Bookmark and Share
Dr. Yogesh Malhotra: RESEARCH: Beyond 'Prediction' to 'Anticipation of Risk': Research Impact among Nobel Laureates: Princeton University Presentations: Digital Ventures:
[Digital Transformation Pioneer] [AI, Algorithms & Machine Learning] [Computational Quant Analytics] [CyberSecurity Risk Engineering] [FinTech: 'Rethinking Finance']
2015 & 2016 Princeton Quant Trading Conference Presentations: Computational Quant & Crypto Machine Learning Algorithms,
2008: AACSB International Impact of Research Report: Named among Black-Scholes, Harry Markowitz & Bill Sharpe

*Projects *Goldman Sachs *JP Morgan *Wall Street Hedge Funds *Princeton Presentations *Model Risk Arbitrage *Cyber Finance *Cyber Risk Insurance * Ventures
*Bayesian vs. VaR *Markov Chain Monte Carlo Models *Mobile Trust Models * Pen Testing Frameworks *Bitcoin Cryptanalytics *NFS Cryptanalytics Algorithms
*Research Impact *Future of Finance *Beyond VaR *Model Risk Management *SR11-7 *OCC2011-12 *Future of Risk *Cyber Risk *SSRN *Google Scholar *Publications

Computational Quantitative Analytics-Finance-Risk Management Projects

Recent Research Presentations and Research Reports
*Princeton University Presentations on the Future of Finance: 'Rethinking Finance' for Era of Global Networked Digital Finance.
*2016 Princeton Quant Trading Conference Invited Research Presentation: Beyond Stochastic Models to Non-Deterministic Methods.
*2015 Princeton Quant Trading Conference Invited Research Presentation: Beyond Risk Modeling to Knightian Uncertainty Management.
*Beyond 'Bayesian vs. VaR' Dilemma to Empirical Model Risk Management: How to Manage Risk (After Risk Management Has Failed).
*Markov Chain Monte Carlo Models, Gibbs Sampling, & Metropolis Algorithm for High-Dimensionality Complex Stochastic Problems.
*Risk, Uncertainty, and Profit for the Cyber Era: 'Knight Reconsidered': Model Risk Management of Cyber Risk Insurance Models.
*Cybersecurity & Cyber-Finance Risk Management: Strategies, Tactics, Operations, &, Intelligence: ERM to Model Risk Management.
*Number Field Sieve Cryptanalysis Algorithms for Most Efficient Prime Factorization on Composites: Beyond Shannon's Maxim.
* Bitcoin Protocol & Bitcoin Block Chain: Model of 'Cryptographic Proof' Based Global Crypto-Currency & Electronic Payments System.
*2015-2016 40 SSRN Top-10 Research Rankings for Computational Quantitative & Risk Analytics Algorithms Machine Learning Research.
* 2008 AACSB International Impact of Research Report: Named among Black-Scholes, Markowitz, Sharpe, Modigliani & Miller

Top Wall Street Investment Banks Quantitative Finance Projects & FinTech Ventures
Princeton: Future of Finance: 'Rethinking Finance' for Era of Global Networked Digital Finance
2016 Princeton Quant Trading Conference: Invited Research Presentation: Model Risk Arbitrage
2015 Princeton Quant Trading Conference: Invited Research Presentations: Future of Finance
Quantitative Finance Risk Analytics Modeling Wall Street Investment Banks & VC Projects
Model Risk Management: Risk Management Analytics from 'Prediction' to 'Anticipation of Risk'
Quantitative Finance Risk Analytics, Econometric Analytics, Numerical Programming Models
Quantitative Finance Model Risk Management for Systemic-Tail Risks in Cyber Risk Insurance
JP Morgan Portfolio Optimization, VaR & Stress Testing: 17-Asset Class Portfolio
JP Morgan Portfolio Liquidity Risk Modeling Framework for $500-600Bn Portfolio
Bayesian VaR Beyond Value-At-Risk (VaR) Model Risks Exposed by Global Financial Crisis
Goldman Sachs Alumnus Asset Manager Large-Scale Data High Freq Econometric Models
Quantitative Finance, Risk Modeling, Econometric Modeling, Numerical Programming
Technologies of Computational Quantitative Finance & Risk Analytics and Risk Management
Algorithms & Computational Finance: C++, SAS, Java, Machine Learning, Signal Processing
Cybersecurity, Financial Protocols & Networks Protocols Analysis, and, Penetration Testing
Quantitative Finance, Quantitative Risk Analytics & Risk Management Projects Impact
Digital Social Enterprise Ventures Creating Trillion $ Practices for Hundreds of Millions

Named among FinTech Finance & IT Nobel laureates for Real World Impact of Research
FinTech Innovations: Model Risk Arbitrage, Open Systems Finance, Cyber Finance, Cyber Insurance
AACSB International Reports Impact of Research among Black-Scholes, Markowitz, Sharpe
Research Impact Recognized among Finance & Information Technology Nobel laureates
40 SSRN Top-10 Rankings: Computational Quant Analytics: Algorithms, Methods & Models
FinTech Innovations: Model Risk Arbitrage, Cyber Finance, Cyber Risk Insurance Modeling
Computational Quantitative Finance Modeling & Risk Management Research Publications
Model Risk Management of Cyber Risk Insurance Models & Quantitative Finance Analytics
Thesis on Ongoing Convergence of Financial Risk Management & Cyber Risk Management
U.S. Federal Reserve & Office of the Comptroller of the Currency Model Risk Guidance
Bayesian VaR Beyond Value-At-Risk (VaR) Model Risks Exposed by Global Financial Crisis
Markov Chain Monte Carlo Models & Algorithms to Enable Bayesian Inference Modeling
OCC Notes Cybersecurity Risk & Cyber Attacks as Key Contributor to Banks' Financial Risk
Future of Bitcoin & Statistical Probabilistic Quantitative Methods: Global Financial Regulation
Models Validation Expert Panels: IT, Operations Research, Economics, Computer Science

Global, National, & Enterprise CxO Level FinTech-Cyber-Risk Analytics Ventures
CxO Think Tank that pioneered 'Digital' Management of Risk, Uncertainty, & Complexity
CxO Consulting: Global, National & Corporate Risk Management Practices Leadership
CxO Guidance: Cyber Defense & Finance-IT-Risk Management: Uncertainty & Risk
CxO Keynotes: Conference Board, Silicon Valley, UN, World Economy: Uncertainty & Risk
The Future of Finance Project Leading Quantitative Finance Practices at Elite Conferences
The Griffiss Cyberspace Cybersecurity Venture Spans Wall Street and Hi-Tech Research
UN Quantitative Economics Expert Paper & Keynote on Global Economists Expert Panel
National Science Foundation Cybersecurity & Cybercomputing National Expert Panels
Digital Social Enterprise Innovation Ventures Pioneering the Future of Risk and Quant
Global Footprint of Worldwide World-Leading CxO Risk Management Ventures & Practices

2015-2017: 40 SSRN Top-10 Research Rankings: Top-10% SSRN Authors:
AI & Decision Modeling; Algorithms & Machine Learning:
SSRN Top-10 Research Ranking Categories:
• Capital Markets,
• Cognition in Mathematics, Science, & Technology,
• Computational Biology,
• Computational Techniques,
• Corporate Governance: Disclosure, Internal Control, & Risk-Management,
• Cyberlaw,
• Decision-Making under Risk & Uncertainty,
• Econometric & Statistical Methods,
• Econometric Modeling,
• Econometrics,
• Hedging & Derivatives,
• Information Systems & Economics,
• Mathematical Methods & Programming,
• Microeconomics,
• Operations Research,
• Risk Management,
• Risk Management Controls,
• Risk Modeling,
• Stochastic Models,
• Systemic Risk,
• Uncertainty & Risk Modeling,
• VaR Value-at-Risk.
Other Categories:
• Banking & Insurance
• Cultural Anthropology,
• Economics of Networks,
• Innovation Law & Policy,
• Mutual Funds, Hedge Funds, & Investment Industry,
• Sociology of Innovation

JP Morgan Private Bank, Goldman Sachs Alumnus' Asset Manager & Venture Capital
Econometric Modeling, Quantitative Finance, Quantitative Risk Modeling

Wall Street Investment Banks & Venture Capital Projects on Quantitative Finance & Risk Modeling

Technologies & Frameworks Applied

Quantitative Finance, Quantitative Analytics, Econometric Modeling, Data Science, Market Risk,
Credit Risk, Liquidity Risk, Financial Modeling, Risk Management, Stress Testing, Portfolio
Optimization, Derivatives, SAS, SQL, MATLAB, C++, Microsoft Excel, VBA, R, Python, Bloomberg,
Financial Risk, Model Risk, Portfolio Management, Hedge Funds, Financial Econometrics, Algorithms,
Machine Learning, Predictive Analytics, Statistical Modeling, Data Modeling, Software Engineering,
Statistics, Interest Rate Derivatives, Fixed Income, Equities, Trading Strategies, MS Access, Stochastic
Modeling, Market Microstructure, Investment Management, Asset Liability Management, Data Mining,
Structural Equation Modeling, Quantitative Models, Operations Research, Computer Science, Financial
Accounting, Financial Statement Auditing,Optimization.

Mentors: Top Quantitative Finance Economists & Econometricians, Fordham.

Computational Quantitative Finance & Risk Modeling, Advanced Financial Econometrics

Economic Capital, Capital Adequacy, Basel/US Federal Reserve/OCC Frameworks & Regulations, Portfolio Risk, Liquidity Risk, Credit Risk, Market Risk, Econometric Analysis, Market Microstructure, Interest Rate Derivatives, Stochastic Volatility, Fixed Income, Equity, Derivatives (Options, Futures, Forwards, Swaps, Swaptions)

Credit Risk Models

Credit Default Swaps, Default Probabilities, Gaussian Copula, Nth to Default Swaps, Simulations, Large Portfolio Approximation, CreditMetrics, KMV, VaR, Expected Default Frequency (EDF), Counterparty Risk, Credit Valuation Adjustment (CVA), Stress Testing, Basel II/III, Worst Case Default Rate (WCDR), Exposure at Default (EAD), Loss Given Default (LGD), Probability of Default (PD), Risk Weighted Assets (RWA)

Market Risk Models

Volatility Modeling, GARCH/Extensions, MLE, Variance/Correlation Models, Portfolio VaR, QMLE, Non-Normality, Cornish-Fisher, Extreme Value Theory (EVT), Expected Shortfall (ES), Coherent/Spectral Risk Measures, Weighted/Filtered/Historical Simulation, Monte Carlo, Backtesting VaRs/ES, Stress Testing, Basel II/III

Interest Rate Derivatives Models

Simulations, Analytic Expectation, Tree Models, Calibrations; Continuous Time, CIR,Vasicek, Merton, Hull-White, BDT, & HJM Models; Bond Options, Treasuries, Coupon Bonds, Caplets, Floorlets, Swap Contracts, Bond Risk Premia, Yield Curve, Markov Regime Switching Models

Equity Portfolio Models

Derivatives, Mean-Variance Portfolios, CAPM, Passive/Active Portfolio Performance, Multi-Factor Models, Cross-Sectional Returns, Asset Allocation, Risky/Risk-Free Portfolios, Diversification, Risk Pooling, CAPM, Anomalies, Dividend Discount/Growth Models

Fixed Income Portfolio Models

Bond Valuations, Derivatives, Yields, Term Structure, Credit Spread, Credit Risky Bonds, Interest Rate Risk, Portfolio Performance, Passive/Active/Liability Funding, Hedging, Swaps, Forwards, Futures, ABS, MBS.

JP Morgan Private Bank $500-$600 Billion Multi-Asset Class Portfolio Construction & Optimization Leadership
Portfolio Construction & Optimization
Framework Development for Liquidity Assessment

JP Morgan (JPM) Hands-On Team Leadership Projects, Midtown Manhattan, New York

Mentor: Dr. Georgiy Zhikharev, JPM Global Head of Quantitative Research & Analytics,
JPM US Head of Portfolio Construction.
JPM Top-4 Risk Managers in Harvard Case.

JP Morgan Portfolio Construction, Optimization & Stress Testing Leader

17-Asset Portfolio Liquidity Assessment & Stress Testing Research & Analysis

Technical Framework & Project Management Foundation:
Exhaustive Review of Recent 25-Years of Liquidity Measurement Research in Research, Policy, and Practice:
Technical Liquidity Risk Models, Methods, & Measures Research: ~5,000 documents ~ 60,000 pages
Research Presentations: Weekly: 225 slides, Final Executive Summary Overview: 5 slides.

MS-Excel/VBA/MATLAB Models for 17-Asset Portfolio Liquidity Assessment & Stress Testing

~ 250 MS-Excel /VBA Linked Worksheets within Aggregate Porfolio and Specific Asset Class Workbooks.
MATLAB Code and Execution Outputs for Stress Testing Portfolio of 17 Asset Classes: 74-pages.

JP Morgan Portfolio Liquidity Assessment Framework Development Leader

Portfolio Assets Modeled: 17 Asset Classes:
Hedge Funds (HF), Alternative Investments, Equities, Commodities, Fixed Income, Bonds, Currencies:

Developed Large Equity
Developed Small Equity
Emerging Equity
Unlisted Equity
Various Commodities
Government Bonds
Investment Grade Bonds
Inflation-Linked Bonds
High Yield Corporate Bonds
Emerging Market Hard Currency Bonds
Emerging Market Local Currency Bonds
Major Currencies

Statistical Arbitrage Hedge Fund
Equity Hedge Hedge Fund
Merger Arbitrage Hedge Fund
Macro Hedge Fund
Relative Value Hedge Fund

Asset Pricing, Risk Management, Stress Testing, Liquidity Risk, Market Risk, Credit Risk, ALM Risk, Portfolio Risk,
Investment Risk, Non-Normality, Non-Linearity.

Mentor: JPM Top-4 Leadership ED in Global Financial Crisis Management, Harvard Case.
Led quantitative portfolio liquidity modeling for multiple financial asset classes.
Led literature review of all liquidity risk models, methods, and measures.
Led project management & scheduling and delivering high quality results on time.
Led interpretations of all outcomes & findings to ED team of Quants, CIO, MDs, PMs..
Assets: alternatives, HF, equities, commodities, fixed income, bonds, currencies.
Analyzed market risk, credit risk, ALM risk, portfolio risk, investment risk.
Led modeling and stress-testing for all asset classes and composite portfolio.
Led validation of all liquidity and liquidity risk models and measures.
Led verification of model performance, limiting behaviors, responses to stress.
Led modeling of pricing & risk measurement with specific focus on liquidity.
Led evaluation of third-party models, data, software for diverse asset classes.
Led inventorying of model assumptions and assessment of model risks for all assets.
Modeled historical simulation, parametric & modified VaR, expected shortfall.
Modeled and analyzed multi-asset volatility, variances & correlations, GARCH, MLE.
Modeled VaR, QMLE, non-normality, Cornish-Fisher, EVT stochastic models for assets.
Modeled and analyzed liquidity risk models for all assets and portfolio optimization.
Identified & defined benchmark indices & data sources for all asset classes.
Assessed soundness of liquidity & liquidity risk models for assets & portfolio.

