ETHICAL HACKing Course

31
Introduction to Ethical Hacking Fundamentals of Ethical Hacking Footprinting and Information Gathering Cryptography Scanning Networks Sniffing Vulnerability Analysis Website Hacking System Hacking Hacking Android Social Engineering Evading IDS, Firewalls, and Honeypots Hacking Wireless Networks Cloud Computing ETHICAL HACKing Course Get CEH Certification From DROP Organization +917477466951 Buy Hacking Course And Get Free Hacking Tools Botnet,Burp Suite Pro,Keylogger , RAT, Kon-Boot, Supporting 24/7 3000 RS Price DROP Certified Security Course{DCSC}

Transcript of ETHICAL HACKing Course

Introduction to Ethical HackingFundamentals of Ethical Hacking

Footprinting and Information GatheringCryptography

Scanning NetworksSniffing

Vulnerability AnalysisWebsite HackingSystem HackingHacking Android

Social EngineeringEvading IDS, Firewalls, and Honeypots

Hacking Wireless NetworksCloud Computing

ETHICAL HACKing Course

Get CEH Certification From DROP Organization

+917477466951

Buy Hacking Course And Get Free Hacking Tools

Botnet,Burp Suite Pro,Keylogger , RAT, Kon-Boot,

Supporting 24/7

3000 RS Price

DROP Certified Security Course{DCSC}

Earning Source

• Project Work

• Provide Security

• Solve Problem

• Telecommuting (Teleworking)

Virtual machine

Identity Theft

Phishing Attack RAT (Remote Access Trojan)SniffingFootprinting

CIA Model | Information SecurityConfidentiality,

Integrity,

Availability

Confidentiality

Integrity

Availability

Authenticity:

LOGIN Roshan

USER@Pass

Non-Repudiation :

This means that authorized users have timely and easy access to information services. IT resources and infrastructure should remain robust and fully-functional at all times even during adverse conditions, such as database conundrum or fall-overs.

This attribute assures the sender of data is provided with proof of delivery and the recipient is provided with proof of the sender’s identity, so neither party can deny sending, receiving, or accessing the data.

VECTORS : In cyber security, an attack vector is a method or pathway used by a hacker to access or penetrate the target system.

Advanced Persistent Threat (APT) : An advanced persistent attack (APT) uses

continuous and sophisticated hacking techniques to gain access to a system and remain inside for a prolonged and potentially destructive period of time.

BotNet : A botnet (short for “robot network”) is a network of computers infected by

malware that are under the control of a single attacking party

Cloud Computing : Cloud computing is the delivery of different services through the

Internet, including data storage, servers, databases, networking, and software. Cloud-based storage makes it possible to save files to a remote database and retrieve them on demand.

Insider Attack : An insider attack is a malicious attack perpetrated on a network or

computer system by a person with authorized system access.

Mobile Threats : Mobile security threats include everything from mobile forms

of malware and spyware to the potential for unauthorized access to a device s data, particularly in the case of accidental loss or theft of the device.

Viruses, Worms & Malware : A worm is a standalone piece of malicious software

that reproduces itself and spreads from computer to computer. A virus is a piece of computer code that inserts itself within the code of another standalone program, then forces that program to take malicious action and spread itself.

System Fundamentals

Network topology (Bus,Ring,Star,Mesh,Tree,hybrid)

Open Systems Interconnection Model

MAC,IP,IPV4,IPV6,PORT,DNS,NAT

Knowing OS (Linux,Windows,Android

Cryptography

Deep Web, Dark Web, Surface Web

Network topology (Bus,Ring,Star,Mesh,Tree,Hybrid)

STAR Network topology RING Network topology

MESH Network topology

BUS Network topology

HYBRID Network topology

TREE Network topology

TREE Network topology HYBRID Network topology

Network topology is the arrangement of the elements of a communication network. Network topology can be used to define or describe the arrangement of various types of telecommunication networks, including command and control radio networks, industrial fieldbuses and computer networks.

Types With Diagram

Open Systems Interconnection (OSI) ModelThe Open Systems Interconnection model is a conceptual model that characterisesand standardises the communication functions of a telecommunication or computing system without regard to its underlying internal structure and technology.

Basic Types of Networks

1. Local Area Network (LAN)2. Personal Area Network (PAN)3. Metropolitan Area Network (MAN)4. Wide Area Network (WAN)5. Campus Area Network (CAN)6. Storage Area Network (SAN)

(PAN) BT Tool

MAC,IP,IPV4,IPV6,PORT,DNS,NAT

Cryptography

A1B2C3D4E5F6G7H8I9

1A2B3C4D5E6F7G8H9I

1A2B3C4D5E6F7G8H9I

Footprinting & Information Gathering

Active footprinting means to perform footprinting by getting in direct touch with the target machine.

Passive foot printing means collecting information of a system located at a remote distance from the attacker.

means gathering information about a target system which can be used to execute a successful cyber attack.

Mirroring Websites Traceroute, Email Tracking

What kind of information can be gathered from Footprinting?

Footprinting & Information Gathering

: It allows you to download a World Wide Web site from the Internet to a local directory.

:In computing, traceroute and tracert are computer network diagnostic commands for displaying possible routes and measuring transit delays of packets across an Internet Protocol network.

:An eavesdropping attack, also known as a sniffing or snooping attack, is a theft of information as it is transmitted over a network by a computer, smartphone, or another connected device.

:Email tracking service that tracks email you sent. Sends you notification when email gets opened, find out when & where recipients read your emails. : http://whoreadme.com/

Footprinting & Information Gathering

: DNS is a naming system for computers that converts human-readable domain names into computer readable IP-addresses and vice versa.DNS uses UDP port 53 to serve its requests.

https://dnsdumpster.com/

OS Identification : A number of tools (most notably nmap and queso) can be used to identify the operating system in use.Nmap –O www.websitenama .com

: Google hacking, also named Google Dorking, is a hacker technique that uses Google Search and other Google applications to find security holes in the configuration and computer code that websites are using.

intitle: which finds strings in the title of a pageallintext: which finds all terms in the title of a pageinurl: which finds strings in the URL of a pagesite: which restricts a search to a particular site or domainfiletype: which finds specific types of files (doc, pdf, mp3 etc) based on file extensionlink: which searches for all links to a site or URLcache: which displays Google’s cached copy of a pageinfo: which displays summary information about a page

Footprinting & Information Gathering

Ping : Ping is a computer network administration software utility used to test the

reachability of a host on an Internet Protocol network. It is available for virtually all operating systems that have networking capability, including most embedded network administration software.

Wayback Machine : The Wayback Machine is a digital archive of the World Wide Web,

founded by the Internet Archive, a nonprofit library based in San Francisco. It allows the user to go “back in time” and see what websites looked like in the past.

Shodan : Shodan is a search engine that lets the user find specific types of computers connected to

the internet using a variety of filters. Some have also described it as a search engine of service banners, which are metadata that the server sends back to the client.

Scanning Networks

A port scanner is an application designed to probe a server or host for open ports. Such an

application may be used by administrators to verify security policies of their networks and by attackers to identify network services running on a host and exploit vulnerabilities.

Banner Grabbing is a technique used to gain information about a computer system on a

network and the services running on its open ports. Administrators can use this to take inventory of the systems and services on their network

Sublist3r is a python tool designed to enumerate subdomains of websites using

OSINT. It helps penetration testers and bug hunters collect and gather subdomains for the domain they are targeting.

CMSScan provides a centralized Security Dashboard for CMS Security scans. It is powered by

wpscan, droopescan, vbscan and joomscan. It supports both on demand and scheduled scans and has the ability to sent email reports.

The purpose of network scanning is to manage, maintain, and secure the system using

data found by the scanner. Network scanning is used to recognize available network services, discover and recognize any filtering systems in place, look at what operating systems are in use, and to protect the network from attacks.

Nmap is a free and open-source network scanner created by

Gordon Lyon. Nmap is used to discover hosts and services on a computer network by sending packets and analyzing the responses. Nmap provides a number of features for probing computer networks, including host discovery and service and operating system detection.

Sniffing

Wireshark : Wireshark is a free and open-source packet analyzer. It is used for network troubleshooting, analysis, software and communications protocol development, and education. Originally named Ethereal, the project was renamed Wireshark in May 2006 due to trademark issues.

HTTP Network Sniffer : HTTP Network Sniffer is a packet sniffer tool that captures all HTTP requests/responses

sent between the Web browser and the Web server and displays them in a simple table.

ARP Spoofing : In computer networking, ARP spoofing, ARP cache poisoning, or ARP poison routing, is a technique by which an attacker sends Address Resolution Protocol messages onto a local area network.

MAC Spoofing : MAC spoofing is a technique for changing a factory-assigned Media Access Control (MAC)

address of a network interface on a networked device. The MAC address that is hard-coded on a network interface controller (NIC) cannot be changed.

Web Cookies Sniffer : WebCookiesSniffer is a packet sniffer tool that captures all Web site cookies sent

between the Web browser and the Web server and displays them in a simple cookies table.

