Ethical hacking is a term used for identifying the hacking threat done by an individual or company to help know the potential threats on any network or computer. Ethical hackers are given permission to hack the system by the product owner so that identifying the weakness is made easy. The weakness can be fixed later.
A hacker is a person who exploits the weakness and shortfalls in a computer system or network. This process can contain engaging in illegal activities like stealing private information, accessing and altering network configuration, sabotaging the user interface of the computer OS.
Ethical hacking is the process of intruding a network or a system to identify the threats or vulnerabilities present in them. This process enables us to fix the weaker areas of the systems or network in order to protect them from persons who try to attack them.
In the process of hacking, there are many types of hackers and ways of doing it. Below are some of them: White Hat Hackers Black Hat Hackers Grey Hat Hackers Blue Hat Hackers Elite Hackers Skiddie Newbie Hacktivism Intelligence Agencies Organized Crime.
The steps performed by hackers to intrude systems or network are as follows: Reconnaissance: In this process, the hacker tries to gather user information and finds weak spots if present. Scanning and Enumeration: In this process, the hacker uses the gathered information to examine and test the network. Gaining Access: After successfully completing the first and second phases, the hacker has complete access to the System and Network. Maintaining the Access: As the hacker has breached your security access in the previous stage, he now tries to install some scripts and sees that he has total access to the computer in the future. Clearing Tracks: In this stage, the hacker tries to clear all the tracks and tries to escape from getting detected by security personnel.
There are many sniffing tools available, all have their own features of gathering information and analyzing traffic. Some of the commonly used tools are listed below: Wireshark WinDump Ettercap Diff EtherApe MSN Sniffer
Spoofing is the process of making communication by hiding the identity and acting as a trusted source. It is used to gain access to the target system and used to spread malware through harmful attachments or infected links. Spoofing can be done in many ways like: Email Websites Phone calls IP address Domain Name System(DNS)
Phishing involves a process of contacting the target user by email, phone or text message and gathering sensitive information like credit card details, passwords, etc.
“DDoS” or “Distributed Denial of Service” is explained as a malicious attempt to interrupt regular traffic of a targeted server or network by profusing the target with a flood of internet traffic.
DDoS attacks are mainly of three types, they are: Application Layer Attacks Protocol Attacks Volumetric Attacks
SQL injections is a web hacking technique used to destroy a database. It executes malicious SQL statements and controls a database server behind a web application. Hackers make use of these statements to bypass the security measures of the application.
Both penetration testing and vulnerability scanning are powerful tools for monitoring and improving information security. Let’s see the difference between them: Vulnerability Scanning Penetration Testing This is an automated test This is a manual test conducted by a security professional Detects and reports Vulnerabilities Exploits Vulnerabilities and determines the type of access This is an instructive method This is a non-instructive method Need to be done continuously Usually done once a year
Footprinting is a process of gathering user data and finding ways to penetrate a target system. A hacker tries to collects all the information about the organization, host, network and people before intruding a network or a system.
Extracting usernames, network resources, machine names and services from a system is known as Network Enumeration. This stage is crucial for an attacker to send direct queries and gain more information about the target by creating an active connection to the system.
Accessing the security of IT systems is carried out by penetration testing. Here are some of the important tools to perform it: Nmap Metasploit Aircrack-ng Nessus Burp Suite
Keylogger is a basic tool used by software companies to troubleshoot and check if there are any technical problems on their network or systems. But, hackers use these keyloggers to track the keystrokes of the user and gain access to their sensitive information.
RAnsweromware is a type of malware, which restricts users from accessing their personal files or system and demands a ransom to regain access to them. Depending on the severity of the attack ransomware is categorized into three types, they are: Scareware Screen lockers Encrypting ransomware
Malicious crypto mining or Cryptojacking is a type of online threat which uses the machine resources to mine forms of digital money known as cryptocurrency. This process can be carried out on a mobile device or on a computer.
There are many ways to protect your personal computer from getting hacked, some of the important ones are listed below: Try to update your OS frequently for security updates to stay protected from hackers. Format all the devices which you plan to sell as there is a chance of information getting into other hands. Secure your wifi with a password and do not let it be open to others. Choose your security Answerwers creatively. Choose a smart way of emailing as the phishing campaigns are still live. Keep your sensitive information away from the cloud.
Adware is a type of unwanted software created to show advertisements automatically onto your desktop or mobile screens. These appear mostly while using a web browser on a computer system or a mobile.
Data breach comes under the process of a Cyberattack that enables cybercriminals to get unauthorized entry to a computer or a network. This allows them to steal private, confidential, sensitive and financial data of customers or existing users. Most common attacks followed by cybercriminals are: Spyware Phishing Misconfigured or Broken access controls.
