Rating: 0 out of 5 stars
0 ratings
Ebook208 pages1 hour
A First Course In Ethical Hacking
Rating: 0 out of 5 stars
()
About this ebook
As a youngster, the romance of hacking took hold of my imagination. Computers were always my passion, and the myth (legend?) of kids who moved a satellite by messing around were well known and the subject of daydreaming. But where to begin? While still working a student job, I got my hands on the “Hackers Handbook". To put things in perspective, the internet was young, Microsoft did not believe in CD-ROMs and “Do you Netscape” was the web browsing term.Modems were the way you connected.I printed the entire “Handbook” on a dot matrix printer, ready to enrich myself with the knowledge of hackers. The text was about BAUD, modems and the protocols used by BBSs. I found the reading as exiting as a student who got his hands on a banned copy of The Little Red Book. But the content proved rather less than insightful. Yes, hacking was different when the words were uttered “the beauty of the baud” (from the original Hackers Manifesto), but times have changed and changed again in a very short period of time.
Related to A First Course In Ethical Hacking
Related ebooks
Computer Hacking: The Crash Course Guide to Learning Computer Hacking Fast & How to Hack for Beginners Ethical Hacking 101 - How to conduct professional pentestings in 21 days or less!: How to hack, #1 Rating: 5 out of 5 stars5/5Ultimate Hacking Challenge: Hacking the Planet, #3 Rating: 5 out of 5 stars5/5How to Hack Like a GOD: Hacking the Planet, #2 Rating: 5 out of 5 stars5/5Compsec: For the Home User Rating: 0 out of 5 stars0 ratingsHow to Investigate Like a Rockstar: Hacking the Planet Rating: 0 out of 5 stars0 ratingsHacking: Computer Hacking for beginners, how to hack, and understanding computer security! Rating: 5 out of 5 stars5/5How to Hack Like a Pornstar: Hacking the Planet, #1 Rating: 5 out of 5 stars5/5Ultimate guide for being anonymous: Avoiding prison time for fun and profit Rating: 4 out of 5 stars4/5Ultimate Guide for Being Anonymous: Hacking the Planet, #4 Rating: 5 out of 5 stars5/5How to Hack Like a GOD: Master the secrets of hacking through real-life hacking scenarios Rating: 4 out of 5 stars4/5Hacked: The Ultimate Guidence Rating: 5 out of 5 stars5/5How to Hack Like a Legend: Hacking the Planet, #7 Rating: 5 out of 5 stars5/5How to Hack Like a Pornstar: A Step by Step Process for Breaking into a BANK Rating: 5 out of 5 stars5/5Hacking into Hackers’ Head: A step towards creating CyberSecurity awareness Rating: 5 out of 5 stars5/5Hacking: A Comprehensive Guide to Computer Hacking and Cybersecurity Rating: 0 out of 5 stars0 ratingsHow to Hack Like a Pornstar Rating: 5 out of 5 stars5/5Hacking Rating: 3 out of 5 stars3/5Wireless Hacking 101 Rating: 4 out of 5 stars4/5Hacking: 10 Easy Beginners Tutorials on How to Hack Plus Basic Security Tips Rating: 0 out of 5 stars0 ratingsTor and the Dark Art of Anonymity Rating: 5 out of 5 stars5/5Darknet Rating: 4 out of 5 stars4/5Tor and the Deep Web Rating: 0 out of 5 stars0 ratingsBeginning Ethical Hacking with Kali Linux: Computational Techniques for Resolving Security Issues Rating: 0 out of 5 stars0 ratingsCyber Security for Beginners: How to Become a Cybersecurity Professional Without a Technical Background (2022 Guide for Newbies) Rating: 0 out of 5 stars0 ratingsCybersecurity Enforcement and Monitoring Solutions: Enhanced Wireless, Mobile and Cloud Security Deployment Rating: 0 out of 5 stars0 ratingsHack Computer System For Noobee Rating: 1 out of 5 stars1/5The Darknet Superpack Rating: 0 out of 5 stars0 ratings
Computers For You
