Hacking is the practice of modifying the features of a system, in order to accomplish a goal outside of the creator's original purpose. The person who is consistently engaging in hacking activities, and has accepted hacking as a lifestyle and philosophy of their choice, is called a hacker.
Computer hacking is the most popular form of hacking nowadays, especially in the field of computer security, but hacking exists in many other forms, such as phone hacking, brain hacking, etc. and it's not limited to either of them.
Due to the mass attention given to blackhat hackers from the media, the whole hacking term is often mistaken for any security related cyber crime. This damages the reputation of all hackers, and is very cruel and unfair to the law abiding ones of them, from who the term itself originated. The goal of this website is to introduce people the true philosophy and ethics of hackers, hopefully clearing their name and giving them the social status they deserve.
There are three types of hackers :-
1. White hat hacker (WHH)
2. Black hat hacker (BHH)
3. Gray hat hacker (GHH)
4. Script Kiddie
Here is some Professional hacking attacks, Hope every beginner will like to read this article.
I created a list call it as a Pro hack attack (PHA)
- Session One Getting the basics right
- TCP/IP Fundamentals
- System Fundamentals
- Firewall Technologies
- Programming & Database Fundamentals
- Session Two - Network Cartography
- Advanced Google Hacking
- Fingerprinting
- Nmapping the network
- Footprinting
- Session Three - Exploitation
- Hacking networks
- Hacking servers
- Hacking databases
- Backdooring
- Session Four - Advanced Exploitation
- Hacking WLANs
- Evading IDS, Firewalls and Detecting Honey Pots
- Web Application Hacking
- Advanced Web Hacking
- Hacking Web Browsers (Firefox, IE)
- Session Five - Black-belt Hacking
- Buffer overflows
- Metasploiting the universe
- Reverse Engineering
- Covert Hacking
- Session Six - Social Engineering
- What is Social Engineering?
- Common Types of Attacks
- Social Engineering by Phone
- Dumpster Diving
- Online Social Engineering
- Reverse Social Engineering
- Policies and Procedures
- Employee Education
- Session Seven - Cryptography
- Encryption and Decryption
- Cryptographic Algorithms
- . DES
- . RC
- . RC
- . Blowfish
- . MD
- . SHA
- Government Access Key - GAK
- Digital Signature
- Cryptography Tools
- Code Breaking Methodologies
- Cryptography Attacks
- Session Eight - Honeypots
- What is Honeypot?
- Honey net Project
- Types of Honey Pot
- Honey Pot Replacement
- Various Open Source and Commercial Honey Pots
- Session Nine - Esoteric Hacking
- RFID Hacking
- Hacking Mobile Phones, PDA and Handheld Devices
- VoIP Hacking
- Cyber Warfare
- Hacking E-mails Accounts
- Corporate Espionage
- Botnets
- Bluetooth Hacking
- Hacking USB Devices
- Spamming
- Session PHA attacks
- SQL Injection attack
- Blind SQL Injection attack
- HTML Injection attack
- PHP Code Injection attack
- Java Applet attack method
- SET attacks
- Web Jacking attack
- Spoofing attacks
- Backtrack Information Gathering Tools
- Backtrack have More than 65 Hacking TOOLS
- Session Ten - Password Cracking
- How to Steal Passwords
- Hashing Algorithm
- Active Brute Forcing
- Passive Brute Forcing
- Web-Based Password Cracking Techniques
- Session Eleven - Trojans and Backdoors
- Session Twelve - Viruses and Worms
- Writing Virus Codes
- Session Thirteen - Phishing
- Session Fourteen – Exploit Writing
- Assembly Language Tutorial
- Exploit Writing
- Session Fifteen - Privacy on the Internet
- Session Sixteen - Spying Technologies
- Session Seventeen - Credit Card Frauds
- Session Eighteen - Software Piracy and Warez
- Session Nineteen – Securing Laptop Computers
- Session Twenty - Data Loss Prevention
- Session Twenty One - Physical Security
- Session Twenty Two - Basics of Digital Forensics
- Hacking Incidents
- Defining the Forensics Process
- Digital Forensics Essentials – A’s
- Investigation Guidelines
- Disk Based Forensics v/s Network Based Forensics
- Chain of Custody
- Hands-on Exercises
- In-depth exploration of TCP/IP using Wireshark
- Exercise Analysis of tcpdump output to determine attacks
- In-depth usage of Nmap
- Cracking WLANs
- Hacking Oracle
- Building your own exploit
- Metasploit
- Arbitrary File Deletion
- Code Execution Hacking(LFI,RFI,Iframe Injection, Remote Code Execution)
- Cookie Manipulation (Meta HTTP-EQUIV & CRLF Injection)
- CRLF Injection (HTTP response splitting & Headers Injection)
- Cross Frame Scripting ( XFS )
- Cross-Site Scripting ( XSS - Persistent, Non-Persistent, DOM Based)
- Directory traversal including shell uploading
- Email Injection
- File Inclusion (LFI,RFI with and without null byte)
- Full Path Disclosure
- LDAP Injection
- PHP code injection
- PHP curl_exec() url is controlled by user
- PHP invalid data type error message
- PHP preg_replace used on user input
- PHP unserialize() used on user input
- Remote XSL inclusion
- Script source code disclosure
- Server-Side Includes (SSI) Injection
- Structured Query Language Injection(SQL Injection)
- URL Redirection
- XPath Injection vulnerability
- EXIF
- Buffer Overflows
- Clickjacking
- Dangling Pointers
- Format String Attack
- FTP Bounce Attack
- Symlinking and Server Rooting
- Blind SQL injection (timing - Boolean Based)
- Blind SQL Injection (Blind SQL String Based and Double Query Blind Based)
- 8.3 DOS Filename Source Code Disclosure
- Search for Backup files
- Cross Site Scripting in URI
- PHP super-globals-overwrite
- Script errors (such as the Microsoft IIS Cookie Variable Information Disclosure)
- WebDAV (very vulnerable component of IIS servers)
- Application error message
- Check for common files
- Directory Listing
- Email address found
- Local path disclosure
- Possible sensitive files
- Microsoft Office possible sensitive information
- Possible internal IP address disclosure
- Possible server path disclosure (Unix and Windows)
- Possible username or password disclosure
- Sensitive data not encrypted
- Source code disclosure
- Cross-Site Request Forgery (CSRF)
0 comments:
Post a Comment