Presentation to JP Morgan MDs/EDs, JP Morgan, 270 Park Ave., New York
JP Morgan Bank Portfolio Construction & Optimization Liquidity Assessment Framework

Guidance to JP Morgan Managing Directors/Executive Directors/Portfolio Managers

Axioms of Coherency and Convexity of Risk Measures
Exponential and Power Utility Functions for Spectral Risk Measures
Why Gaussian Risk Measures Fail and Where Regulation is Headed Next
Liquidity Measure for Illiquid Assets Solves Material Error in Liquidity Measures
Measuring Liquidity As Shadow Cost For Hedge Fund Indexes
Structuring and Pricing of Liquidity Options Hedge Funds for Price Discovery
Devising and Testing Liquidity Measures for Spreads of CDS Contracts
Liquifiability Index as What You May See in Basel Next
Modeling Measuring and Testing Liquidity Risk Across All Asset Classes

Goldman Sachs Alumnus' $400 Billion Asset Management Firm
Hedge Fund Large Scale Data High Frequency Econometric Modeling Project Leadership

High Frequency Econometric Modeling of Market Microstructure Liquidity & Price Impact
Hedge Fund Performance Analysis of 400 Trading Strategies for Alpha and Risk

Goldman Sachs Alumnus' Firm Hands-On Team Leadership Projects, Midtown Manhattan, New York

Mentor: Wall Street SVP Hedge Fund Manager with Top Wall Street Investment Banks:
Harvard Computer Scientist & Mathematician Alumnus Wall Street Hedge Fund SVP/PM.

Goldman Sachs Alumnus' $400 Billion+ Asset Management Firm
Firm: Top Wall Street Investment Bank launched by a Goldman Sachs alumnus with $400 billion to $500 billion AUM at the time of the project.

Project Management and Technical Team Leadership

High Frequency Econometric Modeling
of Market Microstructure of Liquidity
High Frequency Econometrics Models of Trade Price Impact & Market Microstructure.
Researched Co-Integrated Time Series for Ultra-High Frequency Tick-and-Quote (TAQ) Data.
Replicated /Analyzed Large Scale Data HF Econometrics Models of Market Microstructure.
Taught VARMAX Models of Co-Integrated Time Series for High Frequency Econometrics.

Analysis of 400 SSA Quarterly Scan Trading Strategies for Alpha and Hedging
Hedge Fund Performance Analysis Quantitative Finance & Quantitative Risk Modeling Research
Analyzed 400 State Street Associates Quarterly Scan Alpha Trading Strategies.
Critical Review of State Street Associates Quarterly Scan Trading Strategies.
Analysis: Why Existing `Alpha´ Research Is Insufficient for Profitable Hedge Fund Asset Management.

Sample of Quantitative Risk Modeling, Quantitative Finance & Econometric Modeling Research
Other Quantitative Risk Modeling, Quantitative Finance & Econometric Modeling Projects

Sample of SSA Quarterly Scan Finance and Economics Studies Reviewed for Goldman Sachs Alumnus' Asset Manager Project.

Foreign Exchange Risk Premia and Macroeconomic Announcements: Evidence from Overnight Currency Options - Grad
The dynamic relation between CDS markets and the VIX index - Figuerola-Ferretti, Paraskevopoulos
A Different Way of Exploring Value versus Growth - Branch, Qiu
Value and Momentum in Frontier Emerging Markets - Swinkels, Pang, Groot
Feasible momentum strategies in the US stock market - Ammann, Moellenbeck, Schmid
Gradual Diffusion of Upstream and Downstream Earnings News - Implications for Stock Prices - Chen
Creative Destruction and Asset Prices - Jank, Gramming
Is Contrarian Investment Performance Conditional Upon Relative Price Levels? - Wu, Li, Hamill
If it's good for the firm, it's good for me: Insider trading and repurchases motivated by undervaluation - Jalegaonkar
Does Investor Relations Add Value - Agarwal, Bellotti, Taffler
Spot and forward volatility in foreign exchange - Della Corte, Sarno, Tsiakas
An investigation of customer order flow in the foreign exchange market - Cerrato, Sarantis, Saunders
Active Currency Investing and Performance Benchmarks - Melvin, Shand
Volatility Term Structure and Option Returns - Vasquez
Persistence of derivative returns through the financial crisis - Onn and Sinnakkannu
Black Swans, Beta, Risk, and Return - Estrada and Vargaas
Can exchange traded funds be used to exploit country and industry momentum - Andreu, Swinkels,
Crash worries and stock returns - Baltussen
Another Look at Trading Costs And Short-Term Reversal Profits - De, Huij, Zhou
Does the market know better? The case of strategic vs. non-strategic bankruptcies - Coelho, John, and Taffler
Explaining Stock Returns with Intraday Jumps - Amaya and Vasquez
Geographic Dispersion and Stock Returns - Garcia and Norli
Prior Earnings, Dividend-Reducing Announcement Returns and Future Earnings Performance - Asern
The Relative Leverage Premium - Ippolito, Steri, and Tebaldi
A New Anomaly: The Cross-Sectional Profitability of Technical Anlaysis - Han, Yang, Zhou
As Told by The Supplier: Trade Credit and The Cross Section of Stock Returns
The effect of the US holidays on the European markets, When the cat's away - Muga, Casado, Santamaria
Search Frictions and the Liquidity of Large Blocks of Shares - Schroth and Albuquerque
Economic Risk Premia in the Fixed Income Markets - Balduzzi and Moneta
Why Does Treasury Issue TIPS? The TIPS - Treasury Bond Puzzle - Lustig, Longstaff, Fleckenstein
Know When to Hold 'Em, and Know When to Fold 'Em: The Success of Frequent Hedge Fund Activists - Boyson and Mooradian
Volatility Term Structure and the Cross-Section of Option Returns
Do Firms Buy Their Stock at Bargain Prices? Evidence from Actual Stock Repurchase Disclosures
Do Mutual Fund Managers Trade on Stock Intrinsic Values?
As Told by The Supplier: Trade Credit and The Cross Section of Stock Returns
How does Portfolio Disclosure affect Institutional Trading? Evidence from their Daily Trades -Wang
Buy High and Sell Low - Wang
Capital Utilization and Stock Returns - Balvers, Gu, and Huang
Investor Sentiment, Risk Factor and Asset Pricing Anomalies - Ho and Hung
IQCAPM: Asset Pricing with Information Quality Risk - Jacoby, Lee, Paseka & Wang
Post Earnings Announcement Drift and Value-Glamour Anomaly - Yan and Zhao
Profitable Mean Reversion after Large Price Drops - Dunis, Laws, and Rudy
New Evidence on the Relation between the Enterprise Multiple and Average Stock Returns - Loughran and Wellman
Variance Risk Premium and Cross-Section of Stock Returns: Han and Zhou
Contrarian and Momentum Strategies: The Impact of the Business Cycle - Filbeck, Li, and Zhao
Crash Worries and Stock Returns - Baltussen
Acquisitions of Foreign Divested Assets - Ngo and Jory
Streaks in Earnings Surprises and the Cross-Section of Stock Returns - Loh and Warachka
Bond Variance Risk Premia - Mueller, Vedolin, and Yen
Short and Long Slopes of Yield Curves Have Different Economic and Asset Pricing Implications - Lee
Cross-Section of Option Returns and Idiosyncratic Stock Volatility – Cao and Han
On the Timing and Pricing of Dividends - Van Binsbergen, Brandt and Koijen
Global Tactical Sector Allocation: A Quantitative Approach: Doeswijk, Van Vliet
Is Momentum Really Momentum?: Novy-Marx
How does Portfolio Disclosure affect Institutional Trading? Evidence from their Daily Trades -Wang
Information Content When Mutual Funds Deviate from Benchmarks: Jiang, Verbeek, and Wang
The Baltic Dry Index as a Predictor of Global Stock Returns, Commodity Returns, and Global Economic Activity: Bakshi, Panayotov, and Skoulakis
The Share of Systematic Variation in Bilateral Exchange Rates: Verdelhan
Can Oil Prices Forecast Exchange Rates?: Ferraro, Domenico, Rossi, Barbara and Rogoff
Carry Strategies in Global Asset Classes: Koijen, Tobias Moskowitz, Lasse H. Pedersen, Evert
International Diversification: An Extreme Value Approach: Cholette et al.
A Simple Way to Estimate Bid-Ask Spreads from Daily High and Low Prices: Corwin and Schultz
Are Mutual Funds Sitting Ducks?: Shive, Sophie and Yun, Hayong
The Road Less Traveled: Strategy Distinctiveness and Hedge Fund Performance: Sun et al.
Uncovering Hedge Fund Skill from the Portfolio Holdings They Hide, Agarwal et al.

Goldman Sachs Alumnus' $400 Billion Asset Manager Hands-On Team Leadership Project

Quantitative Finance & Risk Modeling, Econometric Modeling, & Numerical Programming Projects, 2009-Current
39 SSRN Top-10 Research Rankings:
Computational Quant Analytics, Machine Learning, AI & Modeling, Financial Econometrics, & Risk Analytics, 2015-2016

Computational Mathematical Models & Quantitative Methods for Uncertainty & Risk Management,
Quantitative Finance, Asset Valuation, Risk Arbitrage, Trading & Hedging Strategies.
Hands-On Technologies: MATLAB, SAS, C++, MS-Excel, VBA, Bloomberg, NYSE-TAQ, Time Series Analysis, Neural Networks, Web Analytics

  1. Princeton Quant Trading Conference 2015 (April 04, 2015), Princeton University: Knight Reconsidered:
    'Future of Finance Beyond Flash Boys': Risk Modeling for Managing Uncertainty in an Increasingly Non-Deterministic Cyber World
    (Invited Research Presentation on Post-HFT Finance and Risk Models & Methodologies)

  2. Risk, Uncertainty, and Profit for the Cyber Era: Model Risk Management of Cyber Insurance Models Using Quantitative Finance and Advanced Analytics
  3. Beyond ‘Bayesian vs. VaR’ Dilemma to Empirical Model Risk Management: How to Manage Risk (After Risk Management Has Failed).
  4. Markov Chain Monte Carlo Models, Gibbs Sampling & Metropolis Algorithm for High-Dimensionality Complex Stochastic Problems.
  5. Quantitative Modeling of Trust and Trust Management Protocols in Next Generation Social Networks Based Wireless Mobile Ad Hoc Networks.
  6. A Risk Management Framework for Penetration Testing of Global Banking & Finance Networks Voice over Internet Protocols.
  7. Cryptology beyond Shannon’s Information Theory: Technical Focuson Number Field Sieve Cryptanalysis Algorithms for Prime Factorization.
  8. A Framework for Penetration Testing & Security of Network Protocols for Global Banking & Finance Call Centers.
  9. Future of Bitcoin & Statistical Probabilistic Quantitative Methods: Global Financial Regulation (Interview: Hong Kong Institute of CPAs).
  10. Bitcoin Protocol: Model of 'Cryptographic Proof' Based Global Crypto-Currency & Electronic Payments System.
  11. Quantum Computing, Quantum Cryptography, Shannon's Entropy and Next Generation Encryption & Decryption.
  12. Cryptology Beyond Shannon's Information Theory: Preparing for When the 'Enemy Knows the System'.
  13. C++11 Concurrency and Multithreading Programming Logic for High Frequency Trading and Hedge Funds.
  14. Measuring & Managing Financial Risks with Improved Alternatives beyond Value-At-Risk (VaR).
  15. VLANs Implementation, inter-VLAN Routing & VLAN Trunking Protocol using Cisco Network Security Best Practices (Cisco VLANs).
  16. Network Intrusion Detection and Prevention & Active Response: Frameworks, Systems, Methods, Tools & Policies (Cisco IDS/IPS).
  17. Analysis of Attack Trees for Mitigating Cybersecurity Attacks on Global Banking & Finance and SCADA Systems.
  18. Analysis of FIX and FAST as Financial Securities Trading and Transactions Messaging Network Protocols.
  19. Threats and Vulnerabilities: A First 'Appetizer' to Cybersecurity: 15 Minutes to Minimizing 95% Threats.
  20. C++ Options & Financial Derivatives Pricing Algorithms and Quantitative Finance Design Patterns.
  21. Adaptive Neuro-Fuzzy Inference System Models for Forecasting Nonlinear Chaotic Time Series Signals.
  22. Machine Learning & Java Neural Networks Algorithms for Non-Linear & Non-Normal Signal Processing of Financial Time Series.
  23. A Probabilistic Mathematical Analysis Model of the Financial Market as a Bayesian Learner.
  24. Algorithm Models of Social Networks, Graph Theory, Game Theory & Nash Equilibrium.
  25. Vector Autoregressive Models of Market Microstructure for Analyzing High Frequency Econometric Time Series.
  26. Empirical Replication of Yield Curve Decomposition Models (Based on Cochrane and Piazzesi study, 2008).
  27. Empirical Replication of Ho Lee Merton Short Rate and Term Structure Models for Bond Options Pricing.
  28. Empirical Calibrations of Hull White Model and Merton Tree Model for Modeling Interest Rates and Bond Prices.
  29. Empirical Models of Monetary Neutrality, Real Income Growth, Nominal Income Growth, and Inflation.
  30. Empirical Models of Purchasing Power Parity and Fisher Equation for Prices, Interest Rates, and Exchange Rates.
  31. Empirical Replication of JP Morgan Credit Default Swaps (CDS) Models for CDS Mark to Market Valuations.
  32. Empirical Replication of Merton's Model of Default Probabilities with Debt as an Option on Firm Assets.
  33. Empirical Replication of the Gaussian Copula Model for Time to Default for Four Different Firms.
  34. Empirical Replication of the Nth to Default Swap Pricing Model for Risk Pooling Strategy for Risky Bonds.
  35. Empirical Replication of Merrill Lynch Gaussian Copula Model for Nth to Default Swap Pricing over Multiple Periods.
  36. Empirical and Simulation Models of Large Portfolio Approximation (LPA) of Credit Default Probabilities.
  37. Worst Case Default Rates (WCDR) and VaR Models for Bank Loans Based Upon Gaussian Copula Correlations.
  38. WCDR and Risk Weighted Assets (RWA) Models for Bank Loans Given Probability of Default (PD) and Loss Given Default (LGD).
  39. CreditMetrics Methodology Models and Simulation for Assessing Credit VaR & Economic Capital for a Bond Portfolio.
  40. Moody's KMV Model for Distance-to-Default, Expected Default Frequency (EDF) and CDS Fair Value Spreads Estimation.
  41. Counterparty Default Risk Models for Semi-Annual and Annual Forward Rate Contracts for Currency Swaps.
  42. Bank's Credit Derivative Valuation Models of Ratings Transition Matrices, Real and Risk Neutral Default Probabilities.
  43. Monte Carlo Simulation and Option Pricing in C++: A Monte Carlo Pricer for Path Dependent Financial Options.
  44. Maximum Likelihood Estimation of GARCH Models for Empirical Analysis of Asset Prices and Returns Time Series.
  45. Maximum Likelihood Estimation of Cox-Ingersoll-Ross Model for Empirical Analysis of Federal Interest Rates.
  46. Maximum Likelihood Estimation of 2-regime Markov Regime Switching Model for Empirical Analysis of Federal Interest Rates.
  47. Econometric Analysis and Volatility Modeling Using GARCH and VaR for Stock, Index, and Commodity Time Series.
  48. VaR Modeling with Monte Carlo and Historical Simulation (HS), Weighted HS, and Filtered HS for Multiple Time Series.
  49. Back Testing Model Comparisons of Unconditional and Conditional VaR Models for Multiple Financial Time Series.
  50. Black-Scholes Model Based Monte Carlo Engine for Derivatives Pricing of Exotic Options in C++.
  51. Jump Diffusion Analysis of Option Price Sensitivity to Simulations in Comparison of Black‐Scholes and Monte Carlo Models.
  52. A Comparison of CAPM, Constrained Portfolio Optimization, MACD, and Black Litterman Model Portfolio Optimization Strategies.
  53. Empirical Models of ARCH/GARCH Volatility and Black-Scholes Simulations for Pricing Vanilla and Barrier Options.
  54. Transient Directional Volatility Arbitrage & Volatility Neutralizing Hedging Strategies for Portfolio Management.
  55. Volatility Trading and Volatility Markets Using VIX, VIX Futures, VIX Options, and VIX Term Structure Models.
  56. Financial Statements Analysis Models of Constant Growth HPR, Steady State Dividend Growth, FCF and Abnormal Earnings.
  57. Investment Strategy Portfolio Simulations and Comparative Volatility of Investment Portfolio and Market Porfolio Models.
  58. Financial Asset Valuation Models in Corporate IPOs, Bankruptcies, Liquidations, Restructurings, Mergers and Acquisitions.
  59. Fundamental Shifts in Financial and Accounting Risk Management Pertaining to Global Finance and Capital Markets.
  60. Fundamental Shifts in Efficient Markets Hypothesis, 'New Normal' Outside +/- 3-Sigma, and Market Microstructure.
  61. Accounting Measurement and Reporting for Fair Value Accounting and 'Mark-to-Market' Transactions and Events.
  62. Advanced Financial Auditing of Simulated Corporation Financial Statements Using ACL for Auditing and Compliance.
  63. Financial Auditing & Assurance Simulation Using ACL for Risk Assessment of Firm's Enterprise Business Processes.
  64. Assessing Financial Audit Risk of Big-4 Firm's Proposed Audit Client Acquisition of Oracle Corporation on Sun Acquisition.
  65. FASB-IASB Convergence of US GAAP and IFRS Asset Fair Value Measurement Standards Based Upon SFAS 157.
  66. Forensic Accounting & Analysis of Financial Statements of Goldman Sachs, Morgan Stanley, and Berkshire Hathaway.
  67. Financial Accounting Analysis of Statutory Merger of Burlington Northern Santa Fe Corporation in Berkshire Hathaway Inc.

Discrete, Continuous & Stochastic Time Series Signal Processing Finance & Risk Models

Economic Capital, Capital Adequacy, Basel/US Federal Reserve/OCC Frameworks & Regulations, Portfolio Risk, Liquidity Risk, Credit Risk, Market Risk, Econometric Analysis, Market Microstructure, Interest Rate Derivatives, Stochastic Volatility, Fixed Income, Equity, Derivatives (Options, Futures, Forwards, Swaps, Swaptions)

Credit Risk Models

Credit Default Swaps, Default Probabilities, Gaussian Copula, Nth to Default Swaps, Simulations, Large Portfolio Approximation, CreditMetrics, KMV, VaR, Expected Default Frequency (EDF), Counterparty Risk, Credit Valuation Adjustment (CVA), Stress Testing, Basel II/III, Worst Case Default Rate (WCDR), Exposure at Default (EAD), Loss Given Default (LGD), Probability of Default (PD), Risk Weighted Assets (RWA)

Market Risk Models

Volatility Modeling, GARCH/Extensions, MLE, Variance/Correlation Models, Portfolio VaR, QMLE, Non-Normality, Cornish-Fisher, Extreme Value Theory (EVT), Expected Shortfall (ES), Coherent/Spectral Risk Measures, Weighted/Filtered/Historical Simulation, Monte Carlo, Backtesting VaRs/ES, Stress Testing, Basel II/III

Interest Rate Derivatives Models

Simulations, Analytic Expectation, Tree Models, Calibrations; Continuous Time, CIR,Vasicek, Merton, Hull-White, BDT, & HJM Models; Bond Options, Treasuries, Coupon Bonds, Caplets, Floorlets, Swap Contracts, Bond Risk Premia, Yield Curve, Markov Regime Switching Models

Equity Portfolio Models

Derivatives, Mean-Variance Portfolios, CAPM, Passive/Active Portfolio Performance, Multi-Factor Models, Cross-Sectional Returns, Asset Allocation, Risky/Risk-Free Portfolios, Diversification, Risk Pooling, CAPM, Anomalies, Dividend Discount/Growth Models

Fixed Income Portfolio Models

Bond Valuations, Derivatives, Yields, Term Structure, Credit Spread, Credit Risky Bonds, Interest Rate Risk, Portfolio Performance, Passive/Active/Liability Funding, Hedging, Swaps, Forwards, Futures, ABS, MBS.

Technologies of Computational Quantitative Modeling, Quantitative Finance & Risk Management

Algorithms: Graph Theory, Dynamic & Linear Programming, Computational Complexity
Algorithms: Social Networks Analysis, Game Theory, Nash Equilibrium, Financial Markets
Algorithms: Mathematical Models of Automata, Computability & Formal Languages
Algorithms: Computational Mathematical Models of Cryptography & Encryption Protocols
Advanced Statistical Models & Machine Learning Numerical Methods for Large Data Frameworks
Bayesian Inference & Markov Chain Monte Carlo Models for High-Dimensional Stochastics
C++11 Concurrency & Multi-threading, Machine Learning, & Java Neural Network Models
C++ Mathematical Finance Derivatives Pricing & Software Engineering Algorithms
C++ Design Patterns Financial Programming for Derivatives & Options Pricing
C++ Financial Programming for Quantitative Finance Models & Applications
C++ Programming for Financial Engineers Course, University of California Berkeley
Cybersecurity-Signal Processing: Cryptography, Finance Protocols, Information Assurance
Network Penetration Testing & Protocols Analyses: Metasploit Pro, Nmap, Wireshark, etc.
Network Security: CCNA Security, ICND1, ICND2; Network Intrusion Detection & Prevention
Statistics for Financial Engineers Course, University of California Berkeley
Math Foundations for Financial Engineers Course, University of California Berkeley
MATLAB Advanced Financial Econometrics Markov Chain & Monte Carlo Models
MATLAB Market Risk, Credit Risk, Volatility, VaR, ARCH, GARCH, EVT, ES Models
MATLAB/MS-Excel/C++ Credit Risk Management & Credit Risk Derivatives Models
MATLAB Stocks and Equity Portfolio Management & Equity Derivatives Models
MATLAB Continuous Time Interest Rates, Yield Curve, Fixed Income Derivatives Models
MATLAB Stochastic Numerical Methods & Mathematics for Quantitative Finance
MATLAB Artificial Intelligence-Machine Learning-Fuzzy Logic-Chaotic Time Series Models
MATLAB Advanced Statistical, Financial Econometrics & Optimization Models
MATLAB Advanced Finance Portfolio Theory, CAPM & APT Matrix Algebra Models
MS-Excel Market Risk, Credit Risk, Volatility, VaR, ARCH, GARCH, EVT, ES Models
MS-Excel/VBA Hedge Fund Statistical Risk/Returns, Asset Pricing, Market Risk Models
MS-Excel/VBA Fixed Income Portfolio Management & Fixed Income Derivatives Models
MS-Excel/VBA Advanced Quantitative Models of Utility Theory & Portfolio Management
MS-Excel/VBA Advanced Statistical, Financial Econometrics & Optimization Models
MS-Excel/VBA/ACL Advanced Financial Accounting & Financial Auditing Models
MS-Excel/VBA/Solver/Macros for Operations Research & Network Programming Models
MS-Excel/VBA/Solver/Macros for Finance, Investments, Accounting Decision Models
SAS Advanced Programming, SAS SQL Processing & SAS Macro Programming Courses
SAS Large Scale Data Models of High-Frequency Econometrics & Market Microstructure
SAS Advanced Quantitative Models of Macroeconomics & Microeconomics Analysis
SAS/SPSS Statistical Analysis of Variance (ANOVA) & Co-Variance (ANCOVA) Models
SAS/SPSS Applied Multivariate Analysis & Applied Regression Analysis Models
SAS/SPSS Correlation, Multivariate Regression & Inferential Statistics Models
SAS/SPSS Quantitative Statistical Structural Equation Models in Behavioral Science
SAS/SPSS Quantitative Statistical Methods in IT, Organizations & Social Sciences
Quantitative Structural Equation Models of Risk Management, Controls & Compliance
Statistical Multivariate Regression Models of Risk Management, Controls & Compliance
Qualitative Survey Research Methods in Organizational Controls & Compliance Analysis

Algorithms & Computational Finance: SAS, MATLAB, C++, C++11, Machine Learning, Signal Processing

C++ Design Patterns, Monte Carlo Models, Black-Scholes Model, C++11 Multithreading and Concurrency, SAS Applied Data Science, SAS Advanced Data Mining Models, Uncertainty Modeling, Machine Learning, Computer Algorithms, Mathematical Computation, Computational Cryptography, Artificial Intelligence & Modeling, Machine Learning, Soft Computing, Multivalent Logic, Fuzzy Systems, Computational Complexity, Computational Economics, Graph Theory, Social Networks Analysis, Game Theory, Bayesian Models, Automata, Computability, Formal Languages

Algorithms & Mathematical Models of Computing Machines

Complexity theory, Computability theory, Automata theory, Regular Languages, Finite Automata, Nondeterminism, Regular Expressions, Nonregular Languages, Pumping Lemma, Context-Free Languages, Context-Free Grammars, Pushdown Automata, Non-Context-Free Languages, Church-Turing Thesis, Turing Machines, Variants of Turing Machines, Hilbert’s Problems, Decidable Languages, Undecidability, Undecidable Problems from Language Theory, Computation Histories, Mapping Reducibility, Time Complexity, Measuring Complexity, Class P, Class NP, P versus NP, Cook-Levin Theorem, NP-complete Problems.

Algorithms & Computational Complexity

Big-O and Small-O, Primality Testing, Euclid's Algorithm, Fermat's Little Theorem, Recurrence Relations, Divide-and-Conquer Algorithms, Fast Fourier Transform, Undirected Graphs, Depth-First Search, Directed Graphs, Directed Acyclic Graphs (DAGs), Breadth-First Search, Dijkstra's Algorithm, Shortest Path Algorithms, Bellman-Ford Algorithm, Greedy Algorithms, Minimum Spanning Trees, Kruskal's Algorithm, Prim's Algorithm, Huffman Encoding, Horn Formulas, Dynamic Programming, Topological Ordering, Knapsack Problem, Floyd-Warshall Algorithm, Traveling Salesman Problem, Linear Programming, Duality, Complexity Reductions, Network Flows, Max-Flow Minimum Cut Algorithm, Bipartite Matching, Simplex Algorithm, NP-Completeness, Satisfiability (SAT), Integer Linear Programming, Vertex Cover, Clique, NP-Complete Reductions.

Algorithms, Cyber Networks & Computational Economics

Graph Theory, Social Networks Analysis, Network Strength, Network Structure, Graph Partitioning, Homophily, Structural Balance, Game Theory, Dominant Strategies, Nash Equilibria, Mixed Strategies, Evolutionarily Stable Strategies, Braess's Paradox, Auctions and Pricing, Auction Formats, Bidding Strategies, Matching Markets, Bipartite Graphs, Market-Clearing Prices, Equilibria in Trading Networks, Power in Social Networks, Nash Bargaining Solution, Modeling Network Exchange, Information Networks, WWW Link Analysis, PageRank, Spectral Analysis, VCG Principle, VCG Prices, Bayes' Rule, Information Cascades, Network Effects, Negative Externalities, Power Laws, Rich-Get-Richer Models, Long Tail, Information Cascades, Decentralized Search, Epidemic Models, Wisdom of Crowds Models, Asymmetric Information, Reputation Systems, Voting Systems.

Algorithms, Cryptography, Cryptology & Cyber Security

Shannon's Information Theory, Modular Arithmetic, Number Theory, Symmetric Cryptography, Data Security, Stream Ciphers, Linear Feedback Shift Registers (LFSR), Data Encryption Standard (DES), Triple DES (3 DES), Galois Fields, Advanced Encryption Standard (AES), Block Ciphers (ECB, CBC, OFB, CFB, CTR, GCM), Public-Key Cryptography, RSA Cryptosystem, Public-Key Cryptosystems, Discrete Logarithm Problem, Diffie-Hellman Key Exchange, Elgamal Encryption Scheme, Elliptic Curve Cryptosystems, Digital Signatures, RSA Signature Scheme, Elgamal Signature Scheme, Digital Signature Algorithm, Elliptic Curve Digital Signature Algorithm, Hash Functions, Hash Algorithms, Message Authentication Codes (MACs, HMAC, CBC-MAC, GMAC), Key Establishment (Symmetric and Asymmetric), Key Derivation.

C++ Mathematical Finance, Risk, Design Patterns & Derivatives Pricing Models

C++ Software Engineering Design Patterns: C++ Algorithms, Creational patterns, Virtual Copy Constructor, Factory Pattern, Singleton Pattern, Structural patterns, Adapter Pattern, Bridge Pattern, Decorator Pattern, Behavioral patterns, Strategy Pattern, Template Pattern, Iterator; C++ Computational Finance Options and Derivatives Pricing Applications: Monte Carlo Model, Black Scholes Model, Monte Carlo Call Option Pricer, Encapsulation, Open Closed Principle, Inheritance, Virtual Functions, Virtual Constructor, Bridge Pattern, Statistics Gatherer,  Wrappers, Convergence Table, Decorator Pattern, Random Number Generators, Linear Congruential Generator, Anti-Thetic Sampling, Exotics Engine, Template Pattern, Black Scholes Path Generation Engine, Asian Option, Tree Class, Pricing On Trees, Solvers, Templates, Implied Volatilities, Function Objects, Bisections, Newton Raphson Method, Smart Pointers, Exceptions.

