├── CRACKED TOOLS ! ├── HACKING TERMS.!! ├── NMAP COMMANDS ├── README.md ├── SOME CISCO TERMS AND CLOUD WORKS ├── Splunk.txt ├── academedy and splunk cmd ├── cyber stages and the model ├── cybersecurity terms and procedure ├── networks.txt ├── some other terms thread in cyber security └── tools.txt /CRACKED TOOLS !: -------------------------------------------------------------------------------- 1 | ONLINE PASSWORD CRACKING----burpsuite/Hydra 2 | 3 | offline password cracking----->CPU/GPU 4 | john/Hashcat. 5 | 6 | ==================================TOOLS TO MUST KNOW FOR PASSWORD HACKING=============================================================== 7 | 8 | GPU--->GRAPHICS PROCESSING UNIT USED MOSED IN GAMING LAPS... 9 | 10 | 11 | -------------------------------------------------------------------------------- /HACKING TERMS.!!: -------------------------------------------------------------------------------- 1 | =========VULNERABILITY ASSESMENT PROCESS================ 2 | ASSEST DISCOVERY--->VULNERABILITY PROCESS-->VULNEARBILITY ASSESMENT--->VULNEARBILITY REMEDIATION 3 | 4 | 5 | ==================INTERVIEW QUESTIONS============== 6 | what is national vulnearbility database ? 7 | CVSS--->Common Vulnerability Scoring System 8 | CVSS SCORING--------- 9 | NONE-0.0 10 | LOW -0.1-3.9 11 | MEDIUM-4.0-6.3 12 | HIGH-7.0-8.9 13 | CRITICAL-9.0-10.0 14 | 15 | 16 | ====================VULNEARABILITY SCANNERS===================== 17 | ((((((((((((((((((((((((((TYPES))))))))) 18 | -->DATABASE VULN SCANNER 19 | -->NETWORK VULN SCANNER 20 | -->WEB APPPLICATION VULN SCANNER 21 | -->HOST-BASED VULN SCANNER 22 | -->API BASED VULN SCANNER 23 | -->CLOUD BASED VULN SCANNER-----MOST IMPORTANT 24 | 25 | ==============perneration testing========= 26 | THE 5 PHASES OF THE HACKS.!!!!!! 27 | 5 ------PHASES OF THE HACKING-------------------- 28 | 1.INFORMATION GATHERING 29 | 2.THERAT MODELING 30 | 3.VULNERABILITY ANANLYSIS 31 | 4.EXPLOITATION-MAINITAIN ACCESS ALSO CALLED PERSISIST 32 | 5.POST EXPLOITATION-CLEARING TRACTS 33 | 34 | =================this is command which is used in kali linux command prompt to install to anything=================== 35 | sudo apt install apache2 36 | NOTE : apche2 has the name given which we want to the download 37 | 38 | ===================NOTE========================: 39 | CMSS-CONTACT MANAGEMENT SYSTEM 40 | (IT IS NO NEED CODING WITHOUT CODING TO BUILD STATIC WEBSITE) BY USE DRAG AND DROP 41 | 42 | SPYDER------>IT DOWNLOADS AUTOMATICALLY ENTIRE AND CHECKS THE WEBSITE AND HAVE ANY VULNERABILITIES IT IS EASY TO SCAMMED YOUR WEBSITES BY THE ATTACKERS. ....! 43 | 44 | ===================================TOOLS================== 45 | ZEPROXY---->checking for the vulnearbilities in the website . 46 | NESSUS---->It is also checking the vulnearbilities for the website. 47 | WPSCAN--->TO SCAN WORD PRESS 48 | 49 | 50 | =============== (OWASP) --> it is website to know the top 10 most websites vulnearbilites (NOTE : MUST KNOW)================== 51 | 52 | ====================DIRECTORY TRAVSEL AND THE (ALSO CALLEAD AS THE PATH TRAVSEL) IT IS THE IMPORTANT VULNERABILITY=========== 53 | 54 | =========EVERY LINUX MUST HAVE THIS FILE================== 55 | put this command : cat /etc/passwd 56 | 57 | =============windows must have the win.ini================= 58 | use command as the---------------> ../../../../windows.win 59 | 60 | ===================================TOOL================= 61 | cyberchef------->it is used for the check png and thee file to small size.... 62 | 63 | 64 | ========================maximum working depends upon the====================== 65 | REPEPEATER ONLY 66 | NOT INTRUDER 67 | 68 | ======commands====================== 69 | ping facebook.com -c 4 | grep 163 70 | 71 | =====MUST KNOW THIS SHELL AND ALSO ASK ABOUT THIS SHELLS IN INTERVIEW QUESTIONS======================= 72 | web shell------>brower 73 | bind shell-------------->process/service/port combine 74 | reverse shell---------->USER INTERACTION 75 | website name : revshell.com 76 | ===================tools if the system has been hacked we use to check it.!!!