Elon Musk Rating: 4 out of 5 stars4/5Standard Deviations: Flawed Assumptions, Tortured Data, and Other Ways to Lie with Statistics Rating: 4 out of 5 stars4/5The Invisible Rainbow: A History of Electricity and Life Rating: 4 out of 5 stars4/5Everybody Lies: Big Data, New Data, and What the Internet Can Tell Us About Who We Really Are Rating: 4 out of 5 stars4/5Slenderman: Online Obsession, Mental Illness, and the Violent Crime of Two Midwestern Girls Rating: 4 out of 5 stars4/5101 Awesome Builds: Minecraft® Secrets from the World's Greatest Crafters Rating: 4 out of 5 stars4/5CompTIA Security+ Practice Questions Rating: 2 out of 5 stars2/5Mastering ChatGPT: 21 Prompts Templates for Effortless Writing Rating: 5 out of 5 stars5/5Alan Turing: The Enigma: The Book That Inspired the Film The Imitation Game - Updated Edition Rating: 4 out of 5 stars4/5The ChatGPT Millionaire Handbook: Make Money Online With the Power of AI Technology Rating: 0 out of 5 stars0 ratingsCompTIA IT Fundamentals (ITF+) Study Guide: Exam FC0-U61 Rating: 0 out of 5 stars0 ratingsDeep Search: How to Explore the Internet More Effectively Rating: 5 out of 5 stars5/5Ultimate Guide to Mastering Command Blocks!: Minecraft Keys to Unlocking Secret Commands Rating: 5 out of 5 stars5/5Remote/WebCam Notarization : Basic Understanding Rating: 3 out of 5 stars3/5Grokking Algorithms: An illustrated guide for programmers and other curious people Rating: 4 out of 5 stars4/5Procreate for Beginners: Introduction to Procreate for Drawing and Illustrating on the iPad Rating: 0 out of 5 stars0 ratingsCreating Online Courses with ChatGPT | A Step-by-Step Guide with Prompt Templates Rating: 4 out of 5 stars4/5Hacking: Ultimate Beginner's Guide for Computer Hacking in 2018 and Beyond: Hacking in 2018, #1 Rating: 4 out of 5 stars4/5CompTIA Security+ Get Certified Get Ahead: SY0-701 Study Guide Rating: 5 out of 5 stars5/5People Skills for Analytical Thinkers Rating: 5 out of 5 stars5/5The Hacker Crackdown: Law and Disorder on the Electronic Frontier Rating: 4 out of 5 stars4/5Practical Lock Picking: A Physical Penetration Tester's Training Guide Rating: 5 out of 5 stars5/5SQL QuickStart Guide: The Simplified Beginner's Guide to Managing, Analyzing, and Manipulating Data With SQL Rating: 4 out of 5 stars4/5Dawn of the New Everything: Encounters with Reality and Virtual Reality Rating: 4 out of 5 stars4/5
Related podcast episodes
69: Human Hacker: Human Hacker 0% found this document usefulOSINT: Who's watching you? 0% found this document usefulcybersecurity maturity model certification (CMMC) (noun) [Word Notes] 0% found this document usefulCollaboration, data portability, and employee mobility fuel insider risk. 0% found this document usefulBonus: Afternoon Cyber Tea: IoT-Based Infrastructures 0% found this document usefulS17:E5 - What is AWS and how you become a cloud engineer (Hiroko Nishimura): Opening doors and knocking out AWS jargon 100% found this document usefulLIVE from CNP Expo 2019! -Social Engineering Calls 0% found this document usefulMerchants: There's a New Fraud Tactic in Town & You Need to Know About It! 100% found this document usefulMobile Forensics 0% found this document useful
Related articles
Network Attacks TechLifeArticle
Network Attacks
Sep 21, 2020
Though less common than malware and social engineering, network-based attacks are still a threat to every computer and mobile user, and everyone should have at least a basic understanding of what they are and how to avoid them. So this month let’s lo
4 min read“Someone Who Under Takes A Ransomware Attack Isn’t A Hacker, They’re An Attacker” PC Pro MagazineArticle
“Someone Who Under Takes A Ransomware Attack Isn’t A Hacker, They’re An Attacker”
Aug 12, 2021
If you’ve ever attended an infosec or cybersecurity event, you will no doubt have noticed the preponderance of “Hacking is NOT a Crime” stickers. In 2018, some 500 such stickers were handed out at the DEF CON 26 event, the following year 5,000 were d
7 min read“Vulnerability Hunters Tend To Be Cut From A Different Cloth. They Are Naturally In Quisitive” PC Pro MagazineArticle
“Vulnerability Hunters Tend To Be Cut From A Different Cloth. They Are Naturally In Quisitive”