C++11 Multithreading & Concurrency Standard Extensions and Operating Systems

Threads, Lambda Expressions, Thread Execution Modes, Thread Termination Modes, References in Multi-threading Mode, Exception Management for Threads, Resource Acquisition is Initialization (RAII), Thread Execution and Document Management, Parameter Passing in Threads, Object References in Threads, std::thread Standard Thread Library, C++ smart pointers, Inter-Thread Execution Transfer, Hardware Concurrency for Multi-Threading, Thread IDs, Preventing Broken Invariants, Mutexes and Race Conditions, Runtime Functions and Arguments Passing, Stack-Related Interface Issues and Race Conditions, std::lock Standard Thread Library, Preventing Deadlocks in Multi-threading, std::lock_guard Standard Thread Library, std::unique Standard Thread Library, std::defer Standard Thread Library, Mutex Ownership Transfers, Efficient Locking of Mutexes, compare vs. swap, Data Initialization and Race Conditions, Initialization of Static Variables, Single Writer & Multiple Readers.

Machine Learning, Signal Processing, Uncertainty & Risk Modeling, Econometric Modeling

Multivalent Logic, Uncertainty Modeling, Interval Arithmetic, Multi-Level Interval Numbers, Fuzzy Numbers, Fuzzy Arithmetic, Fuzzy Sets, Fuzzy Operations, Fuzzy Relations, Many-Valued Logic, ANFIS (Adaptive Neuro-Fuzzy Inference System) Models, MATLAB, Java Neural Network Models, C, Approximate Reasoning, Algorithms, Data Mining, Machine Learning, Supervised Learning, Unsupervised Learning, Semi-supervised Learning, Dimensionality Reduction, Pattern Recognition, Classification, Clustering, Overfitting, Underfitting, K-Means Clustering Algorithms, K-Nearest-Neighbor Algorithms, Feature Selection, Nearest Neighbor Classifiers, Naive Bayes Classifier, Bayesian Classifiers, Differential Misclassification, Bootstrap Aggregating (Bagging), Boosting, Single Link Clustering, Complete Link Clustering, Novelty Detection, Receiver Operating Characteristic (ROC), Decision Trees, Genetic Algorithms, Neural Networks, Wrappers vs. Filters, ID3 Algorithms, C4.5 Algorithms, C5.0 Algorithms, Entropy Estimation.

SAS Applied Data Science & Advanced Data Mining Models

SAS Programming Advanced Techniques and Efficiencies: User-Defined Functions, Controlling I/O Processing and Memory, Accessing Observations, Using DATA Step Arrays, Using DATA Step Hash and Hiter Objects, Combining Data Horizontally; SAS SQL: SQL Queries, Displaying Query Results, SQL Joins, Subqueries, Set Operators, Creating Tables and Views, Advanced PROC SQL Features; SAS Macros: Macro Variables, Macro Definitions, DATA Step and SQL Interfaces, Macro Programs; SAS Data Manipulation Techniques: Controlling Input and Output, Summarizing Data, Reading Raw Data Files, Data Transformations, Debugging Techniques, Processing Data Iteratively, Restructuring a Data Set, Combining SAS Data Sets, Creating and Maintaining Permanent Formats; SAS Programming: SAS Programs, Accessing Data, Producing Detail Reports, Formatting Data Values, Reading SAS Data Sets, Reading Spreadsheet and Database Data, Reading Raw Data Files, Manipulating Data, Combining SAS Data Sets, Creating Summary Reports.

Financial & Crypto Network Protocols Analyses Indicate Critical Risks, Threats & Vulnerabilities
OCC Notes Cybersecurity Risk & Cyber Attacks as Key Contributor to Banks' Financial Risk

Griffiss Cyberspace Cybersecurity Venture Aims to Span Wall Street and Hi-Tech Research

Cybersecurity, Ethical Hacking, Intrusion Detection & Prevention, Networks Protocols Analysis
(Applied R&D in Authorized Closed Private Networks isolated from other Private and Public Networks)

Network & Computer Security, Ethical Hacking, Intrusion Detection & Prevention, Financial & Networks Protocols Analysis

Access Control Lists, Anomaly Based Intrusion Detection, Application Layer Attacks, Application Layer Protocols, ARP Cache Poisoning, ARP Protocol, ARP Spoofing, Attack Trees for Mitigating Attacks on Banking & Finance Systems, Attack Trees for Mitigating Attacks on SCADA Systems, Backdoors, Behavior Based Intrusion Detection, Bitcoin Protocol, Buffer Overflow Attack, Cisco ASA Firewalls, Cisco Routers, Cisco Switches, Cisco VLANs, Common Vulnerabilities & Exposures, Compromised Key Attack, Crypto-Currency, 'Cryptographic Proof' Based Systems, Denial of Service Attacks, DNS Cache Poisoning , Eavesdropping Attack, FAST Financial Securities Trading Network Protocol, Firewall Architectures, Firewall Configuration, FIX Financial Transactions Messaging Network Protocol, Format String Overflow Attack, FTP Protocol, Heap Overflow Attack, High Interaction Honeypots, Honeynets, Honeypots, Honeypots Legal Issues, Host Based Intrusion Detection Systems, HTTP Protocol, ICMP Attacks, ICMP Protocol, Incident Analysis, Incident Containment Strategy, Incident Documentation, Incident Evidence Gathering & Handling, Incident Handling & Incident Response, Incident Handling of Denial of Service Attacks, Incident Handling of Inappropriate Usage , Incident Handling of Malicious Code Attacks, Incident Handling of Multiple Component Incidents, Incident Handling of Unauthorized Access, Incident Prioritization, Intrusion Detection & Prevention Forensics, Intrusion Detection Systems, Intrusion Prevention Systems, IP Address Spoofing, IP Attacks, IP Fragmentation Attacks, IP Fragmentation Flooding, IP Packet Fragmentation, IP Protocol, IPSec, Keyloggers, Knowledge Based Intrusion Detection, LAN Design, LAN Switching, Layer-2 Connection Hijacking, Low Interaction Honeypots, MAC Spoofing , Malware, Man in the Middle Attacks, Medium Interaction Honeypots, Misuse Based Intrusion Detection, Network Address Translation, Network Based Intrusion Detection Systems, NMap Network Analyzer, OSI Model, OSSEC, Packet Filtering, Padded Cells, Password Attacks, Phishing Attacks, Ping Flooding Attack, Ping of Death Attack, Port Address Translation, Port Forwarding Attack, Port Redirection Attack, Proxy Services, Reconnaissance Attacks, Router Configuration, Router Operation, Router Security, Routing Attacks, Routing Protocols, Rule Based Intrusion Detection, Signature Based Intrusion Detection, SMTP Protocol, Smurf Attacks, Sniffing Attack, Snort, Social Engineering Attacks, Spear Phishing Attacks, SSL/TLS Protocols Security and Vulnerabilities, Stack overflow Attack, Stateful Firewalls, Statistical Based Intrusion Detection, Subnetting, Suricata, Switch Configuration, Switch Security, SYN Flood Attack, TCP Attacks, TCP Dump Network Analyzer, TCP Layer Attacks, TCP Port Scanning Attacks, TCP Protocol, TCP Session Hijack, TCP Session Poisoning, TCP SYN Flooding, TCP/IP, TCP/IP Connection Hijacking, TCP/IP Model, TCP/IP Security Flaws, Teardrop Attack, Tracking Cookies, Traffic Amplification, Trojan Horses, Trust Exploitation Attacks, UDP Flood Attacks, Virtual Private Networks, Viruses, VoIP Phishing Attacks, VPN, VPN Security, Wireless Intrusion Detection Systems, Wireless Intrusion Prevention Systems, Wireless LAN Attacks, Wireless LAN Threats, Wireless LAN Security, Wireshark Network Analyzer, Worms.

Financial & Networks Protocols Analysis; Networks Penetration Testing & Ethical Hacking with Metasploit, Nmap, Wireshark, etc.

Access Control Misconfiguration Vulnerabilities, Active Dictionary Attack, Active Footprinting, Active Information Gathering, Apache Vulnerability Analysis, Asterisk Exchange Server Configuration, Asterisk Virtual Machine Configuration, Audacity Audio Editor & Recorder, Banner Grabbing, Brute Force Password Attacks, Brute Forcing with Dictionary Attacks and NCrack, Cain & Abel ARP Poison Routing, Cain & Abel IAX2 Packet Flooding Attack, Cain & Abel Man in the Middle Attack, Cain & Abel Network Sniffing Attack, Cain & Abel Passive Eavesdropping Attack, Cain & Abel Password Cracking Attack, Cain & Abel VoIP Traffic Hijacking Attack, Covert Penetration Testing, Dictionary Password Attacks, Digiphone Hard Phones Configuration, E.164 Alias Enumeration, Ekiga Softphone Configuration, Enumerated Open and Closed Ports and Services, enumIAX for exploiting IAX Vulnerabilities, Ethical Hacking Challenges, Exploitation, Fingerprinting Remote Host Services, Flag Capture Challenge Competitions, Getif for SNMP Exploitation, H.323 Debugging, H.323 Device Enumeration, H.323 Username Enumeration, Hashcat Password Cracking of Hashed Salted 64-bit SHA256 Passwords , Hydra Password Attack with Wordlists, IAX Username Enumeration, IAXComm Softphone, Intelligence Gathering Using CLI, Intelligence Gathering Using WWW, John the Ripper Password Cracking Attacks, Kali Virtual Machines Configuration, Key Generation Vulnerabilities, Linux Misconfiguration Vulnerabilities, Linux Virtual Machines Configuration, Man-in-the-Middle Attack on IAX MD5 Authentication, md5 Hash Generator Password Cracker, Metasploit Pro Framework and Associated Tools & Scripts, Metasploit Pro Advanced Nmap Scanning, Metasploit Pro Armitage, Metasploit Pro Basic Exploitation, Metasploit Pro Brute Forcing Ports, Metasploit Pro Brute Forcing SSH Login Using SNMP, Metasploit Pro Creating & Executing Single Encapsulation Payload, Metasploit Pro Creating & Executing Multiple Encapsulation Payload, Metasploit Pro Delivering Payload through xp_cmdshell, Metasploit Pro Executing Exploit as a Background Job, Metasploit Pro Exploitation of Linux Machine, Metasploit Pro Exploitation of Windows Machine, Metasploit Pro Exploits, Metasploit Pro Framework, Metasploit Pro FTP Scanning, Metasploit Pro Meterpreter Compromising Windows Machine, Metasploit Pro Meterpreter Dumping the Password Hashes, Metasploit Pro Meterpreter Extracting the Password Hashes, Metasploit Pro Meterpreter Killing Antivirus Software, Metasploit Pro Meterpreter Leveraging Post Exploitation Modules, Metasploit Pro Meterpreter Migrating a Process, Metasploit Pro Meterpreter Obtaining System Password Hashes, Metasploit Pro Meterpreter Passing the Hash, Metasploit Pro Meterpreter Pivoting onto Other Systems, Metasploit Pro Meterpreter Privilege Escalation, Metasploit Pro Meterpreter Scraping a System, Metasploit Pro Meterpreter Upgrading Command Shell to Meterpreter, Metasploit Pro Meterpreter Using Persistence, Metasploit Pro Meterpreter Using Scripts, Metasploit Pro Meterpreter Viewing Traffic on Target Machine, Metasploit Pro MS SQL Attacks , Metasploit Pro MS SQL Server Brute Forcing, Metasploit Pro MSF Exploit Execution, Metasploit Pro Msfcli, Metasploit Pro Msfconsole, Metasploit Pro MSFencode, Metasploit Pro Payloads, Metasploit Pro Port Scanning, Metasploit Pro Post Exploitation , Metasploit Pro Reverse TCP Payload Using Meterpreter, Metasploit Pro Server Message Block Scanning, Metasploit Pro SNMP Sweeping, Metasploit Pro SSH Server Scanning, Metasploit Proable Virtual Linux Machine Attacks, MySQL Vulnerability Analysis, Nessus for Discovering Vulnerable Services, Netcat to Create Backdoor Tunnel into Target Host, Netcraft Passive Information Gathering, Netstat to Display Kernel IP Interface table, Netstat to Display Kernel IP Routing table, Network Vulnerabilities Scanning, Nikto for Scanning Web Management Interfaces, Nmap Aggressive Network Scanning, Nmap Brute Forcing HTTP Authentication, Nmap Brute Forcing Password Auditing Joomla! Sites, Nmap Brute Forcing Password Auditing WordPress Sites, Nmap Brute Forcing SMTP Passwords, Nmap Detecting Backdoor SMTP Servers, Nmap Discovering UDP Services, Nmap Enumerating Host IP Protocols, Nmap Enumerating Users in an SMTP Server, Nmap Finding SQL Injection Vulnerabilities in Web Applications, Nmap Fingerprinting Host Operating System, Nmap Host Discovery, Nmap ICMP Ping Scans, Nmap Interactive Execution on Remote Host, Nmap List Scan, Nmap Matching Services with Security Vulnerabilities, Nmap Passive Network Scanning, Nmap Scanning for Open Ports and Services, Nmap Script Scanning, Nmap TCP ACK Ping Scans, Nmap TCP Idle Scan, Nmap TCP SYN Ping Scans, Nmap Testing Default Credentials in Web Applications, Nmap UDP Ping Scans, Nmap Vulnerability Script Scanning, NSLookup Passive Information Gathering for DNS, Offline Dictionary Attack, OpenSSH Vulnerability Analysis, OSINT, Overt Penetration Testing, Passive Footprinting, Passive Information Gathering, Password Retrieval, Penetration Testing Execution Standard (PTES), PTES From Start to End, Penetration Testing From Start to End for a Client, Port Scanning with Metasploit Pro, Post Exploitation, Post-Engagement Reports, Pre-Engagement Activities Report, Pre-engagement Interactions, Protocol Authentication/Registration Sniffing, Protocol Device Enumeration, Remote Code Execution Vulnerability Exploitation, Remote Host User Password Cracking, Remote Host User Privilege Escalation, Reporting, RPC Vulnerability Analysis, rtpbreak for RTP Stream Analysis, rtpflood for Denial of Service Attack, Session Initiation Protocol, Session Initiation Sniffing, Setting Up IVR with Asterisk, sflphone Softphone Configuration, SIP Device Enumeration, SIP Encryption Vulnerabilities, SIP Protocol, SIP Username Enumeration, SIPVicious Security Tools, SIPVicious svcrack, SIPVicious svcrash, SIPVicious svmap, SIPVicious svreport, SIPVicious svwar, SSH for Proxying Remote Host Services Using SOCKS, SSH Tunneling Between Multiple Hosts, SSH Tunneling Using Local Forwarding, SSH Tunneling Using Remote Forwarding, SSH Tunneling Using Port Forwarding, SSH Vulnerability Analysis, Stealth Scanning by Spoofing IP Address, Targeted Host Reconnaissance, The Phases of the PTES, Threat Modeling, vnak Multiple Protocol Attacks, VoIP Caller ID Spoofing , VoIP Phishing Attacks, Vulnerability Analysis, Vulnerability Scanners, Whois Lookups (Diverse) Passive Information Gathering, Windows XP Virtual Machines Attacks, Wireshark Network Protocol Analysis, Wireshark Data Stream Capturing, Wireshark Data Stream Playback, Wireshark Packet Capture Analysis, Wireshark RTP Stream Analysis, Wireshark Sniffing, Wireshark Traffic Graph Analysis, Wireshark UDP Stream Analysis, Xlite Softphone Configuration, ZenMap Network Scans using Diverse Modes.