========================= 77 | process explorer 78 | TCPVIEW 79 | 80 | ghpsheel ----> it will be the hacking entire the system...... 81 | 82 | canarytokens---->it is the website to hack the cookies.................. 83 | 84 | ANGRYIPSCANNER------------>ITS SCANNING THE IP ADDRESS.... 85 | IN KALI WE USED ----------> NETDISCOVER TOOL FOR THE SCAN THE IP ADDRESS 86 | 87 | 88 | ===================INSTALL COMMAND ================ 89 | KALI COMMAND 90 | ================================================== 91 | python -m pip install -r requirments 92 | cd... 93 | 94 | Download Academy.7z 95 | 96 | Download Splung Enterprise 97 | 98 | cmd 99 | - ip link set dev ens33 up 100 | - dhclient -v ens33 101 | 102 | localhost port 8000 103 | 104 | SIEM tool - Security Information and Event Management 105 | 106 | 107 | 108 | 109 | 110 | 111 | ====================SOME COMMON TERMS===================================================== 112 | .bat - batch file 113 | - You can create a simple virus using .bat file. 114 | 115 | In windows 116 | - In notepad 117 | - type 118 | @echo off 119 | start cmd 120 | start powershell 121 | start ... 122 | which are all run along the run we can type 123 | 124 | - save as this file as filename.bat and select filetype as all files. 125 | 126 | IN linux 127 | -create .sh file shell file and write the batch file. 128 | 129 | Edit the environment variable 130 | enter to the environmental variable 131 | - System variable contains 132 | -add path system32 to run ipconfig and alse delete and replace the bat file. 133 | 134 | PING 135 | 136 | ping google.com -c 4 for linux 137 | ping google.com -n 4 for windows 138 | it can show all the websites ip address. 139 | 140 | 141 | 142 | Packet Tracer 143 | 144 | -same device use cross over wires. 145 | -diff device use straight through. 146 | -Connect two router using coaxial or serial dce wires. 147 | 148 | NIC - Network Interface Card : This card helps to use wifi. 149 | 150 | ***********Ping uses ICMP protocol******** 151 | 152 | Hub: 153 | - Hub runs with ip address so it send packet to all the pcs which are all connected to the hub. 154 | Switch: 155 | -Switch runs with both MAC address and Ip address.SO it can able to send another switch with same ip address of the pcs. 156 | 157 | =======================HACKING WEBSITE========================= 158 | https://book.hacktricks.xyz. 159 | 160 | ================GPO=============== 161 | 1.local 162 | 2.non-local 163 | 3.starter group policy object. 164 | 165 | NOTE: 166 | AUTERITICATION MECHANISHM------->MAJOR REASON TO HAPPEND HACKING!!!!!!!!!!!!!!!!!. 167 | 168 | wifite------------>it is the tool used by all to hack wifi passwords 169 | netsh wlan show profile----> to check which are the devies are in connected by you in hotspot..! 170 | -------------------------------------------------------------------------------- /NMAP COMMANDS: -------------------------------------------------------------------------------- 1 | Net discover: 2 | - sudo netdiscover ip 3 | for range 4 | - sudo netdiscover -r myip 5 | 6 | create directory and touch file target and store the output. 7 | 8 | NMAP COMMANDS USED FOR THE: 9 | namp 192.168.1.44 -sV -d -d -p1-65535 -v -A -min-rate=3000 -oN test.tx 10 | IT IS COMMAND USED TO RUN FOR THE PC IP TRACE IT EACH COMMAND AS THE ONE DIVISION. 11 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | #cybersecurity 2 | -------------------------------------------------------------------------------- /SOME CISCO TERMS AND CLOUD WORKS: -------------------------------------------------------------------------------- 1 | CICSO WSA - Secure Web Appliance 2 | 3 | SSO - Single Sign On 4 | Single sign-on (SSO) is a session and user authentication service that permits a user to use one set of login credentials. 5 | -- for example, a username and password -- to access multiple applications. 