Documente Academic
Documente Profesional
Documente Cultură
There are not enough well trained IT administrators and operations staff to meet the daily onslaught of cyber criminal and cyber terrorist activities. As cyber attacks increase, so does the demand for information security professionals who possess true network penetration testing and ethical hacking skills.
An ethical hacker is a computer and network expert who attacks a security system on behalf of its owners, seeking vulnerabilities that a malicious hacker could exploit.
TYPE OF HACKER
Blackhat
MODES OF HACKING
Social Engineering Remote Hacking Local Hacking
WHAT IS VULNERABILITY?
Software applications, such as the Microsoft operating system or your web browser are complex feats of engineering, often with millions of lines of programming code. Inevitably, errors creepinto the code, and some of these errors create security vulnerabilities that malefactors can take advantage of with exploits and other malware.
of scans - Network sweeps, network tracing, port scans, OS fingerprinting, version scans, and vulnerability scansOverall scanning tips - tcpdump for the pen tester, and Packet crafting for the pen tester with Hping3 and monitoring with Port scanning in-depth with traditional traceroute and exotic network mapping techniques
PASSWORD ATTACKS
The primacy of passwords Password attack tips: Making the most of password attacks in a safe and efficient manner Account lockout and strategies for avoiding it Password representation formats in depth: Windows LANMAN, NT, NTLMv1, NTLMv2, Unix DES, and Linux MD5
INFORMATION GATHERING
This is black box testing technique which bring up the basic information about a target or victim.This is first step for any hacking or security Rate of attacks also slow.
Manual process by www.whois.com. 2. You get signal online tools. 3. Ping command is used find ip address. 4. By googling. Automated process by many tools. Samspade . Metagoofil.
1.
GOOGLING
Link:cetpainfotech.com Related:cetpainfotech.com inurl:app/etc/local.xml :to know database passwd. Intitle Inurl /view/shtml Filetype Adminlogin.aspx
SCANNING
After
TOOLS
gathering informations of target we need to know the os and applications running on target. Gui Nmap . Angry ip scanner. Webarchive.org:to know the history of a website.
EMAIL HACKING
Phishing Tabnabbing Keylogger
Convert it as a batch file and bind with any software after that change icon
SECURING WINDOWS
Password policy. Ntfs security. Folder security. Image hide. Virus and trojans. Changing icons by resource hacker. Secure login by roho logon.
Etc
WEBSITE ATTACKS
Cross site scripting. Sql injection. Remote file inclusion.
PENETRATION TESTING
Penetration testing, also referred to as pen testing or pentesting, is one way to assess the security of a computer system or network, also that of online computing systems. This process is carried out by simulating an unauthorized breach both by malicious outsiders as well as by insiders. The pentesting process generally involves a thorough analysis of the system in order to find out lurking vulnerabilities in it, which a hacker could possibly take advantage