com/download/main/index.php.
1474. Netcraft, from http://searchdns.netcraft.com/7host.
1475. Whois, from http://tools.whois.net.
1476. DNSstuff, from http://www.dnsstuff.com.
1477. dnsstuff, from http://www.dnsstuff.com/.
1478. network-tools, from http://network-tools.com/.
1479. DNS, from http://e-dns.org.
1480. DomainTools, from http://www.domaintools.com.
1481. WhatsUp PortScanner Tool, from
http://www.whatsupgold.com/products/download/network_management.aspx?k_id=port-scan.
1482. hping, from http://www.hping.org/download.php.
1483. Sandcat Browser, from http://www.syhunt.com/?n=Sandcat.Browser.
1484. Netcat, from http://sourceforge.net/projects/netcat/files/latest/download?source=files.
1485. ID Serve, from http://www.grc.com.
1486. Netcraft, from http://toolbar.netcraft.com.
1487. OWASP Zed Attack Proxy, from
https://code.google.com/p/zaproxy/downloads/detail?name=ZAP_2.0.0_Windows.exe&can=2&q=.
1488. Burp Spider, from http://blog.portswigger.net/2008/ll/mobp-all-new-burp-spider.html.
1489. WebScarab, from https://www.0wasp.0rg/index.php/Categ0ry:0WASP_WebScarab_Pr0ject.
1490. Burp Suite, from http://blog.portswigger.net/2008/ll/mobp-all-new-burp-spider.html.
1491. Brutus, from http://www.hoobie.net/brutus/brutus-download.html.
1492. Sensepost's Crowbar, from http://research.sensepost.com/tools/web/j-baah.
References Page 3023 Ethical Hacking and Countermeasures Copyright by EC-COUIICil
All Rights Reserved. Reproduction is Strictly Prohibited.
Ethical Hacking and Countermeasures Exam 312-50 Certified Ethical Hacker
References
1493. UrIScan, from
http://www.microsoft.com/web/gallery/install.aspx?appsxml=&appid=UrlScan%3bUrlScan.
1494. Nikto, from http://www.cirt.net/nikt02.
1495. Nessus, from http://www.tenable.com/products/nessus/select-your-operating-system.
1496. Acunetix Web Vulnerability Scanner, from http://www.acunetix.com/vulnerability-
scanner/download.htm.
1497. Weblnspect, from https://download.hpsmartupdate.com/webinspect/.
1498. HttPrint, from http://net-square.com/httprint.html.
1499. WebScarab, from https://www.0wasp.0rg/index.php/Categ0ry:0WASP_WebScarab_Pr0ject,
1500. GNU Wget, from ftp://ftp.gnu.org/gnu/wget/.
1501. Teleport Pro, from http://www.tenmax.com/teleport/pro/download.htm.
1502. BlackWidow, from http://softbytelabs.com/us/downloads.html.
1503. Brutus, from http://www.hoobie.net/brutus/brutus-download.html.
1504. THC-Hydra, from http://www.thc.org/thc-hydra/.
1505. soapUl, from http://www.soapui.org/.
1506. CookieDigger, from http://www.mcafee.com/apps/free-tools/termsofuse.aspx7urh/us/downloads/free-
tools/cookiedigger.aspx.
1507. WebScarab, from https://www.0wasp.0rg/index.php/Categ0ry:0WASP_WebScarab_Pr0ject.
1508. Instant Source, from http://www.blazingtools.eom/downloads.html#is.
1509. HttpBee, from http://www.o0o.nu/projects/stif.
1510. w3af, from http://w3af.sourceforge.net.
1511. Teleport Pro, from http://www.tenmax.com/teleport/pro/download.htm.
1512. GNU Wget, from ftp://ftp.gnu.org/gnu/wget/.
1513. WebCopier Pro, from http://www.maximumsoft.com/products/wc_pro/overview.html.
1514. HTTrack Website Copier, from http://www.httrack.c0m/page/2/ .
1515. BlackWidow, from http://softbytelabs.com/us/downloads.html.
1516. cURL, from http://curl.haxx.se/download.html.
1517. MileSCAN ParosPro, from
http://www.milescan.com/hk/index.php?option=com_content&view=article&id=15&ltemid=157.
1518. Acunetix Web Vulnerability Scanner, from http://www.acunetix.com/vulnerability-
scanner/download.htm.
1519. Watcher Web Security Tool, from http://websecuritytool.codeplex.com/downloads/get/62386.
1520. Netsparker, from http://www.mavitunasecurity.com/.
1521. N-Stalker Web Application Security Scanner, from http://www.nstalker.com/products/editions/free/.
1522. VampireScan, from http://www.vampiretech.com/store/?product=vampirescan-cloud-securitystandard-
edition.
1523. SandcatMini, from http://www.syhunt.com/?n=Syhunt.Mini.
1524. Websecurify, from
https://code.google.com/p/websecurify/downloads/detail?name=Websecurify%20Suite%201.0.0.exe&c
an=2&q=.
1525. OWASP ZAP, from
https://code. google. com/p/zaproxy/downloads/detail?name=ZAP_2.0.0_Windows.exe&can=2&q=.
References Page 3024 Ethical Hacking and Countermeasures Copyright by EC-COUIICil
All Rights Reserved. Reproduction is Strictly Prohibited.
Ethical Hacking and Countermeasures Exam 312-50 Certified Ethical Hacker
References
1526. NetBrute, from http://www.rawlogic.com/netbrute/.
1527. skipfish, from https://c0de.g00gle.c0m/p/skipfish/.
1528. X5s, from http://xss.codeplex.com/downloads/get/115610.
1529. SecuBat Vulnerability Scanner, from http://secubat.codeplex.com/.
1530. WSSA - Web Site Security Scanning Service, from https://secure.beyondsecurity.com/vulnerability-
scanner-signup?step=l.
1531. SPIKE Proxy, from http://www.immunitysec.com/resources-freesoftware.shtml.
1532. Ratproxy, from https://c0de.g00gle.c0m/p/ratpr0xy/.
1533. Wapiti, from http://wapiti.sourceforge.net/.
1534. Syhunt Hybrid, from http://www.syhunt.com/?n=Syhunt.Dynamic.
1535. WebWatchBot, from
http://www.exclamationsoft.com/ExclamationSoft/download/instructions/html.asp?product=WebWatc
hBot&fe=no.
1536. Exploit-Me, from http://labs.securitycompass.com/exploit-me/.
1537. KeepNI, from http://www.keepni.com/.
1538. WSDigger, from http://www.mcafee.com/apps/free-tools/termsofuse.aspx?url=/us/downloads/free-
tools/wsdigger.aspx.
1539. Arachni, from http://arachni-scanner.com/latest.
1540. XSSS, from http://www.sven.de/xsss/.
1541. Vega, from http://www.subgraph.com/vega_download.php.
1542. dotDefender, from http://www.applicure.com/Products/.
1543. ServerDefender VP, from http://www.port80software.com/products/serverdefendervp/try.
1544. Radware's AppWall, from
http://www.radware.com/Products/ApplicationDelivery/AppWall/default.aspx.
1545. Barracuda Web Application Firewall, from
https://www.barracuda.com/products/webapplicationfirewall.
1546. ThreatSentry, from http://www.privacyware.com/TS_Registration.html.
1547. Stingray Application Firewall, from .
1548. QualysGuard WAF, from http://www.qualys.com/forms/web-application-firewall/.
1549. IBM Security AppScan, from http://www-01.ibm.com/software/awdtools/appscan/.
1550. ThreatRadar, from http://www.imperva.com/products/wsc_threatradar-reputation-services.html.
1551. Trustwave WebDefend, from https://www.trustwave.c0m/web-applicati0n-firewall/#0verview.
1552. ModSecurity, from http://www.modsecurity.org/download/.
1553. Cyberoam's Web Application Firewall, from http://www.cyberoam.com/webapplicationfirewall.html.
1554. Burp Proxy, from http://blog.portswigger.net/2008/ll/mobp-all-new-burp-spider.html.
1555. WebScarab, from https://www.0wasp.0rg/index.php/Categ0ry:0WASP_WebScarab_Pr0ject.
1556. TamperlE, from http://www.bayden.com/tamperie/.
1557. Tamper Data, from https://addons.mozilla.org/en-US/firefox/addon/tamper-data/eula/79565?src=dp-
btn-primary.
1558. Amap, from http://www.thc.org/thc-amap/.
1559. Netcat, from http://sourceforge.net/projects/netcat/files/latest/download?source=files.
References Page 3025 Ethical Hacking and Countermeasures Copyright by EC-COUIICil
All Rights Reserved. Reproduction is Strictly Prohibited.
Ethical Hacking and Countermeasures Exam 312-50 Certified Ethical Hacker
References
1560. OWASP CAL9000, from https://www.0wasp.0rg/index.php/Categ0ry:0WASP_D0wnl0ad.
1561. Hackvertor, from https://hackvertor.co.uk/public.
1562. BeEF, from http://beefproject.com/.
1563. XSS-Proxy, from http://sourceforge.net/projects/xss-proxy/files/latest/download.
1564. Backframe, from http://www.gnucitizen.org/blog/backframe/.
1565. XSS Assistant, from https://c0de.g00gle.c0m/p/xss-assistant/.
1566. SWFIntruder, from https://code.google.com/p/swfintruder/downloads/detail?name=swfintruder-
0.9.1.tgz&can=2&q=.
1567. Flare, from http://www.nowrap.de/flare.html.
1568. MTASC, from http://www.mtasc.org/.
1569. Flasm, from http://flasm.sourceforge.net/.
1570. swfmill, from http://swfmill.org/.
1571. Debugger Version of Flash Plugin/Player, from
http://www.adobe.eom/support/flashplayer/downloads.html#fpll.
1572. SQLiX, from https://www.0wasp.0rg/index.php/Categ0ry:0WASP_SQLiX_Pr0ject.
1573. sqlninja, from http://sqlninja.sourceforge.net/download.html.
1574. SqlDumper, from http://sqldumper.ruizata.com/.
1575. sqlbftools, from http://packetst0rmsecurity.c0m/files/d0wnl0ad/43795/sqlbft00ls-l.2.tar.gz.
1576. Softerra LDAP Browser, from http://www.ldapadministrator.com/download.htm.
1577. Hibernate, from http://www.hibernate.org/downloads.
1578. NHibernate, from http://nhforge.org/.
1579. Ruby On Rails, from http://rubyinstaller.org/downloads.
1580. String searcher: grep, from http://sourceforge.net/projects/gnuwin32/files/grep/2.5.4/grep-2.5.4-
bin.zip/download?use_mirror=nchc.
1581. wsChess, from http://www.net-square.com/wschess.html.
1582. Soaplite, from http://soaplite.com/download.html.
1583. cURL, from http://curl.haxx.se/download.html.
1584. Perl, from http://www.activestate.com/activeperl/downloads/thank-
you?dl=http://downloads.activestate.com/ActivePerl/releases/5.16.3.1603/ActivePerl-5.16.3.1603-
MSWin32-x64-296746.msi.
1585. UDDI Browser, from
http://sourceforge.net/projects/uddibrowser/files/uddibrowser/UDDI%20Browser%200.2%20Binaries/u
b-0.2-bin. zip/download?use_mirror=nchc&download=.
1586. WSIndex, from http://www.wsindex.org/.
1587. Xmethods, from http://www.xmethods.net/ve2/index.po.
1588. WSDigger, from http://www.mcafee.com/apps/free-tools/termsofuse.aspx?url=/us/downloads/free-
tools/wsdigger.aspx.
1589. Sprajax, from https://www.0wasp.0rg/index.php/Categ0ry:0WASP_Sprajax_Pr0ject.
Module 14: SQL Injection
1590. Advanced SQL Injection, from http://www.slideshare.net/Sandra4211/advanced-sql-injection-3958094.
1591. Advanced SQL Injection, from http://www.slideshare.net/devteev/advanced-sql-injection-eng.
References Page 3026 Ethical Hacking and Countermeasures Copyright by EC-COUIICil
All Rights Reserved. Reproduction is Strictly Prohibited.
Ethical Hacking and Countermeasures Exam 312-50 Certified Ethical Hacker
References
1592. SQL injection, from http://searchsqlserver.techtarget.com/feature/SQL-injection.
1593. SQL Injection, from http://hakipedia.com/index.php/SQL_lnjection.
1594. ERROR SQL INJ ECTION - DETECTION, from http://www.evilsql.com/main/page2.php.
1595. What is SQL Injection?, from http://www.secpoint.com/what-is-sql-injection.html.
1596. Securing Oracle Database from Search Engines Attack, from http://www.ijana.in/papers/V4l2-l.pdf.
1597. Stop SQL Injection Attacks Before They Stop You, from http://msdn.microsoft.com/en-
us/magazine/ccl63917.aspx .
1598. Rise in SQL Injection Attacks Exploiting Unverified User Data Input, from
http://technet.microsoft.com/en-us/security/advisory/954462 .
1599. Injection Protection, from http://msdn.microsoft.com/en-us/library/aa224806(v=sql.80).aspx .
1600. Understanding SQL Injection, from
http://www.cisco.com/web/about/security/intelligence/sql_injection.html.
1601. SQL INJ ECTION - Tutorial, from http://elitezone.forumotion.bz/t77-sql-injection-tutorial.
1602. System testing, from http://en.wikipedia.org/wiki/System_testing.
1603. Testing for SQL Injection (OWASP-DV-005), from
https://www.owasp.org/index.php/Testing_for_SQL_lnjection_(OWASP-DV-005).
1604. SQL Injection Cheat Sheet, from http://ferruh.mavituna.com/sql-injection-cheatsheet-oku/.
1605. SQL Injection Introduction, from http://www.controllingtheinter.net/forums/viewtopic.php?f=45&t=8.
1606. Classification of SQL Injection Attacks, from http://courses.ece.ubc.ca/412/term_project/reports/2007-
fall/Classification_of_SQL_lnjection_Attacks.pdf.
1607. CHAPTER 1: INTRODUCTION, from http://isea.nitk.ac.in/publications/web.pdf.
1608. Dmitry Evteev, (2009), Advanced SQL Injection, from http://www.ptsecurity.com/download/PT-devteev-
Advanced-SQL-lnjection-ENG.zip.
1609. Krzysztof Kotowicz, (2010), SQL Injection: Complete walkthrough (not only) for PHP developers, from
http://www.slideshare.net/kkotowicz/sql-injection-complete-walktrough-not-only-for-php-developers.
1610. Nick Merritt, SQL Injection Attacks, from http://www.evilsql.com/main/pagel.php.
1611. SQL Injection Cheat Sheet, from http://michaeldaw.org/sql-injection-cheat-sheet.
1612. Sagar J oshi, 2005, SQL Injection Attack and Defence, Available from
http://www.securitydocs.com/library/3587.
1613. Kevin Spett, Blind SQL Injection-Are your web applications vulnerable?, from http://www.net-
security.org/dl/articles/Blind_SQLInjection.pdf.
1614. Cameron Hotchkies, (2004), Blind SQL Injection Automation Techniques from
http://www.blackhat.com/presentations/bh-usa-04/bh-us-04-hotchkies/bh-us-04-hotchkies.pdf.
1615. San-Tsai Sun, Ting Han Wei, Stephen Liu, and Sheung Lau, Classification of SQL Injection Attacks, from
http://courses.ece.ubc.ca/412/term_project/reports/2007-
fall/Classification_of_SQL_lnjection_Attacks.pdf.
1616. SQL Injection, from http://msdn.microsoft.com/en-us/library/msl61953.aspx.
1617. SQL INJ ECTION, from http://www.authorstream.com/Presentation/useful-155975-sql-injection-hacking-
computers-22237-education-ppt-powerpoint/.
1618. SQL Injection Cheat Sheet, from http://ferruh.mavituna.com/sql-injection-cheatsheet-
oku/#Unionlnjections.
1619. SQL Injection, from http://hakipedia.com/index.php/SQL_lnjection.
References Page 3027 Ethical Hacking and Countermeasures Copyright by EC-COUIICil
All Rights Reserved. Reproduction is Strictly Prohibited.
Ethical Hacking and Countermeasures Exam 312-50 Certified Ethical Hacker
References
1620. K. K. Mookhey and Nilesh Burghate, (2004), Detection of SQL Injection and Cross-site Scripting Attacks,
from http://www.symantec.com/connect/articles/detection-sql-injection-and-cross-site-scripting-
attacks.
1621. Ferruh Mavituna, Deep Blind SQL Injection, from
http://docs. google. com/viewer?a=v&q=cache:uvo9RU3T0v8J :labs, portcullis. co.uk/download/Deep_Blin
d_SQL_lnjection.pdf+deep+blind+sql+injection&hl=en&gl=in&pid=bl&srcid=ADGEESgQ9uwlz-eJ FM-
k3zGP5NJ QmHXmfP7UIWOSNTBIOhAV9h2pUWIvibONoFpuOMndYi_3Y-
KOxT9sizjU2ljvSzVi4w4Xc_rDMKVFNSzpj60kXYsYwUQ480EW9IV-OijwWFwYnOJ W&sig=AHIEtbT-
5rxBYONIb02-gShdro-oVnzYeA.