6 | SSO is used by organizations of all sizes and individuals to ease the management of multiple credentials. 7 | 8 | FrameWork - Collection of tools or Software 9 | Ex: VS code, PyCharm 10 | 11 | Platform - Developing, Testing, Deploying and Maintaining all are given by the single company. 12 | 13 | Infrastructure - Provide a Infrastructure to set of members. 14 | ex: Auto proctor 15 | 16 | how cloud works 17 | data storage 18 | access anywhere 19 | virtualization 20 | scalability 21 | cost-effective 22 | 23 | SSH - Cloud Server 24 | Ftp - port 21 25 | SSH - port 22 26 | MySql - 3306 27 | Ping uses ICMP protocol and no port. 28 | 29 | =========================================Youtube Channel=================== 30 | pro hacker: John Hamor 31 | Beginner: Ipcsec, David Bombal 32 | 33 | =================INTERVIEW QUESTIONS======================== 34 | 1.risk avoidance 35 | 2.risk acceptance 36 | 3.risk mitigation 37 | 4.risk transfer. 38 | 5.sql injunction.(prevent,use,need). 39 | 5.Mitre ATTACK. 40 | 41 | Threat Protection 42 | Shared Responsibilities 43 | Business Continuity 44 | 45 | 46 | Cloud : 47 | - Public Cloud 48 | - Private Cloud 49 | - Hybrid Cloud 50 | - Community Cloud 51 | 52 | Providers: 53 | AWS 54 | Azure 55 | Google Cloud 56 | Digital Ocean - popuraling in recent days 57 | 58 | Cloud Security Challenges: 59 | - Data Breaches : Unauthorized access leading to sensitive data exposure and security breaches. 60 | - Data Loss : Unintensional or Malicious Deletion or Corruption of data. 61 | - Compliance Concerns : Adhering to industry and government regulation. 62 | - Insider Threats : Security posed by employees. 63 | SOP----->STANDARD OBJECT PROCEDURE . 64 | -------------------------------------------------------------------------------- /Splunk.txt: -------------------------------------------------------------------------------- 1 | Open academy in vmware 2 | username: root 3 | pass : tcm 4 | 5 | ip link set dev ens33 up 6 | 7 | dhclient -v ens33 8 | 9 | now you can see the ip address for the academy 10 | 11 | GO to windows 12 | cmd : 13 | - ssh root@ipaddress 14 | - useradd -m splunkfwd 15 | - groupadd splunkfwd 16 | - export SPLUNK_HOME="/opt/splunkforwarder" 17 | - mkdir $SPLUNK_HOME 18 | 19 | then download splunk download for linux and copy that link 20 | 21 | paste in the terminal 22 | 23 | then use dpkg -i filename to install 24 | 25 | - chown -R splunkfwd:splunkfwd $SPLUNK_HOME 26 | - $SPLUNK_HOME/bin/splunk start --accept-license 27 | set administrator user name and pass 28 | 29 | then navigate to opt/splunkforward/bin 30 | 31 | then check status 32 | - ./splunk status 33 | Check it is runnning 34 | 35 | ./splunk add forward-server 172.1.42.44:9997 36 | 37 | then put username pass created in cmd 38 | 39 | 40 | then goto splunk webpage 41 | localhost:8000 42 | 43 | setting -> forwarding and receiving -> configure recieving -> add port 9997 44 | 45 | then 46 | setting -> monitor console -> forwarders -> forwarder instance -> enable the setup 47 | 48 | then you can see the academy 49 | 50 | to check - ./splunk list forward-server 51 | 52 | similarly remove - ./splunk remove forward-server 53 | 54 | Add Firewall: 55 | go to windows defence firewall 56 | - in inbound rule -> add rule -> both udp and tcp of the port 9997 57 | - click property -> add specific ip or range to allow. 58 | -------------------------------------------------------------------------------- /academedy and splunk cmd: -------------------------------------------------------------------------------- 1 | ================Download Academy.7z====================== 2 | 3 | ==============Download Splung Enterprise=============== 4 | 5 | cmd 6 | - ip link set dev ens33 up 7 | - dhclient -v ens33 8 | 9 | localhost port 8000 10 | 11 | SIEM tool - Security Information and Event Management 12 | -------------------------------------------------------------------------------- /cyber stages and the model: -------------------------------------------------------------------------------- 1 | ============================================================================There are the seven stages of cyber kill chains=================================================== 2 | 1.RECONNAISSANCE---->it used to the tactics for the attack. 