Tuesday, December 6, 2022
HomeSoftware DevelopmentMoral Hacking Cheatsheet - GeeksforGeeks

Moral Hacking Cheatsheet – GeeksforGeeks


Moral hacking consists of licensed makes an attempt to achieve unauthorized entry to laptop techniques, functions, or knowledge. Moral hacking requires replicating the methods and behaviors of malicious attackers. This observe helps establish safety vulnerabilities, To allow them to be mounted earlier than malicious attackers can exploit them. 

Fundamentals:

Needed Phrases:

Identify of Time period Description of time period
Hack Values The pursuits of hackers are primarily based on their price.
Vulnerability A weak level in a machine which may be exploited.
Exploit Reap the benefits of the recognized vulnerability or loophole.
Payload Payload is used for the transmission of the info with the Web Protocol from the sender to the receiver.
Zero-day assault Exploit beforehand unknown unpatched vulnerabilities.
Daisy-chaining A selected assault is carried out by a hacker to achieve entry to a single system and use it to achieve entry to different techniques on the identical community.
Doxing Monitoring a person’s personally identifiable info (PII) for malicious functions.
Bot Software program is used to carry out automated duties.

Components of Data Safety:

Identify of Time period Description of time period
Confidentiality Guarantee that info is simply accessible to licensed individuals.
Integrity Guarantee accuracy of data.
Availability Ensures availability of assets when requested by licensed customers.
Authenticity Be sure that the standard shouldn’t be damaged.
Non-repudiation Guarantee supply and receipt reviews by sender and receiver respectively.

Phases of Moral Hacking:

Identify of Time period Description of time period
Reconnaissance That is the primary stage through which hackers attempt to collect details about their targets.
Scanning & Enumeration  Throughout this stage, knowledge is scanned utilizing instruments comparable to dialers, port scanners, community mappers, sweepers, and vulnerability scanners.
Gaining Entry  On this section, utilizing the info collected in Phases 1 and a couple of, hackers design a blueprint for the goal’s community.
Sustaining Entry  As soon as hackers achieve entry, they need to retain that entry for future exploits and assaults. As soon as hackers personal a system, they’ll use it as a base to launch additional assaults.
Overlaying Tracks  Earlier than attacking, the attacker adjustments its MAC handle and runs the attacking laptop by at the very least one VPN to disguise its id.

Varieties of Cyber Threats:

Identify of Time period Description of time period
Community threats Attackers can penetrate the channel and steal info being exchanged on the community.
Host threats Get entry to info out of your system.
Software threats Exploit gateways that aren’t protected by the applying itself.

Varieties of Cyber Assaults:

Authorized Legal guidelines and Cyber Acts:

Identify of Time period Description of time period
RFC 1918 For Personal IP Customary 
RFC 3227 For Information assortment and storage 
ISO 27002 For Data Safety Pointers
CAN-SPAM For E-mail Advertising
SPY-Act For License Enforcement 
DMCA For Mental Property 
SOX For Company Finance Processes
GLBA For Private Finance Information 
FERPA For Schooling Information 
FISMA For Authorities Networks Safety Requirements
CVSS For Frequent Vulnerability Scoring System 
CVE For Frequent Vulnerabilities and Publicity 

Reconnaissance:

Footprinting info:

Identify of Time period Description of time period
Community info Scan domains, subdomains, IP addresses, Whois and DNS entries, VPN firewalls, and extra with it.
System info Internet server, working system, server location, consumer, username, password, passcode.
Group info Worker info, organizational background, telephone quantity, and placement.

Footprinting Instruments:

Identify of Time period Description of time period
Maltego Maltego is software program used for open-source intelligence and forensics.
Recon-ng Recon-ng is an internet reconnaissance device written in Python. 
FOCA FOCA is a device primarily used to search out metadata and hidden info in scanned paperwork. These paperwork might be discovered on the web site.
Recon-dog ReconDog is a free, open-source device out there on GitHub that’s used for info gathering.
Dmitry Dmitry or Deepmagic Data Gathering Instrument is a command line utility included with Kali Linux.

Google Hacking (Dorks):

Identify of Time period Description of time period
website: Used to assemble database solely from  specified domains
inurl Used to assemble database solely from pages with a question in  URL
intitle Used to assemble database solely from pages with the question within the title.
cache Used to assemble database from a cached model of the queried web page
hyperlink Used to assemble database from pages containing the requested URL. Discontinued.
filetype Used to assemble database Solely outcomes for specified file sorts

Scanning Networks:

Entails gathering extra details about the sufferer’s host, port, and community companies. It goals to establish vulnerabilities after which plan assaults.