Jan 6, 2022
7 min readSocial Engineering Maximum PCArticle
Social Engineering
Oct 15, 2019
5 min readMy Deep Dive Into One Of The Largest Dark Web Hacking Forums | Dylan Curran The GuardianArticle
My Deep Dive Into One Of The Largest Dark Web Hacking Forums | Dylan Curran
Jul 24, 2018
4 min readHacker’s Manual Maximum PCArticle
Hacker’s Manual
Mar 2, 2021
1 min readFrom Child Hacker To Bug Hunter How It WorksArticle
From Child Hacker To Bug Hunter
Mar 19, 2020
Why did you become a black hat hacker? At school I would finish my work in ten minutes and spend the rest of the lesson playing on the computer. I was 10 or 11 when I stumbled across a chatroom whose members taught me how to hack – I was just a bore
1 min readWhite Hat Hacking Maximum PCArticle
White Hat Hacking
Mar 2, 2021
There’s a school of thought that says we (or anyone) shouldn’t provide information that budding hackers could use to cause damage or distress. In February the UK’s West Midlands Regional Organized Crime Unit even launched a poster campaign naming and
1 min readHacker’s Manual Linux FormatArticle
Hacker’s Manual
Nov 17, 2020
1 min readKRACK Wi-Fi Attack Threatens All Networks: How To Stay Safe And What You Need To Know MacWorldArticle
KRACK Wi-Fi Attack Threatens All Networks: How To Stay Safe And What You Need To Know
Nov 29, 2017
5 min readPeople Are Secretly Buying Handguns On The Dark Web FuturityArticle
People Are Secretly Buying Handguns On The Dark Web
Apr 24, 2019
2 min readThe Low-Tech Hack You're Not Prepared For EntrepreneurArticle
The Low-Tech Hack You're Not Prepared For
Sep 1, 2016
1 min readAn Algorithm That Hides Your Online Tracks With Random Footsteps The AtlanticArticle
An Algorithm That Hides Your Online Tracks With Random Footsteps
Apr 11, 2017
4 min readSherlock Linux FormatArticle
Sherlock
May 31, 2022
1 min readHacker Distributions Linux FormatArticle
Hacker Distributions
Nov 17, 2020
1 min readFormer NASA Contractor Hacked Into Women's Accounts, Threatened To Publish Their Nude Photos Los Angeles TimesArticle
Former NASA Contractor Hacked Into Women's Accounts, Threatened To Publish Their Nude Photos
Oct 12, 2018
2 min readDiscover The Secret IPhone Hack Codes iCreateArticle
Discover The Secret IPhone Hack Codes
Mar 26, 2020
Did you know that your iPhone comes with its own set of manufacturer codes that are used to access detailed information about the device? Typing these codes into the Phone app’s keypad allows you to access hidden modes, troubleshoot any issues that y
1 min read‘Open Ports’ Leave a Hole in Smartphone Security FuturityArticle
‘Open Ports’ Leave a Hole in Smartphone Security
May 8, 2017
Smartphone apps that use “open ports” to share and receive data are more vulnerable to security breaches than previously thought, mainly due to the their widespread use in internet communication, a new study suggests. The vulnerability the researcher
3 min readTool Created To Aid Cleanup From Microsoft Hack In Broad Use AppleMagazineArticle
Tool Created To Aid Cleanup From Microsoft Hack In Broad Use
Mar 26, 2021
1 min readHacking Banks Linux FormatArticle
Hacking Banks
Dec 17, 2019
4 min readKali Linux 2020.3 64-bit Linux FormatArticle
Kali Linux 2020.3 64-bit
Nov 17, 2020
3 min readIntroducing Kali Maximum PCArticle
Introducing Kali
Mar 2, 2021
4 min readMicrosoft Says Hackers Viewed Source Code, Didn’t Change It TechLife NewsArticle
Microsoft Says Hackers Viewed Source Code, Didn’t Change It
Jan 9, 2021
1 min readDon’t Panic APCArticle
Don’t Panic
Jun 17, 2019
8 min readEverything You May Have Wanted to Know About Ethical/Whitehat Hackers TechfastlyArticle
Everything You May Have Wanted to Know About Ethical/Whitehat Hackers
Oct 21, 2020
5 min readKRACK Wi-Fi Attack Threatens All Networks: How to Stay Safe and What You Need to Know PCWorldArticle
KRACK Wi-Fi Attack Threatens All Networks: How to Stay Safe and What You Need to Know
Dec 4, 2017