1622. Debasish Das, Utpal Sharma, and D.K. Bhattacharyya, (2009), An Approach to Detection of SQL Injection
Attack Based on Dynamic Query Matching from
http://www.ijcaonline.org/journal/number25/pxc387766.pdf.
1623. (2010), Quick Security Reference: SQL Injection from
http://download.microsoft.com/download/E/E/7/EE7B9CF4-6A59-4832-8EDE-
B018175F4610/Quick%20Security%20Reference%20-%20SQL%20lnjection.docx.
1624. Ferruh Mavituna, One Click Ownage,Adventures of a lazy pentester, from
http://www.0wasp.0rg/images/8/ 8e/0ne_Click_0wnage-Ferruh_Mavituna.pdf.
1625. Alexander Kornbrust, (2009), ODTUG - SQL Injection Crash Course for Oracle Developers from
http://www.red-database-security.com/wp/00w2009_sql_crashcourse_for_developers.pdf.
1626. Pankaj Sharma,(2005), SQL Injection Techniques & Countermeasures from http://www.cert-
in.org.in/Downloader?pageid=7&type=2&fileName=ciwp-2005-06.pdf.
1627. Pankaj Sharma, (2005), SQL Injection Techniques & Countermeasures, from
http://docs.google.com/viewer?a=v&q=cache:OKkPI9hllR8J :www.cert-
in.org.in/knowledgebase/whitepapers/ciwp-2005-
06.pdf+sql+injection+countermeasures&hl=en&gl=in&pid=bl&srcid=ADGEESjfo76m-
84G_nbZgOQax9yl5HEXkM9ZSyLN-
a0_kJ fDD4v4PLvO41fByd3YJ k3GcTKoczBFU2WiNWNMK13Tc28CJ 4WcO-
2bHXqldlWzR0GGmHSRmT39qkpqM2yhKpmfkQNCe80g&sig=AHIEtbR4WivS8bCzwK13BkKQXXHIepLWq
w.
1628. William G.J . Halfond, J eremy Viegas, & Alessandro Orso, (2006), A Classification of SQL Injection Attack
Techniques and Countermeasures, from
http://www.cc.gatech.edu/~orso/papers/halfond.viegas. orso. ISSSE06.presentation.pdf.
1629. Code Injection, Available from http://www.owasp.org/index.php/Code_lnjection.
1630. Understanding SQL Injection, Available from
http://www.cisco.com/web/about/security/intelligence/sql_injection.html.
1631. VIVEK KUMBHAR, (2009), From Mind To Words, http://blogs.msdn.com/vivekkum/default.aspx.
1632. Reviewing Code for SQL Injection, Available from
http://www.owasp.org/index.php/Reviewing_Code_for_SQL_lnjection.
1633. Cross Site Scripting - OWASP, from www.owasp.org/index.php/Cross_Site_Scripting.
1634. Injection Flaws - OWASP, from www.owasp.org/index.php/lnjection_Flaws.
1635. Application Security Guidelines on Kavi Community, from
http://community.kavi.com/developers/security_standards/.
1636. J. Howard Beales, III, (2003), OWASP Web Application Security Top Ten List, from
www.owasp.org/images/c/ce/OWASP_Top_Ten_2004.doc.
1637. Web Attacks - Cookie poisoning, from www.lodoga.co.uk/attackinfo/thethreat/examples/cook.htm.
1638. Victor Chapela,(2005), Advanced SQL Injection, from
http://www.0wasp.0rg/images/7/ 74/Advanced_SQL_lnjecti0n.ppt.
References Page 3028 Ethical Hacking and Countermeasures Copyright by EC-COUIICil
All Rights Reserved. Reproduction is Strictly Prohibited.
Ethical Hacking and Countermeasures Exam 312-50 Certified Ethical Hacker
References
1639. Chema Alonso, (2008), RFD (Remote File Downloading) using Blind SQL Injection Techniques, from
http://www.toorcon.org/tcx/16_Alonso.pdf.
1640. [PPT] AFITC 2001, from www.whitehatsec.com/presentations/AFITC_2001/afitc_2001.ppt.
1641. What is parameter tampering?, from
www.imperva.com/application_defense_center/glossary/parameter_tampering.html.
1642. D.E. Chadbourne, Post office break in..., from http://olduvai.blu.org/pipermail/discuss/2004-
J anuary/043138.htm.
1643. Blind SQL Injection, from http://www.securitydocs.com/library/2651.
1644. J rubner, (2006), 'SQL injection' attacks on the rise in Atlanta, from
http://www.bizjournals.com/atlanta/stories/2006/06/12/story8.html.
1645. BSQLHacker, from http://labs.portcullis.co.uk/application/bsql-hacker/.
1646. Marathon Tool, from http://marathontool.codeplex.com.
1647. SQL Power Injector, from http://www.sqlpowerinjector.com/download.htm.
1648. Havij, from http://www.itsecteam.com.
1649. SQL Brute, from http://www.gdssecurity.c0m/l/t.php.
1650. BobCat, from http://www.northern-monkee.co.uk/pub/bobcat.html.
1651. Sqlninja, from http://sqlninja.sourceforge.net/download.html.
1652. sqlget, from http://www.darknet.org.uk/2007/07/sqlget-vl00-blind-sql-injection-tool-in-perl/.
1653. Absinthe, from http://www.darknet.org.uk/2006/07/absinthe-blind-sql-injection-toolsoftware/.
1654. Blind Sql Injection Brute Forcer, from http://c0de.g00gle.c0m/p/bsqlbf-v2/ .
1655. sqlmap, from http://sqlmap.org/.
1656. SQL Injection Digger, from http://sqid.rubyforge.org.
1657. Pangolin, from http://nosec.org/en/evaluate/.
1658. SQLPAT, from http://www.cqure.net/wp/tools/password-recovery/sqlpat/.
1659. FJ -lnjector Framework, from http://sourceforge.net/projects/injection-fwk/.
1660. Exploiter (beta), from
http://www.ibm.com/developerworks/rational/downloads/08/appscan_exploiter/.
1661. SQLIer, from http://bcable.net/project.php7sqlier.
1662. sqlsus, from http://sqlsus.sourceforge.net.
1663. SQLEXEC() Function, from http://msdn.microsoft.com/en-us/library/lx933c7s(v=vs.80).aspx.
1664. Sqllnjector, from http://www.woanware.co.uk/?page_id=19.
1665. Automagic SQL Injector, from http://www.securiteam.com/tools/6P00L0AEKQ.html.
1666. SQL Inject-Me, from http://labs.securitycompass.com/exploit-me/sql-inject-me/.
1667. NTO SQL Invader, from http://www.ntobjectives.com/go/nto-sql-invader-free-download/.
1668. The Mole, from http://themole.nasel.com.ar/?q=downloads.
1669. Microsoft Source Code Analyzer, from http://www.microsoft.com/en-
us/download/details.aspx?id=16305.
1670. Microsoft UrIScan Filter, from http://www.microsoft.com/en-in/download/details.aspx?id=5728.
1671. dotDefender, from http://www.applicure.com/download-latest.
1672. IBM Security AppScan, from http://www.ibm.eom/developerworks/downloads/r/appscan/.
1673. WebCruiser, from http://sec4app.com/.
References Page 3029 Ethical Hacking and Countermeasures Copyright by EC-COUIICil
All Rights Reserved. Reproduction is Strictly Prohibited.
Ethical Hacking and Countermeasures Exam 312-50 Certified Ethical Hacker
References
1674. HP Weblnspect, from http://www.hpenterprisesecurity.com/products/hp-fortify-software-security-
center/hp-webinspect.
1675. SQLDict, from http://ntsecurity.nu/toolbox/sqldict/.
1676. HP Scrawlr, from https://h30406.www3.hp.com/campaigns/2008/wwcampaign/l-57C4K/index.php.
1677. SQL Block Monitor, from http://sql-tools.net/blockmonitor/.
1678. Acunetix Web Vulnerability Scanner, from http://www.acunetix.com/vulnerability-scanner/.
1679. GreenSQL Database Security, from http://www.greensql.com/content/greensql-database-
security#&sliderl=l.
1680. Microsoft Code Analysis Tool .NET (CAT.NET), from http://www.microsoft.com/en-
us/download/details.aspx?id=5570.
1681. NGS SQuirreL Vulnerability Scanners, from http://www.nccgroup.com/en/our-services/security-testing-
audit-compliance/information-security-software/ngs-squirrel-vulnerability-scanners/.
1682. WSSA - Web Site Security Scanning Service, from http://www.beyondsecurity.com/sql-injection.html.
1683. N-Stalker Web Application Security Scanner, from http://www.nstalker.com/products/editions/free/.
Module 15: Hacking Wireless Networks
1684. The ABCs of IEEE 802.11, from http://home.comcast.net/~timgroth/abc.htm.
1685. Wi-Fi Hotspot Networks Sprout Like Mushrooms, from http://spectrum.ieee.org/telecom/wireless/wifi-
hotspot-networks-sprout-like-mushrooms/abc.
1686. A list of wireless network attacks, from http://searchsecurity.techtarget.com/feature/A-list-of-wireless-
network-attacks.
1687. Rogue Access Point Setups on Corporate Networks, from http://www.infosecurity-
magazine.com/view/10516/comment-rogue-access-point-setups-on-corporate-networks-/.
1688. Advanced SQL Injection, from http://blog.pages.kr/1341.
1689. Identifying Rogue Access Points, from http://www.wi-fiplanet.com/tutorials/article.php/1564431.
1690. Bluetooth Security Risks and Tips to Prevent Security Threats, from
http://www.brighthub.com/computing/smb-security/articles/30045.aspx.
1691. Cisco Unified Wireless Network ArchitectureBase Security Features, from
http://www.cisco.com/en/US/docs/solutions/Enterprise/Mobility/emob41dg/ch4_Secu.html.
1692. Tutorial: My Plate is Compatible?, from http://www.aircrack-ng.org/doku.php?id=pt-
br:compatible_cards.
1693. Wireless Networking Security, from http://technet.microsoft.com/en-us/library/bb457019.aspx.
1694. Path Traversal and URIs, from http://phucjimy.wordpress.com/category/document-security/.
1695. How to Cheat at Securing a Wireless Network, from
http://www.sciencedirect.com/science/artide/pii/B9781597490870500572.
1696. Eliminating interference thru Wi-Fi spectrum analysis, from
http://searchmobilecomputing.techtarget.com/tip/Eliminating-interference-thru-Wi-Fi-spectrum-
analysis.
1697. How to Surf Safely on Public Wi-Fi, from http://technology.inc.com/2007/07/01/how-to-surf-safely-on-
public-wi-fi/.
1698. Understanding WiFi Hotspots... from http://www.scambusters.org/wifi.html.
1699. WLAN Glossary, from http://www.lever.co.uk/wlan-glossary.html.
References Page 3030 Ethical Hacking and Countermeasures Copyright by EC-COUIICil
All Rights Reserved. Reproduction is Strictly Prohibited.
Ethical Hacking and Countermeasures Exam 312-50 Certified Ethical Hacker
References
1700. Basic Service Set Identity (BSSID), from http://www.interwifi.co.Uk/glossary/b/basic-service-set
identity.html.
1701. DSSS - Direct Sequence Spread Spectrum, from http://www.telec0mabc.c0m/d/dsss.html.
1702. Frequency-hopping spread spectrum, from
https://www.princeton.edu/~achaney/tmve/wikilOOk/docs/Frequency-hopping_spread_spectrum.html
1703. 802.l l x Modules, Dev Kits Can Help Simplify Wireless Design Efforts, from
http://www.digikey.com/us/en/techzone/wireless/resources/articles/802-llx-modules-dev-kits.html.
1704. Antennas, from http://82.157.70.109/mirrorbooks/wireless/0321202171/ch03levlsec3.html.
1705. How 802.11 Wireless Works, from http://technet.microsoft.com/en-
us/library/cc757419%28v=WS.10%29.aspx.
1706. TKIP (Temporal Key Integrity Protocol), from http://www.tech-faq.com/tkip-temporal-key-integrity-
protocol.html.
1707. WPA2, from http://www.wi-fi.org/knowledge-center/glossary/wpa2%E2%84%A2.
1708. Cisco Unified Wireless Network ArchitectureBase Security Features, from
http://www.cisco.com/en/US/docs/solutions/Enterprise/Mobility/emob41dg/ch4_Secu.html.
1709. Understanding WEP Weaknesses, from http://www.dummies.com/how-to/content/understanding-wep-
weaknesses.html.
1710. V.802.11 Wireless LAN, from http://www.apl.jhu.edu/~hhsu/cs771/cs771-ll.pdf.
1711. 7 Things Hackers Hope You Don't Know, from
http://www.esecurityplanet.com/views/article.php/3891716/7-Things-Hackers-Hope-You-Dont-
Know.htm.
1712. Rogue Wireless Access Point, from http://www.tech-faq.com/rogue-wireless-access-point.html.
1713. How to Surf Safely on Public Wi-Fi, from http://technology.inc.com/2007/07/01/how-to-surf-safely-on-
public-wi-fi.
1714. Wireless Network Security Tools, from http://www.wirelessnetworktools.com/index.html.
1715. How to War Drive, from http://www.wikihow.com/War-Drive.
1716. Tools for analyzing WLAN traffic abound, from
http://www.computerworld.com.au/article/273427/tools_analyzing_wlan_traffic_abound/.
1717. Tutorial: Is My Wireless Card Compatible? from http://www.aircrack-
ng.org/doku.php?id=compatible_cards.
1718. MITM Attack, from https://wilder.hq.sk/OpenWeekend-2005/foill4.html.
1719. Security Threats of Smart Phones and Bluetooth, from
http://www.aaronfrench.com/coursefiles/ucommerce/Loo_2009.pdf.
1720. Tips for using Bluetooth Securely, from http://www.brighthub.com/computing/smb-
security/articles/30045.aspx.
1721. Carrumba, (2009), How to Crack WPA/WPA2, from http://www.megapanzer.com/2009/10/02/how-to-
crack-wpawpa2/.
1722. Introduction to Wireless Network, Available from
http://media.wiley.com/product_data/excerpt/02/07645973/0764597302.pdf.
1723. Prabhaker Mateti, Hacking Techniques in Wireless Networks, Available from
http://www.cs.wright.edu/~pmateti/lnternetSecurity/Lectures/WirelessHacks/Mateti-
WirelessHacks.htm.
1724. Cisco Unified Wireless Network ArchitectureBase Security Features, from
http://www.cisco.com/en/US/docs/solutions/Enterprise/Mobility/emob41dg/ch4_Secu.html.
References Page 3031 Ethical Hacking and Countermeasures Copyright by EC-COUIICil
All Rights Reserved. Reproduction is Strictly Prohibited.
Ethical Hacking and Countermeasures Exam 312-50 Certified Ethical Hacker
References
1725. (2008), WLAN Security Threats, from
http://enterasys.com/company/literature/WLAN%20Security%20Today-Siemens%20whitepaper_EN.pdf.
1726. Hack Wireless WPA Network, Available from http://mediakey.dk/~cc/hack-wireless-wpa-network/
1727. Hack Wireless WEP Network, Available from http://mediakey.dk/~cc/hack-wireless-network-crack/
1728. Brian Kuebler, Wireless Wrongs; Hacking WiFi, Available from
http://www.abc2news.com/news/local/story/Wireless-Wrongs-Hacking-WiFi/0anuc7U-
kOaxjPcfcjwOuw.cspx.
1729. Tony Northrup , 10 tips for improving your wireless network, Available from
http://www.microsoft.com/athome/setup/wirelesstips.aspx.
1730. Bradley Mitchell, Wired vs. Wireless Networking, Available from
http://c0mpnetw0rking.ab0ut.c0m/cs/h0menetw0rking/a/h0mewiredless.htm.
1731. Wireless Network Image, Available from
http://www.hvitsolutions.com/main/images/building_diagram_wireless.jpg.
1732. Wireless networking standards, Available from http://reviews.cnet.com/4520-7605_7-6871493-2.html.
1733. What are the types of Wireless Networks?, Available from http://www.tech-faq.com/wireless-
networks.shtml.
1734. Different Types of Wireless Network, Available from
http://www.greyfriars.net/gcg/greyweb.nsf/miam/article01.
1735. Hacking Techniques in Wireless Networks, Available from
http://www.mundowifi.com.br/forum/threadll81.html.
1736. Evan Mckinney, Disadvantages of Wireless Networks, Available from
http://www.ehow.com/facts_4809373_disadvantages-wireless-networks.html.