Scanning Varieties:

Frequent Ports to Scan:

Scanning Instruments:

Identify of Instrument Description of Instrument
Nmap Nmap (“Community Mapper”) is a free and open-source utility for community exploration and safety testing.
Hping Hping is a command line-oriented TCP/IP packet compiler/parser.
Arping Arping is a device for polling hosts on a community. Not like the ping command, which operates on the community layer.

Enumeration:

Enumeration is a course of in moral hacking, which Work together with the system and interrogate it to acquire the required info. Entails the invention and exploitation of vulnerabilities.

Enumeration Methods:

Identify of Time period Description of time period
Home windows enumeration  It helps to get system info.
Home windows consumer account enumeration It’s course of to examine the present consumer.
NetBIOS enumeration  Configure IP handle  (default gateway, subnet, DNS, area controller).
SNMP enumeration  Means of assortment of details about all community configurations.
LDAP enumeration  To entry listing listings in Energetic Listing or from different listing companies
NTP enumeration  Utilizing the NTP enumeration, you possibly can acquire info comparable to an inventory of servers related to the NTP server, IP addresses, system names, and working techniques 
SMTP enumeration  SMTP enumeration permits us to establish legitimate customers on the SMTP server.
Brute forcing Energetic Listing  In a brute pressure assault, an attacker beneficial properties entry to your system simply by repeatedly logging in with a number of passwords till they guess the fitting password.

Sniffing:

Sniffing Entails retrieving packets of knowledge over a community utilizing a particular program or system.

Sniffing Varieties:

Sort of Scanning Description
Passive sniffing In passive sniffing, There isn’t any packet sending is required.
Energetic sniffing In lively sniffing, We request a packet with supply and vacation spot addresses.

Sniffing Instruments:

Identify of instruments for sniffing Description
BetterCAP

The BetterCAP device is a really highly effective, versatile, and moveable greatest software program device created to carry out numerous varieties of MITM assaults in opposition to networks and manipulate its HTTP, HTTPS, and TCP site visitors in real-time, sniffing it for in addition to credentials, and far more by it.

Ettercap

Ettercap device is a software program comprehensively sharp device fitted to man-in-the-middle assaults for networks. It has options in addition to sniffing of reside connections, content material filtering.

Wireshark

Wireshark device is a device that is called one of the crucial standard packet sniffers. It provides an infinite variety of options designed to implement and help within the dissection and evaluation of site visitors for it.

Tcpdump

 tcpdump is a device that gives the flexibility to intercept and skill to observing TC P/IP and different packets throughout transmission over the community.

WinDump

A Home windows port the favored to Linux in addition to packet sniffers at tcpdump, which is a command-line device that’s good for displaying header info by it. Because of the success of tcpdump on Unix-like working techniques os, it was “ported over” to the home windows platforms to it, This merely means it was cloned to permit for Home windows packet capturing it.

Dsniff

This device is a pair of instruments designed to carry out sniffing packets with differentiating protocols with the intention of intercepting and revealing passwords as nicely the Dsniff device is designed for the Unix and Linux platforms and doesn’t have a full equal on the Home windows platforms for help.

Sniffing Assaults:

Identify of Time period Description of time period
MAC flooding Ship a number of pretend MAC addresses to the change till the CAM desk is full. This places the change open on failure, the place it propagates incoming site visitors to all ports on the community.
DHCP assaults A kind of denial-of-service assault that exhausts all out there server addresses.
DNS poisoning Manipulate the DNS desk by changing a professional IP handle with a malicious one.
VLAN hopping Assault a bunch on one VLAN to entry site visitors on different VLANs.
OSPF assaults Kind a belief relationship with adjoining routers.

System Hacking:

System hacking is outlined as a compromise between a pc system and software program to achieve entry to a goal laptop and steal or misuse their delicate info.

Varieties of system assaults:

Identify of Time period Description of time period
LM Hashing  It’s  used to compromise the password hash
Sidejacking  It  is a technique of  Stealing entry to an internet site, typically by cookie hijacking
Session Hijacking It’s the technique of focusing on and detecting client-server site visitors  and predict sequences

Social Engineering:

Social engineering refers to pressuring individuals in a focused group to reveal delicate or confidential info.

