Post

Hacking Course

Posted Updated
By Chung Duc Nguyen Dang
1 min read
Hacking Course

Elements of Information Security

Confidenitality

Assurance that the information us accessible only to those authorized to have access

Itegrity

The trustworthiness of data or resources in iterms of preventing improper or unauthorized changes

Availability

Assurance the the systems responsible for delivering, storing, and processing information are accessible when required by the authorized users

Authenticity

Refers to the characteristic of a communocation, document, or an data that ensures the quality of being genuine

Non-Repuciation

A guarantee that the sender of a messgae connot later deny having sent the message and that the recipient canot deny having received the message

Tatics, Techniques, and Procedures (TTPs)

attack.mitre.org

Attackers attempt various attack techniques to exploit vulnerabilities in a computer sustem or its security policy and controls in order to fulfil their motives

Hacker and their Motivations

  1. White Hat Hackers
  2. Black Hat Hackers
  3. Gray Hat Hackers
  4. State-Sponsored Hackers

Ethical Hacking

To prevent hackers from gaining access to the organization’s information systems To analyze and strengthen an organization’s security posture, including policies, network protection infrastructure, and end-user practices

H1

Footprinting and Reconnaissance

Footprinting Methodology

H1

  1. shodan
  2. google gemini-cli
  3. dnsdumpter
  4. netcraft => search DNS
  5. wayback machine => history of website
  6. peekyou => serach username
  7. itelx => search the information, which is pushed to the internet
  8. OSINT Framework

Scanning Network

Explain Network Scanning Concepts

H1

  1. Network Miner

Host Discovery Techniques

Used to indentify the active/live system in the network

H1

To detect OS of the target machine

nmap -sV –script smb-os-discovery.nse

H1

Port Scaning

Categorized according to the type of protocol used for communication

H1

Nmap Script Engine

smb-os-discovery is an inbuilt script that can be used for collecting OS information on the target machine through the SMB protocol

nmap -sV -p445 –script vuln

H1

Example about the detail command for scaning

nmap -sV -O -sC -v -oN nmap-win7.txt -p-

Eumeration

Simple Network Management Protocol (SNMP)

snmp-check nmap -sV --script snmp-processes

Metasploit

msfconsole

Networking
This post is licensed under CC BY 4.0 by the author.