Ethical Hacking

* Using the Windows Management Instrumentation Command-line (WMIC) tool The Windows Management Instrumentation Command-line (WMIC) is a command-line and scripting interface that simplifies the use of Windows Management Instrumentation (WMI) and systems managed through WMI. WMIC is based on aliases. Aliases make the primary data provided by WMI available without having to understand WMI-specific concepts. WMI data and many WMI features are also accessible through WMI without aliases. You can list the available aliases by using WMIC /? help. WMIC has a progressive help system. You can use /? at any time and at any depth to discover the additional options that are available in the current context. /? lists the currently available aliases, commands, and the global switches (that is, switches that apply to WMIC overall). To list the verbs and switches available for an alias, type the name of the alias and /?. To list the parameters available for a particular verb, type the name of th...

* Network Scanning Network scanning is a procedure for identifying active hosts on a network , either for the purpose of attacking them or for network security assessment. Scanning procedures, such as ping sweeps and port scans, return information about which IP addresses map to live hosts that are active on the Internet and what services they offer. Another scanning method, inverse mapping, returns information about what IP addresses do not map to live hosts; this enables an attacker to make assumptions about viable addresses. Scanning is one of three components of intelligence gathering for an attacker. In the foot printing phase, the attacker creates a profile of the target organization, with information such as its domain name system (DNS) and e-mail servers, and its IP address range. Most of this information is available online. In the scanning phase, the attacker finds information about the specific IP addresses that can be accessed over the Internet, their operating systems...

* Some Techniques used for Footprinting - Ping Sweep Ping a range of IP addresses to find out which machines are awake. how to ping? Go to cmd -> type: ping (address/domain) eg. ping www.facebook.com - TCP Scans Scan the ports on a machine to see which services are offered.TCP scans can be performed by scanning a single port on a range of IPs, or by scanning a range of ports on single IP, both techniques yield useful information. - Open Source Footprinting It is the easiest and the safest way to go about finding information that is available to the public, such as phone numbers, addresses, etc. Performing whois requests, searching through DNS tables are other forms of open source footprinting. Most of this information is fairly easy to get and within legal limits. One way to check for sensitive information is to check the HTML source code of the website to look for links, comment,Meta tags etc. -   Using Tools whois is the best tool to get information about the w...

* Network cameras A network camera, often also called an IP camera, can be described as a camera and computer combined in one unit. The main components of a network camera include a lens, an image sensor, one or several processors, and memory. The processors are used for image processing, compression, video analysis and networking functionalities. The memory is used for storing the network camera’s firmware (computer program) and for local recording of video sequences. Like a computer, the network camera has its own IP address, is connected directly to a network and can be placed wherever there is a network connection. This differs from a web camera, which can only operate when it is connected to a personal computer (PC) via the USB or IEEE 1394 port, and to use it, software must be installed on the PC. A network camera provides web server, FTP (File Transfer Protocol), and e-mail functionalities, and includes many other IP network and security protocols. A network camera can ...

* DNS (Domain Name System) Domain Name Servers (DNS) are the Internet's equivalent of a phone book. They maintain a directory of domain names and translate them to Internet Protocol (IP) addresses. This is necessary because, although domain names are easy for people to remember, computers or machines, access websites based on IP addresses. Information from all the domain name servers across the Internet are gathered together and housed at the Central Registry. Host companies and Internet Service Providers interact with the Central Registry on a regular schedule to get updated DNS information. When you type in a web address, your Internet Service Provider views the DNS associated with the domain name, translates it into a machine friendly IP address and directs your Internet connection to the correct website. After you register a new domain name or when you update the DNS servers on your domain name, it usually takes about 12-36 hours for the domain name servers world-...

* Web Hosting Web hosting is a service that allows organizations and individuals to post a website or web page onto the Internet. A web host, or web hosting service provider, is a business that provides the technologies and services needed for the website or webpage to be viewed in the Internet. Websites are hosted, or stored, on special computers called servers. When Internet users want to view your website, all they need to do is type your website address or domain into their browser. Their computer will then connect to your server and your webpages will be delivered to them through the browser. Most hosting companies require that you own your domain in order to host with them. If you do not have a domain, the hosting companies will help you purchase one. If you decide to create and host your website with Website.com, you can get a custom domain, email addresses, and web hosting all bundled into one subscription. * Types of Web Hosting Some of the basic types of Web Host...

* Data Extraction Data extraction is the act or process of retrieving data out of (usually unstructured or poorly structured) data sources for further data processing or data storage (data migration). The import into the intermediate extracting system is thus usually followed by data transformation and possibly the addition of metadata prior to export to another stage in the data workflow. Typical unstructured data sources include web pages, emails, documents, PDFs, scanned text, mainframe reports, spool files, classifieds, etc.Extracting data from these unstructured sources has grown into a considerable technical challenge where as historically data extraction has had to deal with changes in physical hardware formats, the majority of current data extraction deals with extracting data from these unstructured data sources, and from different software formats. This growing process of data extraction[3] from the web is referred to as Web scraping. * Data Extraction Tools:- Ther...

* Footprinting Footprinting is a part of reconnaissance process which is used for gathering possible information about a target computer system or network. Footprinting could be both passive and active. Reviewing a company’s website is an example of passive footprinting, whereas attempting to gain access to sensitive information through social engineering is an example of active information gathering. Footprinting is basically the first step where hacker gathers as much information as possible to find ways to intrude into a target system or at least decide what type of attacks will be more suitable for the target. During this phase, a hacker can collect the following information − -Domain name -IP Addresses -Namespaces -Employee information -Phone numbers -E-mails -Job Information * Some People Search Directories Some of them are:- 1. Pipl 2. Wink 3. Facebook 4. LinkedIn 5. PeekYou 6. Zabasearch 7. Google People Search 8. Phone Directories 9. OrbitCentral ...

* Microsoft Patch files Release Date Patch Tuesday occurs on the second, and sometimes fourth, Tuesday of each month in North America. As far as the integrated Windows Update (WU) function is concerned, Patch Tuesday begins at 18:00 or 17:00 UTC (10:00 PST (UTC−8) or 10:00 PDT (UTC−7). * Zero Day Attack Zero Day is an attack that exploits a potentially serious software security weakness that the vendor or developer may be unaware of. The software developer must rush to resolve the weakness as soon as it is discovered in order to limit the threat to software users. The solution is called a software patch. * Phases of Hacking The five phases of Hacking are as follow: =>Reconnaissance =>Scanning =>Gaining Access =>Maintaining Access =>Covering Tracks Reconnaissance:- This is the primary phase where the Hacker tries to collect as much information as possible about the target. It includes Identifying the Target, finding out the target's IP Add...

* IP Address  An IP address (short for Internet Protocol address), is an identifying number for a piece of network hardware. Having an IP address allows a device to communicate with other devices over an IP-based network like the internet.An IP address provides an identity to a networked device. Computer uses DNS servers to look up a hostname to find its IP address. * Different Types of IP Addresses There are private IP addresses, public IP addresses, static IP addresses, and dynamic IP addresses. - Private IP Addresses:   Private IP addresses are used "inside" a network, like the one you probably run at home. These types of IP addresses are used to provide a way for your devices to communicate with your router and all the other devices in your private network. Private IP addresses can be set manually or assigned automatically by your router. -  Public IP Addresses:   Public IP addresses are used on the "outside" of your network and are assigned by ...

* HACKING Hacking is identifying weakness in computer systems or networks to exploit its weaknesses to gain access. * TYPES OF HACKERS - White hat A white hat hacker breaks security for non-malicious reasons, either to test their own security system, perform penetration tests or vulnerability assessments for a client - or while working for a security company which makes security software. The term is generally synonymous with ethical hacker, and the EC-Council, among others, have developed certifications, courseware, classes, and online training covering the diverse arena of ethical hacking. - Black hat A "black hat" hacker is a hacker who "violates computer security for little reason beyond maliciousness or for personal gain". The term was coined by Richard Stallman. Black hat hackers form the stereotypical, illegal hacking groups often portrayed in popular culture, and are "the epitome of all that the public fears in a computer criminal". -...