Sniffer
Packet sniffing programs are called sniffers and they are designed to capture
packets that contain information such as passwords, router configuration, traffic, and
more.
Data backup strategy steps
Identify important data
Choose the appropriate backup media
Choose the appropriate backup technology
Choose the appropriate RAID levels
Choose the appropriate backup method
Choose the appropriate location
Choose the backup type
Choose the appropriate backup solution
Perform a recovery test
WPA2-Personal
WPA2-Personal encryption uses a pre-shared key (PSK) to protect the network
access.
Threat modeling
Threat modeling is an assessment approach in which the security of an application is
analyzed. It helps in identifying threats that are relevant to the application,
discovering application vulnerabilities, and improve the security.
Administrative security policies
Administrative policies define the behaviour of employees.
Doxing
Doxing is revealing and publishing personal information about someone. It involves
gathering private and valuable information about a person or organization and then
misusing that information for different reasons.
Recovery controls
Recovery controls are used after a violation has happened and system needs to be
restored to its persistent state. These may include backup systems or disaster
recovery.
Confidentiality attack
Confidentiality attack is where an attacker attempts to intercept confidential
information transmitted over the network.
Proprietary Methodologies
Proprietary methodologies are usually devised by the security companies who offer
pentesting services and as such are kept confidential. Examples of proprietary
methodologies include:
-IBM
-McAfee Foundstone
-EC-Council LPT
Five stages of hacking
,Reconnaissance
Scanning
Gaining access
Maintaining access
Clearing tracks
Script kiddies
Script kiddies are hackers who are new to hacking and don't have much knowledge
or skills to perform hacks. Instead, they use tools and scripts developed by more
experienced hackers.
Application keylogger
Application keylogger is designed to observe the target's activity whenever they type
something. It can record emails, passwords, messages, browsing activities, and
more.
Ethical hacking guidelines
No test should be performed without an appropriate permission and authorization
Keep the test results confidential (usually an NDA is signed)
Perform only those tests that the client had previously agreed upon
CVSS
The Common Vulnerability Scoring System (CVSS) provides a way to capture the
principal characteristics of a vulnerability, and produce a numerical score reflecting
its severity. The numerical score can then be translated into a qualitative
representation (such as low, medium, high, and critical) to help organizations
properly assess and prioritize their vulnerability management processes.
Man-in-the-middle attack
Man-in-the-middle attack is when an attacker gains access to the communication
channel between a target and server. The attacker is then able to extract the
information and data they need to gain unauthorized access.
Breaking WPA/WPA2 Encryption: Brute-force WPA Keys
Brute-Force WPA Keys is a technique in which the attacker uses dictionary or
cracking tools to break WPA encryption keys. This attack takes a lot of time to break
the key.
Web application threats
Attacks that take advantage of poorly written code and lack of proper validation on
input and output data. Some of these attacks include SQL injection and cross-site
scripting.
Out-of-band SQL injection
Out-of-band SQL injection is an injection attack in which the attacker uses more
channels to inject malicious queries and retrieve results.
Management zone
This is a secured zone which enforces strict policies and limits access to a few
authorized users.
List scanning
List scanning indirectly discovers hosts. This scan works by listing out IP addresses
and names without pinging the hosts and with performing a reverse DNS resolution
to identify the names of the hosts.
Types of penetration testing
Black box testing
Grey box testing
White box testing
Social engineering types
, Human-based social engineering
Computer-based social engineering
Mobile-based social engineering
Passive type
The hacker does not interact with the target. Instead, they rely on information that is
publicly available.
Website defacement attack
Website defacement attack is an attack in which the attacker makes changes to the
target website's content.
White hat
White hats are ethical hackers who use their knowledge and skills to improve
security of a system by discovering vulnerabilities before black hats do. They use the
same methods and tools black hats do, but unlike black hats, white hats have
permission from the system owner to use those methods.
Website mirroring (cloning)
Website mirroring or website cloning refers to the process of duplicating a website.
Mirroring a website helps in browsing the site offline, searching the website for
vulnerabilities, and discovering valuable information.
incident management
Incident management refers to the process of identifying, analyzing, prioritizing, and
solving security incidents. The goal is not only to restore the system back to normal,
but also prevent any potential risks and threats by triggering alerts.
Information that is being collected can include:
Physical and logical locations
Analog connections
Contact information
Information about other organizations
Computer-based social engineering
Computer-based social engineering involves using computers and information
systems for collecting sensitive and important information.
Attack on sensitive information
Refers to hackers breaking into clouds and stealing information about other users.
Such information usually includes credit card numbers and other financial data.
Authentication attack
Authentication attack is an attack in which the attacker attempts to steal the identity
of a user and gain access to the network.
Website footprinting
Website footprinting is a technique in which information about the target is collected
by monitoring the target's website. Hackers can map the entire website of the target
without being noticed.
Device enumeration sheet
ID of the device
Description
Hostname
Physical location
IP and MAC address
Botnets
Bots are malicious programs used by hackers to control the machines they've
infected. Hackers use bots to perform malicious activities from the machines on
Packet sniffing programs are called sniffers and they are designed to capture
packets that contain information such as passwords, router configuration, traffic, and
more.