Steps of Social Engineering:

Identify of Time period Description of time period
Analysis The method of gathering details about the goal firm
Choose goal The method of Selecting a goal worker of a focused firm
Relationship It’s Gaining the belief of your goal workers by constructing relationships
Exploit The method of Extracting info from  focused workers
Id theft  Id theft happens when somebody steals your private info to commit fraud.

Internet Hacking:

Internet hacking typically refers to exploiting functions over the Hypertext Switch Protocol (HTTP). This may be carried out by manipulating the applying by an internet graphical interface, by manipulating the Uniform Useful resource Identifier (URI), or by abusing HTTP components.

Internet Server Hacking : 

An internet server is a system for storing, processing, and serving web sites. Internet server hacks embrace:

Identify of Time period Description of time period
Data gathering In internet servers hacking, Data gathering is Accumulating robots.txt to view hidden directories/recordsdata
Footprinting Footprinting in internet server hacking is a  itemizing of standard internet apps 
Mirroring This makes it straightforward to search out listing varieties and different essential data from  mirrored copies with out making a number of requests to the net server.
vulnerabilities evaluation A vulnerability evaluation is a evaluation targeted on security-related points which have a average or extreme influence on the safety of a product or system.

Internet Server Hacking Topen-sourceools:

Names of Instruments Description of Instruments
Wfetch

Wfetch was initially a part of the IIS 6.0 Useful resource Package Instruments. Can be utilized to troubleshoot HTTP redirects, HTTP standing codes, and so forth.

THC Hydra

This device is broadly used for hacking fast community logins. Assault the login web page utilizing each dictionary and brute pressure assaults.

HULK DoS

HULK is a denial of service (DoS) device used to assault internet servers by producing a novel and disguised quantity of site visitors.

w3af

w3af is an internet utility assault and audit framework. The aim of this undertaking is to create a framework that helps safe internet functions by discovering and exploiting all vulnerabilities in internet functions.

Metasploit

The Metasploit framework is a really highly effective device that each cyber criminals and moral hackers can use to research systematic vulnerabilities in networks and servers.

Sqlmap

sqlmap is an open supply penetration testing device that automates the method of detecting and exploiting SQL injection flaws and database takeovers.

Cryptography:

Encryption is the method of hiding delicate info.

Normal Phrases:

Encryption Algorithms:

Cloud Safety:

Cloud suppliers implement restricted entry and entry insurance policies with logs and the flexibility to request entry and denial causes.

Cloud Computing Assaults:

Identify of time period Description of time period
Wrapping assault Change the distinctive characters however maintain the signature legitimate.
Aspect channel assaults An attacker controls VMs on the identical bodily host (both by compromising one or inserting considered one of their very own).
Cloud Hopper assault The aim is to compromise an worker’s or cloud service firm’s account in an effort to get hold of confidential info.
Cloudborne assault Exploit particular BMC vulnerabilities
Man-In-The-Cloud (MITC) assault It runs utilizing a file sync service (comparable to Google Drive or Dropbox) as infrastructure.

Malware and Different Assaults:

Malware is a bug designed to break your system and provides its creator entry to your system.

Trojans: 

The malware is contained in seemingly innocent packages. The kinds are:

Identify of time period Description of time period
Distant entry trojans (RATs) Malware that comprises a backdoor for administrative management of the goal laptop.
Backdoor Trojans Uninterrupted entry by an attacker by putting in a backdoor on the focused system.
Botnet Trojans Set up the boot program on the goal system
Rootkit Trojans Enable entry to unauthorized areas of the software program.
E-banking Trojans It intercepts account info earlier than encrypting it and sends it to the attacker.
Proxy-server Trojans Permits an attacker to make use of the sufferer’s laptop as a proxy to connect with the Web.

Viruses: 

Listed here are some examples of laptop viruses:

Identify of time period Description of time period
Stealth virus The virus takes aggressive steps to cover an infection from antivirus.
Logic Bomb virus It doesn’t self-replicate, doesn’t improve in inhabitants, and could also be parasitic.
Polymorphic virus Modifies payload to evade signature detection.
Metamorphic virus A virus that may reprogram/rewrite itself.
Macro virus Macro creation for MS Workplace merchandise.
File infectors The virus infects executable recordsdata.
Boot sector infectors Malicious code that runs at system startup.
Multipartite viruses Mix file infectors and boot report infectors.

RELATED ARTICLES

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Most Popular

Recent Comments