5 min readHack The System Linux FormatArticle
Hack The System
Dec 17, 2019
If you followed our handy guide on the previous pages, then you’ll already have augmented your Kali Light installation with Nmap, a port-scanning utility par excellence and a vital part of any pen-tester’s arsenal. As mentioned on the DVD page (there
4 min readHack The Planet/Parrot Linux FormatArticle
Hack The Planet/Parrot
May 31, 2022
2 min readWhite Hat Hacking APCArticle
White Hat Hacking
Apr 19, 2021
There’s a school of thought that says we (or anyone) shouldn’t provide information that budding hackers could use to cause damage or distress. In February the UK’s West Midlands Regional Organized Crime Unit even launched a poster campaign naming and
1 min readHacking Power New PhilosopherArticle
Hacking Power
Jul 30, 2018
4 min read
Reviews for A First Course In Ethical Hacking
Rating: 0 out of 5 stars
0 ratings
0 ratings0 reviews
Book preview
A First Course In Ethical Hacking - Herman van Heerden
A First Course In Ethical Hacking
A first course in ethical hacking
A first course in ethical hacking
By Herman van Heerden
eBook ISBN: 978-1-300-92063-2
Text copyright © 2013 Herman van Heerden
All rights reserved, except where else indicated
Thanks Mia!
Preface
For some time now I have realized that the only relatively quick way to obtain knowledge of hacking, is to bite the bullet and attend a course in IT security. This is not a bad option, but where do you begin? Who will tell you what hacking really is about, without adding an oversized dollop of Hollywood flair to sell the course?
As a youngster, the romance of hacking took hold of my imagination. Computers were always a passion of mine, and the myth (or is it legend?) of two kids who moved a satellite by messing around with computers were well known and many a time the subject of daydreaming. But again - where do you begin? While still working a student job in my first year at university, I got my hands on a text marked the Hackers Handbook
(http://www.textfiles.com/etext/MODERN/hhbk). To put things in perspective, the internet was young, Microsoft did not believe in CD-ROMs and Do you Netscape
was the term used for web browsing. Modems were the way you connected. Well, I printed the entire Hackers Handbook
on a dot matrix printer **** and put it into a file, ready to enrich myself with the knowledge of the hacker. The text was all about how BAUD works, modems and the protocols used by BBSs. I found the reading as exiting as a social studies student who got his hands on a banned copy of The Little Red Book or Animal Farm, but in the long run, the content of the book proved rather less than insightful. Yes, hacking was different when the words were uttered the beauty of the baud
(from the original Hackers Manifesto), but times have changed and changed again in a very short period of time.
As with that original Hackers Handbook
, I believe this book will also be seen as ancient text in a far shorter time that I hope it to be. But for now, this is a great beginning for the inquisitive mind that asks the question how do you hack?
and does not know where to begin.
This book is not intended to train you as a prospective member of Anonymous, but it is to satisfy the curiosity of the methods used by the elite. I don’t want to you become a criminal, and the knowledge I would like to impart is for you to find your intellectual home amongst the security specialists so highly valued by the IT industry. It is not a crime to talk about bombs, or to even investigate the science behind explosives; thus, this book should not be seen as a guide to become a criminal. It is in any case just a nudge in the right direction to understand.
Some people have the ability to just know
, but I am not one of those. I need a nudge in the right direction. And my sincerest hope is that this book will help you find the edge of that rope that is knowledge. Just don’t hang yourself with it!
