├── Password (splunk) ├── password Cracking tool ├── Shell ├── KALI Linux ├── splunk ├── Ping ├── HACKERS BIBLE ├── CIA ├── use full Commands └── Networks /Password (splunk): -------------------------------------------------------------------------------- 1 | password: 2 | splunk web - Navanee1908 - Navaneee@1908 3 | cmd - navanee - 12345678 4 | -------------------------------------------------------------------------------- /password Cracking tool: -------------------------------------------------------------------------------- 1 | Online Password cracking - Burpsuite (UI Based) / Hydra (CLI Based) 2 | Offline Password Cracking - John (CPU Based) / Hashcat (GPU Based) 3 | -------------------------------------------------------------------------------- /Shell: -------------------------------------------------------------------------------- 1 | #3 types of SHELL 2 | 1) Web shell - browser 3 | 2) Bind shell - Process/Service/Port combine 4 | 3) Reverse Shell - User Interaction (revshells.com) 5 | -------------------------------------------------------------------------------- /KALI Linux: -------------------------------------------------------------------------------- 1 | 1) "ip a" - is used to check the ip address in KALI 2 | 2) NAT - Network Address Translation 3 | 3) three way handshake - ` 4 | `i) SYN 5 | `ii) SYN-ACK 6 | `iii) ACK 7 | 8 | Filter- wireshark 9 | 10 | 1) ip.addr==192.168.137.1 11 | 12 | WAF- web application Firewall ( used for identify the cyber attack) 13 | -------------------------------------------------------------------------------- /splunk: -------------------------------------------------------------------------------- 1 | Vm ware- 2 | ip link set dev ens33 up 3 | dhclient -v ens33 4 | 5 | cmd 6 | ssh root@192.168.85.130 7 | 8 | splunt default path where it is saved: 9 | /opt/splunkforwarder/bin# 10 | cd opt 11 | ls 12 | online-course-registration.zip splunkforwarder 13 | cd splunkforwarder/ 14 | ls 15 | bin----->use bin 16 | cmake 17 | copyright.txt 18 | etc 19 | include 20 | lib 21 | license-eula.txt 22 | openssl 23 | README-splunk.txt 24 | share 25 | splunkforwarder-9.2.1-78803f08aabb-linux-2.6-x86_64-manifest 26 | swidtag 27 | var 28 | 29 | cd bin 30 | ls 31 | 32 | ./ splunk status 33 | -----> active 34 | ./splunk add forward-server 172.19.192.1:9997 35 | -------------------------------------------------------------------------------- /Ping: -------------------------------------------------------------------------------- 1 | => ping mkce.ac.in -n 4 (windows) 2 | => ping mkce.ac.in -c 4 (linux) 3 | identify the ip address of the particular web page 4 | 5 | 6 | cisco packet tracer 7 | 1) wire types 8 | `i) Cross over - connect the same devices 9 | `ii) Straight through - connect with different devices 10 | `iii) cerial cable - to connect the two "routers"(sent package from one area to another area) 11 | 12 | Network connection in cisco tool:- 13 | `i) Straight through - to connect different items. 14 | `ii) Cross-Over - to connect the same items. 15 | 16 | 17 | Command:- 18 | 1) "tracert" - to find how many ip's are between start and end. 19 | 20 | 21 | 22 | DHCP- DHCP stands for Dynamic Host Configuration Protocol. This protocol is used by clients/servers to automatically 23 | provide an IP (Internet Protocol) host with their IP address, as well as other configuration information like 24 | subnet mask, default gateway. 25 | 26 | DNS - A Domain Name System (DNS) turns domain names into IP addresses, which allow browsers to get to websites 27 | and other internet resources. 