< All Penetration Testing and Ethical Hacking (Archive) Notes

mrexe | Penetration Testing and Ethical Hacking | Module 06 - Trojans

By: mrexe | Related Course: Penetration Testing and Ethical Hacking (Archive) | Published: March 31, 2018 | Modified: March 31, 2018
Join Cybrary

Notepadfport Lab

fPort is a run command that maps each process ID on the network.  fPort goes beyond what information is displayed in the Task Manager.  fPort also sorts its output by protocol and lists the process name, port, as well as the location/path on the network.

From this Trojan lab, you’ll learn how to determine if the process is active, what it affects and/or if it’s connected to and other important real-time information.


NotepadICMPsrv Lab

ICMPsrv Lab

In this Trojan lab, you’ll learn about ICMPsrv.

ICMP is a tunnel command application with both client (icmpsend) and server (icmpsrv) level options for obtaining client and server usage info. You’ll learn how to install, configure, run and remove the service (if you need).

ICMP’s sole purpose is to validate the traffic link between those targeted nodes on the network.


NotepadIntroduction to Trojans

overt

covert

 


NotepadMD5 Lab

MD5 Lab

This Trojan lab introduces you to MD5.

MD5 is a run line command used to identify the message digest of a file.  This information verifies that the integrity of a file “has or has not” been changed which is critically important to learning the behavior of Trojans and how to combat them.


Notepadnetstat Lab

netstat Lab

netStat is a run line command that displays protocol stats and the current TCP/IP connections.  Each version of netStat is syntax specific, so this Trojan lab demonstrates some of those syntax variations from one version of netStat to another.

netstat /? to know the commands

netstat -h for linux


NotepadPrcView Lab

PrcView Lab

Need to recon a Trojan?  This lab shows you how, with PrcView.

PrcView is a process-focused forensic analysis and Trojan reconnaissance tool.  Its output displays process by name, ID, priority and path/location, key information you’ll need in conducting Trojan reconnaissance.

recon :

Before the attack, supporting elements from the unit recon platoons evaluated the enemy situation and provided guides for the assault.


NotepadTcpView Lab

TcpView Lab

For this Trojan simulation lab, you’ll learn how to use the Tcp View utility.

The TcpView utility displays “EACH” process, and it does so sorted by protocol.  More importantly, TCPView provides the local and remote port address, and the status “IN REAL TIME” of each process. Real time status of system process offer a great advantage to determining how quickly your response time must be in identifying and locating Trojans


NotepadTini Lab

Tini Lab
telnet trojan

The final lab in the Trojan simulation series is Tini.

Tini is the most significant of the all the lab lessons covered in the Trojans module.  In this lab you’ll learn the basics of how a Trojan works and how Trojans operates.

Tini is a telnet utility that gives you access to the system if you can get the user to launch it.

litrap


< All Penetration Testing and Ethical Hacking (Archive) Notes
Join Cybrary

Our Revolution

We believe Cyber Security training should accessible for everyone, everywhere. Everyone deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is the world's largest community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel