A Program is a set of instruction in a programming language format that instructs the computer to perform a task or function. A collection of programs makes a software which can be an Operating System or an Application Software. Programming is classified based on abstraction from Instruction Set Architecture as following: High Level Programing is…
System Hacking
System hacking is where the attacker proceeds towards the ultimate goal after performing footprinting, scanning, enumeration, and exploitation. The goal can be to bring the service down and make it un-available or steal data or manipulate data. The general stages of System Hacking are as following: Stage 1 – Gaining Access Stage 2 – Privilege…
Difference between Vulnerability Analysis and Vulnerability Assessment
Vulnerability Analysis and Vulnerability Assessment are the same but the difference is that in Vulnerability Analysis, the attacker finds the vulnerabilities to exploit while in Vulnerability Assessment, an Ethical Hacker does the Vulnerability Analysis to help the organization to find the vulnerabilities and fix them to protect the organization from cyber security attacks.
Vulnerability Analysis
Vulnerability Analysis is the final sub-phase of Reconnaissance. During Vulnerability Analysis, the attacker discovers the various vulnerabilities in the victim system that can be used to gain access of the target and then exploit to attain the attack objective.
Privilege Escalation
Privilege Escalation is the process where the attacker gains un-authorized access rights or higher-level privileges of software/program, network or system. This is the next phase of a cyber security attack after the Footprinting, Scanning, Enumeration, Vulnerability Analysis and Exploitation. Horizontal Privilege Escalation is where the attacker tries to gain the access other users like file…
Footprinting
Footprinting is the process in which an attacker gathers information about the target (a person or organization). It is the initial sub-phase of Reconnaissance phase of a Cyber Security attack. Types of Footprinting Passive Footprinting is process of gathering information about target without direct contact with the target from Internet, Open Source Intelligence (OSIN), Social Network…
Link-Local Multicast Name Resolution (LLMNR)
Link-Local Multicast Name Resolution (LLMNR) is a Network Protocol that is used for Name resolution based on DNS packet format operating in Layer 2 (local link) specified in RFC 4795. It is a fall-back mechanism when DNS fails. The system which needs to resolve a hostname will send out a multicast query using LLMNR and the…
Simple Network Management Protocol (SNMP)
SNMP is a protocol that is used to manage and monitor devices in IP based networks. It is used for Network Management and Network Monitoring. It collects information about the devices in a hierarchical structured way using Management Information Base (MIB). SNMP consists of the three following components: Managed Devices are the devices like server,…
Vulnerability Assessment
Vulnerability Assessment is the process of identifying, classifying and prioritizing the vulnerabilities in Computer System, Application, Software and Network. The vulnerabilities are discovered using vulnerability scanners and assessment tools that scan/assess the infrastructure and reports the weaknesses found. The vulnerabilities are categorized (generally as high, medium, low – qualitative measurement) into different levels based on…
NetBIOS Enumeration
NetBIOS is a legacy API that was used for communication between systems on LAN. Each system had an unique NetBIOS name assigned to it. When a machine wanted to connect to other system, it would resolve the NetBIOS name of the target system to it’s corresponding IP address and then connect. NetBIOS had vulnerabilities and…