Data backup strategy steps
Identify important data
Choose the appropriate backup media
Choose the appropriate backup technology
Choose the appropriate RAID levels
Choose the appropriate backup method
Choose the appropriate location
Choose the backup type
Choose the appropriate backup solution
Perform a recovery test
WPA2-Personal
WPA2-Personal encryption uses a pre-shared key (PSK) to protect the network
access.
Threat modeling
Threat modeling is an assessment approach in which the security of an application is
analyzed. It helps in identifying threats that are relevant to the application,
discovering application vulnerabilities, and improve the security.
Administrative security policies
Administrative policies define the behaviour of employees.
Doxing
Doxing is revealing and publishing personal information about someone. It involves
gathering private and valuable information about a person or organization and then
misusing that information for different reasons.
Recovery controls
Recovery controls are used after a violation has happened and system needs to be
restored to its persistent state. These may include backup systems or disaster
recovery.
Confidentiality attack
Confidentiality attack is where an attacker attempts to intercept confidential
information transmitted over the network.
Proprietary Methodologies
Proprietary methodologies are usually devised by the security companies who offer
pentesting services and as such are kept confidential. Examples of proprietary
methodologies include:
-IBM
-McAfee Foundstone
-EC-Council LPT
Five stages of hacking
,Reconnaissance
Scanning
Gaining access
Maintaining access
Clearing tracks
Script kiddies
Script kiddies are hackers who are new to hacking and don't have much knowledge
or skills to perform hacks. Instead, they use tools and scripts developed by more
experienced hackers.
Application keylogger
Application keylogger is designed to observe the target's activity whenever they type
something. It can record emails, passwords, messages, browsing activities, and
more.
Ethical hacking guidelines
No test should be performed without an appropriate permission and authorization
Keep the test results confidential (usually an NDA is signed)
Perform only those tests that the client had previously agreed upon
CVSS
The Common Vulnerability Scoring System (CVSS) provides a way to capture the
principal characteristics of a vulnerability, and produce a numerical score reflecting
its severity. The numerical score can then be translated into a qualitative
representation (such as low, medium, high, and critical) to help organizations
properly assess and prioritize their vulnerability management processes.
Man-in-the-middle attack
Man-in-the-middle attack is when an attacker gains access to the communication
channel between a target and server. The attacker is then able to extract the
information and data they need to gain unauthorized access.
Breaking WPA/WPA2 Encryption: Brute-force WPA Keys
Brute-Force WPA Keys is a technique in which the attacker uses dictionary or
cracking tools to break WPA encryption keys. This attack takes a lot of time to break
the key.
Web application threats
Attacks that take advantage of poorly written code and lack of proper validation on
input and output data. Some of these attacks include SQL injection and cross-site
scripting.
Out-of-band SQL injection
Out-of-band SQL injection is an injection attack in which the attacker uses more
channels to inject malicious queries and retrieve results.
Management zone
This is a secured zone which enforces strict policies and limits access to a few
authorized users.
List scanning
List scanning indirectly discovers hosts. This scan works by listing out IP addresses
and names without pinging the hosts and with performing a reverse DNS resolution
to identify the names of the hosts.
Types of penetration testing
Black box testing
Grey box testing
White box testing
Social engineering types
, Human-based social engineering
Computer-based social engineering
Mobile-based social engineering
Passive type
The hacker does not interact with the target. Instead, they rely on information that is
publicly available.
Website defacement attack
Website defacement attack is an attack in which the attacker makes changes to the
target website's content.
White hat
White hats are ethical hackers who use their knowledge and skills to improve
security of a system by discovering vulnerabilities before black hats do. They use the
same methods and tools black hats do, but unlike black hats, white hats have
permission from the system owner to use those methods.
Website mirroring (cloning)
Website mirroring or website cloning refers to the process of duplicating a website.
Mirroring a website helps in browsing the site offline, searching the website for
vulnerabilities, and discovering valuable information.
incident management
Incident management refers to the process of identifying, analyzing, prioritizing, and
solving security incidents. The goal is not only to restore the system back to normal,
but also prevent any potential risks and threats by triggering alerts.
Information that is being collected can include:
Physical and logical locations
Analog connections
Contact information
Information about other organizations
Computer-based social engineering
Computer-based social engineering involves using computers and information
systems for collecting sensitive and important information.
Attack on sensitive information
Refers to hackers breaking into clouds and stealing information about other users.
Such information usually includes credit card numbers and other financial data.
Authentication attack
Authentication attack is an attack in which the attacker attempts to steal the identity
of a user and gain access to the network.
Website footprinting
Website footprinting is a technique in which information about the target is collected
by monitoring the target's website. Hackers can map the entire website of the target
without being noticed.
Device enumeration sheet
ID of the device
Description
Hostname
Physical location
IP and MAC address
Botnets
Bots are malicious programs used by hackers to control the machines they've
infected. Hackers use bots to perform malicious activities from the machines on