Management Information Base(MIB) is a group of network objects which are manageable. These objects are a logical form of Physical networking components which are Simple Network Management Protocol(SNMP) Enabled. MIB’s store information about software versions, available storage disk space, IP address or port number.
There are mainly five types of password cracking techniques, they are: Hybrid attack Rainbow table attack Brute Force attack Syllable attack Rule attack
Different types of Spoofing attacks are: IP Spoofing Attack. DNS Spoofing Attack. Media Access Control (MAC) ARP Spoofing Attack.
Cowpatty is reliant on C-language which is used to run a brute-force dictionary attack against protected wi-fi protocols such as WPA-PSK and audit pre-shared WPA keys.
A script kiddie is someone who lacks basic skills of programming knowledge and makes use of simple software to perform an attack on a computer.
Secured Socket Layer(SSL) is a peer to peer communication system in which each connection is related to one SSL session. Whereas, an SSL session is defined as a link between the client and server basically created by the handshake protocol.
SSL is used for providing secure connection between server and a browser. Here are some of the components used in SSL: Change Cipher Spec Handshake protocol SSL record protocol Encryption Algorithms.
It is a malicious program which can copying itself and cause some destruction to the user, such as corrupting the system or destroying data.
All form of viruses are referred with a generic term Malware which is malicious which executes without proper consent of the user or administrator.
Adware is type of malware that will load and display some online or offline Ads in your computer system.
Spyware is a type of malware that will be used to spy an individual or an organization by the way of accessing the whole system, specific files from the file system, camera, voice or keylogging.
A worm is a self-duplicating malware that keeps on replicating inside the system as well as in a network.
A vulnerability is a hole or threat in a system or software which allows a hacker to exploit and steal information or affecting business continuity.
The act of taking advantage of the vulnerability and successfully hacking or compromising a vulnerable system or network and gaining its access or files.
A threat is a potential risk or danger that can exploit a vulnerability existing in the system or network.
Attack is the act of scanning the vulnerability and exploiting it to gain access to the target system/software/file.
Back door is the act of creating and maintaining unauthorized access to the compromised systems.
A bot is a script/program/software created to attack faster than humans.
A botnet is a network of Bots (compromised targets of a hacker) which will be used as a source for Dos or DDos attacks.
A brute force attack is normally used to guess username or password by the way of trying all the possible combinations of alphabets, numbers and special characters.
Buffer Overflow is an error which is occurred when the size of data injected to the buffer is greater than the allocated buffer size.
A cracker is a hacker who modifies the software to gain access to some or all of the features which are available in different paid/licensed versions leading to software piracy.
This attack is an offensive attempt to make a server or a network device to deny its service (say HTTP/HTTPS) to the legitimate users, by flooding a huge wave of traffic to it.
DDoS attack is the Distributed form of DoS performed by using Botnets or Trojans from different regions.
Firewall is a software program or a hardware device that basically acts as a filter to configure rules which allows or denies the desired traffic by the way of protecting the organizations perimeter from outside attacks.
Social engineering is the practice of tricking someone with the determination of gaining personal and sensitive information, like usernames and passwords or credit card details.
A Spam is unintended information or Ads or marketing messages which are sent as email or SMS to a large number of users without their consent.
Spoofing is the process of imitating a trusted/authorized host or a device by an unauthorized attacker to send or receive from or to the target systems.
SQL injection is a technique or attack which uses malicious inputs to bypass a query which can be username or password or any input which uses SQL statements to query the database.
Cross-site scripting (XSS) is a type of web applications vulnerability which makes the attackers to inject client-side script into a compromised web site viewed by the users.
A Trojan, or Trojan Horse is malware injected or modified inside a legitimate program or software which are available in unauthorized internet sources.
These Trojans create backdoor on a computer. This makes an attacker to gain access the computer and operate it remotely. The data can be uploaded from the target host to any public sites or sold in black markets. Or more malware can be uploaded to your device.
These Trojans behave like antivirus software and request users to pay money to detect and remove viruses which may be real or fake.
The target of these Trojans may be online gamers. These Trojans steal the account information and payment card information of the fellow gamers.
This Trojan executes DDoS attacks. The aim is to bring down a network or system or service by flooding it with a large amount of traffic which cannot be handled by the target from different Trojan sources.
These type of Trojans enables the attacker to gain elevated access to the compromised targets to control it remotely and to spy using it.
These Trojans are used to steal personal and valuable information from the compromised hosts.
This Trojan is designed in such a way that it lock or encrypts important or all the files available in the file system and demands a ransom of money to unlock or decrypt it.
This Trojan finds and steals the emails stored anywhere in your computer even though the keyloggers. They are intended to sell those email ids to digital marketers or spammers.
