DOS / DDOS attacks to servers Solution-> Rate Limiting requests per second.
Networking hacking fake pocket Replication from fake IP.
SQL Injection -> manipulate data (CRUD) Create, read, update and delete Stealing Database Login details.
Web exploit (cookies, sessions, query strings)
Source code Injection -> Injecting malicious / backdoor code to file ex: index.php to control displaying ads or phishing.
Defacing -> hacking website and uploading Index.php or index.html -> to indicate website has hacked.
Phishing with fake websites by sending emails -> check SSL
Spyware=> it acts as Spy to your computer.
Rootkit -> Hides the malicious software process from windows task manager.
botnet -> it sends data to the 3rd party server.
Adware -> Install unwanted adware software to show unnecessary ads: ex: a third-party search engine.
Trojan Horse -> it purposes to prevent viruses but itself replicates the virus.
ransomware to lock the computer and demanding money otherwise they deleted the data example: wanna cry.
- To steal passwords by phishing and SQL injection.
- to gain financial advantages by hacking bank servers
- Control computers & mobile remotely (take photos & send activity, documents all the data) ex: keyloggers
FUD > (Fear, Uncertainty, and Doubt) Not detectable by Antivirus Programme.
RAT-> remoter Administration tools.
Firewall-> IP tables Linux and windows.
TOR->software for enabling anonymous communication
Kali Linux -> built-in tools for hacking.
keyloggers -> to collect typed data & more advanced taking pictures.
Proxies & VPN -> To hide their IP Address.
Hackers by Type
white hat-> legal to assist companies & government to test application security.
Grey hat-> they are between white & black.
Blackhat -> pure advantage to making harm & personal advantage.
ethical hacking and cybersecurity & penetration testing
difference between cybersecurity and ethical hacking.
- Cybersecurity: guard networks, computers, programs and information from attack, injury or unauthorized access. knowledge of hacking & decryption.
- Ethical hacking / HACKER .assessing the security of computer systems, victimization penetration testing techniques part of cybersecurity.
- Penetration testing: checking vulnerabilities of the target system for the purpose of securing and hacking part of ethical hacking.