Ethical Hacking and Countermeasures for Penetration Testing Official Curriculum, v8, EC-Council

Introduction to Ethical Hacking Internet Crime Current Report: IC3, Data Breach Investigations Report, Types of Data Stolen From the Organizations, Essential Terminologies, Elements of Information Security, Authenticity and Non-Repudiation, The Security, Functionality, and Usability Triangle, Security Challenges, Effects of Hacking, Effects of Hacking on Business, Who is a Hacker?, Hacker Classes, Hacktivism, What Does a Hacker Do?, Phase 1 - Reconnaissance, Reconnaissance Types, Phase 2 - Scanning, Phase 3 – Gaining Access, Phase 4 – Maintaining Access, Phase 5 – Covering Tracks, Types of Attacks on a System, Operating System Attacks, Application-Level Attacks, Shrink Wrap Code Attacks, Misconfiguration Attacks, Why Ethical Hacking is Necessary?, Defense in Depth, Scope and Limitations of Ethical Hacking, What Do Ethical Hackers Do?, Skills of an Ethical Hacker, Vulnerability Research, Vulnerability Research Websites, What is Penetration Testing?, Why Penetration Testing?, Penetration Testing Methodology.

Footprinting and Reconnaissance Footprinting Terminologies, What is Footprinting?, Objectives of Footprinting, Footprinting Threats, Finding a Company’s URL, Locate Internal URLs, Public and Restricted Websites, Search for Company’s Information, Tools to Extract Company’s Data, Footprinting Through Search Engines, Collect Location Information, Satellite Picture of a Residence, People Search, People Search Using, People Search Online Services, People Search on Social Networking Services, Gather Information from Financial Services, Footprinting Through Job Sites, Monitoring Target Using Alerts, Competitive Intelligence Gathering, Competitive Intelligence-When Did this Company Begin? How Did it Develop?, Competitive Intelligence-What are the Company's Plans?, Competitive Intelligence-What Expert Opinion Say About the Company?, Competitive Intelligence Tools, Competitive Intelligence Consulting Companies, WHOIS Lookup, WHOIS Lookup Result Analysis, WHOIS Lookup Tools: SmartWhois, WHOIS Lookup Tools, WHOIS Lookup Online Tools, Extracting DNS Information, DNS Interrogation Tools, DNS Interrogation Online Tools, Locate the Network Range, Traceroute, Traceroute Analysis, Traceroute Tool: 3D Traceroute, Traceroute Tool: LoriotPro, Traceroute Tool: Path Analyzer Pro, Traceroute Tools, Mirroring Entire Website, Website Mirroring Tools, Mirroring Entire Website Tools, Extract Website Information from, Monitoring Web Updates Using Website Watcher, Tracking Email Communications, Email Tracking Tools, Footprint Using Google Hacking Techniques, What a Hacker Can Do With Google Hacking?, Google Advance Search Operators, Finding Resources using Google Advance Operator, Google Hacking Tool: Google Hacking Database (GHDB), Google Hacking Tools, Additional Footprinting Tools, Footprinting Countermeasures, Footprinting Pen Testing.

Scanning Networks Network Scanning, Types of Scanning, Checking for Live Systems - ICMP Scanning, Ping Sweep, Ping Sweep Tools, Three-Way Handshake, TCP Communication Flags, Create Custom Packet using TCP Flags, Hping2 / Hping3, Hping Commands, Scanning Techniques, TCP Connect / Full Open Scan, Stealth Scan (Half-open Scan), Xmas Scan, FIN Scan, NULL Scan, IDLE Scan, IDLE Scan: Step 1, IDLE Scan: Step 2.1 (Open Port), IDLE Scan: Step 2.2 (Closed Port), IDLE Scan: Step 3, ICMP Echo Scanning/List Scan, SYN/FIN Scanning Using IP Fragments, UDP Scanning, Inverse TCP Flag Scanning, ACK Flag Scanning, Scanning: IDS Evasion Techniques, IP Fragmentation Tools, Scanning Tool: Nmap, Scanning Tool: NetScan Tools Pro, Scanning Tools, Do Not Scan These IP Addresses (Unless you want to get into trouble), Scanning Countermeasures, War Dialing, Why War Dialing?, War Dialing Tools, War Dialing Countermeasures, War Dialing Countermeasures: SandTrap Tool, OS Fingerprinting, Active Banner Grabbing Using Telnet, Banner Grabbing Tool: ID Serve, GET REQUESTS, Banner Grabbing Tool: Netcraft, Banner Grabbing Tools, Banner Grabbing Countermeasures: Disabling or Changing Banner, Hiding File Extensions, Hiding File Extensions from Webpages, Vulnerability Scanning, Vulnerability Scanning Tool: Nessus, Vulnerability Scanning Tool: SAINT, Vulnerability Scanning Tool: GFI LANGuard, Network Vulnerability Scanners, LANsurveyor, Network Mappers, Proxy Servers, Why Attackers Use Proxy Servers?, Use of Proxies for Attack, How Does MultiProxy Work?, Free Proxy Servers, Proxy Workbench, Proxifier Tool: Create Chain of Proxy Servers, SocksChain, TOR (The Onion Routing), TOR Proxy Chaining Software, HTTP Tunneling Techniques, Why do I Need HTTP Tunneling?, Super Network Tunnel Tool, Httptunnel for Windows, Additional HTTP Tunneling Tools, SSH Tunneling, SSL Proxy Tool, How to Run SSL Proxy?, Proxy Tools, Anonymizers, Types of Anonymizers, Case: Bloggers Write Text Backwards to Bypass Web Filters in China, Text Conversion to Avoid Filters, Censorship Circumvention Tool: Psiphon, How Psiphon Works?, How to Check if Your Website is Blocked in China or Not?, G-Zapper, Anonymizer Tools, Spoofing IP Address, IP Spoofing Detection Techniques: Direct TTL Probes, IP Spoofing Detection Techniques: IP Identification Number, IP Spoofing Detection Techniques: TCP Flow Control Method, IP Spoofing Countermeasures, Scanning Pen Testing.

Enumeration What is Enumeration?, Techniques for Enumeration, Netbios Enumeration, NetBIOS Enumeration Tool: SuperScan, NetBIOS Enumeration Tool: NetBIOS Enumerator, Enumerating User Accounts, Enumerate Systems Using Default Passwords, SNMP (Simple Network Management Protocol) Enumeration, Management Information Base (MIB), SNMP Enumeration Tool: OpUtils Network Monitoring Toolset, SNMP Enumeration Tool: SolarWinds, SNMP Enumeration Tools, UNIX/Linux Enumeration, Linux Enumeration Tool: Enum4linux, LDAP Enumeration, LDAP Enumeration Tool: JXplorer, LDAP Enumeration Tool, NTP Enumeration, NTP Server Discovery Tool: NTP Server Scanner, NTP Server: PresenTense Time Server, NTP Enumeration Tools, SMTP Enumeration, SMTP Enumeration Tool: NetScanTools Pro, DNS Zone Transfer Enumeration Using nslookup, DNS Analyzing and Enumeration Tool: The Men & Mice Suite, Enumeration Countermeasures, SMB Enumeration Countermeasures, Enumeration Pen Testing.

System Hacking Information at Hand Before System Hacking Stage, System Hacking: Goals, CEH Hacking Methodology (CHM), Password Cracking, Password Complexity, Password Cracking Techniques, Types of Password Attacks, Passive Online Attacks: Wire Sniffing, Password Sniffing, Passive Online Attack: Man-in-the-Middle and Replay Attack, Active Online Attack: Password Guessing, Active Online Attack: Trojan/Spyware/Keylogger, Active Online Attack: Hash Injection Attack, Rainbow Attacks: Pre-Computed Hash, Distributed Network Attack, Elcomsoft Distributed Password Recovery, Non-Electronic Attacks, Default Passwords, Manual Password Cracking (Guessing), Automatic Password Cracking Algorithm, Stealing Passwords Using USB Drive, Microsoft Authentication, How Hash Passwords are Stored in Windows SAM?, What is LAN Manager Hash?, LM “Hash” Generation, LM, NTLMv1, and NTLMv2, NTLM Authentication Process, Kerberos Authentication, Salting, PWdump7 and Fgdump, L0phtCrack, Ophcrack, Cain & Abel, RainbowCrack, Password Cracking Tools, LM Hash Backward Compatibility, How to Disable LM HASH?, How to Defend against Password Cracking?, Implement and Enforce Strong Security Policy, Privilege Escalation, Escalation of Privileges, Active@ Password Changer, Privilege Escalation Tools, How to Defend against Privilege Escalation?, Executing Applications, Alchemy Remote Executor, RemoteExec, Execute This!, Keylogger, Types of Keystroke Loggers, Acoustic/CAM Keylogger, Keylogger: Advanced Keylogger, Keylogger: Spytech SpyAgent, Keylogger: Perfect Keylogger, Keylogger: Powered Keylogger, Keylogger for Mac: Aobo Mac OS X KeyLogger, Keylogger for Mac: Perfect Keylogger for Mac, Hardware Keylogger: KeyGhost, Keyloggers, Spyware, What Does the Spyware Do?, Types of Spywares, Desktop Spyware, Desktop Spyware: Activity Monitor, Email and Internet Spyware, Email and Internet Spyware: eBLASTER, Internet and E-mail Spyware, Child Monitoring Spyware, Child Monitoring Spyware: Advanced Parental Control, Screen Capturing Spyware, Screen Capturing Spyware: Spector Pro, USB Spyware, USB Spyware: USBDumper, Audio Spyware, Audio Spyware: RoboNanny, Stealth Recorder Pro and Spy Voice Recorder, Video Spyware, Video Spyware: Net Video Spy, Print Spyware, Print Spyware: Printer Activity Monitor, Telephone/Cellphone Spyware, Cellphone Spyware: Mobile Spy, GPS Spyware, GPS Spyware: GPS TrackMaker, How to Defend against Keyloggers?, Anti-Keylogger, Anti-Keylogger: Zemana AntiLogger, Anti-Keyloggers, How to Defend against Spyware?, Anti-Spyware: Spyware Doctor, Rootkits, Types of Rootkits, How Rootkit Works?, Rootkit: Fu, Detecting Rootkits, Steps for Detecting Rootkits, How to Defend against Rootkits?, Anti-Rootkit: RootkitRevealer and McAfee Rootkit Detective, NTFS Data Stream, How to Create NTFS Streams?, NTFS Stream Manipulation, How to Defend against NTFS Streams?, NTFS Stream Detector: ADS Scan Engine, NTFS Stream Detectors, What is Steganography?, Steganography Techniques, How Steganography Works?, Types of Steganography, Whitespace Steganography Tool: SNOW, Image Steganography, Image Steganography: Hermetic Stego, Image Steganography Tools, Document Steganography: wbStego, Document Steganography Tools, Video Steganography: Our Secret, Video Steganography Tools, Audio Steganography: Mp3stegz, Audio Steganography Tools, Folder Steganography: Invisible Secrets 4, Folder Steganography Tools, Spam/Email Steganography: Spam Mimic, Natural Text Steganography: Sams Big G Play Maker, Steganalysis, Steganalysis Methods/Attacks on Steganography, Steganography Detection Tool: Stegdetect, Steganography Detection Tools, Why Cover Tracks?, Covering Tracks, Ways to Clear Online Tracks, Disabling Auditing: Auditpol, Covering Tracks Tool: Window Washer, Covering Tracks Tool: Tracks Eraser Pro, Track Covering Tools, System Hacking Penetration Testing.

Trojans and Backdoors What is a Trojan?, Overt and Covert Channels, Purpose of Trojans, What Do Trojan Creators Look For?, Indications of a Trojan Attack, Common Ports used by Trojans, How to Infect Systems Using a Trojan?, Wrappers, Wrapper Covert Programs, Different Ways a Trojan can Get into a System, How to Deploy a Trojan?, Evading Anti-Virus Techniques, Types of Trojans, Command Shell Trojans, Command Shell Trojan: Netcat, GUI Trojan: MoSucker, GUI Trojan: Jumper and Biodox, Document Trojans, E-mail Trojans, E-mail Trojans: RemoteByMail, Defacement Trojans, Defacement Trojans: Restorator, Botnet Trojans, Botnet Trojan: Illusion Bot, Botnet Trojan: NetBot Attacker, Proxy Server Trojans, Proxy Server Trojan: W3bPrOxy Tr0j4nCr34t0r (Funny Name), FTP Trojans, FTP Trojan: TinyFTPD, VNC Trojans, HTTP/HTTPS Trojans, HTTP Trojan: HTTP RAT, Shttpd Trojan - HTTPS (SSL), ICMP Tunneling, ICMP Trojan: icmpsend, Remote Access Trojans, Remote Access Trojan: RAT DarkComet, Remote Access Trojan: Apocalypse, Covert Channel Trojan: CCTT, E-banking Trojans, Banking Trojan Analysis, E-banking Trojan: ZeuS, Destructive Trojans, Notification Trojans, Credit Card Trojans, Data Hiding Trojans (Encrypted Trojans), BlackBerry Trojan: PhoneSnoop, MAC OS X Trojan: DNSChanger, MAC OS X Trojan: DNSChanger, Mac OS X Trojan: Hell Raiser, How to Detect Trojans?, Scanning for Suspicious Ports, Port Monitoring Tool: IceSword, Port Monitoring Tools: CurrPorts and TCPView, Scanning for Suspicious Processes, Process Monitoring Tool: What's Running, Process Monitoring Tools, Scanning for Suspicious Registry Entries, Registry Entry Monitoring Tools, Scanning for Suspicious Device Drivers, Device Drivers Monitoring Tools: DriverView, Device Drivers Monitoring Tools, Scanning for Suspicious Windows Services, Windows Services Monitoring Tools: Windows Service Manager (SrvMan), Windows Services Monitoring Tools, Scanning for Suspicious Startup Programs, Windows7 Startup Registry Entries, Startup Programs Monitoring Tools: Starter, Startup Programs Monitoring Tools: Security AutoRun, Startup Programs Monitoring Tools, Scanning for Suspicious Files and Folders, Files and Folder Integrity Checker: FastSum and WinMD5, Files and Folder Integrity Checker, Scanning for Suspicious Network Activities, Detecting Trojans and Worms with Capsa Network Analyzer, Trojan Countermeasures, Backdoor Countermeasures, Trojan Horse Construction Kit, Anti-Trojan Software: TrojanHunter, Anti-Trojan Software: Emsisoft Anti-Malware, Anti-Trojan Softwares, Pen Testing for Trojans and Backdoors.