28 | -------------------------------------------------------------------------------- /HACKERS BIBLE: -------------------------------------------------------------------------------- 1 | hack rules and theory- BOOKHACKTRICKS.XYZ 2 | Web page to steel cookie - CANARYTOKENS 3 | 4 | 5 | 6 | SPLUNK - helps to cyber security in defence 7 | |-> SIEM - Security information and event management 8 | |-> splunk forwadar 9 | |-> ssh (secure shell) - remote access. ( sending a file with asymmetric encryption) 10 | they send it to incident response(IR team) 11 | 12 | 13 | IR team will follow NIST Cybersecurity framework ( https://www.dell.com/wp-uploads/2019/02/Strengthen-Security-with-NIST-Cybersecurity-Framework-fig2.jpg ) 14 | i' IDENTIFY 15 | ii' PROTECT 16 | iii' DETECT 17 | iv' RESPOND 18 | v' RECOVER 19 | 20 | 21 | DLP Tool - Data Loss Prevention (DLP) 22 | IPS - Intrusion Prevention System 23 | IDS - Intrusion Detction System 24 | 25 | 26 | Firewall Services: 27 | i) Packet filtering 28 | ii) Stateful packet inspection 29 | iii) Proxying 30 | iv) Network Address Translation 31 | 32 | 33 | HIDS - HOST BASED INTRUSION DETECTION SYSTEM 34 | NIDS - NETWORK BASED INTRUSION DETECTION SYSTEM 35 | 36 | 37 | Types of mobile device Security: 38 | 1) CASB 39 | 2) Endpoint Protection 40 | 3) VPN 41 | 4) Secure Web Gateway 42 | 5) Email Security 43 | 6) Mobile Device Management 44 | -------------------------------------------------------------------------------- /CIA: -------------------------------------------------------------------------------- 1 | Vulnerability Assesment and Penetration Testing (VAPT) 2 | VA - Process of identifying, Quantifying and prioting Vulnerabilities within a system, network, application or organaization 3 | CIA- 4 | risk matrix 5 | 2 types: 6 | High priority - likely would & impact 7 | 8 | 9 | Vulnerability Assesment process(4) 10 | ` Assest discovery 11 | ` Vulnerability scanning 12 | ` Vulnerability Assesment 13 | ` Vulnerability remidiation 14 | 15 | 16 | CVVS ( common Vulnerability scoring system ) 17 | Scalar matricks 18 | none *0 19 | low 0.1-3.9 20 | medium 4.0-6.9 21 | high 7.0-8.9 22 | critical 9.0-10.0 23 | 24 | 25 | Vulnerability Scanner types:- 26 | 1) Data Vuln. scanner 27 | 2) Network Vuln.scanner 28 | 3) Web application Vuln.scanner 29 | 4) Host-based Vuln.Scanner 30 | 5) API- based Vuln.scanner 31 | 6) Cloud- based Vuln.scanner 32 | 33 | 34 | 35 | Cyber security terms:- 36 | 1) Policy - to regulate/control what to be done and how to be done(for governance) 37 | 2) Procedure - step by step guide how to follow the policy 38 | 3) Standard - 39 | 4) Regulations - its a government based rules (GDPR) 40 | 41 | 42 | Benefits: 43 | Identify security Weakness before exploitation 44 | Prioritizes remidation efforts based on risk severity 45 | supports compilance with regulations and standards 46 | improves overall security posture 47 | provides actionable recommendation 48 | 49 | 50 | Drawbacks: 51 | Resource intensive 52 | False Positives 53 | False Negatives 54 | Limited Scopes 55 | 56 | 57 | 58 | Six-Process of hacking in PENETRATION TESTING 59 | 1) Information gathering 60 | 2) Threat Modelling 61 | 3) Vulnerability Analysis 62 | 4) Exploitation 63 | 5) Post-Exploitation 64 | 6) Reporting 65 | 66 | 67 | 5 faces of PENETRATION TESTING: 68 | 1) Information gathering 69 | 2) Scaning 70 | 3) Gaining Access 71 | 4) Maintaining Access - persistance 72 | 5) Clearing Tracks 73 | 74 | 75 | Types of penetration testing:- 76 | 1) Application 77 | 2) Network 78 | 3) Physical 79 | 4) IOT / Mobile 80 | 81 | ` Internal tesing - White Box Testing 82 | `` External tesing - Black Box Testing 83 | 84 | 85 | 86 | OWASP:- 87 | Top 10 Vulnerabilities 88 | "* https://owasp.org/www-project-top-ten/ *" 89 | 90 | CORS - Cross Origin Resource Sharing 91 | HSTS - HTTP Strict Transport Security 92 | 93 | 94 | 95 | Authentication Vulnerability:- 96 | 97 | 98 | 99 | 100 | PATH / DIRECTORY TRAVERSAL:- 101 | -------------------------------------------------------------------------------- /use full Commands: -------------------------------------------------------------------------------- 1 | 1) "Where Notepad" - this is used to find the directory path of the particular file.. eg., here the notepad path is finded by the command.(cmd) 2 | 2) " dir " - (cmd) 3 | 3) " ls " - (ps) 4 | 4) "echo "test" > file " - this is to create a file in linux (ps) 5 | 5) "cat ./file " - this is to print the file (ps) 6 | 6) "more ./file " - this is to print the file in (cmd) 7 | 7) " mkdir " - to create the folder in both (cmd and ps) ,... 'mkdir' - make directory. 8 | 8) " mv " - is to move the file in both ( cmd and ps) 9 | 9) " cp " - is to copy the file in both ( cmd and ps) 10 | 10) " python -m http.server 80 " - to share the file using python server to someone using IPv4 address 11 | 11) "dl" - is used to delete the file (cmd) 12 | 12) "rm" - is used to remove the file (ps) 13 | 14 | 15 | *Important 16 | *// 17 | 18 | PRODUCTION ENVIRONMENT - Live Websites / Web app 19 | Staging Environment - Actual Copy of production 20 | QA Environment - Test Build 21 | 22 | Client Request ----------------------> Server Response ---> DB 23 | HTTP METHODS RESPONSE CODE 24 | GET 1xx - Informational 25 | POST 2xx - OK 26 | PUT 3xx - Redirection 27 | OPTIONS 4xx - Client-Side error 28 | DELETE 5xx - Server-Side error // * 29 | 30 | 31 | 32 | 33 | KALI LINUX 34 | 35 | sudo netdiscover -r 192.168.85.1/24 - discovering the ip which is used 36 | nano targets.txt --> save the ip's given by previous command 37 | cat targets.txt --> to print the data 38 | 39 | cat targets.txt | cut -d ' ' -f 1 > ips ---> this is used to cut the data only with ip 40 | cat ips --> this is to print the edited data of targets.txt 41 | nmap 192.168.85.130 -p- -Pn > openports.txt 42 | cat openports.txt 43 | nmap $target -p1-65535 --min-rate=3000 -v -oN openports.txt 44 | nmap $target -p21,22,80 -A --min-rate=3000 -v -oN openservices.txt 45 | 46 | TOOLS: 47 | 1)FTP: 48 | ftp $target 49 | username: anonymous password: (enter) 50 | get filename.txt - to download the file 51 | quit - to quit the ftp login 52 | 53 | 2) wuff 54 | 3) ffuf 55 | 4) dirb 56 | 5) gobuster 57 | 58 | NSE - nmap scripting engine 59 | 60 | locate php-reverse - file location and it generate the url ro create php file 61 | and then copy the url and createw a php file to access the users account , when we upload a file in file upload vulnerabilities, when they access the file we can get a access. 62 | 63 | -------------------------------------------------------------------------------- /Networks: -------------------------------------------------------------------------------- 1 | Networks:- 2 | 1) Medium to communicate 3 | 2) Network Vulnerability(Weakness) 4 | 3) Cyber security Tools 5 | 4) HashCat - Password Cracking Tool 6 | 5) Bruteforce 7 | 6) RAT (Remote Access trojen) 8 | 7) DATA and RESOURCE securing 9 | 8) Security- Safe Guarding 10 | 9) Administrative control - Physical Cotrol - Logical Control 11 | 10) Port scanning 12 | 11) Protocol- Set of Rules 13 | 12) TCP - ports (65,535) 14 | 13) UDP - ports (65,535) 15 | 14) http and https 16 | 15) Block-chain Secuity 17 | 16) Exploit 18 | 17) Sql Injection 19 | 18) Session Hijacking 20 | 19) Phising 21 | 20) IP - Address 22 | 21) DNS- Domain Name Security 23 | 22) Cloud 24 | 23) Cryptography 25 | 24) ARP, ARP - Poistioning 26 | 25) Spooofing 27 | 26) Hashing 28 | 27) Meta-sploit 29 | 28) Back-Door 30 | 29) Ethical Hacking - Accessing the unauthorized system with written statement 31 | 30) Web application penetration testing 32 | 31) Web Server - web page - web applicaton - web site 33 | 32) Encryption 34 | 35 | 36 | Career Fields:- 37 | 1) Offensive (attacker) "RED TEAM" 38 | 2) Defensive (Security operation center- SOC) "BLUE TEAM" 39 | 3) Both Offensive and Defensive "PURPLE TEAM" 40 | 41 | 42 | Types of Hackers:- 43 | 1) White HAT hackers (Known architecture- blue print of entire web application) 44 | 2) Black HAT hackers (Without autherization) 45 | 3) Grey HAT hackers (both white hat and black hat) 46 | 4) Script kiddies (knoob) 47 | 5) Hacktivism (Social causes) 48 | 6) State Hackers (Work for Government) 49 | 50 | 51 | CIA:- 52 | 1) Confidentiality 53 | 2) Integrity - (Originality) 54 | 3) Availability 55 | 56 | 57 | Autehntication:- 58 | To verify Someone's identity 59 | 1) Something You Know 60 | 2) Something You Have 61 | 62 | 63 | Autherization (Access control):- 64 | Accessing someone's data with permission 65 | 66 | 67 | ______________________________________________________________________________________________________________________________________________________________________________________________________________________ 68 | VPN - making connection between client and server (VPN encryrt and decrypt the message) 69 | ----------------VPN-------------- 70 | CLIENT <-----------> SERVER | 71 | ----------------VPN-------------- 72 | 73 | Encryption - Plain Text to Cipher Text 74 | Decryption - Cipher Text to Plain Text 75 | 76 | Symmetric Encryption - Single key ( lock and unlock using same key, like door locker) 77 | Asymmetric Encryption - Two key (Public key and Private key(public key is to share the file using encryption and user can user private key) 78 | ______________________________________________________________________________________________________________________________________________________________________________________________________________________ 79 | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- 80 | PROXY - Mediator(They can acces the both client and server data) between Client and Server 81 | Burp suite(KALI LINUX) - Act Like Proxy 82 | Tor :- 83 | Client ---> Proxy 1 ----> Proxy 2 ---> Proxy 3 ---> Proxy 4 ---> Proxy 5 ---> Proxy 6 ---> Server 84 | 85 | 86 | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- 87 | 88 | Wireshark - it is the packet analyzer 89 | 90 | 91 | 92 | CISCO WSA- Secure Web Appliance. 93 | SSO - Single Sign On 94 | 95 | 96 | CLOUD 97 | i) SAAS - Software as a Service 98 | ii) PAAS - Plaatform as a Service 99 | iii) IAAS - Infrastructure as a Service 100 | 101 | Framework : Collection tools and Software. 102 | AWS EC -2 --> computer. 103 | AWS S3 --> Bucket. 104 | 105 | 106 | Cloud security 107 | Data Protection 108 | Shared Responsibility 109 | Access Control 110 | Threat Protection 111 | --------------------------------------------------------------------------------