Server/website
-
DOS / DDOS attacks to servers Solution-> Rate Limiting requests per second.
-
Networking hacking fake pocket Replication from fake IP.
-
SQL Injection -> manipulate data (CRUD) Create, read, update and delete Stealing Database Login details.
-
Web exploit (cookies, sessions, query strings)
-
Source code Injection -> Injecting malicious / backdoor code to file ex: index.php to control displaying ads or phishing.
-
Defacing -> hacking website and uploading Index.php or index.html -> to indicate website has hacked.
Computer
-
Phishing with fake websites by sending emails -> check SSL
-
Spyware=> it acts as Spy to your computer.
-
Rootkit -> Hides the malicious software process from windows task manager.
-
botnet -> it sends data to the 3rd party server.
-
Adware -> Install unwanted adware software to show unnecessary ads: ex: a third-party search engine.
-
Trojan Horse -> it purposes to prevent viruses but itself replicates the virus.
-
ransomware to lock the computer and demanding money otherwise they deleted the data example: wanna cry.
-
Clickjacking
Purposes
- To steal passwords by phishing and SQL injection.
- to gain financial advantages by hacking bank servers
- Control computers & mobile remotely (take photos & send activity, documents all the data) ex: keyloggers
Tools
ethical hacking and cybersecurity & penetration testing
- Cybersecurity: guard networks, computers, programs and information from attack, injury or unauthorized access. knowledge of hacking & decryption.
- Ethical hacking / HACKER .assessing the security of computer systems, victimization penetration testing techniques part of cybersecurity.
- Penetration testing: checking vulnerabilities of the target system for the purpose of securing and hacking part of ethical hacking.