Learn Cyber Security

Draw the Blueprint of the target Introduction   Drawing the blueprint of the target is putting together what you have discovered so far. We will not be performing any new ways of scanning but we will be putting together what we have found so far. It’s like inventorying the information gathered so that you can plan the attacks. Nmap Scans     So far, we have only performed the scans with nmap but haven’t stored the output or the results of the scans. Let’s just quickly give you the diagrammatic out of the nmap scans we performed with the NMAP GUI that is Zen-map. You can install this tool on the Ubuntu Box by simply typing the following command via Ubuntu Terminal. Command: sudo apt-get install zenmap.    Next , we will now put together the results of the scans so that we can blueprint the information gathered. Below diagram maps the network connectivity for the targeted network.   What we have discovered with NeXpose, let’s have a look and then w

Vulnerability Assessment & Management Knowledge Base    Although we have presented vulnerability assessment & management as a part of the information gathering phase, it is a more dedicated and critical part of the information gathering, so it was worthwhile to keep it separate in a module. Information Gathered in previous module • Network Addresses information • Operating System Level information • Open Ports • Services Information • Work group level information Next what is required?    What we need now is the vulnerabilities discovery so that we can further move one more level to discover the weaknesses in the network. Tools required    To achieve our goal of detecting & discovering vulnerabilities in the network, we need vulnerability scanners so that they can perform the job and further gather information about the vulnerabilities. We already installed two vulnerabilities scanners in our virtual hacking lab environment. Let’s login to ou

Information Gathering Introduction      Welcome to module 3 of the workshop. We have been talking about the 90/10 principle and we learned that 90 percent of the ethical hacking or penetration testing work around goes into gathering the information of the target network. We have also covered the activities usually performed in the information-gathering phase. In this module, we do hands-on in our virtual hacking lab we have justbuilt in our previous module. Prerequisite   It is strongly recommended to newcomers that they should first complete the previous modules and clear the concepts. Follow the steps to build the virtual hacking lab we have been explaining in previous two modules. Quick walkthrough    In the information gathering phase, you collect as much as information about the target network as you can. The information gathering phase is comprised of four (4) activities listed below. • Identify live hosts • Discovering operating systems • Discover

Understanding the methods for hacking Network Nodes  Introduction       In this module, we will cover the overall hacking methodology in order to attack network nodes. We spoke about the 90/10 principle in our previous module; in this module we will elaborate in granular detail to explain the concept of this principle. Prerequisites     To get the most out of this workshop, it is recommended that you should first complete the previous module before making an effort to go through this module. You must have the understanding of the terminologies explained in the previous module and have the virtual hacking lab up and running. Therefore, it is strongly recommended that you complete the previous module. 90/10 Principle    In general, this principle doesn’t reinvent the wheel, however, it highlights the core requirements of all types of ethical hacking and penetration testing. All types of ethical hacking / penetration testing basically have two main phases in overall p