[ Certified Ethical Hacker v10 ] :: [ Module 11 ] :: SQL Injection

Glenn Norman hacking
This entry is part 13 of 21 in the series [ Certified Ethical Hacker Training ]

SQL injection Cheat sheet: https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/ OWASP guide: https://www.owasp.org/index.php/SQL_Injection Dumping a complete database: http://resources.infosecinstitute.com/dumping-a-database-using-sql-injection/ Exercises 1. Log into your root-me.org account, click Challenges and click Web Server. This will get you here: https://www.root-me.org/en/Challenges/Web-Server/. Start with “SQL Injection – Authentication”. Note all the other SQL Injection challenges. Can you beat them all? 2. In either Metasploitable2 or …

[ Certified Ethical Hacker v10 ] :: [ Module 9 ] :: Session Hijacking

School for Hackers :: Red Glasses Girl
This entry is part 11 of 21 in the series [ Certified Ethical Hacker Training ]

Module 9: Session Hijacking Brute-forcing a Session ID Stealing a Session ID Calculating an ID Spoofing vs. Hijacking Be sure to recognize the difference between just lying about your IP address, and actually taking over a running user session. Cross-site scripting MitM SMB Relay attack: https://pen-testing.sans.org/blog/2013/04/25/smb-relay-demystified-and-ntlmv2-pwnage-with-python Tools Ettercap Cain & Abel

[ Certified Ethical Hacker v10 ] :: [ Module 8 ] :: Denial of Service

Hacking in the dark
This entry is part 10 of 21 in the series [ Certified Ethical Hacker Training ]

Module 8: Denial of Service DoS is the tool of hacktivists and sometimes organized crime. Types of Attacks Service request flood Simply make millions of page requests, for instance. See the effects: https://www.youtube.com/watch?v=hNjdBSoIa8k SYN attack/flood: hping3 -i u1 -S -p 80 <target ip> S = SYN flag, -p 80 = port 80, -i u1 = …

[ Certified Ethical Hacker v10 ] :: [ Module 5 ]

Glenn Norman hacking
This entry is part 7 of 21 in the series [ Certified Ethical Hacker Training ]

Module 5: Malware Malware for Evil and System Penetration Painful Computer Pranks: https://web.archive.org/web/20120820161357/http://www.hackpconline.com/2010/05/painfully-computer-pranks.html http://www.instructables.com/id/Computer-Shutdown-Prank-Windows/ http://www.zdnet.com/pictures/ten-epic-windows-7-pranks-you-absolutely-must-try/