Viruses and Worms Introduction to Viruses, Virus and Worm Statistics 2010, Stages of Virus Life, Working of Viruses: Infection Phase, Working of Viruses: Attack Phase, Why Do People Create Computer Viruses?, Indications of Virus Attack, How does a Computer get Infected by Viruses?, Virus Hoaxes, Virus Analysis:, W32/Sality AA, W32/Toal-A, W32/Virut, Klez, Types of Viruses, System or Boot Sector Viruses, File and Multipartite Viruses, Macro Viruses, Cluster Viruses, Stealth/Tunneling Viruses, Encryption Viruses, Polymorphic Code, Metamorphic Viruses, File Overwriting or Cavity Viruses, Sparse Infector Viruses, Companion/Camouflage Viruses, Shell Viruses, File Extension Viruses, Add-on and Intrusive Viruses, Transient and Terminate and Stay Resident Viruses, Writing a Simple Virus Program, Terabit Virus Maker, JPS Virus Maker, DELmE's Batch Virus Maker, Computer Worms, How is a Worm Different from a Virus?, Example of Worm Infection: Conficker Worm, What does the Conficker Worm do?, How does the Conficker Worm Work?, Worm Analysis:, W32/Netsky, W32/Bagle.GE, Worm Maker: Internet Worm Maker Thing, What is Sheep Dip Computer?, Anti-Virus Sensors Systems, Malware Analysis Procedure, String Extracting Tool: Bintext, Compression and Decompression Tool: UPX, Process Monitoring Tools: Process Monitor, Log Packet Content Monitoring Tools: NetResident, Debugging Tool: Ollydbg, Virus Analysis Tool: IDA Pro, Online Malware Testing:, Sunbelt CWSandbox, VirusTotal, Online Malware Analysis Services, Virus Detection Methods, Virus and Worms Countermeasures, Companion Antivirus: Immunet Protect, Anti-virus Tools, Penetration Testing for Virus.

Sniffers Lawful Intercept, Benefits of Lawful Intercept, Network Components Used for Lawful Intercept, Wiretapping, Sniffing Threats, How a Sniffer Works?, Hacker Attacking a Switch, Types of Sniffing: Passive Sniffing, Types of Sniffing: Active Sniffing, Protocols Vulnerable to Sniffing, Tie to Data Link Layer in OSI Model, Hardware Protocol Analyzers, SPAN Port, MAC Flooding, MAC Address/CAM Table, How CAM Works?, What Happens When CAM Table is Full?, Mac Flooding Switches with macof, MAC Flooding Tool: Yersinia, How to Defend against MAC Attacks?, How DHCP Works?, DHCP Request/Reply Messages, IPv4 DHCP Packet Format, DHCP Starvation Attack, Rogue DHCP Server Attack, DHCP Starvation Attack Tool: Gobbler, How to Defend Against DHCP Starvation and Rogue Server Attack?, What is Address Resolution Protocol (ARP)?, ARP Spoofing Attack, How Does ARP Spoofing Work?, Threats of ARP Poisoning, ARP Poisoning Tool: Cain and Abel, ARP Poisoning Tool: WinArpAttacker, ARP Poisoning Tool: Ufasoft Snif, How to Defend Against ARP Poisoning? Use DHCP Snooping Binding Table and Dynamic ARP Inspection, Configuring DHCP Snooping and Dynamic ARP Inspection on Cisco Switches, MAC Spoofing/Duplicating, Spoofing Attack Threats, MAC Spoofing Tool: SMAC, How to Defend Against MAC Spoofing? Use DHCP Snooping Binding Table, Dynamic ARP Inspection and IP Source Guard, DNS Poisoning Techniques, Intranet DNS Spoofing, Internet DNS Spoofing, Proxy Server DNS Poisoning, DNS Cache Poisoning, How to Defend Against DNS Spoofing?, Sniffing Tool: Wireshark, Follow TCP Stream in Wireshark, Display Filters in Wireshark, Additional Wireshark Filters, Sniffing Tool: CACE Pilot, Sniffing Tool: Tcpdump/Windump, Discovery Tool: NetworkView, Discovery Tool: The Dude Sniffer, Password Sniffing Tool: Ace, Packet Sniffing Tool: Capsa Network Analyzer, OmniPeek Network Analyzer, Network Packet Analyzer: Observer, Session Capture Sniffer: NetWitness, Email Message Sniffer: Big-Mother, TCP/IP Packet Crafter: Packet Builder, Additional Sniffing Tools, How an Attacker Hacks the Network Using Sniffers?, How to Defend Against Sniffing?, Sniffing Prevention Techniques, How to Detect Sniffing?, Promiscuous Detection Tool: PromqryUI, Promiscuous Detection Tool: PromiScan.

Social Engineering What is Social Engineering?, Behaviors Vulnerable to Attacks, Factors that Make Companies Vulnerable to Attacks, Why is Social Engineering Effective?, Warning Signs of an Attack, Phases in a Social Engineering Attack, Impact on the Organization, Command Injection Attacks, Common Targets of Social Engineering, Common Targets of Social Engineering: Office Workers, Types of Social Engineering, Human-Based Social Engineering, Technical Support Example, Authority Support Example, Human-based Social Engineering: Dumpster Diving, Computer-Based Social Engineering, Computer-Based Social Engineering: Pop-Ups, Computer-Based Social Engineering: Phishing, Social Engineering Using SMS, Social Engineering by a “Fake SMS Spying Tool”, Insider Attack, Disgruntled Employee, Preventing Insider Threats, Common Intrusion Tactics and Strategies for Prevention, Social Engineering Through Impersonation on Social Networking Sites, Social Engineering Example: LinkedIn Profile, Social Engineering on Facebook, Social Engineering on Twitter, Social Engineering on Orkut, Social Engineering on MySpace, Risks of Social Networking to Corporate Networks, Identity Theft Statistics 2010, Identify Theft, How to Steal an Identity?, STEP 1, STEP 2, STEP 3, Real Steven Gets Huge Credit Card Statement, Identity Theft - Serious Problem, Social Engineering Countermeasures: Policies, Social Engineering Countermeasures, How to Detect Phishing Emails?, Anti-Phishing Toolbar: Netcraft, Anti-Phishing Toolbar: PhishTank, Identity Theft Countermeasures, Social Engineering Pen Testing, Social Engineering Pen Testing: Using Emails, Social Engineering Pen Testing: Using Phone, Social Engineering Pen Testing: In Person.

Denial of Service What is a Denial of Service Attack?, What is Distributed Denial of Service Attacks?, How Distributed Denial of Service Attacks Work?, Symptoms of a DoS Attack, Cyber Criminals, Organized Cyber Crime: Organizational Chart, Internet Chat Query (ICQ), Internet Relay Chat (IRC), DoS Attack Techniques, Bandwidth Attacks, Service Request Floods, SYN Attack, SYN Flooding, ICMP Flood Attack, Peer-to-Peer Attacks, Permanent Denial-of-Service Attack, Application Level Flood Attacks, Botnet, Botnet Propagation Technique, Botnet Ecosystem, Botnet Trojan: Shark, Poison Ivy: Botnet Command Control Center, Botnet Trojan: PlugBot, WikiLeak Operation Payback, DDoS Attack, DDoS Attack Tool: LOIC, Denial of Service Attack Against MasterCard, Visa, and Swiss Banks, Hackers Advertise Links to Download Botnet, DoS Attack Tools, Detection Techniques, Activity Profiling, Wavelet Analysis, Sequential Change-Point Detection, DoS/DDoS Countermeasure Strategies, DDoS Attack Countermeasures, DoS/DDoS Countermeasures: Protect Secondary Victims, DoS/DDoS Countermeasures: Detect and Neutralize Handlers, DoS/DDoS Countermeasures: Detect Potential Attacks, DoS/DDoS Countermeasures: Deflect Attacks, DoS/DDoS Countermeasures: Mitigate Attacks, Post-attack Forensics, Techniques to Defend against Botnets, DoS/DDoS Countermeasures, DoS/DDoS Protection at ISP Level, Enabling TCP Intercept on Cisco IOS Software, Advanced DDoS Protection: IntelliGuard DDoS Protection System (DPS), DoS/DDoS Protection Tool, Denial of Service (DoS) Attack Penetration Testing.

Session Hijacking What is Session Hijacking?, Dangers Posed by Hijacking, Why Session Hijacking is Successful?, Key Session Hijacking Techniques, Brute Forcing, Brute Forcing Attack, HTTP Referrer Attack, Spoofing vs. Hijacking, Session Hijacking Process, Packet Analysis of a Local Session Hijack, Types of Session Hijacking, Session Hijacking in OSI Model, Application Level Session Hijacking, Session Sniffing, Predictable Session Token, How to Predict a Session Token?, Man-in-the-Middle Attack, Man-in-the-Browser Attack, Steps to Perform Man-in-the-Browser Attack, Client-side Attacks, Cross-site Script Attack, Session Fixation, Session Fixation Attack, Network Level Session Hijacking, The 3-Way Handshake, Sequence Numbers, Sequence Number Prediction, TCP/IP Hijacking, IP Spoofing: Source Routed Packets, RST Hijacking, Blind Hijacking, Man-in-the-Middle Attack using Packet Sniffer, UDP Hijacking, Session Hijacking Tools, Paros, Burp Suite, Firesheep, Countermeasures, Protecting against Session Hijacking, Methods to Prevent Session Hijacking: To be Followed by Web Developers, Methods to Prevent Session Hijacking: To be Followed by Web Users, Defending against Session Hijack Attacks, Session Hijacking Remediation, IPSec, Modes of IPSec, IPSec Architecture, IPSec Authentication and Confidentiality, Components of IPSec, IPSec Implementation, Session Hijacking Pen Testing

Hijacking Webservers Webserver Market Shares, Open Source Webserver Architecture, IIS Webserver Architecture, Website Defacement, Case Study, Why Web Servers are Compromised?, Impact of Webserver Attacks, Webserver Misconfiguration, Example, Directory Traversal Attacks, HTTP Response Splitting Attack, Web Cache Poisoning Attack, HTTP Response Hijacking, SSH Bruteforce Attack, Man-in-the-Middle Attack, Webserver Password Cracking, Webserver Password Cracking Techniques, Web Application Attacks, Webserver Attack Methodology, Information Gathering, Webserver Footprinting, Webserver Footprinting Tools, Mirroring a Website, Vulnerability Scanning, Session Hijacking, Hacking Web Passwords, Webserver Attack Tools, Metasploit, Metasploit Architecture, Metasploit Exploit Module, Metasploit Payload Module, Metasploit Auxiliary Module, Metasploit NOPS Module, Wfetch, Web Password Cracking Tool, Brutus, THC-Hydra, Countermeasures, Patches and Updates, Protocols, Accounts, Files and Directories, How to Defend Against Web Server Attacks?, How to Defend against HTTP Response Splitting and Web Cache Poisoning?, Patches and Hotfixes, What is Patch Management?, Identifying Appropriate Sources for Updates and Patches, Installation of a Patch, Patch Management Tool: Microsoft Baseline Security Analyzer (MBSA), Patch Management Tools, Web Application Security Scanner: Sandcat, Web Server Security Scanner: Wikto, Webserver Malware Infection Monitoring Tool: HackAlert, Webserver Security Tools, Web Server Penetration Testing.

Hacking Web Applications Web Application Security Statistics, Introduction to Web Applications, Web Application Components, How Web Applications Work?, Web Application Architecture, Web 2.0 Applications, Vulnerability Stack, Web Attack Vectors, Web Application Threats - 1, Web Application Threats - 2, Unvalidated Input, Parameter/Form Tampering, Directory Traversal, Security Misconfiguration, Injection Flaws, SQL Injection Attacks, Command Injection Attacks, Command Injection Example, File Injection Attack, What is LDAP Injection?, How LDAP Injection Works?, Hidden Field Manipulation Attack, Cross-Site Scripting (XSS) Attacks, How XSS Attacks Work?, Cross-Site Scripting Attack Scenario: Attack via Email, XSS Example: Attack via Email, XSS Example: Stealing Users' Cookies, XSS Example: Sending an Unauthorized Request, XSS Attack in Blog Posting, XSS Attack in Comment Field, XSS Cheat Sheet, Cross-Site Request Forgery (CSRF) Attack, How CSRF Attacks Work?, Web Application Denial-of-Service (DoS) Attack, Denial of Service (DoS) Examples, Buffer Overflow Attacks, Cookie/Session Poisoning, How Cookie Poisoning Works?, Session Fixation Attack, Insufficient Transport Layer Protection, Improper Error Handling, Insecure Cryptographic Storage, Broken Authentication and Session Management, Unvalidated Redirects and Forwards, Web Services Architecture, Web Services Attack, Web Services Footprinting Attack, Web Services XML Poisoning, Footprint Web Infrastructure, Footprint Web Infrastructure: Server Discovery, Footprint Web Infrastructure: Server Identification/Banner Grabbing, Footprint Web Infrastructure: Hidden Content Discovery, Web Spidering Using Burp Suite, Hacking Web Servers, Web Server Hacking Tool: WebInspect, Analyze Web Applications, Analyze Web Applications: Identify Entry Points for User Input, Analyze Web Applications: Identify Server-Side Technologies, Analyze Web Applications: Identify Server-Side Functionality, Analyze Web Applications: Map the Attack Surface, Attack Authentication Mechanism, Username Enumeration, Password Attacks: Password Functionality Exploits, Password Attacks: Password Guessing, Password Attacks: Brute-forcing, Session Attacks: Session ID Prediction/ Brute-forcing, Cookie Exploitation: Cookie Poisoning, Authorization Attack, HTTP Request Tampering, Authorization Attack: Cookie Parameter Tampering, Session Management Attack, Attacking Session Token Generation Mechanism, Attacking Session Tokens Handling Mechanism: Session Token Sniffing, Injection Attacks, Attack Data Connectivity, Connection String Injection, Connection String Parameter Pollution (CSPP) Attacks, Connection Pool DoS, Attack Web App Client, Attack Web Services, Web Services Probing Attacks, Web Service Attacks: SOAP Injection, Web Service Attacks: XML Injection, Web Services Parsing Attacks, Web Service Attack Tool: soapUI, Web Service Attack Tool: XMLSpy, Web Application Hacking Tool: Burp Suite Professional, Web Application Hacking Tools: CookieDigger, Web Application Hacking Tools: WebScarab, Web Application Hacking Tools, Encoding Schemes, How to Defend Against SQL Injection Attacks?, How to Defend Against Command Injection Flaws?, How to Defend Against XSS Attacks?, How to Defend Against DoS Attack?, How to Defend Against Web Services Attack?, Web Application Countermeasures, How to Defend Against Web Application Attacks?, Web Application Security Tool: Acunetix Web Vulnerability Scanner, Web Application Security Tool: Falcove Web Vulnerability Scanner, Web Application Security Scanner: Netsparker, Web Application Security Tool: N-Stalker Web Application Security Scanner, Web Application Security Tools, Web Application Firewall: dotDefender, Web Application Firewall: IBM AppScan, Web Application Firewall: ServerDefender VP, Web Application Firewall, Web Application Pen Testing, Information Gathering, Configuration Management Testing, Authentication Testing, Session Management Testing, Authorization Testing, Data Validation Testing, Denial of Service Testing, Web Services Testing, AJAX Testing.

SQL Injection SQL Injection is the Most Prevalent Vulnerability in 2010, SQL Injection Threats, What is SQL Injection?, SQL Injection Attacks, How Web Applications Work?, Server Side Technologies, HTTP Post Request, Example 1: Normal SQL Query, Example 1: SQL Injection Query, Example 1: Code Analysis, Example 2: BadProductList.aspx, Example 2: Attack Analysis, Example 3: Updating Table, Example 4: Adding New Records, Example 5: Identifying the Table Name, Example 6: Deleting a Table, SQL Injection Detection, SQL Injection Error Messages, SQL Injection Attack Characters, Additional Methods to Detect SQL Injection, SQL Injection Black Box Pen Testing, Testing for SQL Injection, Types of SQL Injection, Simple SQL Injection Attack, Union SQL Injection Example, SQL Injection Error Based, What is Blind SQL Injection?, No Error Messages Returned, Blind SQL Injection: WAITFOR DELAY YES or NO Response, Blind SQL Injection – Exploitation (MySQL), Blind SQL Injection - Extract Database User, Blind SQL Injection - Extract Database Name, Blind SQL Injection - Extract Column Name, Blind SQL Injection - Extract Data from ROWS, SQL Injection Methodology, Information Gathering, Extracting Information through Error Messages, Understanding SQL Query, Bypass Website Logins Using SQL Injection, Database, Table, and Column Enumeration, Advanced Enumeration, Features of Different DBMSs, Creating Database Accounts, Password Grabbing, Grabbing SQL Server Hashes, Extracting SQL Hashes (In a Single Statement), Transfer Database to Attacker’s Machine, Interacting with the Operating System, Interacting with the FileSystem, Network Reconnaissance Full Query, SQL Injection Tools, SQL Injection Tools: BSQLHacker, SQL Injection Tools: Marathon Tool, SQL Injection Tools: SQL Power Injector, SQL Injection Tools: Havij, Evading IDS, Types of Signature Evasion Techniques, Evasion Technique: Sophisticated Matches, Evasion Technique: Hex Encoding, Evasion Technique: Manipulating White Spaces, Evasion Technique: In-line Comment, Evasion Technique: Char Encoding, Evasion Technique: String Concatenation, Evasion Technique: Obfuscated Codes, How to Defend Against SQL Injection Attacks?, How to Defend Against SQL Injection Attacks: Use Type-Safe SQL Parameters, SQL Injection Detection Tools, SQL Injection Detection Tool: Microsoft Source Code Analyzer, SQL Injection Detection Tool: Microsoft UrlScan, SQL Injection Detection Tool: dotDefender, SQL Injection Detection Tool: IBM AppScan, Snort Rule to Detect SQL Injection Attacks.

Hacking Wireless Networks Wireless Networks, Wi-Fi Usage Statistics in the US, Wi-Fi Hotspots at Public Places, Wi-Fi Networks at Home, Types of Wireless Networks, Wireless Standards, Service Set Identifier (SSID), Wi-Fi Authentication Modes, Wi-Fi Authentication Process Using a Centralized Authentication Server, Wi-Fi Authentication Process, Wireless Terminologies, Wi-Fi Chalking, Wi-Fi Chalking Symbols, Wi-Fi Hotspot Finder:, Wi-Fi Hotspot Finder:, Types of Wireless Antenna, Parabolic Grid Antenna, Types of Wireless Encryption, WEP Encryption, How WEP Works?, What is WPA?, How WPA Works?, Temporal Keys, What is WPA2?, How WPA2 Works?, WEP vs. WPA vs. WPA2, WEP Issues, Weak Initialization Vectors (IV), How to Break WEP Encryption?, How to Break WPA/WPA2 Encryption?, How to Defend Against WPA Cracking?, Wireless Threats: Access Control Attacks, Wireless Threats: Integrity Attacks, Wireless Threats: Confidentiality Attacks, Wireless Threats: Availability Attacks, Wireless Threats: Authentication Attacks, Rogue Access Point Attack, Client Mis-association, Misconfigured Access Point Attack, Unauthorized Association, Ad Hoc Connection Attack, HoneySpot Access Point Attack, AP MAC Spoofing, Denial-of-Service Attack, Jamming Signal Attack, Wi-Fi Jamming Devices, Wireless Hacking Methodology, Find Wi-Fi Networks to Attack, Attackers Scanning for Wi-Fi Networks, Footprint the Wireless Network, Wi-Fi Discovery Tool: inSSIDer, Wi-Fi Discovery Tool: NetSurveyor, Wi-Fi Discovery Tool: NetStumbler, Wi-Fi Discovery Tool: Vistumbler, Wi-Fi Discovery Tool: WirelessMon, Wi-Fi Discovery Tools, GPS Mapping, GPS Mapping Tool: WIGLE, GPS Mapping Tool: Skyhook, How to Discover Wi-Fi Network Using Wardriving?, Wireless Traffic Analysis, Wireless Cards and Chipsets, Wi-Fi USB Dongle: AirPcap, Wi-Fi Packet Sniffer: Wireshark with AirPcap, Wi-Fi Packet Sniffer: Wi-Fi Pilot, Wi-Fi Packet Sniffer: OmniPeek, Wi-Fi Packet Sniffer: CommView for Wi-Fi, What is Spectrum Analysis?, Wireless Sniffers, Aircrack-ng Suite, How to Reveal Hidden SSIDs, Fragmentation Attack, How to Launch MAC Spoofing Attack?, Denial of Service: Deauthentication and Disassociation Attacks, Man-in-the-Middle Attack, MITM Attack Using Aircrack-ng, Wireless ARP Poisoning Attack, Rogue Access Point, Evil Twin, How to Set Up a Fake Hotspot (Evil Twin)?, How to Crack WEP Using Aircrack?, How to Crack WEP Using Aircrack? Screenshot 1/2, How to Crack WEP Using Aircrack? Screenshot 2/2, How to Crack WPA-PSK Using Aircrack?, WPA Cracking Tool: KisMAC, WEP Cracking Using Cain & Abel, WPA Brute Forcing Using Cain & Abel, WPA Cracking Tool: Elcomsoft Wireless Security Auditor, WEP/WPA Cracking Tools, Wi-Fi Sniffer: Kismet, Wardriving Tools, RF Monitoring Tools, Wi-Fi Connection Manager Tools, Wi-Fi Traffic Analyzer Tools, Wi-Fi Raw Packet Capturing Tools, Wi-Fi Spectrum Analyzing Tools, Bluetooth Hacking, Bluetooth Stack, Bluetooth Threats, How to BlueJack a Victim?, Bluetooth Hacking Tool: Super Bluetooth Hack, Bluetooth Hacking Tool: PhoneSnoop, Bluetooth Hacking Tool: BlueScanner, Bluetooth Hacking Tools, How to Defend Against Bluetooth Hacking?, How to Detect and Block Rogue AP?, Wireless Security Layers, How to Defend Against Wireless Attacks?, Wireless Intrusion Prevention Systems, Wireless IPS Deployment, Wi-Fi Security Auditing Tool: AirMagnet WiFi Analyzer, Wi-Fi Security Auditing Tool: AirDefense, Wi-Fi Security Auditing Tool: Adaptive Wireless IPS, Wi-Fi Security Auditing Tool: Aruba RFProtect WIPS, Wi-Fi Intrusion Prevention System, Wi-Fi Predictive Planning Tools, Wi-Fi Vulnerability Scanning Tools, Wireless Penetration Testing, Wireless Penetration Testing Framework, Wi-Fi Pen Testing Framework, Pen Testing LEAP Encrypted WLAN, Pen Testing WPA/WPA2 Encrypted WLAN, Pen Testing WEP Encrypted WLAN, Pen Testing Unencrypted WLAN.

Evading IDS Firewalls and Honeypots Intrusion Detection Systems (IDS) and its Placement, How IDS Works?, Ways to Detect an Intrusion, Types of Intrusion Detection Systems, System Integrity Verifiers (SIV), General Indications of Intrusions, General Indications of System Intrusions, Firewall, Firewall Architecture, DeMilitarized Zone (DMZ), Types of Firewall, Packet Filtering Firewall, Circuit-Level Gateway Firewall, Application-Level Firewall, Stateful Multilayer Inspection Firewall, Firewall Identification, Port Scanning, Firewalking, Banner Grabbing, Honeypot, Types of Honeypots, How to Set Up a Honeypot?, Intrusion Detection Tool, Snort, Snort Rules, Rule Actions and IP Protocols, The Direction Operator and IP Addresses, Port Numbers, Intrusion Detection Systems: Tipping Point, Intrusion Detection Tools, Firewall: Sunbelt Personal Firewall, Firewalls, Honeypot Tools, KFSensor, SPECTER, Insertion Attack, Evasion, Denial-of-Service Attack (DoS), Obfuscating, False Positive Generation, Session Splicing, Unicode Evasion Technique, Fragmentation Attack, Overlapping Fragments, Time-To-Live Attacks, Invalid RST Packets, Urgency Flag, Polymorphic Shellcode, ASCII Shellcode, Application-Layer Attacks, Desynchronization, Pre Connection SYN, Post Connection SYN, Other Types of Evasion, IP Address Spoofing, Attacking Session Token Generation Mechanism, Tiny Fragments, Bypass Blocked Sites Using IP Address in Place of URL, Bypass Blocked Sites Using Anonymous Website Surfing Sites, Bypass a Firewall using Proxy Server, Bypassing Firewall through ICMP Tunneling Method, Bypassing Firewall through ACK Tunneling Method, Bypassing Firewall through HTTP Tunneling Method, Bypassing Firewall through External Systems, Bypassing Firewall through MITM Attack, Detecting Honeypots, Honeypot Detecting Tool: Send-Safe Honeypot Hunter, Firewall Evasion Tools, Traffic IQ Professional, tcp-over-dns, Firewall Evasion Tools, Packet Fragment Generators, Countermeasures, Firewall/IDS Penetration Testing, Firewall Penetration Testing, IDS Penetration Testing.

Buffer Overflow Buffer Overflows, Why are Programs And Applications Vulnerable?, Understanding Stacks, Stack-Based Buffer Overflow, Understanding Heap, Heap-Based Buffer Overflow, Stack Operations, Shellcode, No Operations (NOPs), Knowledge Required to Program Buffer Overflow Exploits, Buffer Overflow Steps, Attacking a Real Program, Format String Problem, Overflow using Format String, Smashing the Stack, Once the Stack is Smashed..., Simple Uncontrolled Overflow, Simple Buffer Overflow in C, Code Analysis, Exploiting Semantic Comments in C (Annotations), How to Mutate a Buffer Overflow Exploit?, Identifying Buffer Overflows, How to Detect Buffer Overflows in a Program?, BOU (Buffer Overflow Utility), Testing for Heap Overflow Conditions: heap.exe, Steps for Testing for Stack Overflow in OllyDbg Debugger, Testing for Stack Overflow in OllyDbg Debugger, Testing for Format String Conditions using IDA Pro, BoF Detection Tools, Defense Against Buffer Overflows, Preventing BoF Attacks, Programming Countermeasures, Data Execution Prevention (DEP), Enhanced Mitigation Experience Toolkit (EMET), EMET System Configuration Settings, EMET Application Configuration Window, /GS, BoF Security Tools, BufferShield, Buffer Overflow Penetration Testing.

Cryptography Cryptography, Types of Cryptography, Government Access to Keys (GAK), Ciphers, Advanced Encryption Standard (AES), Data Encryption Standard (DES), RC4, RC5, RC6 Algorithms, The DSA and Related Signature Schemes, RSA (Rivest Shamir Adleman), Example of RSA Algorithm, The RSA Signature Scheme, Message Digest (One-way Bash) Functions, Message Digest Function: MD5, Secure Hashing Algorithm (SHA), What is SSH (Secure Shell)?, MD5 Hash Calculators: HashCalc, MD5 Calculator and HashMyFiles, Cryptography Tool: Advanced Encryption Package, Cryptography Tools, Public Key Infrastructure (PKI), Certification Authorities, Digital Signature, SSL (Secure Sockets Layer), Transport Layer Security (TLS), Disk Encryption, Disk Encryption Tool: TrueCrypt, Disk Encryption Tools, Cryptography Attacks, Code Breaking Methodologies, Brute-Force Attack, Meet-in-the-Middle Attack on Digital Signature Schemes, Cryptanalysis Tool: CrypTool, Cryptanalysis Tools, Online MD5 Decryption Tool.

Penetration Testing Introduction to Penetration Testing, Security Assessments, Vulnerability Assessment, Limitations of Vulnerability Assessment, Penetration Testing, Why Penetration Testing?, What Should be Tested?, What Makes a Good Penetration Test?, ROI on Penetration Testing, Testing Points, Testing Locations, Types of Penetration Testing, External Penetration Testing, Internal Security Assessment, Black-box Penetration Testing, Grey-box Penetration Testing, White-box Penetration Testing, Announced / Unannounced Testing, Automated Testing, Manual Testing, Common Penetration Testing Techniques, Using DNS Domain Name and IP Address Information, Enumerating Information about Hosts on Publicly-Available Networks, Phases of Penetration Testing, Pre-Attack Phase, Attack Phase, Activity: Perimeter Testing, Enumerating Devices, Activity: Acquiring Target, Activity: Escalating Privileges, Activity: Execute, Implant, and Retract, Post-Attack Phase and Activities, Penetration Testing Deliverable Templates, Penetration Testing Methodology, Application Security Assessment, Web Application Testing - I, Web Application Testing - II, Web Application Testing - III, Network Security Assessment, Wireless/Remote Access Assessment, Wireless Testing, Telephony Security Assessment, Social Engineering, Testing Network-Filtering Devices, Denial of Service Emulation, Outsourcing Penetration Testing Services, Terms of Engagement, Project Scope, Pentest Service Level Agreements, Penetration Testing Consultants, Evaluating Different Types of Pentest Tools, Application Security Assessment Tool, Webscarab, Network Security Assessment Tool, Angry IP scanner, GFI LANguard, Wireless/Remote Access Assessment Tool, Kismet, Telephony Security Assessment Tool, Omnipeek, Testing Network-Filtering Device Tool, Traffic IQ Professional.

