Indicator of Intrusion is the indicator that an intruder had gained or made attempts to gain un-authorized access to a system. Types of Indicator of Intrusion File System Intrusion By observing and assessing files in the system, we can detect intrusion by the following ways: Network Intrusion Indicator By monitoring the network activity, we can…
Category: Ethical Hacking
Session Hijacking
Session Hijacking is an act, where an attacker takes the control of an existing network or application session between two systems and gets the access to un-authorized information from the session. The end users who own the systems whose session has been hijacked are not aware that their session has been hijacked. Types of Session…
DoS And DDoS
DoS (Denial of Service) Attack DoS (Denial of Service) is the act, where an attacker makes a computer or network un-available to the users. It is done by flooding the computer or network with huge traffic which depletes the available resources which are CPU, Memory for a computing system and bandwidth for a network and…
Botnet
Botnet also known as roBOT NETwork is a network of compromised computers called bots also known as zombies that are infected with malware (virus, worms, trojan) and controlled remotely by a attacker. The bots in the network are controlled by the attacker and used to perform attacks DDoS (Distributed Denial of Service attack), data theft, data mining,…
Computer Zombies (Bots)
Zombies also known as Bots are computers that are connected to Internet which have been compromised by malware (viruses, worms, trojans) and is controlled remotely by an attacker. Attackers use Zombie is used to attack a target. The Zombie act individually but are mostly part of a bigger group known as Botnet. Attacker use Botnet…
Sniffing
Sniffing is the act of monitoring and capturing the network traffic. An attacker sniffs the network traffic by inserting a software or hardware into the network between the sender and receiver. Sniffing is also referred as Network Sniffing which is a type of Eavesdropping. Types of Sniffing Passive Sniffing is where the attacker passively listens…
Eavesdropping
Eavesdropping is the act of intercepting the conversation between two systems. A hacker intercepts the session between two machines. After interception, the attacker can gain access to data or modify the data or delete the data. The interception can be simple as like over hearing two people talking or sophisticated like intercepting an application session…
Kerberos Attack
Kerberos is a strong authentication protocol that can be used in an open unprotected network. Despite it’s strength, there are some attacks that can be done against Kerberos which are as follows: Kerberoasting is post-exploitation attack technique. In this attack, the attacker has a compromised authenticated user’s account in a domain and targets Service Accounts…
MITRE ATT&CK
MITRE ATT&CK® is a knowledge base of adversary tactics and techniques based on real world observations published by MITRE. This knowledge base can be used as the foundation for understanding the Cyber Attack patterns. The MITRE Attack Matrices covers the following categories The MITRE Attack chain has 14 Tactics that will be executed in order by…
Buffer Overflow
Buffer Overflow is a vulnerability in software due to improper boundary checks, where an attacker exploits the target system by writing overwhelming data to the software memory buffer to overflow the buffer’s capacity and then making the malicious data to be written in the adjacent memory location giving un-authorized access. There are two types of…