3 | 2.WEAPONISATION------>it used to the needs and intenses of attack of the malware 4 | 3.DELIVERY------->it covers the malware . 5 | 4.EXPLOITATION--->it is the vulnerability of the execute code 6 | 5.INSTALLATION--->it is the malware of the gain tools 7 | 6.COMMAND AND THE CONTROL---->The malware gives the intruder / attacker access in the network/system. 8 | 7.ACTION ON OBJECTIVIES ----> It signifies the completion of the attack's primary objective. 9 | ================MUST YOU KNOW ================================ 10 | 11 | DIAMOND MODEL 12 | 1.adversary--->2.victim--->3.infrastructure--->4.factor conditions. 13 | -------------------------------------------------------------------------------- /cybersecurity terms and procedure: -------------------------------------------------------------------------------- 1 | ====================IMPORTANT CYBERSECURITY TERMS YOU MUST KNOW IF YOU WANT TO BE CYBERIST================================== 2 | POLICY 3 | PROCEDURE 4 | STANDARD 5 | REGULATIONS 6 | 7 | TERMS===================================================================== 8 | To find network vulnerabilities 9 | Ascade-password cracking tool 10 | bruteforce 11 | RAT-remote access trorzan 12 | data and resource,securing,security,safeguarding 13 | physical control and administrative control,logical control theses are the security controls 14 | pord scanning 15 | protocol is the set of rules 16 | TCP port-65,535 ports is the total ports 17 | UDP port-65,535 is the additional port.... 1,31,070 total ports jointed of the TCP,UDP.tcp is used wide range. 18 | http port 80 is the website is unsafe 19 | htpps port 443-SECURE SOCKET LAYER 20 | differnce of http and https 21 | blockchain 22 | exploid-sql injunction 23 | section hijacking 24 | phising 25 | IP address 26 | cloud ,DNS 27 | spoofing 28 | hashing,meta sploite 29 | backdoor 30 | ethical hacker-a process of detecting vulnerabilities in an application, system, or organization's infrastructure that an attacker can use to exploit an individual or organization. 31 | webserver,website and web applications,webpages differnace 32 | web application security testing and the peneration testing. 33 | offensive(red team) and the defensive(blue team)(SOC ANALYST,MALWARE ANALYST)-two fields 34 | three types of the hackers 35 | 1.white hat 36 | 2.black hat 37 | 3.grey hat. 38 | CIA STANDS FOR THE confidenitialy,intergity,avalibility-these are the network security 39 | auterincation another one name access control 40 | three factors only as the-->verify identity,biometrics,physical proof(aadhar card,pan card,voter id of a particular person) 41 | ENCRYPTION-clear text to cyber text. 42 | Breach-the loss of control 43 | Event-Any observable occurance in a network or system 44 | Expliot-A particular attack. 45 | Incident-An event that actually or potienally jeopardizes the confidentally,integrity or avalibilty. 46 | Intrusion-A security event,or combination of events.It is IETF RFC 4949 Ver 2. 47 | Threat-Any circumstance or event with the operations 48 | VULNERBILITY-weakness is a information system security procedures.IT IS THE NIST SP 800-30 rev 1. 49 | Zero Day-A previously unknown System vulnerability with the potiential of exploitation without risks 50 | TOE-target of evaluation 51 | Ipv6-128b-hex-0-9,A,B,C,D,E,F 52 | differnce of IPV4 and the IPv6 53 | 192.168.1.0-192.168.1.255-->256 IPs 54 | ipconfig 55 | nv path=> pre defined commands to give in cmd 56 | cross over=> connect same network devices 57 | straight through=> connect different network 58 | serialDTE=>to connect two router 59 | packet tracking tool--->to lostern the 60 | icmp-->internet conrol message protocol 61 | DHCP---->default IP 62 | Tracert-----> give ip address 63 | SOC-->Security operations center (ROLE OF IT IN CYBERSECURITY ONE DOMAIN) 64 | LO---->loop back internet interface 65 | w lan--->wireless Lan 66 | etho-->Ether net 67 | proxy---> an individual, legally allowed to act on behalf of another party or a format that would allow a participant to vote without being physically present at the meeting. 68 | VPN-->Encryption/Decryption the connection between the client and the server. 69 | ENCRYPTION : clear text to cyber text 70 | DECRYPTION : cyber text to clear text. 71 | Bruteforceattack---->it combines to check to all the combination of the all the virus format.! 72 | Dictionaryattack--->it checks only the one of the combination to check to compare your password to the others if same it will be the hacked..! 73 | SUCCESS CODE---->200 74 | staring of 5------->SERVER SIDE............ 75 | USER AGENT---> it calls the browser 76 | SESSION TOKEN hijacked ----->session token should be secured 77 | TLD-->TOPM LEVEL DOMAIN 78 | web protocol---->http/https 79 | Doamin--->Example.com 80 | Subdomains--->maps.example.com 81 | REPEATER (IN BRUTESUITE)----->SAME THING CAN DO IN AGAIN AND AGAIN...... 82 | ENUMERATION----> USER,PHONE NO,EMAIL 83 | WAF(WEB APPLICATION FIREFALL)--->it is the rate limiting. 84 | 404----------->client side error. 85 | 86 | 87 | 88 | =================LINUX TO GET FROM ============================== 89 | DEFAULT LOCATION:/var/www/html 90 | 91 | ===============WINDOWS TO GET FROM================================= 92 | DEFAULT LOCATION : C:\inetpub\wwwroot 93 | 94 | ===============LOCATION SAYS :============================[URL BASIC HOW IT HAS ] 95 | HTTP/2 -HTTPS 96 | HTTP/1.1-HTTP 97 | 98 | ====IF REQUEST HOST====== 99 | host : website name .com 100 | ===LOCATION TO REDIRECT ============= 101 | https://www.website.com/intl/en-GB/mail/help/website.html 102 | 103 | 104 | CLIENT--> BURP PROXY-->SERVER 105 | evertimes it will goes proxy and then only go to others 106 | 107 | 108 | TOR- BITCOIN 1b- $67000 109 | 110 | 111 | CLIENT--->PROXY 1-->PROXY 2--->PROXY 3 --> PROXY 4-->PROXY 5 --->PROXY 6 ---->Server 112 | 113 | 114 | IMPORTANT INTERFACE BETWEEN BETWEEN CLIENT TO SERVER MUST REMAINS ..!! 115 | INTERVIEW IMPORTANT QUESTION IN DEVELOPING SIDE AND ALSO HERE : NOTE 116 | =============================== 117 | client request-----> server response---->DB 118 | HTTP METHODS RESPONSE CODE 119 | GET 1XX--Informational 120 | POST 2xx-OK 121 | PUT 3xx-Redirection 122 | OPTIONS 4xx-Client-side error 123 | DELETE 5x--Server-side error 124 | 125 | MUST KNOW..........!!!!!!!!!!! 126 | ============= 127 | HTTP(METHODS) 128 | GET 129 | POST 130 | PUT 131 | OPTIONS 132 | DELETE 133 | 134 | What is a Pua?=========================================================== 135 | Potentially unwanted application or applications (PUAs), classified as grayware, refer to applications installed in a mobile device or a computer that may pose high risk or have untoward impact on user security and/or privacy. 136 | 137 | 138 | 139 | FIND WEBSITE NAME TO IP ADDRESS==== 140 | COMMAND============ 141 | put as the command prompt 142 | website name -c 4(4 indicates as the packet) 143 | then you go to wireshark and given as the ip.addr== the ip address of the website 144 | 145 | TOOLS=================================================================== 146 | wireshark--->packet analysis tool 147 | VIRUSTOTAL---> for the pupose of hash value checking and also checking the Antivirus checking. 148 | BURP SUITE ----> it is the tool must know it ... 149 | 150 | BURP SUITE DEFAULT IP PORT ADDRESS============================================= 151 | 8080 152 | 153 | IMPORTANT COMMANDS FOR CMD============ 154 | NOTE :IT ONLY RUNS IN KALI OS 155 | sudo--->do as a super user(full form) 156 | sudo nmcli networking on : 157 | sudo service NetworkingManger Start : 158 | 159 | 160 | 161 | INTERVIEW QUESTIONS :(IMPORTANT) 162 | ============================================================== 163 | Symmetric Encrp -single key 164 | Asymmetric Encrp -Public/private key 165 | what is Three way handshake ?