1737. Bradley Mitchell, Wireless Standards - 802.11b 802.11a 802.llg and 802.lln , Available from
http://compnetworking.about.eom/cs/wireless80211/a/aa80211standard.htm.
1738. Wireless Network Devices, Available from http://www.pcrush.com/category/65/Wireless-Network-
Devices.
1739. WEP (wired equivalent privacy), Available from http://www.networkworld.com/details/715.html.
1740. Wi-Fi Protected Access, Available from
http://searchmobilecomputing.techtarget.com/sDefinition/0sid40_gci887323,00.html.
1741. WPA (Wi-Fi Protected Access), Available from http://www.tech-faq.com/wpa-wi-fi-protected-
access.shtml.
1742. Paul Arana, (2006), Benefits and Vulnerabilities of Wi-Fi Protected Access 2 (WPA2), Available from
http://cs.gmu.edu/~yhwangl/INFS612/Sample_Projects/Fall_06_GPN_6_Final_Report.pdf.
1743. The Wi-Fi Protected Access 2 (WPA2)/Wireless Provisioning Services Information Element (WPS IE)
update for Windows XP with Service Pack 2 is available, Available from
http://support.microsoft.com/kb/893357.
1744. TKIP (Temporal Key Integrity Protocol), Available from http://www.tech-faq.com/tkip-temporal-key-
integrity-protocol.shtml.
1745. Renaud Deraison2009) ), Using Nessus to Detect Wireless Access Points, Available from
http://www.nessus.org/whitepapers/wap-id-nessus.pdf.
1746. WLAN Networking / 802.11, Available from http://www.wardrive.net/.
1747. Cracking WEP and WPA Wireless Networks, Available from
http://docs.lucidinteractive.ca/index.php/Cracking_WEP_and_WPA_Wireless_Networks.
1748. Cracking WEP using Backtrack, Available from http://ryanunderdown.com/linux/cracking-wep-using-
backtrack.php.
References Page 3032 Ethical Hacking and Countermeasures Copyright by EC-COUIICil
All Rights Reserved. Reproduction is Strictly Prohibited.
Ethical Hacking and Countermeasures Exam 312-50 Certified Ethical Hacker
References
1749. Wireless Hacking, Available from http://www.darknet.org.uk/category/wireless-hacking/.
1750. WiFi Wireless Hacking, Available from http://www.hackerscatalog.com/Products/CD-
ROMS/WiFiHacking.html.
1751. Bradley Morgan, (2006), Wireless Cracking Tools, Available from
http://www.windowsecurity.com/whitepapers/Wireless-Cracking-Tools.html.
1752. What Are Rogue Access Points?, Available from http://www.manageengine.com/products/wifi-
manager/rogue-access-point.html.
1753. Rick Doten, Wireless Security and Wireless Security Monitoring, Available from http://www.issa-
ne.org/documents/ISSARogueAPpresentationBoston.ppt.
1754. Gary Wollenhaupt, How Cell Phone J ammers work, Available from
http://electronics.howstuffworks.com/cell-phone-jammerl.htm.
1755. Brian R. Miller & Booz Allen Hamilton, 2002, Issues in Wireless security, Available from
http://www.acsac.org/2002/case/wed-c-330-Miller.pdf.
1756. J ustin Montgomery, How WPA wireless networks are hacked, and how to protect yourself, Available
from http://tech.blorge.eom/Structure:%20/2009/02/07/how-wpa-wireless-networks-are-hacked-and
how-to-protect-yourself/.
1757. J onathan Hassell, (2004), Wireless Attacks and Penetration Testing, Available from
http://www.securityfocus.com/infocus/1783.
1758. Robert J . Shimonski, (2003), Wireless Attacks Primer, Available from
http://www.windowsecurity.com/articles/Wireless_Attacks_Primer.html.
1759. Wireless Network Attack Methodology, Available from http://www.wirelessnetworktools.com/.
1760. Martin Beck & TUDresden, (2008), Practical attacks against WEP and WPA, Available from
http://dl.aircrack-ng.org/breakingwepandwpa.pdf.
1761. Simple Steps To Basic Wireless Hacking, Available from http://mixeduperic.com/Windows/Hacks/simple-
steps-to-basic-wireless-hacking.html.
1762. LE Webmaster, (2005), Wireless Scanning Wardriving / Warchalking, Available from
http://www.linuxexposed.com/content/view/42/52/.
1763. Finding cloaked access points, (Chapter 9), Available from
http://books. google. com/books?id=wGJ hDNspE3wC&pg=PA333&lpg=PA333&dq=doaked+access+point
&source=bl&ots=ZDkHSykDNV&sig=lsLKIx-
lZcqkhUdrlWpFaqYczyl&hl=en&ei=V8R2Ss35002e6gP59viqCw&sa=X&0i=b00k_result&ct=result&resnu
m=3#v=onepage&q=cloaked%20access%20point&f=false.
1764. Wireless Scanning Wardriving / Warchalking, Available from http://www.it-observer.com/wireless-
scanning-wardriving-warchalking.html.
1765. Zamzom Wireless Network Tool, Available from
http://www.freewarehome.com/index.html?http%3A//www. freewarehome.com/lnternet/Networking/
Network_Monitoring_t.html.
1766. 5 - Wireless Network, Available from http://www.hackingtheuniverse.com/information-security/attack-
vs-defense/attack-vs-defense-on-an-organizational-scale/5-wireless-network.
1767. Hacking the Invisible Network, Available from http://www.net-security.org/dl/articles/Wireless.pdf.
1768. Michael Roche, Wireless Attack Tools, Available from http://www.cse.wustl.edu/~jain/cse571-
07/ftp/wireless_hacking.pdf.
1769. J oshua Wright, Detecting Wireless LAN MAC Address Spoofing, Available from
http://forskningsnett.uninett.no/wlan/download/wlan-mac-spoof.pdf.
1770. How to Break WEP Encryption, Available from http://www.ehow.com/how_2209766_break-wep-
encryption.html.
References Page 3033 Ethical Hacking and Countermeasures Copyright by EC-COUIICil
All Rights Reserved. Reproduction is Strictly Prohibited.
Ethical Hacking and Countermeasures Exam 312-50 Certified Ethical Hacker
References
1771. Daniel V. Hoffman, Essential Wireless Hacking Tools, Available from
http://www.ethicalhacker.net/content/view/16/24/.
1772. Protecting your wireless network from hacking, Available from
http://www.businessknowledgesource.com/technology/protecting_your_wireless_network_from_hacki
ng_025027.html.
1773. Eric J anszen, (2002), Understanding Basic WLAN Security Issues, from http://www.wi-
fiplanet.com/tutorials/article.php/953561.
1774. RTX NEWS J ANUARY 2003 NO.l, from
www.rtx.dk/Admin/Public/DWSDownload.aspx?File=Files%2FFiler%2Fannouncements%2Fnewsletter%2
F4_SCREEN.pdf.
1775. Agustina, J .V.Peng Zhang, and Kantola, (2003), Performance evaluation of GSM handover traffic in a
GPRS/GSM network, from
http://ieeexplore.ieee.org/xpl/freeabs_all.jsp?isnumber=27298&arnumber=1214113&count=217&index
=21.
1776. Service set identifier, from
http://searchmobilecomputing.techtarget.com/sDefinition/0sid40_gci853455,00.html.
1777. Antenna Cabling Guide, from http://wireless.gumph.0rg/content/3/ 12/ 011-antenna-cabling.html.
1778. Wireless Security Auditor (WSA), from http://www.research.ibm.com/gsal/wsa/.
1779. NAI's Sniffer Wireless to Support 802.11a and 802.11b Networks, from
http://www.findarticles.c0m/p/articles/mi_zd4168/is_200202/ai_n9515340.
1780. RADIUS Protocol Security and Best Practices, from
http://www.microsoft.com/technet/prodtechnol/windows2000serv/maintain/security/radiussec.mspx.
1781. Wi-Fi Security, from http://main.wi-fi.org/OpenSection/secure.asp?TID=2#Radius.
1782. WarChalking (Screen Shots), from http://www.blackbeltjones.com.
1783. Eavesdropping Detection Audits, from http://www.spybusters.com.
1784. Anton T. Rager, (2001), WEPCrack, AirSnort, from http://wepcrack.sourceforge.net/.
1785. Wireless Communication Policy - Rensselaer Help Desk, from
http://helpdesk.rpi.edu/update.do?artcenterkey=545.
1786. Responsibility for Wireless Access Points, from http://cals.arizona.edu/calsnet/security/ua-wireless-
guidelines.htm.
1787. Telephone tapping or wire tapping, from http://en.wikipedia.org/wiki/Telephone_tapping.
1788. Connie J. Sadler, NetBIOS NULL Sessions, from
http://www.brown.edu/Facilities/CIS/CIRT/help/netbiosnull.html.
1789. The Hacker's Choice, from http://freeworld.thc.org/releases.php?o=l&s=4%20-%2017k.\.
1790. DOS_in_Wireless_Routing_Protocols_Hamilton, from
http://www.eng.auburn.edu/users/hamilton/security/SE2/.
1791. Network Security Library,
http://www.windowsecurity.com/whitepapers/windows_security/The_Unofficial_NT_Hack_FAQ/The_U
nofficial_NT_Hack_FAQ__Section_05.html.
1792. Oren Chapo, (1999), Network Management Protocols, from http://www.chapo.co.il/articles/snmp/.
1793. DaAnZeR, (2004), End to End Security for Windows 2000 Server,
http://www.securitydocs.com/library/2647.
1794. Pascal Etienne, (2001), Weekly Security Tools Digest, from
http://boran.linuxsecurity.com/security/sp/toolsdigest/2001/tools20010426.html.
References Page 3034 Ethical Hacking and Countermeasures Copyright by EC-COUIICil
All Rights Reserved. Reproduction is Strictly Prohibited.
Exam 312-50 Certified Ethical Hacker Ethical Hacking and Countermeasures
References
1795. DumpAcI dumps NTs permissions and audit settings, from
http://www.windowsnetworking.com/kbase/WindowsTips/WindowsNT/AdminTips/Miscellaneous/Dum
pAddumpsNTspermissionsandauditsettings.html.
1796. Windows 2000 Server, from http://technet.microsoft.com/hi-in/windowsserver/2000/default(en-
us).aspx.
1797. Definitions & Terms, from http://www.bytepile.com/definitions-d.php.
1798. VPN & Internet Security Solutions, from http://www.solucom.com/define.htm.
1799. Stephen M. Specht & Ruby B.Lee, Distributed Denial of Service:Taxonomies of Attacks, Tools and
Countermeasures, from
http://palms.ee.princeton.edu/PALMSopen/DDoS%20Final%20PDCS%20Paper.pdf.
1800. Craig A. Huegen, 2005, Denial of Service Attacks: "Smurfing", from
http://www.windowsecurity.com/whitepapers/Denial-of-Service-Attacks-Smurfing.html.
1801. Wireless LAN Security 802.11b and Corporate Networks, from
http://documents.iss.net/whitepapers/wireless_LAN_security.pdf.
1802. The Wireless Intrusion detection system, from http://www.forum-intrusion.com/widz_design.pdf.
1803. Wireless LAN Security, 802.11/Wi-Fi Wardriving & Warchalking, from http://www.wardrive.net/.
1804. J im Geier, (2003), Identifying Rogue Access Points, from http://www.wi-
fiplanet.com/tutorials/article.php/1564431.
1805. Lisa Phifer, Service set identifier,
http://searchmobilecomputing.techtarget.com/sDefinition/0sid40_gci853455,00.html.
1806. WIRELESS COMMUNICATION POLICY, from
http://www.longwood.edu/vpaf/final_policy_base/6000/6124.htm.
1807. Kevin D. Murray, (2006), Security Scrapbook, from http://www.spybusters.com/SS0402.html.
1808. post office break in..., from http://olduvai.blu.org/pipermail/discuss/2004-J anuary/043138.html.
1809. Venky, (2006), Wireless LAN Security, from
http://www.iss.net/documents/whitepapers/wireless_LAN_security.pdf.
1810. WAVEMON, from http://www.janmorgenstern.de/projects-software.html.
1811. Patrik Karlsson, (2002), WaveStumbler, 802.11 Network Mapper, from
http://www.securiteam.com/tools/5GP002K6BM.html.
1812. Egsander, (2006), WIRELESS DATA CONNECTIVITY GUIDELINE, from
http://cals.arizona.edu/calsnet/security/ua-wireless-guidelines.htm.
1813. NPS Information Technology Policy/Standard, from
https://www.nps.navy.mil/ITACS/New05/ITPolicy/NPSITPolicy202.pdf.
1814. Simple Active Attack Against TCP, from https://db.usenix.org/.
1815. Humphrey Cheung, (2005), How To Crack WEP - Part 1: Setup & Network Recon, from
http://www.tomsguide.com/us/how-to-crack-wep,review-451.html.
1816. Humphrey Cheung, (2005), How To Crack WEP - Part 2: Performing the Crack, from
http://www.tomsguide.com/us/how-to-crack-wep,review-459.html.
1817. Humphrey Cheung, (2005), How To Crack WEP - Part 3: Securing your WLAN, from
http://www.tomsguide.com/us/how-to-crack-wep,review-471.html.
1818. Advantages and Disadvantages of WLANs, from http://www.wireless-center.net/Wi-Fi-
Security/Advantages-and-Disadvantages-of-WLANs.html.
1819. Advantages vs. Disadvantages of WiFi, from http://mason.gmu.edu/~fkondolo/page3.
References Page 3035 Ethical Hacking and Countermeasures Copyright by EC-COUIICil
All Rights Reserved. Reproduction is Strictly Prohibited.
Ethical Hacking and Countermeasures Exam 312-50 Certified Ethical Hacker
References
1820. Alrady, Howto Use WIFI Hotspots with Security, from http:/ / www.ehow.com/ how_5287862_use-wifi-
hotspots-security.html.
1821. J ames Kendrick, (2010), Smartphone Wi-Fi Usage on the Rise, from
http:/ / jkontherun.com/ 2010/ 08/ 24/ smartphone-wi-fi-usage-on-the-rise/ .
1822. Chris Weber and Gary Bahadur, Wireless Networking Security, from http:/ / technet.microsoft.com/ en-
us/ library/ bb457019.aspx.
1823. Barb Bowman (2003), WPA Wireless Security for Home Networks, from
http:/ / www.microsoft.com/ windowsxp/ using/ networking/ expert/ bowman_03july28.mspx.
1824. (2005), Wi-Fi Adoption, from http:/ / www.businessweek.com/ technology/ tech_stats/ wifi051003.htm.
1825. Christopher Elliott, 6 wireless threats to your business, from http:/ / www.microsoft.com/ business/ en-
us/ resources/ technology/ broadband-mobility/ 6-wireless-threats-to-your-
business.aspx#wirelessthreatstoyourbusiness.
1826. Warchalking Symbols, from http:/ / www.hackerskitchen.com/ mac-old/ wifi/ War_Chalk/ .
1827. The RSN Protocol Process, from http:/ / www.tech-faq.com/ rsn-robust-secure-network.html.
1828. (2003), WEP encryption Process, from http:/ / technet.microsoft.com/ en-
us/library/cc757419%28WS.10%29.aspx.
1829. (2006), WPA2: Second Generation WiFi Security, from
http:/ / pcquest.ciol.com/ content/ technology/ 2006/ 106050803.asp.
1830. The Four-Way Handshake, from http:/ / www.answers.com/ topic/ ieee-802-lli-2004.
1831. Brandon Teska, (2008), How To Crack WPA / WPA2, from
http:/ / www.smallnetbuilder.com/ wireless/ wireless-howto/ 30278-how-to-crack-wpa-wpa2.
1832. Eric Geier, (2010), 7 Things Hackers Hope You Don't Know, from
http:/ / www.esecurityplanet.com/ views/ article.php/ 3891716/ 7-Things-Hackers-Hope-You-Dont-
Know.htm.
1833. "Wireless LAN SecurityChecklist", from http:/ / www.wardrive.net/ .
1834. 802.11 Security Tools, from http:/ / www.wardrive.net/ security/ tools.
1835. Wireless Security Tools, from http:/ / www.corecom.com/ html/ wlan_tools.html.
1836. Lisa Phifer, (2010), Top Ten Free Wi-Fi Security Test Tools, from
http:/ / www.esecurityplanet.com/ views/ article.php/ 3881181/ Top-Ten-Free-Wi-Fi-Security-Test-
Tools.htm.
1837. Free Wireless Security Tools, from http:/ / netsecurity.ab0ut.c0m/ cs/ hackert00ls/ a/ aafreewifi.htm.
1838. Bryan, (2005), Cracking WEP and WPA Wireless Networks, from
http:/ / docs.lucidinteractive.ca/ index.php/ Cracking_WEP_and_WPA_Wireless_Networks#WPA_Crackin.
