Ethical Hacking For Beginners (Chapter-3)

Ethical Hacking For Beginners (Chapter-3)

Steps used in Ethical Hacking:-

There are mainly 5 steps in ethical hacking/ cyber security.

1. Reconnaissance

2. Scanning

3. Gaining Access

4. Maintaining Access

5. Clearing Track

1. Reconnaissance:- 

The process of collecting information about your defined target in depth is known as reconnaissance. Attackers perform this step before diving into any hacking attack. It’s basically a data collection procedure for the targeted victim. It contains several smaller steps also that are:-

• Footprint:- Gathering data about the target system. It mostly scans the OS, firewall, IP address, Server details, ISP/ VPN details of the target system.

• Enumeration:- This is the substep of reconnaissance where the attacker tries to find out the victim’s Name, System’s name( for future attack mostly social engineering attacks.

• Scanning:- The most important step is to find all the machines/ servers in a network/ framework (mostly in LAN mode) associated with a networking device (router) and scan it's an open port for performing an attack to compromise a group of systems or an organization.

2. Scanning:- 

The second step after defining and doing background research about the target victim/ system/ organization.

There are a few types of scanning attempts attackers do they are mostly:-

• Network Scan:- Scanning of victim’s computer’s Open ports, IP address, the running process in that system, OS details, system configuration etc.

• Port Scan:- It’s similar to finding the backdoor of the victim’s system by using which attacker will gain access later. It include TCP/UDP port scans also

• Vulnerability Scan:- FInding the weakness of the victim's system. Now weakness depends upon various factors. The most common weakness(Vulnerability) is OS vulnerability(outdated OS) and Network vulnerability(Unencrypted network/ using public network/Wifi). And some others are not using firewalls, using unauthenticated software/ keygen which mostly contains malware.

3. Gaining Access:- 

Now comes the actual step. Gaining access to the victim's system. There are several methods available for gaining access. Most common are:-

• Password cracking:- most common password cracking methods are brute force, dictionary attack, rainbow table attack, phishing, social engineering, malware attack.

• Unsecured Network:- If the victim using a network which don’t have any encryption, or using any public network,

• Spyware:- Most common method, sending spyware through email, any software or through any communication medium to the victim's system and gaining access to that system through that spyware. (mostly trojan)

• Session Hijacking/ Man in the middle:- This attack is performed using session cookie hijacking from the victim’s browser or through getting access to the victim's unprotected network. And in this case, the attacker silently captures the in/outbound data transmitting from the victim's system.

• Phishing attack:- In this case victim is being tricked by the attacker to enter his/her credentials to a fake website/ system without identifying that fake system. Most attackers send a fake link through mail/ other communication medium pretending to be a legitimate authority.

• Data Breach:- Nowadays it is the most common way of getting the victim of cyber fraud. And it’s out of the end user’s control. Most attackers target the big companies’ user database and find out user information, id card, email id, location, and in fact credit card details too.

To avoid this type of attack users are always warned to change their credentials at least once in a month(basically password/ security pin). And never share any sensitive information through phone or mail without being sure that the person on the other side of the phone/ mail is 100% legitimate.

4. Maintaining access:-

The step is when an attacker tries to maintain the access/ ownership which he gained over the victim’s machine. For this step, they use the backdoor, rootkit, rat, trojans, etc. And they try to upload sensitive data from the victim’s pc to their server or system. (which they use at a later point of time for blackmailing/ threatening the victim) And after that in some cases, they lock(Encrypt) the victim’s PC and ask for ransom (bribe) to unlock the PC(Ransomware attack). And mostly they just take the ransom and fly away.

5. Clearing Track:- 

After performing a successful attack the attacker clears all the evidence of that attack so that cyber forensic experts can’t trace back them or can’t take any legal action. In this step attackers mostly clear all the log files from the victim's PC as well as their own PC too, Clears up all connections which they established, destroy all the payloads, rootkits, rats, trojans, etc. And in some cases, they also destroy their systems too after backing up all the data from it so that nobody can’t trace it back them.

In the next chapter, we will discuss Linux. So stay tuned and Happy Learning!.

Ethical Hacking For Beginners (Chapter-2)

Ethical Hacking For Beginners (Chapter-2)

In this Chapter of the Ethical Hacking for Beginners series, we are going

to learn some of the most used Ethical Hacking Terminologies.

Which you'll need to understand how ethical hacking works.

Some Ethical Hacking Terminologies:-

• Adware:- A piece of code/ Software/ script used to show forcefully ads by getting into your system/ browser without your permission.

• Attack:- An action performed to get into your system forcefully without your permission.

• Backdoor:- Basically a method of bypassing authentication in a computer/ system/network. Used by Trojan mainly for obtaining remote access to your system. And spying upon you.

• Breach:- When a hacker successfully exploits a system and gains access to that system or its files or network and most of the cases leak sensitive data or sells them.

• Bugs:- A vulnerability/ weakness in a system/ software/ network/ device. Which was made by developers unintentionally or by mistake.

• Bot:- Short form of robot. Basically, an automated program is used to perform the same task repeatedly for a huge number of time. Like trying different passwords in a login form to get access, where there is no human interaction. The whole script is being run by that bot.

• Buffer Overflow:- A flaw in a program that leads to overflow in a memory block (called buffer memory) by entering data more than the capacity of that memory block and making other data overwritten by that newly entered data and in most of the cases gaining access to that system.

• Deep Fake:- And edited audio or video clip manipulated to seem real or believable. Mostly created/ edited using softwares.

• Encryption:- Process of encoding data to prevent data theft. Only decoded by a virtual key(secret set of data(string))

• Exploit:- A piece of code/ script/ software used to take advantage of a bug or may be to compromise the security of a computer system.

• Pentesting:- Short of Penetration Testing. means of evaluating security using hacker tools and techniques with the aim of discovering vulnerabilities and evaluating security flaws.

• Quarantine:- The process of isolating a file suspected of being infected with a virus in a storage device in order to prevent it from contaminating other files or other drives. Antivirus uses this feature to prevent virus infection in a system.

• Spam:- An unsolicited email/ junk email sent to a group of recipients without their consent. Mostly for advertising or hacking(phishing) purposes.

• Threat:- Possible danger which can compromise a system/ network using a vulnerability/ exploit.

• Vulnerability:- A weakness in a system/ program/ network by using which a hacker can gain access in that system and compromise that system.

These are some of the most important terminologies for ethical hacking.

There are so many others also. Will discuss and introduce those later

during the tutorial.

Ethical Hacking for Beginners (Chapter -1)

Ethical Hacking for Beginners (Chapter -1)

 

What is Ethical Hacking?

Hacking is basically the activity of identifying a vulnerable (Weak) computer system or a computer network and gaining access(penetrate through) to that system to get personal data or compromise that system or take over that system. Ethical hacking is that same thing but doing it legally or ethically (you can say ‘safe practice’) by taking permission(Mostly written) from that authority on which you are going to penetrate through their system so that if anything happens (damage) by your side unintentionally to that authority or to someone who is connected with that authority, they can’t sue you up.

Types of Hackers:-

These are Major types of hackers you can see through the globe:-

1. Blackhat Hackers(Crackers):- These are the bad guys. Who gains unauthorized access to a system. And steal personal data/ money, misuse them or may compromise or damage your system, violate policy regulations, or may blackmail you for anything(mostly money or sensitive data).
2. Whitehat Hackers(Ethical Hackers):- These are the good guys or you can say Cyber Security tester. Who can hack into your system with your permission and let you know about your system's vulnerability or let you know about new security threats and vulnerabilities to make you safe from the latest security threat or data breach.
3. Greyhat Hackers(Mixed of two):- These are the mixed kind of guys who may be doing hacking for fun or may be trying to be cool by doing hacking activity. They might hack into your system without your permission or may contact you to let you know your system’s vulnerability. Or may sell your personal data, that totally depends upon them.

Apart from these are the 3 types you can see some other non-popular types of hackers:-

1. Hacktivists:- These are mostly a group of hackers or maybe an individual whose motive is to hack a system for social or political or religious reasons and after that, they just leave their message on that compromised system. In most of the cases, they don’t damage/harm the system. Eg:- Anonymous group
2. Script Kiddies:- These are the newbies who have almost 0 knowledge about computer systems(Mostly Programming Language or networking) but passionate about hacking. So they copy other hackers' tools or scripts or methods to hack.

What are the skills you require to be an Ethical Hacker?

1. You should have to familiar with Linux Environment
2. Basic and good understanding of Computer Networks (How network protocols work, what is ports etc.) & Familiar with Databases.
   
3. Good understanding of Computer hardware(Computer Architecture, Memory blocks, Buffer, Cache, virtualization, bios, firmware) & network security(eg.- firewall, IPS, IDS, Proxy, VPN)
4. Very good understanding of Various programming/ scripting languages ( Python, Bash, Java, HTML, PHP, C, etc.)
   

*If you don’t have any of these skills, don’t worry, I will teach you everything. You just have to know how to use a computer, That's it. Rest of all I will cover.

What are the basic types of cyber attacks?

• Malware Attack(Virus, worms, trojan, rootkit, spyware, adware, ransomware, 
• Phishing Attack
• Keylogging Attack
• Man in the Middle (MITM) attack
• SQL Injection
• Denial of service (DoS) attack
• Social Engineering attack
• Zero-day Exploit attack
• DNS Spoofing attack
• Cross-site scripting (XSS) attack
• Session Hijacking attack
• Insider Threat 
• Birthday Attack
• Brute Force Attack   Etc.

*(Will discuss these all methods later with examples.)

What are the Safe Practices in Ethical hacking?

• Stay Legal:- Get a proper approval before penetrating through someone’s system.
• Don’t Push Your Limit:- Work in between the safe zone. This means in which area only you got the approval to work on work only in that area. (Eg.:- You got an approval of vulnerability analysis of a website from a client so you will only penetrate through that website, not the other sites it’s backlinked(connected) to) 
• Respect Others Privacy:-  Don’t misuse others data while you get the approval to penetrate through one’s system. Maybe in some cases you have to sign an NDA(Non-disclosure agreement). If you are found to be disobeying that agreement they can sue you up.
• Report Vulnerability:- As you’re working as an Ethical Hacker your work is to notify the organization about the vulnerability not to misuse that vulnerability.
• NEVER WORK FOR ANY UNAUTHORISED PARTY:- Yes this is the most important point which you will face several times in your Cyber Security / Ethical Hacking career, when you will be treated as an Ethical Hacker. Maybe your friend will ask you to hack his girlfriend’s Facebook account or hack someone’s website to download some premium content for free. NEVER DO THAT. I repeat NEVER DO THAT. You will get sued legally for that, and maybe your Ethical Hacking career gets spoiled as well. Who’re they to order you to penetrate through facebook’s system? Do they have a written permission from Facebook? Or from the service provider? If they gave you one, verify that, I’m sure that will be fake. Facebook never gave permission to hack an individual's personal account. Yes, they have a bug bounty program but that is another thing (I will discuss that later.). I have already faced this same issue so many times in my career.

What are the Cyber Security certifications you can get and you will need:-

• CEH (Certified Ethical Hacking) certification from EC Council
• CHFI(Computer Hacking Forensic Investigation) Certification from EC Council
• CompTIA security+
• CCNA(Cisco Certified Network Associate)
• CCNP(Cisco Certified Network Professional)
• LPT (Licenced Penetration Tester) 
• NPT (Network Penetration Tester)
• WAPT(Web Application Penetration Tester)
• CND(Certified Network Defender) etc.

We will discuss some ethical hacking/ Cyber Security terminologies and their details in the next chapters. Till then Happy learning.✌

If you have any doubts or queries please comment down below I'll try to answer them all.