Don't say we didn't warn you.
Here’s our custom training for the Certified Ethical Hacker exam, also useful for those who don’t want to take the test but do want to expand their skillz.
In a lot of hacking examples, the instructor demonstrates a tool like BeEF that requires you to have a website to host the trapping script (for instance, acookie stealer). They’ll often use a localhost address (127.0.0.1) and effectively set a trap for themselves (it’s a demo, after all), without showing you how to use the …
Continue reading “[ Certified Ethical Hacker v10 ] :: Using ngrok to Set a Trap From Inside NAT”
OWASP supports two hackable-website packages, WebGoat and Mutillidae. “WebGoat is a deliberately insecure web application maintained by OWASP designed to teach web application security lessons. This program is a demonstration of common server-side application flaws. The exercises are intended to be used by people to learn about application security and penetration testing techniques.” – https://github.com/WebGoat/WebGoat …
Continue reading “[ Hacker Night School ] :: WebGoat, An OWASP Hacking Practice Website”
Like Social Engineering, Physical Security is a domain that’s very lightly covered in the CEH exam. Vocabulary FRR: False Rejection Rate FAR: False Acceptance Rate CER: Crossover Error Rate Security Measures Against Physical Threats Physical Measures (locks) Technical Measures (smart cards, biometrics) Operational Measures (policies and procedures) Interesting Inside Information Attacks Cyber lock locksmith codes …
Continue reading “[ Certified Ethical Hacker v10 ] :: [ Chapter 12 ] :: Physical Security”
Hash Cracking Passwords Hash-cracking communities: https://hashes.org/crackers.php Password dictionaries: https://wiki.skullsecurity.org/Passwords Kali supplies you with several wordlists and hash lists in /usr/share/. John the Ripper John the Ripper is quite old, and still an excellent tool. John can use Kali’s built-in wordlists: /usr/share/wordlists/rockyou.txt.gz etc. “How to crack passwords using john the ripper in kali linux” https://www.youtube.com/watch?v=eAn8dYdn1eY Exercises …
Continue reading “[ Certified Ethical Hacker v10 ] :: [ Chapter 5 cont’d] :: Hash Cracking”
Buffer Overflow Know these critical four C functions that don’t perform bounds checking, and thus are susceptible to buffer overflows: gets( ) scanf( ) strcopy( ) strcat( ) The Heap This is a loosely (dis)organized area for random storage. Memory space gets allocated and recovered automatically. The Stack This is much more organized, or constrained. …
Continue reading “[ Certified Ethical Hacker v10 ] :: [ Chapter 10 cont’d] :: Buffer Overflow”
Methodology and Steps Vocabulary Security Assessment Security Audit Vulnerability Assessment Penetration Test External Assessment Internal Assessment Announced Testing Unannounced Testing Red Team Blue Team Purple Team Testing Automation Core Impact Pro Codenomicon Metasploit CANVAS – https://www.immunityinc.com/products/canvas/index.html Insider Threats Pure insider Insider associate (contractor) Insider affiliate (spouse, friend) Outside affiliate (not an employee, doesn’t know anyone) …
Continue reading “[ Certified Ethical Hacker v10 ] :: [ Chapter 13 ] :: Pen Testing Methodology”
Chapter 10: Trojans and Other Attacks Trojans and Backdoors These aren’t really the same, they just get discussed under the same heading. Famous Trojans Neverquest Trojan (banking) ZeuS Mirai (IoT) The Simplest Backdoor of All Time Create a listener (-l) on the victim: nc -l -p 5555 Then connect to the victim by IP address …