Sample of Global Management Consulting Clients

Global and National Honors for Global CxO Practices Leadership -
CxO Think Tank - CxO Practices - CxO Guidance - CxO Keynotes
Includes strategic partnerships based upon invitation by the other party.
(USA, North America, Europe, Asia)

Arthur Andersen Consulting (Accenture) (Managing Partners & Founders)
Bank of America
Banque Indo-Suez (Hong Kong)
British Telecom (UK)
Conference Board
Emerald Group Publishing (UK)
European Bank Merger (European Union)
Government of Mexico (Mexico: National Cabinet)
Government of Netherlands (Netherlands: National Cabinet)
Harvard Business School
Institute for Supply Management
Intel Corporation
JP Morgan
Knowledge Management Consortium International (Board of Directors)
Maeil Business TV Network & Newspaper (S. Korea)
National Science Foundation
Northrop Grumman Corporation
Ogilvy & Mather
Royal Philips Electronics N.V. (Netherlands)
Siemens AG
Silicon Valley Venture Capitalists and Tech CEOs
Tata Group (India)
Turkish Steel Conglomerate
U.S. Federal Government
Unisys Corporation
United Nations (World Headquarters)
Vision Korea Campaign (S. Korea)
Wall Street Investment Bank(s)
Ziff Davis

Pioneering Global Computational Quant Cyber-Crypto Finance-IT-Risk Management Digital Transformation Practices


Princeton University Invited FinTech Research Presentations on Model Risk Management
Pioneering 'Open Systems Finance', 'Model Risk Arbitrage', and, 'Cyber Finance'

*2016 Princeton Quant Trading Conference: Among other Presenters: It was a pleasure to collaborate.

2015 Princeton Quant Trading Conference
'Knight Reconsidered':
Future of Finance Beyond 'Flash Boys': Risk Modeling for Managing Uncertainty in an Increasingly Non-Deterministic Cyber World

(Global Risk Management Network, LLC, 2015).

2016 Princeton Quant Trading Conference
Knight Reconsidered Again: Risk, Uncertainty, & Profit Beyond ZIRP & NIRP:
Beyond Model Risk Management to Model Risk Arbitrage for Fintech Era:
How to Navigate 'Uncertainty'... When 'Models' are 'Wrong'... And 'Knowledge'... 'Imperfect'!

(Global Risk Management Network, LLC, 2016).

40 SSRN Top-10 Research Rankings in Computational Statistical Algorithms & Machine Learning

40 SSRN Top-10 Research Rankings: Computational Quant Analytics, Algorithms, & Machine Learning, 2015-2016.

Research selected for 40 SSRN Top-10 Rankings in Computational Quantitative Risk Analytics.
- SSRN Top-10 Ranking Categories
• Capital Markets, 
• Computational Techniques, 
• Corporate Governance, 
• Cyberlaw, 
• Decision-Making under Risk & Uncertainty, 
• Econometric & Statistical Methods, 
• Econometric Modeling, 
• Econometrics, 
• Hedging & Derivatives, 
• Information Systems & Economics, 
• Mathematical Methods & Programming, 
• Microeconomics, 
• Operations Research, 
• Risk Management, 
• Risk Management Controls, 
• Risk Modeling, 
• Stochastic Models, 
• Systemic Risk, 
• Uncertainty & Risk Modeling, and, 
• VaR Value-at-Risk.


Top Wall Street Banks' Model Risk Management Beyond VaR for Extreme Risks
FinTech Technical Expert to Top MDs Team for World's Largest Investment Bank

Cryptanalytic Algorithms and Quantum ComputingBeyond 'Bayesian vs. VaR' Dilemma to Empirical Model Risk Management: How to Manage Risk (After Risk Management Has Failed).
(Global Risk Management Network, LLC, 2012, 2014)

Cryptanalytic Algorithms and Quantum Computing

Measuring & Managing Financial Risks with Improved Alternatives Beyond Value-At-Risk (VaR)
(Global Risk Management Network, LLC, 2012).

FinTech Markov Chain Monte Carlo Models and Bitcoin Block Chain Encryption Protocols

Markov Chain Monte Carlo Models, Gibbs Sampling, and, Metropolis-Hastings Algorithms

Markov Chain Monte Carlo Models,
Gibbs Sampling, and, Metropolis-Hastings Algorithms

(Global Risk Management Network, LLC, 2013).
Complex Stochastics Hi-Dimensional Statistical Analysis

Bitcoin Protocol: Model of ‘Cryptographic Proof’ Based Global Crypto-Currency & Electronic Payments System
Bitcoin Protocol: Model of 'Cryptographic Proof' Based Global Crypto-Currency & Electronic Payments System
(Global Risk Management Network, LLC, 2013).
First Report on the Bitcoin Cryptographic-Proof-of-Work

Bayesian vs. VaR for Hedge Funds
Model Risk Management
Beyond "Bayesian vs. VaR" Dilemma to
Empirical Model Risk Management: How to Manage Risk
(After Risk Management Has Failed) for Hedge Funds

'"It is this "true" uncertainty, and not risk, as has been argued, which forms the basis of a valid theory of profit and accounts for the divergence between actual and theoretical competition... It is a world of change in which we live, and a world of uncertainty...If we are to understand the workings of the economic system we must examine the meaning and significance of uncertainty; and to this end some inquiry into the nature and function of knowledge itself is necessary."
-- Frank H. Knight in Risk, Uncertainty, and Profit

(Boston, MA: Hart, Schaffner & Marx; Houghton Mifflin Co), 1921.

Risk, Uncertainty, and Profit: Frank Knight Risk, Uncertainty, and Profit: Frank Knight Risk, Uncertainty, and Profit: Frank Knight
(Boston, MA: Hart, Schaffner & Marx; Houghton Mifflin Co), 1921.

2015 Princeton Quant Trading Conference
'Knight Reconsidered':
Risk, Uncertainty, and, Profit for the Cyber Era: Model Risk Management of Cyber Insurance Models using Quantitative Finance and Advanced Analytics

(Global Risk Management Network, LLC, 2015).

2015 New York Cyber Security and Engineering Technology Association Conference
Toward Integrated Enterprise Risk Management, Model Risk Management, & Cyber-Finance Risk Management:
Bridging Networks, Systems, and, Controls

(Global Risk Management Network, LLC, 2015).

2016 New York State Cyber Security Conference
Advancing Beyond 'Predictive' to 'Anticipatory' Risk Analytics:
CyberFinance: Why Cybersecurity Risk Analytics must Evolve to Survive 90% of Emerging Cyber Financial Threats, and, What You Can Do About It?

(Global Risk Management Network, LLC, 2016).

FinTech Enterprise Risk-Model Risk Management meet Penetration Testing-Ethical Hacking

2015 National CSO-CxO Cybersecurity Conference

Cybersecurity & Cyber-Finance Risk Management: Strategies, Tactics, Operations, &, Intelligence: Enterprise Risk Management to Model Risk Management: Understanding Vulnerabilities, Threats, & Risk Mitigation

CSO-CxO Plenary Keynote, National Cybersecurity Summit, Altria Group Inc. Headquarters, VA, 2015

New York Cyber Security and Engineering Technology Association (NYSETA) Conference
A Framework for Pen Testing Network Protocols for Global Banking & Finance Call Centers: Bridging Networks, Systems, and, Controls Frameworks for Cybersecurity Curricula & Standards Development
(Innovative Design and Development Practices)

New York Cyber Security and Engineering Technology Association (NYSETA) Conference, 2015.

Griffiss CyberspaceTM Cybersecurity Venture Spans Wall Street & Cyber Research

WirelessMobileTrustQuantitative Modeling of Trust and Trust Management Protocols in Next Generation Social Networks Based Wireless Mobile Ad Hoc Networks
(Global Risk Management Network, LLC,
December 18, 2014.)

Future of Cyber Risk
Griffiss Cyberspace Cybersecurity Venture Aims to Span Wall Street and Hi-Tech Research,
Cybersecurity, Financial Protocols & Networks Protocols Analysis, and, Penetration Testing
(Global Risk Management Network, LLC,
Summer 2013.)

FinTech Cognitive Analytics and Cryptanalytic Algorithms for Quantum Computing & Quantum Biology

Cognitive Analytics & Cryptanalytic Algorithms for Quantum Computing & Quantum BiologyFuture of Bitcoin & Statistical Probabilistic Quantitative Methods: Interview by Hong Kong Institute of Certified Public Accountants
(Global Risk Management Network, LLC, January 20, 2014.)

Cryptanalytic Algorithms and Quantum Computing
Cryptology beyond Shannon’s Information Theory: Preparing for when the ‘Enemy Knows the System’: Beyond NSF Cryptanalytic Algorithms
(Global Risk Management Network, LLC, 2013.)

AACSB Recognizes Real Impact among Nobel Laureates such as Black-Scholes
Pioneered Anticipatory Risk Analytics Frameworks Applied by Top Investment Banks 

“There are many examples illustrating that advances in basic research have had a substantial impact on practice. Exemplars of this phenomenon can be seen in finance through academic publications on the theories of portfolio selection (Markowitz, 1952), irrelevance of capital structure (Modigliani and Miller, 1958), capital asset pricing (Sharpe, 1964), efficient markets (Fama, 1965 and 1970), option pricing (Black and Scholes, 1973), and agency theory (Jensen and Meckling, 1976). All are well-known for their substantial impact on both theory and practice. In information systems, the research of Malhotra (Malhotra, 2004) has helped companies to understand why knowledge management systems fail...



Cryptanalytic Algorithms and Quantum Computing

“The new business model of the Information Age, however, is marked by fundamental, not incremental, change. Businesses can't plan long-term; instead, they must shift to a more flexible "anticipation-of-surprise" model.”
-- Yogesh Malhotra in CIO Magazine interview, Sep. 15, 1999.


Leading Global Enterprise Risk Management and Model Risk Management Practices

"The future is moving so quickly that you can’t anticipate it… We have put a tremendous emphasis on quick response instead of planning. We will continue to be surprised, but we won't be surprised that we are surprised. We will anticipate the surprise."
20-Years of the Model Risk Management Program
  “The new business model of the Information Age, however, is marked by fundamental, not incremental, change. Businesses can't plan long-term; instead, they must shift to a more flexible "anticipation-of-surprise" model.”
-- Yogesh Malhotra in CIO Magazine interview, Sep. 15, 1999.
[A Decade Later... Wall Street CEO, CFOs, & CROs know so... ]
Model Risk Management Program

Digital Transformation Research & Practices Leading Global Firms & Governments

e-Services & Knowledge Management Digital Transformation Leading Global Firms & Governments

Google  IBM  Intel  Microsoft  OgilvyOne


Pioneering e-Services & Knowledge Management Digital Transformation Practices
Global & National Thought Leader for UN, NSF, US & World Governments & Parliaments

National Science Foundation  IBM

  USA Federal Government
US Dept. of Veteran Affairs

Government and Cabinet Of Mexico

United Nations

Government and Cabinet Of Netherlands

Nation of South Korea
Maeil Business TV

TiE Silicon Valley  Accenture
Intel  Philips
British Telecom  Institute for Supply Management
The Conference Board


Digital Transformation Venture Clients, Patrons, & Subscribers

A sample of our corporate and organizational clients, patrons, and users is listed below:

FinTech Firms: Goldman Sachs, Google, HP, IBM, Intel, Microsoft, Ogilvy, Wells Fargo

Consulting Firms: Accenture, Ernst & Young, McKinsey, PricewaterhouseCoopers

World Governments: Australia, Canada, European Union, United Kingdom, United States

U.S. Defense: AFRL, Air Force, Army, CCRP, Comptroller, DISA, DoD, NASA, Navy, RAND

World Defense: Australia (Air Force), Canada (Defence R&D), UK (Ministry of Defence)

Business Schools: Harvard, MIT, Princeton, Stanford, UC Berkeley, Wharton


"Founder Yogesh Malhotra says his vision is to fill the gaps between business and technology, data and knowledge, and, theory and practice..."
Dr. Yogesh Malhotra in Fortune


Digital Transformation Ventures in Global Business & Technology Press

Media Coverage Media Coverage

Digital Transformation Research Interviews in Global Business & Technology Press

CIO Magazine
CIO Insight
Wall Street Journal
Cyber Transformation Practices Guiding US DoD Commanders & CxOs
("Obsolete what you know before others obsolete it..."
- Dr. Yogesh Malhotra in Inc. Interview)

United States Army United States Navy United States Air Force United States Marine Corps AFRL
"If you spend some time at [the digital research lab] founded by Dr. Malhotra youwill be blessed by some of the world's most astute thinking on the nature of knowledge and its value." 
- U.S. Army Knowledge Symposium, Theme: "Knowledge Dominance: Transforming the Army...from Tooth to Tail", US Department of Defense, United States Army.

"There are many definitions of knowledge management. It has been described as "a systematic process for capturing and communicating knowledge people can use." Others have said it is "understanding what your knowledge assets are and how to profit from them." Or the flip side of that: "to obsolete what you know before others obsolete it." (Malhotra) "
- U.S. Department of Defense, Office of the Under Secretary of Defense (Comptroller)

"KM is obsoleting what you know before others obsolete it and profit by creating the challenges and opportunities others haven't even thought about -- Dr. Yogesh Malhotra, in Inc. Technology Interview"
- U.S. Defense Information Systems Agency Interoperability Directorate


Top-3 Most Influential Scholars-Practitioners
in Knowledge Management
(Ranked in Drexel University Global Survey of IS Practice)

Vision Korea Campaign Keynotes
Dr. Yogesh Malhotra among other 'Vision Korea' National Campaign Keynote Speakers in Vision Korea National Campaign (2000): Dr.Charles Lucier of Booz Allen Hamilton, Dr.David Snowden of IBM, Dr.Robert H. Buckman of Buckman Labs, Dr.Hubert Saint-Onge of Canadian Imperial Bank of Commerce, Professor Dr.Ikujiro Nonaka of Hitotsubashi University


Pioneered Digital Transformation e-Services & Knowledge Management Practices
Led Global Virtual Team of 200-PhD Experts & CxOs to Publish Pioneering Research Leading Global Practices

Published in 2000
Published in 2001

Journal Articles & Reports 1993-Present

Published independent Study paper on computer graphics image compression standards for hypermedia computing technologies, the precursor of WWW, on MBA graduate research fellowship with B2B pioneer and full tuition scholarship in 1993.


Developed Computerworld's Top Digital Research Site, Top-3 Search Engine, & Top-10 Social Network

Top-Ranked Digital Research Site: Computerworld Best Web Site Award

Top-3 Search Engine: Carnegie Mellon University Industry.Net National Awards

Top-10 Social Network: Popular Rankings among others such as LinkedIn

Led Global Virtual Community of Practice of 130,000+ to Pioneer Digital Transformation Practices
Millions of worldwide users included Global-2000 Corporations and G-20 World Governments.


Top-3 Search Engines Ranked in the Carnegie Mellon University: National Industry.Net Awards