Password Hacking is the process of breaking or cracking and obtaining passwords stored in the target system or when being transmitted between systems. The obtained passwords are used to access accounts on the target system to gain access and privilege access. Password Cracking, Password Breaking, Password Attack are other terms used for Password Hacking. The…
Category: Ethical Hacking
Tactics, Techniques and Procedures (TTPs)
Tactics, Techniques and Procedures (TTPs) are the attributes that depicts the patterns and behavior of a cyber security attack. It helps cyber security professionals to understand how threat actors perform attacks on a target. A cyber security attack is done in multiple stages across a period of time which can some days or months. The…
System Hacking
System hacking is where the attacker proceeds towards the ultimate goal after performing footprinting, scanning, enumeration, and exploitation. The goal can be to bring the service down and make it un-available or steal data or manipulate data. The general stages of System Hacking are as following: Stage 1 – Gaining Access Stage 2 – Privilege…
Difference between Vulnerability Analysis and Vulnerability Assessment
Vulnerability Analysis and Vulnerability Assessment are the same but the difference is that in Vulnerability Analysis, the attacker finds the vulnerabilities to exploit while in Vulnerability Assessment, an Ethical Hacker does the Vulnerability Analysis to help the organization to find the vulnerabilities and fix them to protect the organization from cyber security attacks.
Vulnerability Analysis
Vulnerability Analysis is the final sub-phase of Reconnaissance. During Vulnerability Analysis, the attacker discovers the various vulnerabilities in the victim system that can be used to gain access of the target and then exploit to attain the attack objective.
Privilege Escalation
Privilege Escalation is the process where the attacker gains un-authorized access rights or higher-level privileges of software/program, network or system. This is the next phase of a cyber security attack after the Footprinting, Scanning, Enumeration, Vulnerability Analysis and Exploitation. Horizontal Privilege Escalation is where the attacker tries to gain the access other users like file…
Footprinting
Footprinting is the process in which an attacker gathers information about the target (a person or organization). It is the initial sub-phase of Reconnaissance phase of a Cyber Security attack. Types of Footprinting Passive Footprinting is process of gathering information about target without direct contact with the target from Internet, Open Source Intelligence (OSIN), Social Network…
NetBIOS Enumeration
NetBIOS is a legacy API that was used for communication between systems on LAN. Each system had an unique NetBIOS name assigned to it. When a machine wanted to connect to other system, it would resolve the NetBIOS name of the target system to it’s corresponding IP address and then connect. NetBIOS had vulnerabilities and…
Enumeration
Enumeration is part of Reconnaissance phase done after the scanning. During Enumeration phase, attacker creates active session with the live target host and gathers more detailed data than that was obtained during Scanning Phase. Please note that Enumeration is different from scanning. In scanning phase, the information like IP address, Ports, OS and vulnerabilities from…
Vulnerability
A vulnerability is a weakness in a system, network or software/application that can be exploited to cause impact like bringing service down, data exfiltration or un-authorized access. The vulnerability can be due to the following reasons: