BillyTech

The term OS fingerprinting in Ethical Hacking refers to any method used to determine what operating system is running on a remote computer. This could be − Active Fingerprinting − Active fingerprinting is accomplished by sending specially crafted packets to a target machine and then noting down its response and analyzing the gathered information to determine the target OS. In the following section, we have given an example to explain how you can use NMAP tool to detect the OS of a target domain. Passive Fingerprinting − Passive fingerprinting is based on sniffer traces from the remote system. Based on the sniffer traces (such as Wireshark) of the packets, you can determine the operating system of the remote host. We have the following four important elements that we will look at to determine the operating system − TTL − What the operating system sets the Time-To-Live on the outbound packet. Window Size − What the operating system sets the Window Size at. DF −

Footprinting is a part of reconnaissance process which is used for gathering possible information about a target computer system or network. Footprinting could be both passive and active . Reviewing a company’s website is an example of passive footprinting, whereas attempting to gain access to sensitive information through social engineering is an example of active information gathering. Footprinting is basically the first step where hacker gathers as much information as possible to find ways to intrude into a target system or at least decide what type of attacks will be more suitable for the target. During this phase, a hacker can collect the following information − Domain name IP Addresses Namespaces Employee information Phone numbers E-mails Job Information In the following section, we will discuss how to extract the basic and easily accessible information about any computer system or network that is linked to the Internet. Domain Name Information You c

Information Gathering and getting to know the target systems is the first process in ethical hacking. Reconnaissance is a set of processes and techniques (Footprinting, Scanning & Enumeration) used to covertly discover and collect information about a target system. During reconnaissance, an ethical hacker attempts to gather as much information about a target system as possible, following the seven steps listed below − Gather initial information Determine the network range Identify active machines Discover open ports and access points Fingerprint the operating system Uncover services on ports Map the network We will discuss in detail all these steps in the subsequent chapters of this tutorial. Reconnaissance takes place in two parts − Active Reconnaissance and Passive Reconnaissance . Active Reconnaissance In this process, you will directly interact with the computer system to gain information. This information can be relevant and accurate. But there is a r

Like all good projects, ethical hacking too has a set of distinct phases. It helps hackers to make a structured ethical hacking attack. Different security training manuals explain the process of ethical hacking in different ways, but for me as a Certified Ethical Hacker, the entire process can be categorized into the following six phases. Reconnaissance Reconnaissance is the phase where the attacker gathers information about a target using active or passive means. The tools that are widely used in this process are NMAP, Hping, Maltego, and Google Dorks. Scanning In this process, the attacker begins to actively probe a target machine or network for vulnerabilities that can be exploited. The tools used in this process are Nessus, Nexpose, and NMAP. Gaining Access In this process, the vulnerability is located and you attempt to exploit it in order to enter into the system. The primary tool that is used in this process is Metasploit. Maintaining Access It is the

As an ethical hacker, you will need to understand various hacking techniques such as − Password guessing and cracking Session hijacking Session spoofing Network traffic sniffing Denial of Service attacks Exploiting buffer overflow vulnerabilities SQL injection In this chapter, we will discuss some of the skills that you would require to become an expert in Ethical Hacking. Basic Skills Computer Hacking is a Science as well as an Art. Like any other expertise, you need to put a lot of effort in order to acquire knowledge and become an expert hacker. Once you are on the track, you would need more effort to keep up-to-date with latest technologies, new vulnerabilities and exploitation techniques. An ethical hacker must be a computer systems expert and needs to have very strong programming and computer networking skills. An ethical hacker needs to have a lot of patience, persistence, and perseverance to try again and again and wait for the required result. Additi

NMAP Nmap stands for Network Mapper. It is an open source tool that is used widely for network discovery and security auditing. Nmap was originally designed to scan large networks, but it can work equally well for single hosts. Network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime. Nmap uses raw IP packets to determine − what hosts are available on the network, what services those hosts are offering, what operating systems they are running on, what type of firewalls are in use, and other such characteristics. Nmap runs on all major computer operating systems such as Windows, Mac OS X, and Linux. Metasploit Metasploit is one of the most powerful exploit tools. It’s a product of Rapid7 and most of its resources can be found at: www.metasploit.com. It comes in two versions − commercial and free edition . Matasploit can be used with command prompt or with Web UI. Wi

Both light microscopes and electron microscopes use radiation (light or electron beams) to form larger and more detailed images of objects (e.g. biological specimens, materials, crystal structures, etc.) than the human eye can produce unaided. (See also: What is eyesight ? ) An electron microscope is a microscope that uses beams of electrons instead of rays of visible light to form highly magnified images of tiny areas materials or biological specimens. Comparing light vs electron microscopes is made more complicated by the fact that there are different types of electron microscopes. The two main types of electron microscope are the Transmission Electron Microscope (TEM) and Scanning Electron Microscope (SEM). Other types of electron microscope include the Scanning Tunneling Microscope (STM) and Field Emission Transmission Microscope (FE-TEM). Brief notes, see the tables lower down this page for figures, explanations and comments:

By Ali Mansur You wouldn’t want to find yourself on the business end of a New Guinean bone dagger. In previous centuries, warriors on the South Pacific island used these blades in close-quarters combat to kill outright, finish off foes wounded by arrows or spears, or disable and capture enemies. The elaborately decorated daggers were primarily made from the leg bones of large flightless native birds called cassowaries (like the bottom dagger pictured above), potent symbols of agility and aggression. More rarely, they were fashioned from human thigh bones taken from battle-proven warriors (the top two daggers pictured). Yet, historical cassowary daggers tend be relatively flat, whereas human bone daggers are relatively more curved, and nobody is quite sure why. To find out, a team of anthropologists and engineers investigated the structural mechanics of blades made from the different bones. A computerized tomography scanner a

Following is a list of important terms used in the field of hacking. Adware − Adware is software designed to force pre-chosen ads to display on your system. Attack − An attack is an action that is done on a system to get its access and extract sensitive data. Back door − A back door, or trap door, is a hidden entry to a computing device or software that bypasses security measures, such as logins and password protections. Bot − A bot is a program that automates an action so that it can be done repeatedly at a much higher rate for a more sustained period than a human operator could do it. For example, sending HTTP, FTP or Telnet at a higher rate or calling script to create objects at a higher rate. Botnet − A botnet, also known as zombie army, is a group of computers controlled without their owners’ knowledge. Botnets are used to send spam or make denial of service attacks. Brute force attack − A brute force attack is an automated and the simplest kind of method to

Phishing is the most common technique used for hacking FB passwords. It is very easy for someone who is having little technical knowledge to get a phishing page done. That is why phishing is so popular. Many people have become a victim of Phishing page due to its trustworthy layout and appearance. How does phishing work? In simple words, phishing is a process of creating a duplicate copy of the reputed website’s page with the intention of stealing user’s password, or other sensitive information like credit card details . In our topic, it means creating a page which perfectly looks like Facebook login page but in a different URL like fakebook.com , or faecbook.com , or any URL that  pretends to be legit . When a user lands on such a page, he/she may think that is the real Facebook login page, asking him/her to provide his/her username and password. So, the people who do not find phishing page suspicious are going to enter their username & password. The password info

Jonathan James Jonathan James was an American hacker, illfamous as the first juvenile sent to prison for cybercrime in United States. He committed suicide in 2008 of a self-inflicted gunshot wound. In 1999, at the age of 16, he gained access to several computers by breaking the password of a server that belonged to NASA and stole the source code of the International Space Station among other sensitive information. Ian Murphy Ian Murphy, also known as Captain Zap, at one point of time was having high school students steal computer equipment for him. Ian selfproclaims to have been "the first hacker ever convicted of a crime". Ian's career as a master hacker was fabricated in 1986 after he and his unemployed wife decided to form some type of business. He has a long history of computer and Internet frauds. One of his favourite games is to forge Email headers and to send out third-party threat letters. Kevin Mitnick Kevin Mitnick is a computer s

Hackers can be classified into different categories such as white hat, black hat, and grey hat, based on their intent of hacking a system. These different terms come from old Spaghetti Westerns, where the bad guy wears a black cowboy hat and the good guy wears a white hat. White Hat Hackers White Hat hackers are also known as Ethical Hackers . They never intent to harm a system, rather they try to find out weaknesses in a computer or a network system as a part of penetration testing and vulnerability assessments. Ethical hacking is not illegal and it is one of the demanding jobs available in the IT industry. There are numerous companies that hire ethical hackers for penetration testing and vulnerability assessments. Black Hat Hackers Black Hat hackers, also known as crackers , are those who hack in order to gain unauthorized access to a system and harm its operations or steal sensitive information. Black Hat hacking is always illegal because of its bad intent which