-----they all done in the tcp protocols 166 | 1.SYN 167 | 2.SYN-ACK 168 | 3.ACK 169 | TLS(transport layer security)-HANDSHAKE. 170 | differnce of the Encryption and Hashing. 171 | WHAT IS VA(VULNERABILITY ASSESMENT). 172 | what is risk matrics ? 173 | 174 | 175 | 176 | 177 | ERROR__________________ 178 | desination host if it comees it error ---->cisco packet tracer 179 | timeout error-->in cisco packet tracer if it comes means it has error speeling of name or the ip address wrong... 180 | 181 | 182 | 183 | COMMANDS 184 | =========================================================== 185 | ipconfig=> to get my id address 186 | ping --help=> to display help command 187 | (WIN)ping (ipaddress) -n (no.of req)=> to send n no of request 188 | (Linux) ping (ipaddress) -v (no.of req)=> to send n no of request 189 | 190 | POWERSHELL COMMANDS======================================================================= 191 | where (file name)=> to find the location of the application 192 | cat (file name) (WIN)/more(Linux)=> to read the file 193 | echo "hai" >(filename)=>to insert the text in file 194 | echo "hai" >>(filename)=>to append the text in file 195 | mkdir (folder name)=> make directory 196 | mv (filename) (folder name)=> to cut paste 197 | cp (filename) (folder name)=> to copy paste 198 | python -m http.server 80=>to run server. 80 is port name 199 | Get-fileHash -----> Get-filehash. filepath(IT HAS THE CHECKS THE file is secured or not ) 200 | 201 | Example : 202 | Get-fileHash '.\kali-Linux-2023.4-vmware-amd64.7z' 203 | -------------------------------------------------------------------------------- /networks.txt: -------------------------------------------------------------------------------- 1 | What is network? 2 | A network consists of two or more computers that are linked in order to share resources (such as printers and CDs), exchange files, or allow electronic communications. 3 | The computers on a network may be linked through cables, telephone lines, radio waves, satellites, or infrared light beams. 4 | 5 | Network vulnerability: 6 | Network vulnerability is the weakness of the network. 7 | 8 | DHCP: 9 | - Dynamic Host Configuration Protocol (DHCP) is a client/server protocol that automatically provides an Internet Protocol (IP) host with its IP address and other related configuration information such as the subnet mask and default gateway. 10 | 11 | DNS: 12 | - DNS, or the Domain Name System, translates human readable domain names (for example, www.amazon.com) to machine readable IP addresses (for example, 192.0.2.44). 13 | veracrypt------>it is the tool used by the forentics engineerfor the hacking. 14 | 15 | ============== network connection============== 16 | in vmware in command prompt in linux kali 17 | sudo service NetworkManager start 18 | sudo nmcli networking on 19 | 20 | John Hammond(YOUTUBE) ------> if you want to learn the dark web . 21 | -------------------------------------------------------------------------------- /some other terms thread in cyber security: -------------------------------------------------------------------------------- 1 | =================================PWN2OWN============ 2 | it is name of hacking competition. 3 | 4 | ======================FOOTPRINTING==================== 5 | it is nothing but information gathering 6 | Active-->it is used nmap tool to scan the target. 7 | passive-->it collects information without accessing the target in nmap. 8 | 9 | ======================OSINT FRAMEWORK================= 10 | open source framework 11 | 12 | ================interview qustions================== 13 | 1.differnent between virus and Ddos attack 14 | 2.what is ransomeware 15 | 3.what is the DDOS attack. 16 | 4.how to do you assess risk. 17 | 18 | 19 | Keylogger - Hack Key board and trace every move. 20 | 21 | Research Paper:Code 22 | 23 | *forbes research - to know more about cubersecurity. 24 | *Check Point 25 | 26 | ====================SOME TERMS=============================================== 27 | Spyware - install any software from our device and spy. 28 | Rootkits - doesnot go even reset your pc or reinstall our os. 29 | Trojon - Hiding software from other legit software 30 | Ransomware - Encrypt our software and give popup in our system and blackmail, 31 | Dos attack - Send a network traffic from different ip address. 32 | 33 | NIST(cybersecurity framework)------->identify,protect,detect,respond,rec 34 | 35 | firewall--->A Firewall is a network security device that monitors and filters incoming and outgoing network traffic based on an organization's previously established security policies. 36 | STATEFUL-->A stateful firewall is a kind of firewall that keeps track and monitors the state of active network connections 37 | stateless-> it doesn't maintain an internal state from one packet to another 38 | HIDS--->host based deduction system 39 | NIDS--->network intruter based detection system. 40 | -------------------------------------------------------------------------------- /tools.txt: -------------------------------------------------------------------------------- 1 | Hashcalc: 2 | Get-FileHash filename - to get a hash value. 3 | 4 | Virustotal.com 5 | website helps to check virus using hash value of the file or url. 6 | 7 | WireShark: 8 | - Wireshark is a packet analyzer tool. 9 | - Statistics -> Protocol Heirarchy : to show the each and every layer of the OSI layer. 10 | filter: ip.addr == (ip address) 11 | For https: 12 | Three way handshake 13 | TLS layer - (Transport Layer Security) : Helps to share public key between client and server. 14 | Then work under Asymmetric encryption. 15 | 16 | 17 | Burp Suit: 18 | Client -----> Burp Proxy -----> Server 19 | Goto Proxy -> Run browser -> http history to see every request of the webpage open in the web browser. 20 | User Agent : Mention the used browser. 21 | - Open Firefox 22 | - Add foxyproxy extension and add burp suite proxy with ip and port and on it. 23 | - Then it will able to use the http and u cannot open https. 24 | - http://burpsuite/ and download ca certificate and import the certificate to firefox settings. 25 | - Then we can use https server in the firefox. 26 | - And monitor http history in the burpsuite tool. 27 | 28 | HTTP/1.1 - http 29 | HTTP/2 - https 30 | 31 | GET v1/files/ HTTP/2 32 | Host - mobizilla.com 33 | 34 | https://mobizilla.com/v1/files 35 | Repeater: 36 | To find username or password - Send a specific request to repeater and change the required section and send it . It shows the kind of error. It helps to crack the password. 37 | ======================================================================================================= 38 | Intruder: 39 | - Send the request to the intruder. 40 | - Select the payload position and click add to add position. 41 | - Go to payloads and paste the multiple password and start attack. 42 | Set scope 43 | - Go to target 44 | - Add include and exclude scopte url` 45 | 46 | 47 | 48 | ZAP(Zaproxy) : TO check the vulnerability of the url. 49 | Tenable Nessus : Every 90 days scsn 16 Ip address. 50 | 51 | OWASP top ten vulnerability 52 | How to detect and How to prevent ? 53 | 54 | 55 | Nikto 56 | WPscan 57 | Metasploit 58 | 59 | 60 | Angry Ip Scanner - to scan ip address 61 | terminalL: sudo netdiscover -r 172.1.42.45/16 62 | 63 | NIKTO: 64 | - Helps to find the outdated vulnerability. 65 | nikto --url https://mkce.ac.in 66 | 67 | pimeyes - to search image to socail media account. 68 | 69 | 70 | Splung - Defence tool 71 | SIEM tool 72 | WIndows machine work as a server 73 | 74 | ====Splung Forwarder=== 75 | - helps to connect device to the server device. 76 | 77 | 78 | etterhacp /bettercap------------>it is the tool in KALI it is like we can see the user id of others pc (NOTE:ILLEGAL).(MAN IN A MIDDLE). 79 | (setoolkit)---------->SOCIAL ENGINEERING TOOLKIT............. 80 | --------------------------------------------------------------------------------