NDG Ethical Hacking

NDG Ethical Hacking, developed by NDG, focuses on one of the most challenging sectors of cybersecurity. This series of labs is designed to provide hands-on experience conducting a variety of ethical hacking practices. These skills can help prepare trainees for a variety of IT positions, including: Cyber Security Analyst, Penetration Tester, Ethical Hacker-Security Engineer IT Security Specialist, Cyber Security Engineer and Information Security Engineer-Ethical Hacker.

The labs map to several leading industry certifications, as noted in the Supported Labs table below.

NDG Ethical Hacking labs are supported in NETLAB+ using the NDG Ethical Hacking Pod.

NDG Ethical Hacking labs are now available to all NETLAB+ customers (general release). Labs and VMs have been updated following the pilot release, see the release notes for details. Customers who participated in the pilot will need to request updated OVAs from CSSIA for the NDG Ethical Hacking pod.

These labs are also available as an NDG Online hosted lab offering.

Vital Importance of Cyber Security Training

The National Initiative for Cybersecurity Education (NICE) is focused on the necessity to prepare, recruit, train develop and retain a diverse, qualified cybersecurity workforce capable of preventing and defending against ever-increasing threats. Using the NIST NICE CyberSecurity Workforce Framework, they categorize, organize and describe cybersecurity work in to high-level categories, each comprised into several specialty areas. The framework category, Protect and Defend, includes the specialty areas responsible for the identification, analysis, and mitigation of threats to internal IT systems or networks, which require ethical hacking skills:


  • Computer Network Defense Analysis
  • Incident Response
  • Vulnerability Assessment and Management
  • Computer Network Defense Infrastructure Support

Supported Labs

Lab Title Certified Ethical Hacking (CEH) Domains Offensive Security (PWK) Objectives SANS GPEN Objectives
1 Reconnaissance with Nmap & Amap
  • 2: Footprinting and Reconnaissance
  • 3: Scanning Networks
  • 3: The Essential Tools (netcat, ncat, wireshark, tcpdump)
  • 6: Trojans and Backdoors
  • 7: Intel Target Scanning
  • 15: Scanning for Targets
2 Social Engineering Attacks with Social Engineering Toolkit
  • 9: Social Engineering
  • 14: Reconnaissance
3 Metasploit Framework Fundamentals
  • 5: System Hacking
  • 17: Metasploit Framework
  • 8: Metasploit
4 Web Pentesting with Nikto & OWASP Zap
  • 12: Hacking Webservers
  • 13: Hacking Web Applications
  • 14: Web Application Attacks
  • 6: General Web Application Probing
5 Password Cracking with John the Ripper and Hashcat
  • 5: System Hacking
  • 18: Cryptography
  • 15: Password Attacks
  • 1: Advanced Password Attacks
  • 2: Attacking Password Hashes
  • 10: Password Attacks
6 Creating and Installing SSL Certificates
  • 18: Cryptography
  • 18: Wireless Crypto and Client Attacks
7 Vulnerability Scanning with OpenVAS
  • 3: Scanning Networks
  • 16: Vulnerability Scanning
8 Enumerating SMB with enum4linux
  • 4: Enumeration
  • 12: Privilege Escalation
  • 4: Enumerating Users
9 Backdooring with Netcat
  • 5: System Hacking
  • 9: Moving Files with Exploits
10 Packet Crafting with Scapy
  • 5: Exploitation Fundamentals
11 Network Analysis
  • 8: Sniffers
  • 3: The Essential Tools (netcat, ncat, wireshark, tcpdump)
12 Client Side Exploitations
  • 13: Hacking Web Applications
  • 13: Client Side Attacks
  • 6: General Web Application Probing
13 Testing Firewall Rules with Firewalking
  • 16: Evading IDS, Firewalls and Honeypots
14 Understanding SQL Commands & Injections
  • 14: SQL Injection
  • 14: Reconnaissance
15 Understanding Buffer Overflows
  • 17: Buffer Overflow
  • 7: Buffer Overflows
  • 5: Exploitation Fundamentals
16 Evading IDS
  • 16: Evading IDS, Firewalls and Honeypots
17 Packet Crafting with Hping
  • 5: Exploitation Fundamentals
18 VNC as a Backdoor
  • 5: System Hacking
19 Auditing Linux Systems
  • 13: Pentesting via the Command Line
20 Anti-Virus Evasion
  • 6: Trojans and Backdoors

Academic Book List

The books listed below are recommended resources to accompany the NDG Ethical Hacking labs.

Hands-On Ethical Hacking and Network Defense, 2nd Edition
Michael T. Simpson
Kent Backman
James Corley
ISBN-10: 1435486099   
ISBN-13: 9781435486096
480 Pages
Cengage

Hacker Techniques, Tools, and Incident Handling
Sean-Phillip Oriyano
ISBN-13: 9781284031713
ISBN-10:1284031713
500 Pages
Jones & Bartlett	

The Basics of Hacking and Penetration Testing, Second Edition: 
Ethical Hacking and Penetration Testing Made Easy 2nd Edition
Patrick Engebretson
ISBN-10: 0124116442
ISBN-13: 978-0124116443
225 Pages
Syngress

The Hacker Playbook 2: Practical Guide to Penetration Testing 
Peter Kim
ISBN-10: 1512214566
ISBN-13: 978-1512214567
358 pages
CreateSpace Independent Publishing Platform

Penetration Testing: A Hands on Introduction to Hacking
Georgia Weidman
ISBN-10: 1593275641
ISBN-13: 978-1593275648
528 pages
No Starch Press
Enabling the Labs

To enable the NDG Ethical Hacking labs, create a class and check the box for "NDG Ethical Hacking" in the global labs class settings.

NDG-EH
Using the Labs

Always select the correct lab exercise for the lab being performed. Students or teams should schedule the correct lab exercise from the catalog. NETLAB+ will only show those labs for which the required pod type is available. A lab that works on different pod types may appear more than once if your system is so equipped. Instructors should select the correct lab from the Exercise tab during instructor-led lab reservations. This can be done as many times as needed during the reservation.