1839. (2006), A Comprehensive Review of 802.11 Wireless LAN Security and the Cisco Wireless Security Suite,
from http:/ / www.cisco.c0m/ warp/ public/ cc/ pd/ witc/ aol200ap/ prodlit/ wswpf_ wp.htm#wp39475.
1840. (2006), How To Crack WEP and WPA Wireless Networks, from
http:/ / 121space.com/ index.php?showtopic=3376.
1841. Cisco Unified Wireless Network ArchitectureBase Security Features, from
http:/ / www.cisco.c0m/ en/ US/ docs/ solutions/ Enterprise/ Mobility/ emob41dg/ ch4_Secu.html#wpl01898
4.
1842. Wireless DoS, from
http:/ / www.cisco.c0m/ en/ US/ docs/ wireless/ technology/ wips/ deployment/ guide/ wipsdep.html#wpl50
481.
1843. (2009), How to prevent wireless DoS attacks, from
http:/ / searchsecurity.techtarget.com/ generic/ 0,295582,sidl4_ gcill73628_ mem 1,00. html.
References Page 3036 Ethical Hacking and Countermeasures Copyright by EC-COUIICil
All Rights Reserved. Reproduction is Strictly Prohibited.
Ethical Hacking and Countermeasures Exam 312-50 Certified Ethical Hacker
References
1844. J im Geier, (2003), Denial of Service a Big WLAN Issue, from
http:/ / www.esecurityplanet.com/ trends/ article.php/ 2200071/ Denial-of-Service-a-Big-WLAN-lssue.htm.
1845. J onathan Hassell, (2004), Wireless Attacks and Penetration Testing (part 1 of 3), from
http:/ / www.symantec.com/ connect/ articles/ wireless-attacks-and-penetration-testing-part-l-3.
1846. (2009), A list of wireless network attacks, from
http:/ / searchsecurity.techtarget. com/ generic/ 0,295582,sidl4_ gcill67611_ mem 1,00. html.
1847. Lisa Phifer, (2009), A wireless network vulnerability assessment checklist, from
http:/ / searchsecurity.techtarget. com/ generic/ 0,295582, sidl4_ gcill67666_ mem 1,00. html.
1848. Lisa Phifer, (2009), Hunting for rogue wireless devices, from
http:/ / searchsecurity.techtarget.com/ generic/ 0,295582,sidl4_ gcill67664_ mem 1,00. html.
1849. PreciousJ ohnDoe, List of Wireless Network Attacks, from http:/ / www.brighthub.com/ computing/ smb-
security/ articles/ 53949.aspx.
1850. Security Disciplines for Objective 3: Detection and Recovery, from
http:/ / www.it.ojp.gov/ documents/ asp/ wireless/ section3-3-l.htm.
1851. (2010), Wireless Sniffer, from http:/ / www.personaltelco.net/ WirelessSniffer.
1852. How to: Sniff Wireless Packets with Wireshark, from
http:/ / www.wirelessnets.com/ resources/ tutorials/ sniff_packets_wireshark.html.
1853. WifiEagle Single- and Dual-Band 802.11 Channel Analyzers, from
http:/ / www.nutsaboutnets.com/ performance-wifi/ products/ product-wifieagle-wifi-channel-
analyzer.htm.
1854. Creating A Cheap Bluetooth Sniffer, from http:/ / thewifihack.com/ blog/ ?p=27.
1855. WLAN Analyzer and Protocol Decoder - CommView for WiFi, from
http:/ / www.tamos.com/ htmlhelp/ commwifi/ packets.htm.
1856. J im Geier, (2002), Understanding 802.11 Frame Types, from http:/ / www.wi-
fiplanet. com/ tutorials/ article. php/1447501/Understanding-80211-Frame-Types.htm.
1857. Laurent Oudot, (2004), Wireless Honeypot Countermeasures, from
http:/ / www.symantec.com/ connect/ articles/ wireless-honeypot-countermeasures.
1858. (2009), Fragmentation Attack, from http:/ / www.aircrack-ng.org/ doku.php?id=fragmentation.
1859. Andrei A. Mikhailovsky, Konstantin V. Gavrilenko, and Andrew Vladimirov, (2004), The Frame of
Deception: Wireless Man-in-the-Middle Attacks and Rogue Access Points Deployment, from
http:/ / www.informit.com/ articles/ article.aspx?p=353735&seqNum=7.
1860. Comment: Rogue Access Point Setups on Corporate Networks, from http:/ / www.infosecurity-
us.com/ view/ 10516/ comment-rogue-access-point-setups-on-corporate-networks-/ .
1861. Kevin Beaver and Peter T. Davis, Understanding WEP Weaknesses, from http:/ / www.dummies.com/ how-
to/ content/ understanding-wep-weaknesses.html.
1862. (2007), Cracking WEP Using Backtrack: A Beginner's Guide, from
http:/ / ryanunderdown.com/ linux/ cracking-wep-using-backtrack.php.
1863. (2009), FakelKEd - Fake IKE Daemon Tool for MI TM, from
http:/ / www.darknet.org.uk/ 2009/ 08/ fakeiked-fake-ike-daemon-tool-for-mitm/ .
1864. Renee Oricchio, How to Surf Safely on Public Wi-Fi, from
http:/ / technology.inc.com/ telecom/ articles/ 200707/ WiFi.html.
1865. Aircrack-ng for Windows - Aircrack, from http:/ / www.wirelessdefence.org/ Contents/ Aircrack-
ng_WinAircrack.htm.
1866. (2010), Crack WEP key via connected client, from http:/ / carpeblunte.com/ .
References Page 3037 Ethical Hacking and Countermeasures Copyright by EC-COUIICil
All Rights Reserved. Reproduction is Strictly Prohibited.
Ethical Hacking and Countermeasures Exam 312-50 Certified Ethical Hacker
References
1867. Using Cain and the AirPcap USB adapter to crack WPA/ WPA2, from
http:/ / www.irongeek.com/ i.php?page=videos/ airpcap-cain-wpa-cracking.
1868. WiFi Hopper, from http:/ / wifihopper.com/ overview.html.
1869. PhoneSnoop: Spying on Blackberry Users, from http:/ / www.symantec.com/ connect/ blogs/ phonesnoop-
spying-blackberry-users.
1870. What is BlueJ acking, from http:/ / www.newmobilemedia.com/ bluejacking-2.htm.
1871. , from http:/ / www.oxid.it/ cain.html.
1872. KisMAC, from http:/ / kismac-ng.org/ .
1873. inSSI Der, from http:/ / www.metageek.net/ products/ inssider/ .
1874. Netsurveyor, from http:/ / www.performancewifi.net/ performance-wifi/ products/ netsurveyor-network-
discovery.htm.
1875. Vistumbler, from http:/ / www.vistumbler.net/ .
1876. WirelessMon, from http:/ / www.passmark.com/ products/ wirelessmonitor.htm.
1877. WiFi Hopper, from http:/ / www.wifihopper.com/ download.html.
1878. Wavestumbler, from http:/ / www.cqure.net/ wp/ tools/ other/ wavestumbler/ .
1879. iStumbler, from http:/ / www.istumbler.net/ .
1880. WiFinder, from http:/ / www.pgmsoft.com/ apps/ wifinder_for_android/ .
1881. Meraki WiFi Stumbler, from http:/ / www.meraki.com/ products/ wireless/ wifi-stumbler.
1882. Wellenreiter, from http:/ / wellenreiter.sourceforge.net/ .
1883. AirCheck Wi-Fi Tester, from http:/ / www.flukenetworks.com/ enterprise-network/ network-
testing/ AirCheck-Wi-Fi-Tester.
1884. AirRadar 2, from http:/ / www.koingosw.com/ products/ airradar.php.
1885. Xirrus Wi-Fi I nspector, from http:/ / www.xirrus.com/ Products/ Wi-Fi-lnspector.
1886. Wifi Analyzer, from http:/ / a.farproc.com/ wifi-analyzer.
1887. WiFiFoFum - WiFi Scanner, from http:/ / www.wififofum.net/ downloads.
1888. Network Signal Info, from http:/ / www.kaibits-software.com/ product_netwotksignal.htm.
1889. WiFi Manager, from http:/ / kmansoft.com/ .
1890. OpenSignalMaps, from http:/ / opensignal.com/ .
1891. WI GLE, from http:/ / wigle.net/ gps/ gps/ main/ download/ .
1892. Skyhook, from http:/ / www.skyhookwireless.com/ location-technology/ sdk.php.
1893. jiWire, from http:/ / v4.jiwire.com/ search-hotspot-locations.htm.
1894. WeFi, from http:/ / www.wefi.com/ download/ .
1895. Wireshark, from http:/ / www.wireshark.org/ download.html.
1896. Cascade Pilot, from http:/ / www.riverbed.com/ products-solutions/ products/ performance-
management/ network-infrastructure/ High-Speed-Packet-Analysis.html.
1897. OmniPeek, from http:/ / www.wildpackets.com/ products/ omnipeek_network_analyzer.
1898. Sniffer Portable Professional Analyzer, from
http:/ / www.netscout.com/ products/ enterprise/ Sniffer_Portable_Analyzer/ Sniffer_Portable_Professiona
l_Analyzer/Pages/ default.aspx.
1899. Capsa WiFi, from http:/ / www.colasoft.com/ download/ products/ capsa_free.php.
1900. ApSniff, from http:/ / www.monolith81.de/ apsniff.html.
References Page 3038 Ethical Hacking and Countermeasures Copyright by EC-COUIICil
All Rights Reserved. Reproduction is Strictly Prohibited.
Ethical Hacking and Countermeasures Exam 312-50 Certified Ethical Hacker
References
1901. NetworkMiner, from http:/ / www.netresec.com/ ?page=NetworkMiner.
1902. Airscanner Mobile Sniffer, from http:/ / www.airscanner.com/ products/ sniffer/ .
1903. Observer, from http:/ / www.networkinstruments.com/ products/ observer/ index.php?tab=download.
1904. WifiScanner, from http:/ / wifiscanner.sourceforge.net/ .
1905. Mognet, from http:/ / www.monolith81.de/ mognet.html.
1906. I perf, from http:/ / iperf.sourceforge.net/ .
1907. Aircrack-ng, from http:/ / www.aircrack-ng.org/ .
1908. SMAC, from http:/ / www.klcconsulting.net/ smac/ .
1909. KisMAC, from http:/ / kismac-ng.org/ .
1910. Elcomsoft Wireless Security Auditor, from http:/ / www.elcomsoft.com/ ewsa.html.
1911. WepAttack, from http:/ / wepattack.sourceforge.net/ .
1912. Wesside-ng, from http:/ / www.aircrack-ng.org/ doku.php?id=wesside-ng.
1913. WEPCrack, from http:/ / wepcrack.sourceforge.net/ .
1914. WepDecrypt, from http:/ / wepdecrypt.sourceforge.net/ .
1915. Portable Penetrator, from http:/ / www.secpoint.com/ portable-penetrator.html.
1916. CloudCracker, from https:/ / www.cloudcracker.com/ .
1917. coWPAtty, from http:/ / wirelessdefence.org/ Contents/ coWPAttyMain.htm.
1918. Wifite, from https:/ / code.google.com/ p/ wifite/ downloads/ detail?name=wifite-2.0r85.tar.gz.
1919. WepOff, from http:/ / www.ptsecurity.ru/ download/ wepoff.tar.gz.
1920. ApSniff, from http:/ / www.monolith81.de/ apsniff.html.
1921. WiFiFoFum, from http:/ / www.aspecto-software.com/ rw/ applications/ wififofum/ .
1922. WarLinux, from http:/ / sourceforge.net/ projects/ warlinux/ .
1923. MacStumbler, from http:/ / www.macstumbler.com/ .
1924. WiFi-Where, from http:/ / www.threejacks.com/ ?q=node/ 13.
1925. AirFart, from http:/ / airfart.sourceforge.net/ .
1926. AirTraf, from http:/ / airtraf.sourceforge.net/ .
1927. 802.11 Network Discovery Tools, from http:/ / wavelan-tools.sourceforge.net/ .
1928. NetworkManager, from http:/ / projects.gnome.org/ NetworkManager/ .
1929. KWiFiManager, from http:/ / kwifimanager.sourceforge.net/ .
1930. NetworkControl, from http:/ / www.arachnoid.com/ NetworkControl/ index.html.
1931. KOrinoco, from http:/ / korinoco.sourceforge.net/ .
1932. Sentry Edge II, from http:/ / www.tek.com/ document/ news-release/ tektronix-advances-rf-monitoring-
sentry-edge-ii.
1933. WaveNode, from http:/ / www.wavenode.com/ .
1934. xosview, from http:/ / xosview.sourceforge.net/ .
1935. RF Monitor, from http:/ / www.newsteo.com/ gb/ data-logger/ features/ monitoring-software.php.
1936. DTC-340 RFXpert, from http:/ / www.dektec.com/ products/ Apps/ DTC-340/ index.asp.
1937. Home Curfew RF Monitoring System, from
http:/ / solutions.3m.com/ wps/ portal/ 3M/ en_US/ ElectronicMonitoring/ Home/ ProductsServices/ OurProd
ucts/ HomeCurfewRFMonitoringSystem/ .
References Page 3039 Ethical Hacking and Countermeasures Copyright by EC-COUIICil
All Rights Reserved. Reproduction is Strictly Prohibited.
Ethical Hacking and Countermeasures Exam 312-50 Certified Ethical Hacker
References
1938. RFProtect Spectrum Analyzer, from http:/ / www.arubanetworks.com/ products/ arubaos/ rfprotect-
spectrum-analyzer/.
1939. AirMagnet WiFi Analyzer, from http:/ / www.flukenetworks.com/ enterprise-network/ wireless-
network/ AirMagnet-WiFi-Analyzer.
1940. OptiView XG Network Analysis Tablet, from http:/ / www.flukenetworks.com/ enterprise-
network/ network-monitoring/ optiview-xg-network-analysis-tablet.
1941. Network Traffic Monitor & Analyzer CAPSA, from http:/ / www.javvin.com/ packet-traffic.html.
1942. Observer, from http ://www. networkinstruments.com/ products/ observer/ index.php?tab=download.
1943. Ufasoft Snif, from http:/ / ufasoft.com/ sniffer/ .
1944. vxSniffer, from http:/ / www.cambridgevx.com/ vxsniffer.html.
1945. OneTouch AT Network Assistant, from http:/ / www.flukenetworks.com/ enterprise-network/ network-
testing/ OneTouch-AT-Network-Assistant.
1946. SoftPerfect Network Protocol Analyzer, from http:/ / www.softperfect.com/ products/ networksniffer/ .
1947. WirelessNetView, from http:/ / www.nirsoft.net/ utils/ wireless_network_view.html.
1948. Airview, from http:/ / airview.sourceforge.net.
1949. RawCap, from http:/ / www.netresec.com/ ?page=RawCap.
1950. Cisco Spectrum Expert, from http:/ / www.cisco.com/ en/ US/ products/ ps9393/ index.html.
1951. AirMedic USB, from http:/ / www.flukenetworks.com/ enterprise-network/ wireless-network/ AirMedic.
1952. AirSleuth-Pro, from http:/ / nutsaboutnets.com/ airsleuth-spectrum-analyzer/ .
1953. BumbleBee-LX Handheld Spectrum Analyzer, from
http:/ / www.bvsystems.com/ Products/ Spectrum/ BumbleBee-LX/ bumblebee-lx.htm.
1954. Wi-Spy, from http:/ / www.metageek.net/ products/ wi-spy/ .
1955. Super Bluetooth Hack, from http:/ / gallery.mobile9.eom/ f/ 317828/ .
1956. BTBrowser, from http:/ / wireless.klings.org/ BTBrowser/ .
1957. BH Bluejack, from http:/ / croozeus.com/ blogs/ ?p=33.
1958. Bluediving, from http:/ / bluediving.sourceforge.net/ .
1959. Blooover, from http:/ / trifinite.org/ trifinite_stuff_blooover.html.
1960. BTScanner, from http:/ / www.pentest.co.uk/ downloads.html?cat=downloads&section=01_bluetooth.
1961. CI HwBT, from http:/ / sourceforge.net/ projects/ cih-with-bt/ files/ .
1962. BT Audit, from http:/ / trifinite.org/ trifinite_stuff_btaudit.html.
1963. BlueAlert, from http:/ / www.insecure.in/ bluetooth_hacking_02.asp.
1964. AirMagnet WiFi Analyzer, from http:/ / www.flukenetworks.com/ enterprise-network/ wireless-
network/ AirMagnet-WiFi-Analyzer.
1965. AirDefense, from http:/ / www.airdefense.net/ products/ servicesplatform/ index.php.
1966. Adaptive Wireless IPS, from http:/ / www.cisco.com/ en/ US/ products/ ps9817/ index.html.
1967. Aruba RFProtect WI PS, from http:/ / www.arubanetworks.com/ products/ arubaos/ rfprotect-wireless-
intrusion-protection.
1968. Enterasys I ntrusion Prevention System, from http:/ / www.enterasys.com/ products/ advanced-security-
apps/ dragon-intrusion-detection-protection.aspx.
1969. RFProtect Wireless I ntrusion Protection, from
http:/ / www.arubanetworks.com/ products/ arubaos/ rfprotect-wireless-intrusion-protection.
1970. SonicWALL Wireless Networking, from http:/ / o-www.sonicwall.com/ us/ en/ solutions/ 4224.html.
References Page 3040 Ethical Hacking and Countermeasures Copyright by EC-COUIICil
All Rights Reserved. Reproduction is Strictly Prohibited.
Ethical Hacking and Countermeasures Exam 312-50 Certified Ethical Hacker
References
1971. HP TippingPoint IPS, from http:/ / hl7007.wwwl.hp.com/ us/ en/ products/ network-
security/ HP_S_lntrusion_Prevention_System_(I PS)_Series/ index.aspx.
1972. AirTight WI PS, from http:/ / www.airtightnetworks.com/ home/ products/ AirTight-WI PS.html.
1973. Network Box IDP, from http:/ / www.network-box.co.uk/ technology/ threatmanagement/ I DP.
1974. AirMobile Server, from http:/ / www.airmobile.se/ airmobile_server.htm.
1975. WLS Manager, from http:/ / www.airpatrolcorp.com/ products/ wls_manager.php.
1976. Wireless Policy Manager (WPM), from http:/ / airpatrolcorp.com/ airpatrol-products/ wpmwec/ .
1977. ZENworks Endpoint Security Management, from
http:/ / www.novell.com/ products/ zenworks/ endpointsecuritymanagement/ features/ .
1978. AirMagnet Planner, from http:/ / www.flukenetworks.com/ enterprise-network/ wireless-
network/ AirMagnet-Planner.
1979. Cisco Prime I nfrastructure, from http:/ / www.cisco.com/ en/ US/ products/ psl2239/ index.html.
1980. AirTight Planner, from http:/ / www.airtightnetworks.com/ home/ products/ AirTight-Planner.html.
1981. LANPI anner, from http:/ / www.motorola.com/ Business/ US-
EN/ Business+Product+and+Services/Software+and+Applications/WLAN+Management+and+Security+Sof
tware/LANPI anner_US-EN.
1982. RingMaster, from http:/ / www.juniper.net/ us/ en/ products-services/ software/ network-management-
software/ ringmaster/ .
1983. Connect EZ Predictive RF CAD Design, from http:/ / www.connect802.eom/ suite_spot.htm#.
1984. Ekahau Site Survey (ESS), from http:/ / www.ekahau.com/ products/ ekahau-site-survey/ overview.html.
1985. ZonePlanner, from http:/ / www.ruckuswireless.com/ products/ zoneplanner.
1986. Wi-Fi Planning Tool, from http:/ / www.aerohive.com/ planner.
1987. TamoGraph Site Survey, from http:/ / www.tamos.com/ products/ wifi-site-survey/ wlan-planner.php.
1988. OSWA, from http:/ / securitystartshere.org/ page-downloads.htm.
1989. WiFiZoo, from http:/ / c0mmunity.c0rest.c0m/~h0ch0a/ wifiz00/index.html#d0wnl0ad.
1990. Network Security Toolkit, from http:/ / networksecuritytoolkit.org/ nst/ index.html.
1991. Nexpose Community Edition, from http:/ / www.rapid7.com/ products/ nexpose/ compare-downloads.jsp.
1992. WiFish Finder, from http:/ / www.airtightnetworks.com/ home/ resources/ knowledge-center/ wifish-
finder.html.
1993. Penetrator Vulnerability Scanning Appliance, from http:/ / www.secpoint.com/ penetrator.html.
1994. SILICA, from http:/ / www.immunityinc.com/ downloads.shtml.
1995. Wireless Network Vulnerability Assessment, from http:/ / www.secnap.com/ products/ audits/ wireless-
assessment.html.
1996. Karma, from http:/ / www.theta44.org/ karma/ .
1997. Hotspotter, from http:/ / www.wirelessdefence.org/ Contents/ hotspotter.htm.
1998. Airsnarf, from http:/ / airsnarf.shmoo.com/ .
1999. Asleap, from http:/ / www.willhackforsushi.com/ Asleap.html.
2000. THC-LEAP Cracker, from http:/ / wirelessdefence.org/ Contents/ THC-LEAPcracker.htm.
2001. Airsnort, from http:/ / airsnort.shmoo.com/ .
2002. Void 11, from http:/ / www.wirelessdefence.org/ Contents/ VoidllMain.htm.
2003. Technitium MAC Address Changer (TMAC), from http:/ / www.technitium.com/ tmac/ index.html.
References Page 3041 Ethical Hacking and Countermeasures Copyright by EC-COUIICil
All Rights Reserved. Reproduction is Strictly Prohibited.
Ethical Hacking and Countermeasures Exam 312-50 Certified Ethical Hacker
References
Module 16 : Hacking Mobile Platforms
2004. Delivering enterprise information securely on Android and Apple iOS devices, from
http:/ / www.citrix.com/ site/ resources/ dynamic/ additional/ iPad_Technical_Guide_US_WP.pdf.
2005. Understanding the Security Changes in Windows Phone 8, from
http:/ / www.mobilejaw.com/ articles/ 2012/ 08/ understanding-the-security-changes-in-windows-phone-
8/.
2006. HOW TO HACK YOUR ANDROI D PHONE, from http:/ / www.mobilenyou.in/ 2010/ 10/ hack-your-android-
phone.html.
2007. Windows Phone 8, from http:/ / en.wikipedia.org/ wiki/ Windows_Phone_8.
2008. Delivering corporate data securely on employee iPads, from
http:/ / resources.idgenterprise.com/ original/ AST-0043716_iPad_Technical_Guide_US_WP_2_.pdf.
2009. Working guide to Root Android Phones Easy with SuperOneClick, from http:/ / fixlife.in/ 23/ working-guide-
root-android-devices-phones-easy-way-superoneclick.
2010. How to Hack Your Android Phone (and Why You Should Bother), from
http:/ / readwrite.com/ 2010/ 01/ 27/ how_to_hack_your_android_phone.
2011. New Android Trojan Masquerades as Google Library, Taps Device Administration API , from
http:/ / www.netqin.com/ en/ security/ newsinfo_4595_2.html%20.
2012. Security Alert: New SMS Android Trojan -- DroidLive -- Being Disguised as a Google Library, from
http:/ / www.csc.ncsu.edu/ faculty/ jiang/ DroidLive/ .
2013. SuperOneClick, from http:/ / shortfuse.org/ .
2014. Superboot, from http:/ / www.modaco.com/ topic/ 348161-superboot-galaxy-nexus-root-solution/ .
2015. Unrevoked, from http:/ / unrevoked.com/ recovery/ .
2016. Universal Androot, from http:/ / android.org.in/ 2012/ 08/ universal-androot-root-android-in-5-sec/ .
2017. Unlock Root, from http:/ / www.unlockroot.com/ products.html.
2018. DroidSheep, from http:/ / droidsheep.de.
2019. FaceNiff, from http:/ / faceniff.ponury.net.
2020. Google Apps Device Policy, from https:/ / play.google.com.
2021. DroidSheep Guard, from http:/ / droidsheep.de.
2022. X-Ray, from http:/ / www.xray.io.
2023. Android Network Toolkit - Anti, from http:/ / www.zantiapp.com.
2024. Find My Phone, from http:/ / findmyphone.mangobird.com.
2025. Prey Anti-Theft, from http:/ / preyproject.com.
2026. Android Anti Theft Security, from http:/ / www.snuko.com.
2027. Wheres My Droid, from http:/ / wheresmydroid.com.
2028. iHound, from https:/ / www.ihoundsoftware.com.
2029. GadgetTrak Mobile Security, from http:/ / www.gadgettrak.com.
2030. Total Equipment Protection App, from https:/ / protection.sprint.com.
2031. AndroidLost.com, from http:/ / www.androidlost.com.
2032. RedsnOw, from http:/ / blog.iphone-dev.org.
2033. Absinthe, from http:/ / greenpoisOn.com.
2034. SnOwbreeze, from http:/ / www.idownloadblog.com/ download/ .
2035. PwnageTool, from http:/ / blog.iphone-dev.org.
References Page 3042 Ethical Hacking and Countermeasures Copyright by EC-COUIICil
All Rights Reserved. Reproduction is Strictly Prohibited.
Ethical Hacking and Countermeasures Exam 312-50 Certified Ethical Hacker
References
2036. LimeRaln, from http:/ / www.limeraln.com.
2037. J ailbreakme, from http:/ / www.jailbreakme.com.
2038. Blackraln, from http:/ / blackraln.com.
2039. Spirit, from http:/ / spiritjb.com.
2040. Find My iPhone , from https:/ / itunes.apple.com.
2041. iHound, from https:/ / www.ihoundsoftware.com.
2042. GadgetTrak iOS Security, from http:/ / www.gadgettrak.com.
2043. iLocalis, from http:/ / ilocalis.com.
2044. MaaS360 Mobile Device Management (MDM), from http:/ / www.maas360.com.
2045. Citrix XenMobile MDM, from http:/ / www.zenprise.com.
2046. Absolute Manage MDM, from http:/ / www.absolute.com.
2047. SAP Afaria , from http:/ / www.sybase.com.
2048. Device Management Centre, from http:/ / www.sicap.com.
2049. AirWatch, from http:/ / www.air-watch.com.
2050. Good Mobile Manager, from http:/ / wwwl.good.com.
2051. Mobilelron, from http:/ / www.mobileiron.com.
2052. Rule Mobility, from http:/ / www.tangoe.com.
2053. TARMAC, from http:/ / www.tarmac-mdm.com.
2054. MediaContact, from http:/ / www.device-management-software.com.
2055. BullGuard Mobile Security, from http:/ / www.bullguard.com.
2056. Lookout, from https:/ / www.lookout.com.
2057. WI SelD, from http:/ / www.wiseid.mobi.
2058. McAfee Mobile Security, from https:/ / www.mcafeemobilesecurity.com.
2059. AVG AntiVirus Pro for Android, from http:/ / www.avg.com.
2060. avast! Mobile Security, from http:/ / www.avast.com.
2061. Norton Mobile Security, from http:/ / us.norton.com.
2062. ESET Mobile Security, from http:/ / www.eset.com.
2063. Kaspersky Mobile Security, from http:/ / www.kaspersky.com.
2064. F-Secure Mobile Security, from http:/ / www.f-secure.com.
2065. Trend Micro Mobile Security, from http:/ / www.trendmicro.com.
2066. Webroot Secure Anywhere Mobile, from http:/ / www.webroot.com.
2067. NetQin Mobile Security, from http:/ / en.nq.com/ mobilesecurity/ download.
2068. AnDOSid, from http:/ / apps.opera.com/ en_us/ andosid.html.
2069. ComDroid, from http:/ / www.comdroid.org/ .
2070. Woodpecker, from http:/ / www.firmhouse.com/ .
2071. iPhoneSimFree, from http:/ / www.iphonesimfree.com/ .
2072. anySI M, from https:/ / code.google.eom/ p/ devteam-anysim/ downloads/ list.
2073. Metasploit, from http:/ / www.metasploit.com/ .
2074. Cain & Abel, from http:/ / www.oxid.it/ cain.html.
2075. WindowBreak, from http:/ / windowsphonehacker.com/ windowbreak/ .
References Page 3043 Ethical Hacking and Countermeasures Copyright by EC-COUIICil
All Rights Reserved. Reproduction is Strictly Prohibited.
Ethical Hacking and Countermeasures Exam 312-50 Certified Ethical Hacker
References
2076. BBProxy, from http:/ / www.Symantec.com/ security_response/ writeup.jsp?docid=2006-081416-4756-99.
2077. Elcomsoft Phone Password Breaker, from http:/ / www.elcomsoft.com/ eppb.html.
Module 17: Evading IDS, Firewalls, and HoneyPots
2078. I ntrusion Detection System (IDS) Evasion, from
http:/ / complianceandprivacy.com/ WhitePapers/ iDefense-I DS-
Evasion/i Defense_I DSEvasion_20060510.pdf.
2079. Evading NIDS, from
http:/ / www.bandwidthco.com/ sf_whitepapers/ penetration/ Evading%20NI DS%20Revisited.pdf.
2080. I ntrusion detection system evasion techniques, from
http:/ / en.wikipedia.org/ wiki/ lntrusion_detection_system_evasion_techniques.
2081. How to bypass a firewall, from http:/ / www.bit.uni-bonn.de/ Wob/ images/ 49692243.pdf.
2082. Wired and wireless intrusion detection system: Classifications, good characteristics and state-of-the-art,
from http:/ / www.sciencedirect.c0m/ science/ article/ pii/ S092054890500098X.
2083. I nsertion, Evasion, and Denial of Service: Eluding Network I ntrusion Detection, from
http:/ / www.windowsecurity.com/ whitepapers/ intrusion_detection/ lnsertion_Evasion_and_Denial_of_S
ervice_Eluding_Network_lntrusion_Detection_.html.
2084. SmartDefense, from http:/ / www.sciencedirect.com/ science/ article/ pii/ B9781597492454000076.
2085. How to configure I nternet Explorer to use a proxy server, from http:/ / support.microsoft.com/ kb/ 135982.
2086. Defeating Sniffers and I ntrusion Detection Systems, from
http:// www.phrack.org/issues.html?issue=54&id=10.
2087. Techniques used for bypassing firewall systems, from http:/ / www.terena.org/ activities/ tf-
csirt/ meeting9/ gowdiak-bypassing-firewalls.pdf.
2088. Firewalking, from http:/ / www.webopedia.eom/ TERM/ F/ firewalking.html.
2089. IT I nfrastructure Security Plan, from
http:/ / www.sciencedirect.com/ science/ article/ pii/ B9781597490887500098.
2090. What is a firewall? from http:/ / kb.iu.edu/ data/ aoru.html.
2091. Functionalities of Firewalls, from http:/ / www.cs.ucsb.edu/ ~koc/ ns/ projects/ 04Reports/ He.pdf.
2092. Updating snort with a customized controller to thwart port scanning, from
http:/ / www.aloul.net/ Papers/ faloul_ scnlO.pdf.
2093. Firewalls, from http:/ / www.techrepublic.c0m/ i/ tr/ downloads/ home/ 0072260815_chapter_9.pdf.
2094. Firewalking, from http:/ / www.webopedia.eom/ TERM/ F/ firewalking.html.
2095. What is HoneyPot? from http:/ / www.securityhunk.com/ 2010/ 06/ what-is-honeypot.html.
2096. Honeypots - Definitions and Value of Honeypots , from
http:/ / infosecwriters.com/ texts.php?op=display&id=80.
2097. How to Set Up a Honey Pot, from http:/ / www.ehow.com/ how_5245821_set-up-honey-pot.html.
2098. Snort 2.8.5.2 : I ntrusion Detection Tool, from
http:/ / ashwintumma.files.wordpress.com/ 2010/ ll/ is_ snort.pdf.
2099. Writing Snort Rules, from http:/ / paginas.fe.up.pt/ ~mgi98020/ pgr/ writing_snort_rules.htm.
2100. I nsertion, Evasion, and Denial of Service:Eluding Network I ntrusion Detection, from
http:/ / www.creangel.com/ papers/ Eluding%20Network%20lntrusion%20Detection.pdf.
2101. I ntrusion detection system evasion techniques, from
http:/ / en. Wikipedia.org/ w/ index.php?title=lntrusion_detection_system_evasion_techniques&oldid=311
670246.
References Page 3044 Ethical Hacking and Countermeasures Copyright by EC-COUIICil
All Rights Reserved. Reproduction is Strictly Prohibited.
Ethical Hacking and Countermeasures Exam 312-50 Certified Ethical Hacker
References
2102. Evading NIDS, revisited, from http:/ / www.symantec.com/ connect/ articles/ evading-nids-revisited.
2103. How To Access Blocked / Bypass Blocked Websites, from http:/ / www.computingunleashed.com/ how-to-
access-blocked.html.
2104. How do 1use a Proxy Server? from http:/ / whatismyipaddress.com/ using-proxies.
2105. How to configure I nternet Explorer to use a proxy server, from http:/ / support.microsoft.com/ kb/ 135982.
2106. Firewall Fairytales, from http:/ / www.iqmtm.com/ PDF_presentations/ I Q_Firewall_Fairytales_J une2010-
l.pdf.
2107. I ntrusion detection systems IDS, from http:/ / www.geeksgate.com/ blog/ 812.html.
2108. Defending Against Network IDS Evasion, from http:/ / www.raid-
symposium.org/raid99/ PAPERS/ Paxson.pdf.
