Raju Ginni

wordpress tutorials seo hosting etc

You are here: Home / tutorials / [INTRO] Ethical hacking / cyber Security / Penetration testing Tutorial -{updates frequently}

[INTRO] Ethical hacking / cyber Security / Penetration testing Tutorial -{updates frequently}

Table of Contents

Server/website

  1. DOS / DDOS attacks to servers  Solution-> Rate Limiting requests per second.
  1. Networking hacking fake pocket Replication from fake IP.
  2. SQL Injection ->  manipulate data (CRUD) Create, read, update and delete Stealing Database Login details.
  3. Web exploit (cookies, sessions, query strings)
  4. Source code Injection -> Injecting malicious / backdoor code to file ex: index.php  to control displaying ads or phishing.
  5. Defacing -> hacking website and uploading  Index.php or index.html -> to indicate website has hacked.

Computer

  1. Phishing with fake websites by sending emails -> check SSL
  2. Spyware=> it acts as Spy to your computer.
  3. Rootkit -> Hides the malicious software process from windows task manager.
  4. botnet -> it sends data to the 3rd party server.
  5. Adware -> Install unwanted adware software to show unnecessary ads: ex: a third-party search engine.
  6. Trojan Horse -> it purposes to prevent viruses but itself replicates the virus.
  7. ransomware to lock the computer and demanding money otherwise they deleted the data example: wanna cry.
  8. Clickjacking

Purposes

  1. To steal passwords by phishing and SQL injection.
  2. to gain financial advantages by hacking bank servers
  3. Control computers & mobile remotely (take photos & send activity, documents all the data) ex: keyloggers

Tools

FUD > (Fear, Uncertainty, and Doubt) Not detectable by Antivirus Programme.
RAT-> remoter Administration tools.
Firewall-> IP tables Linux and windows.
TOR->software for enabling anonymous communication
Kali Linux -> built-in tools for hacking.
keyloggers -> to collect typed data & more advanced taking pictures.
Proxies & VPN -> To hide their IP Address.
etc
Hackers by Type
white hat-> legal to assist companies & government to test application security.
Grey hat-> they are between white & black.
Blackhat -> pure advantage to making harm & personal advantage.

ethical hacking and cybersecurity & penetration testing

difference between cybersecurity and ethical hacking.
  1.  Cybersecurity: guard networks, computers, programs and information from attack, injury or unauthorized access.  knowledge of hacking & decryption.
  2. Ethical hacking / HACKER .assessing the security of computer systems, victimization penetration testing techniques part of cybersecurity.
  3. Penetration testing: checking vulnerabilities of the target system for the purpose of securing and hacking part of ethical hacking.