Herman van Heerden
B.Sc. Hons (Cum Laude) in Computer Science
Certified Information Security Expert
Table of content
Introduction
For the beginner: Network basics
1st Stage: Information gathering
Case study – Kevin Mitnick
Social engineering
Dumpster diving
Physical visit
Personal details of the target
SPAM and email spoofing
Browser vulnerabilities
Users and user rights
2nd Stage: Scanning
Port scanning – nmap
Network scanning – autoscan
Intrusion detection and prevention systems (IDS/IPS)
Firewalls and honeypots
Proxies and tunneling
Web FUZZING
3rd Stage: Gaining Access
Case study – WikiLeaks
Ethical parameters and the moral gray area
The Word Wide Web
Client side versus server side scripts
Finding information on the website you visit
SQL injections
Cross site scripting (XSS)
Session hijacking
System/OS access
4th Stage: Maintaining Access
Case study – Sony BMG
Ethics – Contract period and backdoor disclosure
OS level access
Viruses, Works and Trojans
Steganography
5th Stage: Covering your tracks
MS Windows™
LINUX
MacOSX
TOR
A final word
Introduction
This book is an introduction to ethical hacking. Let’s explore this, shall we?
Introduction:
Please, do not expect this book to take you by the hand and show you how to hack your friend’s Facebook
account. We investigate the science behind hacking. Application of the knowledge is up to you.
2. Ethical:
How can hacking be ethical? A rose by any other name… We see the implementation of what we do and want to allow you to do as the basics of the IT security trade. The word hacker
has been used and misused so many times. So rather than stressing the semantics, we believe you should know the tricks of the trade. The way you use it is yet again up to you. We believe you will choose the ethical path, and not use your knowledge for evil. With great power…
3. Hacking:
Hacking, in the mind of the public, is the guy (or girl) with the skill to access computer systems where access seems closed to others. Knowingly or unknowingly, these people have processes they follow. We have spelled out these processes, allowing the magic to seem quantifiable.
As inspiration, we have followed the most popular courses in hacking’s example, and defined 5 stages of a hack. These are:
Information gathering
System scanning
Gaining access
Maintaining access
Covering your tracks
Using these headings, we will look at case studies and examples of each. This will clarify the stage better than any definition will ever do. All these cases are true and can be research in more detail online. We will use the Wikipedia entries as base, giving you the right end of yarn.
In addition to just examples, we will go into more practical stuff as well. We advise you to get yourself BackTrack5 and write it to DVD or USB stick. It is the key item in the arsenal of a hacker; everything is configured and ready to use.
Remember, it is against the law in most countries to run scans against other people’s systems. So, without authorization, you are on your own. For this book, and for scans, we will recommend you download and run a broken LINUX distribution called Metasploitable (http://www.offensive-security.com/metasploit-unleashed/Metasploitable). It was built to test the features of the Metasploit toolset. We will explore this application as well, but our focus is to understand the mechanics behind it. So, test the suggested and demonstrated tools first. As a self-study exercise you can replicate your results on the Metasploitable distro with the Metasploit tool itself. Remember, sometimes one tool alone will not give you the hidden answer. So understand the methods, and the tool becomes just that: a tool, not the be-all and end-all of security testing.
For the beginner: Network basics
Introduction
If you are reading this book, you most probably know all about the content of this chapter. But as a warm-up exercise, and to get everyone on the same page, we will run through the basics of networking. No system stands alone these days, and it is essential to know the medium you use to access machines. We will not go into the low level bits and bytes, but keep it to the essentials. So, even if you know this stuff, please read through it if only to refresh your memory.
Infrastructure architecture - LAN/WAN/WLAN
Computers are used to generate data. From its inception, the output of computers were the reason for using one. And with the generation of information, storing and sharing become key. Thus the birth of networking.
ARPANET
[1]ARPANET was the world's first packet switching network and the core network of a set that came to compose the global Internet. The network was funded by the Defense Advanced Research Projects Agency of the US DOD for use by its projects at universities and research laboratories. The packet switching of the ARPANET was based on designs by Lawrence Roberts of the Lincoln Laboratory.
Packet switching was a new concept at that time. Prior to the advent of packet switching, both voice and data communications had been based on the idea of circuit switching, as in the traditional telephone circuit, wherein each telephone call is allocated a dedicated, end-to-end, electronic connection between the two communicating stations. Such stations might be telephones or computers. The dedicated line is typically composed of many intermediary lines which are assembled into a chain that stretches all the way from the originating station to the destination station.
With packet switching, a data system could use a single communications link to communicate with more than one machine by collecting data into data-grams and transmitting these as packets onto the attached network link. Thus, not only can the link be shared, much as a single post box can be used to post letters to different destinations, but each packet can be routed independently of other packets.
The Internet
PIPES, ADDRESSES, PORTS
Enjoying the preview?
Page 1 of 1