2109. Sumit Siddharth, (2005), Evading NIDS, revisited, Available from
http:/ / www.securityfocus.com/ infocus/ 1852.
2110. Alexis Lawrence, Howto Set Up a Honey Pot, Available from http:/ / www.ehow.com/ how_5245821_set-
up-honey-pot.html.
2111. GHH, What is GHH?, Available from http:/ / ghh.sourceforge.net/ .
2112. Phrack Magazine Volume Seven, I ssue Forty-Nine File 06 o f ..., from
http:/ / www.phrack.org/ phrack/ 49/ P49-06.
2113. Kasey Efaw, I nstalling Snort 2.8.5.2 on Windows 7,
http:/ / www.sn0rt.0rg/ assets/ 135/ lnstalling_Sn0rt_2.8.5.2_0n_Wind0ws_7.pdf.
2114. (2006), I ntrusion Detection System (IDS) Evasion,
http:/ / complianceandprivacy.com/ WhitePapers/ iDefense-I DS-
Evasion/i Defense_I DSEvasion_20060510.pdf.
2115. Brian Caswell, Writing Snort Rules A quick guide,
http:/ / www.shmoo.com/ ~bmc/ presentations/ 2004/ honeynet/ caswell-writing-snort-rules.ppt.
2116. Unblock Blocked Websites like Myspace, Bebo and Orkut, from http:/ / www.clazh.com/ unblock-blocked-
websites-like-myspace-bebo-and-orkut/ .
2117. Firewalls, from http:/ / hacker-dox.net/ Que-Certified.Ethical.Hacker.E/ 0789735318/ chl0levlsec5.html.
2118. Firewall Basics, http:/ / www.unixgeeks.org/ security/ newbie/ security/ firewall.html.
2119. Honeypots, from http:/ / www.infosecwriters.com/ texts.php?op=display&id=80.
2120. Dale Farris, (2005), Honeypots for Windows, from
http:/ / www.gtpcc.org/ gtpcc/ honeypotsforwindows.htm.
2121. Mike Neuman, (1995), Bugtraq: ANNOUNCE: Freely available TTY monitoring/ control program, from
http:/ / seclists.org/ bugtraq/ 1995/ J un/ 0049.html.
2122. Web Application Attacks, [PDF] Guide, from www.netprotect.ch/ downloads/ webguide.pdf.
2123. David Endler & Michael Sutton, [PPT] iDEFENSE Labs, from www.blackhat.com/ presentations/ bh-usa-
02/endler/ bh-us-02-endler-brute.ppt.
2124. I ntrusion detection, from
http:/ / www.networkworld.com/ links/ Downloads/ Security/ lntrusion_detection/ .
2125. Tony Bradley, Free I ntrusion Detection (IDS) and Prevention (IPS) Software, from
http:/ / netsecurity.ab0ut.c0m/ 0d/ intrusi0ndetecti0nidl/ a/ aafreeids.htm.
2126. AI DE, from http:/ / www.cryptomancer.de/ programme/ aide-en.html.
2127. The Evolution of I ntrusion Detection System, from www.secutityfocus.com/ infocus.
2128. Navy I nformation Assurance Website, from
https:/.. ./ps/ ?t=infosecprodsservices/ infosecprodsservices.tag&bc=/infosecprodsservices/ bc_ids.htnnl.
References Page 3045 Ethical Hacking and Countermeasures Copyright by EC-COUIICil
All Rights Reserved. Reproduction is Strictly Prohibited.
Ethical Hacking and Countermeasures Exam 312-50 Certified Ethical Hacker
References
2129. Firewalking, from http:/ / www.webopedia.eom/ TERM/ F/ firewalking.html.
2130. Vinay, (2009), How to Bypass Firewalls Restrictions using Proxy Servers, from
http:/ / www.ihackintosh.com/ 2009/ 03/ how-to-bypass-firewalls-restrictions-using-proxy-servers/ .
2131. Adam Gowdiak, (2003), Firewall Attack Techniques, from http:/ / www.terena.org/ activities/ tf-
csirt/ meeting9/ gowdiak-bypassing-firewalls.pdf.
2132. How to bypass the firewall (Bypassing from external sources and MI TM attacks), from www.b-it-
center.de/ Wob/ images/ 81134082.ppt.
2133. Bypassing Firewalls, http:/ / flylib.eom/ books/ en/ 3.500.l.95/ l/ .
2134. I ntrusion detection system - EnterpriseNetworkingPlanet, from
http:/ / networking.webopedia.eom/ TERM/ l/ intrusion_detection_system.html.
2135. An I ntroduction to IDS, from www.securityfocus.com/ infocus/ .
2136. Network security, from www.njcpu.net/ security.htm.
2137. Hacking Through IDSs, from www.airscanner.com/ pubs/ ids.pdf.
2138. I NTRUSI ON DETECTI ON -BISS Forums, from www.bluetack.co.uk/ forums/ index.php7showtopic.
2139. iSecurityShop, from www.isecurityshop.com/ .
2140. Enterasys Dragon Host Sensor, from www.enterasys.com/ products/ ids/ DSHSS-xxx/ .
2141. MJ ohnson, Vanguard Security Solutions - Vanguard I ntegrity Professionals, from
www.go2vanguard.com/ software.
2142. Thomas H. Ptacek, I nsertion, Evasion and Denial of Service: Eluding Network I ntrusion Detection, from
www.insecure.org/ stf/ secnet_ids/ secnet_ids.pdf.
2143. I nsertion, Evasion, and Denial of Service,from www.snort.org/ docs/ idspaper/ .
2144. Evading I ntrusion Detection, from www.tux.org/ pub/ tux/ storm/ ids-simple.doc.
2145. IDS: Re: Polymorphic Shellcode detection, from sedists.org/ lists/ focus-ids/ 2003/ May/ 0019.
2146. Hardware Firewalls, from http:/ / cybercoyote.org/ security/ hardware.shtml.
2147. Circuit-Level Gateway, from www.softheap.com/ internet/ circuit-level-gateway.html.
2148. Vicomsoft Firewall Q&A, from www.vicomsoft.com/ knowledge/ reference/ firewallsl.html.
2149. Statoo.htm: some simple stalking tools, from www.searchlores.org/ statoo.htm.
2150. van Hauser, Placing Backdoors Through Firewalls, from www.thc.segfault.net/ download.php?t=p&f=fw-
backd.htm.
2151. J. Christian Smith, (2000), I ntroduction, www.gray-world.net/ papers/ covertshells.txt.
2152. BSD Search.Com - Applications: Networking, from
www.bsdsearch.com/ dir/ / applications/ networking.php.
2153. Peter Kieltyka, I CMP Shell, from icmpshell.sourceforge.net/ .
2154. Measuring Security Threats with Honeypot, from www.honeynet.org/ papers/ individual/ sane-2004.
2155. Lance Spitzner, (2003), Open Source Honeypots: Learning with Honeyd, from
www.securityfocus.com/ infocus/ 1659.
2156. Honeypot Software, Honeypot Products, Deception Software, from
www.honeypots.net/ honeypots/ products.
2157. Measuring Security Threats with Honeypot Technology, from
www.honeynet.org/ papers/ individual/ sane-2004.
2158. Know Your Enemy: Sebek, from www.honeynet.org/ papers/ sebek.pdf.
References Page 3046 Ethical Hacking and Countermeasures Copyright by EC-COUIICil
All Rights Reserved. Reproduction is Strictly Prohibited.
Ethical Hacking and Countermeasures Exam 312-50 Certified Ethical Hacker
References
2159. I ntrusion Detection System (IDS) Evasion, from
http:/ / complianceandprivacy.com/ WhitePapers/ iDefense-I DS-
Evasion/i Defense_I DSEvasion_20060510.pdf.
2160. I ntrusion Detection/ Prevention, from http:/ / www.protectpoint.com/ services_intrusiondetection.htm.
2161. I ntrusion Detection Systems, from
http:/ / www.cra.org/ Activities/ craw/ dmp/ awards/ 2003/ Tan/ research/ rules.html.
2162. Managed Security Services- I ntrusion Detection Programs, from
http:/ / www.gus.net/ lntrusion_Dectection.htm.
2163. Nick DeClario, Keep Out: Host I ntrusion Detection, from
http:/ / www.linuxsecurity.com/ content/ view/ 112852/ 151/ .
2164. Yona Hollander, The Future of Web Server Security, from
http:/ / www.mcafee.com/ us/ local_content/ white_papers/ wp_future.pdf.
2165. Unauthorized remote users can read IIS files, from http:/ / xforce.iss.net/ xforce/ xfdb/ 2663.
2166. J an Meijer, Multiple Microsoft IIS Vulnerabilities, from http:/ / cert-nl.surfnet.nI / s/ 2000/ S-00-35.htm.
2167. Automated Web I nterface Scans IIS for Multiple Vulnerabilities, from
http:/ / www.ciac.org/ ciac/ bulletins/ k-068.shtml.
2168. Mark Burnett, (2001), Running Snort on IIS Web Servers Part 2: Advanced Techniques, from
http:/ / www.securityfocus.com/ infocus/ 1316.
2169. Spanish Honeypot Project, from http:/ / www.honeynet.org.es/ project/ .
2170. Lance Spitzner, 2003, Honeypots, from http:/ / www.ip97.com/ tracking-
hackers.com/ papers/ honeypots.html.
2171. A Virtual Honeypot Framework, from http:/ / www.citi.umich.edu/ techreports/ reports/ citi-tr-03-l.pdf.
2172. What is SPECTER, from http:/ / www.specter.ch/ introduction50.shtml.
2173. Shaheem Motlekar, (2004), Honeypot FAQ, from http:/ / www.tracking-hackers.com/ misc/ faq.html.
2174. Honeytokens: The Other Honeypot, from http:/ / www.securityfocus.com/ infocus/ 1713.
2175. van Hauser, Placing Backdoors Through Firewalls, from
http:/ / www.securitymap.net/ sdm/ docs/ attack/ fw-backd.htm.
2176. Placing Backdoors Through Firewalls, from
http:/ / www.windowsecurity.com/ whitepapers/ Placing_Backdoors_Through_Firewalls.html.
2177. Honeypots: Three new tools related to IDS, forensics, honeypots, from
http:/ / seclists.org/ honeypots/ 2003/ q2/ 0279.html.
2178. Network I ntrusion Detection Using Snort, from
http:/ / www.linuxsecurity.com/ content/ view/ 117497/ 49/ .
2179. I ntrusion Detection, from http:/ / www.ctssg.com/ ids_p.htm.
2180. I NTRUSI ON DETECTI ON, from http:/ / www.pafis.shh.fi/ ~tantit01/ isac2002/ ce03/ password.html.
2181. Paul I nnella, 2001, An I ntroduction to IDS, from http:/ / www.securityfocus.com/ infocus/ 1520.
2182. Ricky M. Magalhaes, (2003), Host-Based IDS vs Network-Based IDS, from
http:/ / www.windowsecurity.com/ articles/ Hids_vs_Nids_Part2.html.
2183. I ntrusion detection system, from
http:/ / www.webopedia.eom/ TERM/ l/ intrusion_detection_system.html.
2184. Paul I nnella, 2001, The Evolution of I ntrusion Detection Systems, from
http:/ / www.securityfocus.com/ infocus/ 1514.
2185. Host, from http:/ / lists.debian.org/ .
References Page 3047 Ethical Hacking and Countermeasures Copyright by EC-COUIICil
All Rights Reserved. Reproduction is Strictly Prohibited.
Ethical Hacking and Countermeasures Exam 312-50 Certified Ethical Hacker
References
2186. Spammers use Word files to bypass filters, from
http:/ / www.zdnet.com.aU/ news/ security/ soa/ Spammers_use_Word_files_to_bypass_filters/ 0,1300617
44,139267487,OO.htm.
2187. Know Your Enemy: Sebek, from http:/ / www.honeynet.org/ papers/ sebek.pdf.
2188. Honeyd - Network Rhapsody for You, from http:/ / www.citi.umich.edU/ u/ provos/ honeyd/ .
2189. SPECTER I ntroduction, from http:/ / www.specter.ch/ introduction50.shtml.
2190. Measuring Security Threats with Honeypot Technology, from
http:/ / www.honeynet.org/ papers/ individual/ sane-2004.pdf.
2191. Lance Spitzner, (2003), SecurityFocus: Honeytokens -The Other Honeypot, from
http:/ / www.securityfocus.com/ infocus/ 1713.
2192. Andrea Barisani, vol5issue6, from http:/ / www.tisc-insight.com/ newsletters/ 56.html.
2193. Peter Kieltyka, (2006), I CMP Shell, from http:/ / icmpshell.sourceforge.net/ .
2194. ntsecurity.nu - ack tunneling, from http:/ / ntsecurity.nu/ papers/ acktunneling/ .
2195. SecuriTeam - ACK Tunneling Trojans, from
http:/ / www.securiteam.com/ securityreviews/ 5OP0P156AE.html.
2196. Placing Backdoors Through Firewalls, from http:/ / www.thc.segfault.net/ papers/ fw-backd.htm.
2197. Mike, Firewalk, from www.blackhat.com/ presentations/ bh-usa-99/ Route/ bh-us-99-schiffman.ppt.
2198. Hardware Firewalls, from http:/ / cybercoyote.org/ security/ hardware.shtml.
2199. Evading I ntrusion Detection, from www.tux.org/ pub/ tux/ storm/ ids-simple.doc.
2200. I nsertion, Evasion, and Denial of Service, from http:/ / www.snort.org/ docs/ idspaper/ .
2201. Securing IT Assets with Linux, from www.bass-inc.com/ presentations/ arp21_2004/ linuxsecurity.ppt.
2202. Linux Security Quick Reference Guide, from http:/ / www.tldp.org/ REF/ ls_quickref/ QuickRefCard.pdf.
2203. Vanguard Security Solutions - Vanguard I ntegrity Professionals, from
http:/ / www.go2vanguard.com/ software/ .
2204. iSecurityShop, from http:/ / www.isecurityshop.com/ .
2205. Going on the Defensive: I ntrusion Detection Systems, from http:/ / www.airscanner.com/ pubs/ ids.pdf.
2206. Network Security, from http:/ / www.njcpu.net/ security.htm.
2207. Tipping Point, from http:/ / hl0163.wwwl.hp.com.
2208. Security Network I ntrusion Prevention System, from http:/ / www-01.ibm.com.
2209. Enterprise, from http:/ / www.tripwire.com/ it-security-software/ security-configuration-
management/ file-integrity-monitoring/ .
2210. Specter, from http:/ / www.specter.com/ default50.htm.
2211. Honeyd, from http:/ / www.honeyd.org/ .
2212. KFSensor, from http:/ / www.keyfocus.net/ kfsensor/ .
2213. Symantec Decoy Server, from http:/ / www.symantec.com/ press/ 2003/ n030623b.html.
2214. Tiny Honeypot, from http:/ / freecode.com/ projects/ thp.
2215. LaBrea, from http:/ / labrea.sourceforge.net/ labrea-info.html.
2216. PatriotBox, from http:/ / www.alkasis.com/ ?action=products&pid=6.
2217. Kojoney, from http:/ / kojoney.sourceforge.net/ .
2218. HoneyBOT, from http:/ / www.atomicsoftwaresolutions.com/ honeybot.php.
2219. Google Hack Honeypot, from http:/ / ghh.sourceforge.net/ .
References Page 3048 Ethical Hacking and Countermeasures Copyright by EC-COUIICil
All Rights Reserved. Reproduction is Strictly Prohibited.
Ethical Hacking and Countermeasures Exam 312-50 Certified Ethical Hacker
References
2220. WinHoneyd, from http:/ / www2.netvigilance.com/ winhoneyd.
2221. HI HAT, from http:/ / hihat.sourceforge.net/ .
2222. Argos, from http:/ / www.few.vu.nl/ argos/ ?page=2.
2223. Glastopf, from http:/ / glastopf.org/ .
2224. Send-Safe Honeypot Hunter, from http:/ / www.send-safe.com/ honeypot-hunter.html.
2225. I BM Security Network I ntrusion Prevention System, from http:/ / www-
01.ibm.com/ software/ tivoli/ products/ security-network-intrusion-prevention/ .
2226. Peek & Spy, from http:/ / networkingdynamics.com/ peek-spy/ peekspy/ .
2227. I NTOUCH I NSA-Network Security Agent, from http:/ / www.ttinet.com/ doc/ insa_vl5_025.html.
2228. Strata Guard, from http:/ / www.stillsecure.com/ strataguard.
2229. I DP8200 I ntrusion Detection and Prevention Appliances, from https:/ / www.juniper.net/ in/ en/ products-
services/ security/ idp-series/ idp8200/ .