This type of Trojans target compromised or infected computers to download and install a new malware or it updates of the already available malware and adware with their newer versions.
Scanning is the process of identifying IPs of Hosts in the network, it’s corresponding open TCP/UDP ports, protocol version, OS details etc., using some tools.
Network Scanning Port Scanning Vulnerability Scanning
NMAP Metasploit Burp Suite Hashcat Maltego Wireshark
SYN Flooding ICMP Flooding Buffer Overflow Smurf Attack
ARP Spoofing IP Spoofing DNS Spoofing
Cryptominer is a malware which mines cryptocurrency. It is a malware which is created to use or steal a computer’s hardware resources of the target or infected system for cryptocurrency mining without any prior knowledge of the user.
White hat, Black hat, Grey hat
Vulnerability is the weakness in the system, Exploit is successful attack using the vulnerability
Process of converting human-readable content to unreadable junk values using special keys
Process of converting human-readable content to unreadable junk values using a special algorithm
Information gathering Enumeration Scanning Exploitation Covering Tracks
This attack is used to make the network/system resource not available to the service provider or user
Spoofing is nothing but pretending to be a system within a network of systems
Sniffing a process of monitoring the network traffic without the knowledge of the actual user
Encryption Hashing Encryption is reversible Hashing is irreversible Encryption ensures confidentiality Hashing ensures Integrity
Confidentiality : Keeping the information secret. Integrity : Keeping the information unaltered. Availability: Information is available to the authorized parties at all times
Vulnerability Assessment Penetration Testing Vulnerability Assessment is an approach used to find flaws in an application/network It is the practice of finding exploitable vulnerabilities like a real attacker will do
Blind SQL injection Time-based SQL injection Error-based SQL injection ARP Spoofing Attack. DNS Spoofing Attack. IP Spoofing Attack.
PGP is pretty good privacy used for email security
File Transfer Protocol (FTP)
Spoofing, Tampering, Reputation, Information Disclosure, Denial of Service, Elevation of Privilege.
Sniffing is a procedure used by hackers to monitor and capture all the network packets with the help of sniffing tools. For example, this process is similar to tapping a phone call and listening to the ongoing conversation.
Benefits: Used for foiling the security attacks. It helps to prevent any type of data theft. Easy to plug the loopholes and bugs. It prevents any type of malicious attack. Drawbacks: A lot of massive security issues are created. It includes stealing valuable and private information from users. You have to violate a lot of privacy regulations to perform hacking. Accessing the system in an unauthorized way.
There are three various types of hackers when divided based on the legality and motive of actions Black Hat: This type of hackers create auspicious malware and gain access in an unauthorized way to the network or system. They steal private and valuable information from the network or computer by harming its operations. White Hat: This type of hackers are otherwise called in the name of ethical hackers. Individuals, government agencies, or companies employ them to identify the vulnerabilities. They don’t harm the system but identify the weakness in the system or network as part of vulnerability assessments and penetration testing. Grey Hat: Combination of black hat and white hat is the grey hat hackers. They identify the system vulnerability without the permission or knowledge of the owner. The only goal of grey hat hackers is to make a weakness in the system or network and take it to the attention of the owner. They then demand or threat them for some incentive or compensation from the owner. There are also some other types of hackers namely Hacktivist Elite Hackers Blue hat Script kiddie Neophyte Red hat
There are different types of hacking namely Network hacking: In this type of hacking, hackers gather data about computers or networks with the help of tools like ping, Telnet, etc. They harm the operations of the system or networks and then block its operations. Password hacking: In this hacking, the hackers recovers all secret passwords from the information stored in the network or computer. Website hacking: the hackers access the web servicer, their interfaces, databases, and other relevant software in an unauthorized way and make few changes to the data. Computer hacking: In this type of hacking, hackers access the network or system in an unauthorized way and steal the computer ID, password, and other data through different hacking techniques. Email hacking: In this type of hacking, hackers access the email account of the owner in an unauthorized way.
There are five phases in the hacking process namely Reconnaissance: The primary process in which the hackers try to gather all data about the targeted system or network. Scanning: The data collected during the primary phase is used to identify and examine the targeted network or system. The hacker makes use of automated tools like vulnerability scanners, mappers, and port scanners in this scanning phase. Obtaining access: The phase of real hacking is gaining access. The hackers try to identify the vulnerabilities determined in the primary phase and scanning phase to acquire access. Maintaining access: Once the access is obtained, the hackers store them for future exploitation. They use trojans, rootkits, and backdoors to secure their access. Covering tracks: after gaining and maintaining access, the hackers carefully cover their traces and tracks to avoid finding them. It enables them to avoid legal actions and continue using the hacked system.