Broadband Internet Hacking

Vulnerability Analysis

Nikto Web Server Scanner : Nikto is a free software command-line vulnerability scanner that scans

webservers for dangerous files/CGIs, outdated server software and other problems. It performs generic and server type specific checks. It also captures and prints any cookies received.

WpScan : WPScan is an open source WordPress security scanner. You can use it to scan your WordPress website

for known vulnerabilities within the WordPress core, as well as popular WordPress plugins and themes.

Sparta Scanner : SPARTA is a python GUI application that simplifies network infrastructure penetration

testing by aiding the penetration tester in the scanning and enumeration phase.

Skipfish Scanner : Skipfish is an active web application security reconnaissance tool. It prepares an

interactive sitemap for the targeted site by carrying out a recursive crawl and dictionary-based probes.

Nmap Security Scanner : Nmap is a free and open-source network scanner created by Gordon Lyon.

Nmap is used to discover hosts and services on a computer network by sending packets and analyzing the responses. Nmap provides a number of features for probing computer networks, including host discovery and service and operating system detection.

Vega Vulnerability Scanner : Vega is a free and open source web security scanner and web security

testing platform to test the security of web applications.

Acunetix Web Vulnerability Scanner : Acunetix is an application security testing solution for securing

your websites, web applications, and APIs

OWASP Zed Scanner : OWASP ZAP is an open-source web application security scanner. It is intended to be

used by both those new to application security as well as professional penetration testers. It is one of the most active Open Web Application Security Project projects and has been given Flagship status.

Burp Suite Scanner : Burp Scanner automates the task of scanning web sites for content and vulnerabilities.

Hacking Website

System Hacking

Port Forwarding : In computer networking, port forwarding or port mapping is an application of network address translation that redirects a communication request from one address and port number combination to another while the packets are traversing a network gateway, such as a router or firewall.

Windows Remote Hacking : The Remote Access Trojan (RAT) can almost be considered the “legacy” tool of hackers. The RAT is a malware program that uses a back door for administrative control over the targeted computer.

Windows Login Password Hacking : Reset Administrator & User Passwords on Any Windows without Reformatting or Reinstalling System. 100% Success Rate!

“iSeePassword Windows Password Recovery Pro”

Windows Cookies Password Hacking : Windows that allows you to view the user names and passwords stored by Web browser.

Hacking Android

Android Remote Hacking : The Remote Access Trojan (RAT) can almost be considered the “legacy” tool of hackers. The RAT is a malware program that uses a back door for administrative control over the targeted computer.

Android Hacker Keylogger : Keystroke logging, often referred to as keylogging or keyboard capturing, is the action of recording the keys struck on a keyboard, typically covertly, so that a person using the keyboard is unaware that their actions are being monitored. Data can then be retrieved by the person operating the logging program.

Network Scanning : Network scanning refers to the use of a computer network to gather information regarding computing systems. Network scanning is mainly used for security assessment, system maintenance, and also for performing attacks by hackers.

Social Engineering

In the context of information security, social engineering is the psychological manipulation of people into performing actions or divulging confidential information. This differs from social engineering within the social sciences, which does not concern the divulging of confidential information.

Evading IDS, Firewalls, and Honeypots

Evading IDS : Intrusion detection system Some IDS evasion techniques involve deliberately manipulating TCP or IP protocols in a way the target computer will handle differently from the IDS. For example, the TCP urgent pointer is handled differently on different operating systems.

Firewalls : To provide better protection, your networks should have multiple layers of firewalls, both at the perimeter and separating different assets on your network. For example, you could have a hardware or cloud firewall at the perimeter of your network, then individual software firewalls on each of your network assets.

Honeypots : The honeypot looks like a real computer system, with applications and data, fooling cybercriminals into thinking it's a legitimate target. For example, a honeypot could mimic a company's customer billing system - a frequent target of attack for criminals who want to find credit card numbers.

Hacking Wireless Networks

What Is WPS : Wi-Fi Protected Setup (WPS) is a feature supplied with many routers. It is designed to make the process of connecting to a secure wireless network from a computer or other device easier.

WIFI Hacking : WIFI Hacking Using WPS Security

WIFI NETCUT | Network Hacking : NetCut is a solution that is helping you to admin your network based only on ARP protocol . It can execute several tasks as list IP-MAC table in seconds, turn off & on network on any computer on your LAN including any device like router or switcher. Also, NetCut can protected users from ARP SPOOF attacks.

Introduction Arduino uno mcu esp8266 : Arduino is an open-source electronics platform based on easy-to-use hardware and software. Arduino boards are able to read inputs - light on a sensor, a finger on a button, or a Twitter message - and turn it into an output - activating a motor, turning on an LED, publishing something online.