2230. OSSEC, from http:/ / www.ossec.net/ ?page_id=19.
2231. Cisco I ntrusion Prevention Systems, from
http:/ / www.cisco.com/ en/ US/ products/ ps5729/ Products_Sub_Category_Home.html.
2232. AI DE (Advanced I ntrusion Detection Environment), from http:/ / aide.sourceforge.net/ .
2233. SNARE (System iNtrusion Analysis & Reporting Environment), from http:/ / www.intersectalliance.com/ .
2234. Vanguard Enforcer, from http:/ / www.go2vanguard.com/ enforcer.php.
2235. Check Point Threat Prevention Appliance, from http:/ / www.checkpoint.com/ products/ threat-
prevention-appliances/ .
2236. fragroute, from http:/ / www.monkey.org/ ~dugsong/ fragroute/ .
2237. Next-Generation I ntrusion Prevention System (NGI PS), from http:/ / www.sourcefire.com/ security-
technologies/ network-security/ next-generation-intrusion-prevention-system.
2238. Outpost Network Security, from http:/ / www.agnitum.com/ products/ networksecurity/ index.php.
2239. Check Point IPS-1, from http:/ / www.checkpoint.com/ products/ ips-l/ .
2240. FortiGate, from http:/ / www.fortinet.com/ solutions/ ips.html.
2241. Enterasys I ntrusion Prevention System, from http:/ / www.enterasys.com/ products/ advanced-security-
apps/ dragon-intrusion-detection-protection.aspx.
2242. StoneGate Virtual IPS Appliance, from http:/ / www.stonesoft.com/ en/ products/ appliances/ virtual-
ips.html.
2243. Cyberoam I ntrusion Prevention System, from http:/ / www.cyberoam.com/ ips.html.
2244. McAfee Host I ntrusion Prevention for Desktops, from http:/ / www.mcafee.com/ us/ products/ host-ips-for-
desktop, aspx.
2245. ZoneAlarm PRO Firewall, from http:/ / www.zonealarm.com/ security/ en-us/ zonealarm-pro-firewall-anti-
spyware.htm.
2246. Check Point Firewall Software Blade, from http:/ / www.checkpoint.com/ products/ firewall-software-
blade/index.html.
2247. eScan Enterprise Edition, from
http:/ / www.escanav.com/ english/ content/ products/ corp_enterprise/ escan_enterprise.asp.
2248. J etico Personal Firewall, from http:/ / www.jetico.com/ firewall-jetico-personal-firewall/ .
2249. Outpost Security Suite, from http:// free.agnitum.eom/#.
2250. Novell BorderManager, from http:/ / www.novell.com/ products/ bordermanager/ .
References Page 3049 Ethical Hacking and Countermeasures Copyright by EC-COUIICil
All Rights Reserved. Reproduction is Strictly Prohibited.
Ethical Hacking and Countermeasures Exam 312-50 Certified Ethical Hacker
References
2251. Firewall UTM, from http:/ / www.esoft.com/ network-security-appliances/ instagate/ .
2252. Sonicwall, from http:/ / www.tribecaexpress.com/ products/ by-manufacturers/ sonicwall-firewalls-
price.htm.
2253. Comodo Firewall, from http:/ / personalfirewall.comodo.com/ .
2254. Online Armor, from http:/ / www.online-armor.com/ products-online-armor-free.php.
2255. FortiGate-5101C, from http:/ / www.fortinet.com/ press_releases/ 120227.html.
2256. proxify, from http:/ / proxify.com.
2257. spysurfing, from http:/ / www.spysurfing.com.
2258. alienproxy, from http:/ / alienproxy.com.
2259. zendproxy, from http:/ / zendproxy.com/ .
2260. anonymouse, from http:/ / anonymouse.org.
2261. anonymizer, from http:/ / www.anonymizer.com.
2262. webproxyserver, from http:/ / www.webproxyserver.net/ .
2263. boomproxy, from http:/ / www.boomproxy.com/ .
2264. Loki I CMP tunneling, from http:/ / www.iss.net/ security_center/ reference/ vuln/ Loki.htm.
2265. AckCmd, from http:/ / ntsecurity.nu/ toolbox/ ackcmd/ .
2266. HTTPTunnel, from http:/ / www.nocrew.org/ software/ httptunnel.html.
2267. Send-Safe Honeypot Hunter, from http:/ / www.send-safe.com/ honeypot-hunter.html.
2268. Traffic IQ Professional, from http:/ / www.idappcom.com/ downloads.php.
2269. tcp-over-dns, from http:/ / analogbit.com/ software/ tcp-over-dns.
2270. Snare Agent for Windows, from http:/ / www.intersectalliance.com/ projects/ BackLogNT/ .
2271. AckCmd, from http:/ / ntsecurity.nu/ toolbox/ ackcmd/ .
2272. Tomahawk, from http:/ / tomahawk.sourceforge.net/ .
2273. Your Freedom, from http:/ / www.your-freedom.net/ index.php?id=downloads.
2274. Atelier Web Firewall Tester, from http:/ / www.atelierweb.com/ products/ firewall-tester/ .
2275. Freenet, from https:/ / freenetproject.org/ .
2276. GTunnel, from http:/ / gardennetworks.org/ download.
2277. Hotspot Shield, from http:/ / www.anchorfree.com/ hotspot-shield-VPN-download-windows.php.
2278. Proxifier, from http:/ / www.proxifier.com/ .
2279. Vpn One Click, from http:/ / www.vpnoneclick.com/ download/ index.html.
2280. Multi-Generator (MGEN), from http:/ / cs.itd.nrl.navy.mil/ work/ mgen/ index.php.
2281. Net-lnspect, from http:/ / search.cpan.org/ ~sullr/ Net-lnspect/ lib/ Net/ lnspect/ L3/ I P.pm.
2282. NConvert, from http:/ / www.xnview.com/ en/ nconvert/ .
2283. fping 3, from http:/ / fping.org/ .
2284. pktgen, from http:/ / www.linuxfoundation.org/ collaborate/ workgroups/ networking/ pktgen.
2285. PacketMaker, from http:/ / www.jdsu.com/ en-us/ Test-and-Measurement/ Products/ a-z-product-
list/Pages/ packetmaker-sas-sata-tester.aspx.
Module 18: Buffer Overflow
2286. Understanding Buffer Overruns, from http:/ / uk.sys-con.com/ node/ 33998.
References Page 3050 Ethical Hacking and Countermeasures Copyright by EC-COUIICil
All Rights Reserved. Reproduction is Strictly Prohibited.
Ethical Hacking and Countermeasures Exam 312-50 Certified Ethical Hacker
References
2287. Exploits: Heap, from http:/ / www.sciencedirect.com/ science/ article/ pii/ B9781597499972500066.
2288. Exploits: Stack, from http:/ / www.sciencedirect.com/ science/ artide/ pii/ B9781597499972500054.
2289. Writing Exploits II, from http:/ / www.sciencedirect.com/ science/ article/ pii/ B9781597499972500091.
2290. Hacking Unix, from
http:/ / media.techtarget.com/ searchEnterpriseLinux/ downloads/ Hacking_Exp_ch7.pdf.
2291. Testing for Stack Overflow, from https:/ / www.owasp.org/ index.php/ Testing_for_Stack_Overflow.
2292. Heap Corruption, from http:/ / www.sciencedirect.com/ science/ article/ pii/ B9781932266672500463.
2293. Buffer Overflow Attacks-Detect, Exploit, Prevent, from
http:/ / newark.pardey.org/ deck/ book/ buffer_overflow_attacks.pdf.
2294. Hack Proofing Your Network-8, from http:/ / forum.slime.com.tw/ threadll7254.html.
2295. Statically Detecting Likely Buffer Overflow Vulnerabilities, from
http:/ / lclint.cs.virginia.edu/ usenix01.html.
2296. Buffer Overflow - OWASP, from www.owasp.org/ index.php/ Buffer_Overflow.
2297. NedSecure Solutions - Toelichting aanvalstechnieken, from
www.nedsecure.nl/ index.php?option=com_content&task=view&id=lll&ltemid=44&lang=.
2298. Tony Bradley, Zero Day Exploits: The Holy Grail, from
http:/ / netsecurity.ab0ut.c0m/ 0d/ newsandedit0riall/ a/ aazer0day.htrn.
2299. FWSM URL Filtering Solution TCP ACL Bypass Vulnerability [Products ..., from
www.cisco.com/ en/ US/ products/ products_security_advisory09186a0080464d00.shtml.
2300. Roger Gustavsson, (2006), Buffer overflow, from
http:/ / idenet.bth.se/ servlet/ download/ news/ 23644/ Gustavsson+-+Buffer+Overflows.pdf.
2301. Stack Smashing Defense: A Buffer Overflow Lab Exercise, from
http:/ / cisa.umbc.edu/ CDX/ Will/ stack_smash_proposal.pdf.
2302. US-CERT Vulnerability Note VU#726198, from http:/ / www.kb.cert.org/ vuls/ id/ 726198.
2303. David Litchfield, Windows Heap Overflows, www.blackhat.com/ presentations/ win.../ bh-win-04-
litchfield.ppt.
2304. Ronnie J ohndas, Steps I nvolved in Exploiting a Buffer Overflow Vulnerability using a SEH Handler,
http:/ / www.infosecwriters.com/ text_resources/ pdf/ RJ ohndas_Buffer_Overflow_SEH_Handler.pdf.
2305. Microsoft I ndex Server ISAPI Extension Buffer Overflow, from http:/ / www.ciac.org/ ciac/ bulletins/ l-
098.shtml.
2306. Mehdi Mousavi, What an ISAPI extension is?, from
http:/ / www.codeproject.com/ KB/ I SAPI / isapi_extensions.aspx.
2307. Fireproofing Against DoS Attacks, from http:/ / www.networkcomputing.com/ 1225/ 1225f38.html.
2308. Unchecked Buffer in ISAPI Extension Enables Remote Compromise of IIS 5.0 Server, from
http:/ / www.securiteam.com/ windowsntfocus/ 5CP010K4AK.html.
2309. Heap Overrun in HTR Chunked Encoding Could Enable Web Server Compromise, from
http:/ / www.securiteam.com/ windowsntfocus/ 5I P0ClP7FC.html.
2310. Unchecked Buffer in I ndex Server ISAPI Extension Leads to Web Server Compromise, from
http:/ / www.securiteam.com/ windowsntfocus/ 5FP0B2K4KU.html.
2311. Testing for Heap Overflow, from http:/ / www.owasp.org/ index.php/ Testing_for_Heap_Overflow.
2312. Tom Chmielarski, (2010), Enhanced Mitigation Experience Toolkit reduces buffer overflow attacks, from
http:/ / searchmidmarketsecurity.techtarget. com/ tip/ 0,289483, sidl98_ gcil520906,00. html.
2313. ADMmutate, from http:/ / www.ktwo.ca/ security.html.
2314. GDB, from http:/ / www.gnu.org/ software/ gdb/ .
References Page 3051 Ethical Hacking and Countermeasures Copyright by EC-COUIICil
All Rights Reserved. Reproduction is Strictly Prohibited.
Ethical Hacking and Countermeasures Exam 312-50 Certified Ethical Hacker
References
2315. Netcat, from http:/ / netcat.sourceforge.net/ download.php.
2316. LCLint, from http:/ / www.linuxjournal.com/ article/ 3599.
2317. Code::Blocks, from http:/ / www.codeblocks.org/ .
2318. eEye Retina, from http:/ / www.eeye.com/ .
2319. Spike, from http:/ / spike.lazypics.de/ dl_index_en.html.
2320. Brute Force Binary Tester (BFB), from http:/ / bfbtester.sourceforge.net/ .
2321. I mmunity CANVAS, from http:/ / www.immunityinc.com/ products-canvas.shtml.
2322. I mmunity Debugger, from http:/ / www.immunityinc.com/ products-immdbg.shtml.
2323. Splint, from http:/ / www.splint.org/ download.html.
2324. Flawfinder, from http:/ / www.dwheeler.com/ flawfinder/ .
2325. BLAST, from http:/ / mtc.epfl.ch/ software-tools/ blast/ index-epfl.php.
2326. Stack Shield, from http:/ / www.angelfire.com/ sk/ stackshield/ download.html.
2327. Valgrind, from http:/ / valgrind.org/ downloads/ current.html.
2328. PolySpace C Verifier, from http:/ / www.mathworks.in/ products/ polyspace/ .
2329. Insure++, from http:/ / www.parasoft.com/ jsp/ products/ insure.jsp?itemld=63.
2330. /GS, from http:/ / microsoft.com.
2331. BufferShield, from http:/ / www.sys-manage.com/ PR0DUCTS/ BufferShield/ tabid/ 61/ Default.aspx.
2332. DefenseWall, from http:/ / www.softsphere.com/ online-help/ defenceplus/ .
2333. TIED, from
http:/ / www.security.iitk.ac.in/ index.php?page=contents/ projects/ tiedJ ibsafe/ tied_libsafeplus.
2334. LibsafePlus, from
http:/ / www.security.iitk.ac.in/ index.php?page=contents/ projects/ tied_libsafe/ tied_libsafeplus.
2335. Comodo Memory Firewall, from http:/ / www.comodo.com/ news/ press_releases/ 16_01_08.html.
2336. Clang Static Analyzer, from http:/ / clang-analyzer.llvm.org/ .
2337. FireFuzzer, from https:/ / c0de.g00gle.c0m/ p/ firefuzzer/ .
2338. BOON, from http:/ / www.cs.berkeley.edu/ ~daw/ boon/ .
2339. The Enhanced Mitigation Experience Toolkit, from http:/ / www.microsoft.com/ en-
us/download/details.aspx?id=29851.
2340. CodeSonar Static Analysis Tool, from http:/ / www.grammatech.com/ codesonar.
2341. CORE I MPACT Pro, from http:/ / www.coresecurity.com/ core-impact-pro.
Module 19: Cryptography
2342. MD5 - message digest (fingerprint, checksum), from http:/ / www.akadia.com/ services/ md5.html.
2343. Web App Security, from http:/ / www.hackerscenter.com/ archive/ view.asp?id=25264.
2344. Cryptography, from http:/ / www.crcnetbase.com/ doi/ abs/ 10.1201/ 9780203507872.ch6.
2345. I ntegrated Technologies, from http:/ / www.crcnetbase.com/ doi/ abs/ 10.1201/ 9780203330708.ch8.
2346. Cracking S/ MI ME encryption using idle CPU time, from
http:/ / www.securiteam.com/ tools/ 3J 5PRQ0PPQ.html.
2347. Check Point RealSecure Attack Signatures Glossary, from
http:/ / www.checkpoint.com/ support/ technical/ documents/ realsecure/ Attack_Signatures.pdf.
2348. MarkJ Cox, from http:/ / www.awe.com/ mark/ talks/ apachecon2003us.html.
References Page 3052 Ethical Hacking and Countermeasures Copyright by EC-COUIICil
All Rights Reserved. Reproduction is Strictly Prohibited.
Ethical Hacking and Countermeasures Exam 312-50 Certified Ethical Hacker
References
2349. (2001), Announcing the ADVANCED ENCRYPTI ON STANDARD (AES),
http:/ / csrc.nist.gov/ publications/ fips/ fipsl97/ fips-197.pdf.
2350. MI CHAEL WELSCHENBACH, Cryptography in C and C++, Second Edition,
apress.com/ book/ view/ 1590595025.
2351. Rolf Oppliger, (2005), Contemporary Cryptography, http:/ / www.free-ebook-download.net/ technical
book/ 8574-contemporary-cryptography.html.
2352. R. F. Churchhouse, (2001), Codes and ciphers (J ulius Caesar, the Enigma and the internet),
http:/ / ebookee.org/ Codes-and-Ciphers-J ulius-Caesar-the-Enigma-and-the-lnternet_128588.html.
2353. J ohn Talbot and Dominic Welsh, (2006), Complexity and Cryptography an introduction,
http:/ / www.cambridge.org/ gb/ knowledge/ isbn/ itemll72875/ ?site_ locale=en_GB.
2354. BRUCE SCHNEI ER, Applied Cryptography, Second Edition, http:/ / www.schneier.com/ book-applied.html.
2355. J AMES BAMFORD, (2002), Body of Secrets, http:/ / sandiego.indymedia.org/ media/ 2007/ 02/ 125027.pdf.
2356. T. W. Korner, (1998), Coding and Cryptography, http:/ / www.dpmms.cam.ac.uk/ ~twk/ .
2357. Kenneth W. Dam and Herbert S. Lin, (1996), Cryptography's Role In Securing The I nformation Society,
http:/ / www.comms.scitech.susx.ac.uk/ fft/ crypto/ cryptorole.pdf.
2358. Peter Gutmann, Cryptography and Data Security,
http:/ / www.comms.scitech.susx.ac.uk/ fft/ crypto/ CryptoTutorial/ partl.pdf.
2359. Documentation and Encryption, from http:/ / www.linuxsecurity.com/ content/ view/ 17/ 70/ .
2360. J osh Ryder, I ntroduction to Encryption, from http:/ / www.developer.com/ tech/ article.php/ 630681.
2361. Authentication Technologies, from
http:/ / www.techarch.state.ar.us/ domains/ security/ resources/ techlist.htm.
2362. J ari Arkko, Vesa Torvinen, Aki Niemi, (2002), HTTP Authentication with EAP, from
http:/ / www.arkko.com/ publications/ draft-torvinen-http-eap-01.txt.
2363. Ralf J unker, Functions and Procedures: Basic Authentication, from
http:/ / www.zeitungsjunge.de/ delphi/ mime/ Help/ DI Mime.htm.
2364. Authentication, Authorization, and Access Control, from httpd.apache.org/docs.
2365. J ohn Franks, (1999), HTTP Authentication: Basic and Digest Access Authentication, from
http:/ / www.ietf.org/ rfc/ rfc2617.txt.
2366. J eff Kercher, Edward J ezierski, (2001), Authentication in ASP.NET: .NET Security Guidance, from
http:/ / msdn.microsoft. com/ library/ default. asp?url=/ library/ en-us/ dnbda/ html/ authaspdotnet. asp.
2367. Digital Certificates, from www.bitpipe.com/ tlist/ Digital-Certificates.html.
2368. Vijay Bollapragada, I PSec Authentication and Authorization Models, from
www.ciscopress.com/ articles/ article.asp?p=421514&seqNum=4 - 31k -.
2369. Certificate-based Authentication, from http:/ / www.microsoft.com/ technet/ security/ Bulletin/ MS02-
048.mspx.
2370. Abel Banda, (2003), Forms-based Authentication, from
www.ondotnet.com/ pub/ a/ dotnet/ 2003/ 01/ 06/ formsauthpl.html.
2371. Kimon Rethis Biometrics Authentication, from www.csun.edu.
2372. Fingerprint-based I dentification, from www.barcode.ro/ tutorials/ biometrics/ fingerprint.html
2373. Michael Anissimov, Retina Scanning, from www.wisegeek.com/ how-does-a-retinal-scan-work.htm.
2374. Afghan Woman Recognized After 17 Years, from
http:/ / www.ct.gov/ dss/ cwp/view.asp?a=2349&q=304748.
2375. Bill Gates at the RSA Conference 2006, from http:/ / www.microsoft.com/ billgates/ speeches.
References Page 3053 Ethical Hacking and Countermeasures Copyright by EC-COUIICil
All Rights Reserved. Reproduction is Strictly Prohibited.
Ethical Hacking and Countermeasures Exam 312-50 Certified Ethical Hacker
References
2376. Security Awareness is Rising while Security Protections are falling, from
www.miora.com/ articles/ awareness.htm.
2377. Soumyadip Rakshit, Biometric access control, from
http:/ / www.jiskha.com/ science/ biology/ biometrics.html.
2378. Prof. Ausif Mahmood RSA (Rivest, Shamir, and Adleman), from
www.bridgeport.edu/ sed/ projects/ cs597/ Spring_2004/ sbhumana/ index.htm.
2379. BlowFish, from www.answers.com/ topic/ blowfish.
2380. Algorithms and Security, from www.tcuconnect.com/ help/ faq_security.asp.
2381. SHA (Secure Hash Algorithm), from http:/ / www.safeexim.safescrypt.com/ SafeDoXX_User_Manual.pdf.
2382. Christopher Allen, Tim Dierks, SSL Handshake Protocol Flow, from
https:/ / www.ipa.go.jp/ security/ rfc/ RFC2246-07EN.html.
2383. Cryptography Attacks, from www.hack.gr/ users/ dij/ crypto/ overview/ terminology.html.
2384. Cryptography Attacks, from
http:/ / ieeexplore.ieee.org/ iel5/ 10600/ 33508/ 01590056.pdf?isnumber=33508&arnumber=1590056.
2385. What is a hash function?, from http:/ / www.rsa.com/ rsalabs/ node.asp?id=2176.
2386. What is Capstone?, from http:/ / www.rsa.com/ rsalabs/ node.asp?id=2317.
2387. What are RC5 and RC6?, from http:/ / www.rsa.com/ rsalabs/ node.asp?id=2251.
2388. This challenge is no longer active, from http:/ / www.rsa.com/ rsalabs/ node.asp?id=2094.
2389. Dorothy E. Denning & Dennis K. Branstad, 1996, A Taxonomy for Key Escrow Encryption Systems, from
http:/ / www.cosc.georgetown.edu/ ~denning/ crypto/ Taxonomy.html.
2390. Parameter Tampering, from http:/ / www.imperva.com/ resources/ glossary/ parameter_tampering.html.
2391. Pascal Meunier, (2004), Programming I ssues, from
www. cerias. purdue. edu/secprog/ class2/ 7.Canon_&_DT.ppt.
2392. About Secure Shell, from http:/ / www.onsight.com/ faq/ ssh/ ssh-faq-l.html.
2393. PGP Attack FAQ: The asymmetric cipher
http:/ / www.iusmentis.com/ technology/ encryption/ pgp/ pgpattackfaq/ asymmetric/ .
2394. Digital Signature Guidelines, from
Tutorial http:/ / www.abanet.org/ scitech/ ec/ isc/ dsg-tutorial.html.
2395. What is public-key cryptography?, from http:/ / www.rsa.com/ rsalabs/ node.asp?id=2165.
2396. What is Public-Key Cryptography?, from http:/ / www.x5.net/ faqs/ crypto/ q3.html.
2397. Security FAQs, from http:/ / www.tcuconnect.com/ help/ faq_security.asp.
2398. RSA Security- 2.1.1 What is public-key cryptography?, from
http:/ / www.rsasecurity.com/ rsalabs/ node.asp?id=2165.
2399. Mahmood, (2006), Encryption and Decryption using RSA, from
http:/ / www.bridgeport.edu/ sed/ projects/ cs597/ Spring_2004/ sbhumana/ index.htm.
2400. HashCalc, from http:/ / www.slavasoft.com/ hashcalc/ .
2401. MD5 Calculator, from http:/ / www.bullzip.com/ products/ md5/ info.php.
2402. HashMyFiles, from http:/ / www.nirsoft.net/ utils/ hash_my_files.html.
2403. Advanced Encryption Package, from http:/ / www.aeppro.com/ .
2404. BCTextEncoder, from http:/ / www.jetico.com/ encryption-bctextencoder.
2405. CommuniCrypt File Encryption Tools, from http:/ / www.communicrypt.com.
2406. Steganos LockNote, from https:/ / www.steganos.com/ us/ products/ for-free/ locknote/ overview/ .
References Page 3054 Ethical Hacking and Countermeasures Copyright by EC-COUIICil
All Rights Reserved. Reproduction is Strictly Prohibited.
Ethical Hacking and Countermeasures Exam 312-50 Certified Ethical Hacker
References
2407. AxCrypt, from http:/ / www.axantum.com/ axcrypt/ .
2408. AutoKrypt, from http:/ / www.hiteksoftware.com/ autokrypt/ data-encryption-software.htm.
2409. CryptoForge, from http:/ / www.cryptoforge.com/ .
2410. NCrypt XL, from http:/ / www.littlelite.net/ ncryptxl/ .
2411. ccrypt, from http:/ / ccrypt.sourceforge.net/ .
2412. WinAES, from http:/ / fatlyz.com/ en/ winaes/ .
2413. EncryptOnClick, from http:/ / www.2brightsparks.com/ onclick/ eoc.html.
2414. GNU Privacy Guard, from http:/ / www.gnupg.org.
2415. comodo, from http:/ / www.comodo.com/ .
2416. thawte, from http:/ / www.thawte.com/ .
2417. verisign, from http:/ / www.verisign.com.
2418. entrust, from http:/ / www.entrust.net/ .
2419. TrueCrypt, from http:/ / www.truecrypt.org/ .
2420. GiliSoft Full Disk Encryption, from http:/ / www.gilisoft.com/ product-full-disk-encryption.htm.
2421. DriveCrypt, from http:/ / www.securstar.com/ products_drivecrypt.php.
2422. ShareCrypt, from http:/ / www.securstar.com/ products_sharecrypt.php.
2423. PocketCrypt, from http:/ / www.securstar.com/ products_pocketcrypt.php.
2424. Rohos Disk Encryption, from http:/ / www.rohos.com/ products/ rohos-disk-encryption/ .
2425. R-Crypto, from http:/ / www.r-tt.com/ data_security_software/ .
2426. SafeBit Disk Encryption, from http:/ / www.safebit.net/ .
2427. DiskCryptor, from http:/ / diskcryptor.net/ wiki/ Main_Page/ en.
2428. alertsec, from http:/ / www.alertsec.com/ software-overview/ .
2429. Symantec Drive Encryption, from http:/ / www.symantec.com/ whole-disk-encryption.
2430. DriveCrypt Plus Pack, from http:/ / www.securstar.com/ products_drivecryptpp.php.
2431. CrypTool, from http:/ / www.cryptool.org/ en.
2432. CryptoBench, from http:/ / www.addario.org/ cryptobench/ .
2433. J CrypTool, from http:/ / www.cryptool.org/ en/ jcryptool.
2434. Ganzua, from http:/ / ganzua.sourceforge.net/ en/ index.html.
2435. Crank, from http:/ / crank.sourceforge.net/ index.html.
2436. EverCrack, from http:/ / evercrack.sourceforge.net/ .
2437. AlphaPeeler, from http:/ / alphapeeler.sourceforge.net/ indexl.htm.
2438. Draft Crypto Analyzer, from http:/ / www.literatecode.com/ draca.
2439. Linear Hull Cryptanalysis of PRESENT, from http:/ / www.ecrypt.eu.org/ tools/ present-linear-hull.
2440. mediggo, from http:/ / c0de.g00gle.c0m/ p/ medigg0/ .
2441. SubCypher, from http:/ / www.esclepiusllc.com/ index.php?page=subcypher.
2442. MD5 Decrypt, from http:/ / www.md5decrypt.org/ .
2443. MD5Cracker, from http:/ / md5crack.com/ .
2444. MD5 Hash Cracker, from http:/ / www.tmto.org/ pages/ passwordtools/ hashcracker/ .
2445. Hash Cracker, from http:/ / www.hash-cracker.com/ .
2446. MD5Decrypter, from http:/ / www.md5decrypter.com/ .
References Page 3055 Ethical Hacking and Countermeasures Copyright by EC-COUIICil
All Rights Reserved. Reproduction is Strictly Prohibited.
Ethical Hacking and Countermeasures Exam 312-50 Certified Ethical Hacker
References
2447. OnlieHashCrack.com, from http:/ / www.onlinehashcrack.com/ index.php.
2448. MD5Decrypter.co.uk, from http:/ / www.md5decrypter.co.uk/ .
2449. Md5.My-Addr.com, from http:/ / md5.my-addr.com/ md5_decrypt-
md5_cracker_online/ md5_decoder_tool.php.
2450. cmd5.org, from http:/ / www.cmd5.org/ .
2451. Crypt and Decrypt Online Tool Conversion, from
http:/ / myeasywww.appspot.com/ utility/ free/ online/ Crypt-and-Decrypt-tool-
online/en?command=UTI LI TY&I D=2.
Module 20: Penetration Testing
2452. Assessing Network Security, from http:/ / www.scribd.com/ doc/ 24594933/ Assessing-Network-Security.
2453. Technical (Bottom-Up) Methodology, from
http:/ / www.crcnetbase.com/ doi/ abs/ 10.1201/ 9780203503041.ch6.
2454. Auditing, from http:/ / www.crcnetbase.com/ doi/ abs/ 10.1201/ 9781420000047.ch3.
2455. Automated Penetration Testing - False Sense of Security, from http:/ / www.it-observer.com/ automated-
penetration-testing-false-sense-security.html.
2456. Application Assessment Questioning, from
http:/ / www.technicalinfo.net/ papers/ AssessmentQuestions.html.
2457. How are Penetrating Testing conducted?, from www.corsaire.com .
2458. Categories of security assessments, from http:/ / safari.oreilly.com/ 0735618682/ part06.
2459. Assessing Network Security, from http:/ / safari.phptr.com/ 0735620334/ ch01levlsec3.
2460. Penetration testing guide, from http:/ / www.penetration-testing.com/ .
2461. COMPUTER SECURI TY PERFORMANCE TESTEXAMPLE, from http:/ / sedists.org/ lists/ pen-
test/ 2003/ Feb/ att-0015/ Pennetration_Test_Agreement_txt.
2462. Service Level Agreements, from http:/ / it.usu.edu/ htm/ hardware/ service-level-agreements.
2463. J eff Forrista, (2001), Fireproofing Against DoS Attacks, from
http:/ / www.networkcomputing.com/ 1225/ 1225f38.html.
2464. Konstantinos Karagiannis, Pen-Test Using FoundScan Hardware Appliances, from
http:/ / www.eweek.com/ cobrand/ 0,3223,a=27473&s=1610&ap=,00.asp.
2465. Pen-Test Using NetRecon, from http:/ / www.net-security.org/ dl/ newsletter/ txt/ issue059.txt.
2466. Pen-Test Using SATAN, SARA and Security Analyzer, from
http:/ / www.ciac.org/ ciac/ ToolsUnixNetSec.html.
2467. E- Commerce Security, from http:/ / netdesignplus.net/ publications/ victor_sawma_thesis.pdf.
2468. Design Guidelines for Secure Web Applications, from http:/ / msdn.microsoft.com/ library/ en-
us/ dnnetsec/ html/ thcmch04.asp?frame=true.
2469. KEN BRANDT, STU GREEN, ENRI QUE ZUNI GA, Activity: Escalating Privileges, from
http:/ / infosecuritymag.techtarget.com/ ar.
2470. The Professional Security Testers (PST) Warehouse: Web Proxy, from
http:/ / www.professionalsecuritytesters.org/ modules.php?name=News&new_topic=16.
2471. Microsoft Security Bulletin (MS99-046) Frequently Asked Questions,
http:/ / www.microsoft.com/ technet/ security/ bulletin/ fq99-046.mspx.
2472. Penetration testing guide, from http:/ / www.penetration-testing.com/ .
2473. Netscape, from http:/ / netscape.aol.com/ .
References Page 3056 Ethical Hacking and Countermeasures Copyright by EC-COUIICil
All Rights Reserved. Reproduction is Strictly Prohibited.
E xa m 3 1 2 - 5 0 C e r ti fi e d E th ic a l H a c k e r E th ic a l H a c k in g a n d C o u n te rm e a s u re s
R e fe re n c e s
2474. Kyle Lai, (2002), Change MAC Address on Win2K & XP, from http:/ / sedists.org/ pen-
test/ 2002/ Nov/ 0025.html.
2475. Anatomy of an ARP Poisoning Attack, from
http:/ / www.watchguard.com/ infocenter/ editorial/ 135324.asp.
2476. Hacking Lexicon, from http:/ / www.cybersoft.com/ whitepapers/ reference/ hacking_lexicon.shtml
2477. I nformation Security Magazine, from
http:/ / infosecuritymag.techtarget.com/ articles/ march01/ features4_battle_plans.shtml.
2478. Finding and Fixing Network Vulnerabilities, from
http:/ / www.eweek.com/ cobrand/ 0,3223,a=27473&s=1610&ap=,00.asp.
2479. Fireproofing against DoS Attacks, from http:/ / www.networkcomputing.com/ 1225/ 1225f38.html.
2480. Get quality service from your suppliers, from
http:/ / www.businesslink.gov.uk/bdotg/ action/ detail?type=RESC>URCES&itemld=1073792560.
2481. Stephen, (2006), USU Help Desk, from http:/ / helpdesk.usu.edu/ content/ hardware/ sla.contracts.php.
2482. Computer Security Performance Test example I ndependent Oversight Cyber Security Performance Test,
from http:/ / seclists.org/ lists/ pen-test/ 2003/ Feb/ att-0015/ Pennetration_Test_Agreement_txt.
2483. Safari Books Online- Microsoft Windows Security Resource Kit, from
http:/ / safari.oreilly.com/ 0735618682/ part06.
2484. Christopher R. Russel, (2001), Penetration Testing with dsniff, from http:/ / www.ouah.org/ dsniffintr.htm.
2485. IDA, from https:/ / www.hex-rays.com/ products/ ida/ index.shtml.
2486. Kismet, from http:/ / www.kismetwireless.net/ download.shtml.
R e fe re n c e s P age 3 0 5 7 E th ic a l H a c k in g a n d C o u n te r m e a s u r e s C o p y r ig h t b y E C -C O U IIC il
A ll R ig h ts R e s e rve d . R e p ro d u c tio n is S tr i c tl y P r o h i b i te d .

You might also like