• E-Book

    ohne Abo 1,99 €

ETHICAL HACKING GUIDE-Part 2 - Poonam Devi - E-Book

ETHICAL HACKING GUIDE-Part 2 E-Book

Poonam Devi

0,0
1,99 €
oder
 
-100%
Sammeln Sie Punkte in unserem Gutscheinprogramm und kaufen Sie E-Books und Hörbücher mit bis zu 100% Rabatt.
Mehr erfahren.
Beschreibung

 Ethical hacking, also known as penetration testing or white-hat hacking, is a practice of deliberately probing and assessing the security of computer systems, networks, applications, and other digital environments in order to identify vulnerabilities and weaknesses that could potentially be exploited by malicious hackers. The primary goal of ethical hacking is to proactively uncover these vulnerabilities before they can be exploited by unauthorized individuals or groups, thereby helping organizations strengthen their security measures and protect their sensitive information. Key aspects of ethical hacking include: Authorization: Ethical hackers must obtain proper authorization from the owner or administrator of the system before conducting any tests. This ensures that the testing process remains within legal and ethical boundaries. Methodology: Ethical hacking involves a systematic and structured approach to identify vulnerabilities. This includes various techniques like network scanning, penetration testing, social engineering, and vulnerability assessment. Scope: The scope of an ethical hacking engagement is defined before the testing begins. It outlines the systems, applications, and networks that will be tested. Staying within the defined scope ensures that only authorized systems are tested. Information Gathering: Ethical hackers gather information about the target systems, including their architecture, software versions, and potential weak points. This information helps them plan their testing approach. Vulnerability Analysis: Ethical hackers use various tools and techniques to identify vulnerabilities, misconfigurations, and weak points in the target systems. These vulnerabilities could include software bugs, insecure configurations, or design flaws. Exploitation: In a controlled environment, ethical hackers might attempt to exploit the identified vulnerabilities to demonstrate the potential impact of a real attack. However, they stop short of causing... 

Das E-Book können Sie in Legimi-Apps oder einer beliebigen App lesen, die das folgende Format unterstützen:

EPUB
Bewertungen
0,0
0
0
0
0
0
Mehr Informationen
Mehr Informationen
Bewertungen werden von Nutzern von Legimi sowie anderen Partner-Webseiten vergeben.
Mehr Informationen
Mehr Informationen
Legimi prüft nicht, ob Rezensionen von Nutzern stammen, die den betreffenden Titel tatsächlich gekauft oder gelesen/gehört haben. Wir entfernen aber gefälschte Rezensionen.
Poonam Devi

ETHICAL HACKING GUIDE-Part 2

Comprehensive Guide to Ethical Hacking world

BookRix GmbH & Co. KG81371 Munich

Table of Content

 

Attacks After ConnectingNetdiscover ToolLet's talk about ZenmapMan-in-the-Middle Attacks SimplifiedARP Spoofing with arpspoof ExplainedARP Spoofing with MITMf Simplified Working around HTTPS with SSLstrip explainedDNS Spoofing:Introduction to Gaining Access:Server-Side Attacks Simplified: Server-Side Attack Fundamentals:Server-Side Attacks with Metasploit - Introduction t... Exploiting a Code Execution Vulnerability with Met...Getting Metasploit Community:MSFC Scan Setup:

 

This eBook is based on ETHICAL HACKING that has been collected from different sources and people. For more information about this ebook. Kindly write to [email protected]. I will happy to help you.

Copyright 2023 by Poonam Devi

This eBook is a guide and serves as a next part of first guide.Previous Part ETHICAL HACKING GUIDE Part-1 has already been published. This book has been written on the advice of many experts and sources who have good command over Ethical hacking, network an programming. They are listed at the end of this book.All images used in this book are taken from the LAB which is created by experts. All rights reserved, including the right to reproduce this book or portions thereof in any form whatsoever. For any query reach out to the author through email.

Attacks After Connecting

Previously, the attacks we discussed were done without being connected to any network. Now, we'll focus on attacks that occur after connecting to a network. Whether it's a wired or wireless network, and whether the target uses WEP or WPA key, the attacks we'll discuss here apply to all scenarios.

In the previous attacks, we used our wireless card to capture data from the air in monitor mode. However, since we're now connected to the network, we'll switch to managed mode. This way, we'll only capture packets meant for us, as we don't need to capture everything anymore.

In this section, we'll explore attacks we can carry out once we've breached the network. We'll start by using a tool called "netdiscover" to gather essential information about the network. This information will serve as a foundation for launching further attacks. Netdiscover helps us discover all connected clients. Following that, we'll introduce "Zenmap," which offers a more advanced interface and greater capabilities than netdiscover. Zenmap allows us to gather detailed information about all clients on the same network.

Netdiscover Tool

Netdiscover is a tool used for gathering crucial information about a network. It provides details about the connected devices and the router. For connected devices, you can find their IP addresses, MAC addresses, operating systems, and open ports. Regarding the router, you can identify its manufacturer. This information helps identify potential vulnerabilities that could be exploited against the clients or the router. In the context of network penetration testing, we previously utilized airodump-ng to discover connected clients in a network. The second part of the airodump-ng output showed associated clients and their MAC addresses. All this information was accessible before connecting to the target access point. After connecting to the network, we can collect even more detailed data about these devices. While there are many programs available for this task, we will focus on two. Let's start with the simplest and fastest one: netdiscover. Netdiscover is a quick and straightforward program to use, but it doesn't provide highly detailed information about the target clients. It displays their IP addresses, MAC addresses, and sometimes hardware manufacturers. To use it, type "netdiscover" in the command line. Add "-r" and specify the range you want to scan. For instance, if your IP is 10.0.2.1, and you wish to discover clients in the same network, you can scan from 10.0.2.1 to 10.0.2.254 using the "/24" notation. The command would look like this:

netdiscover -r 10.0.2.1/24

Running the command will quickly produce results similar to the screenshot below: