Documentation PDF
Documentation PDF
Documentation PDF
Sensitive data is often personal in nature, and can include personal contact details;
demographic information; data about protected classes; financial data; health data;
and other types of data.
3.Injection:
As a broad attack category, injection occurs when code that's been entrusted or even
malware is input in a way that allows attackers to alter the meaning of key
commands. These injection attacks rely on coding vulnerabilities that make it
possible for invalidated users to enter input.
4.Insecure Design:
The insecure design does not refer to a specific mistake, but rather, an overarching
way of thinking that needs to be addressed.
5.Security Misconfiguration:
This risk increases further as many websites continue using components with known
vulnerabilities rather than updating them.
When code and infrastructure are unable to protect against integrity violations, it
could lead to security flaws impacting everything from frameworks to client-side
machines.
Server-side request forgeries (SSRF) occur when flaws in web applications allow
malicious parties to access or even modify resources simply by abusing basic server
functionality.
SQL Injection:
SQL injection is a technique used to extract user data by injecting web page inputs as
statements through commands. Basically, malicious users can use these instructions
to manipulate the application’s webserver.
SQL injection is a code injection technique that can compromise your
database.
SQL injection is 1 of the most common websites in techniques.
SQL injection is the injection of malicious code into SQL statements via
operation input
For this activity we use the tool of like Havij to know more about SQL Injection by
following steps:
Paste any link in Havij target
Click on analyse
You can see the status at the bottom of HAvij
Click on Tables
HTML-Injection:
For this activity we use bwapp.hackhub.net to know more about HTML Injection by
following steps:
Login
Select HTML Injection-Reflected(Get)
Click on “hack”
Click Go.
iFrame Injection:
For this activity also we use bwapp.hackhub.net to know more about iFrame
Injection by following steps:
Login
Select iFrame Injection-Reflected(Get)
Click on “hack”
Trojan:
A Trojan Horse Virus is a type of malware that downloads onto a computer disguised
as a legitimate program. The delivery method typically sees an attacker use social
engineering to hide malicious code within legitimate software to try and gain users'
system access with their software.
This trojan can prevented by Firewalls. This attack may occur by some Remote Access
Tojans(RATs). They are:
ActivTrak
ProRat
DarkComet
In order to
prevent
from this Trojan,
we can use
some
Trojan removers:
TotalAV
Norton
SurfShark
Bitdifender
Also we can make changes in our windows defender firewalls. First, type Firewall
Defender in our windows search bar then
Go to Inbound Rules-These are to do with other things accessing your
computer. If you are running a Web Server on your computer then you will
have to tell the Firewall that outsiders are allowed to connect to it.
Now go to Outbound Rules-These are so that you can let some programs use
the Internet, and Block others. You will want to let your Web Browser (Internet
Explorer )
Firewall:
A firewall in a computer network provides security at the perimeter by monitoring
incoming and outgoing data packets in network traffic for malware and anomalies
Types:
Over the years, you may have linked your Instagram account to third-party apps and
services. These may be completely safe, but it's possible that some of them — especially if
they're old and no longer active.
If you're worried your Instagram account may have already been compromised, you can
check your login activity to find out when and how it was accessed.
It's important to not only block but also report these accounts to Instagram, so that they
can be investigated and removed.
Mobile Security:
Advanced encryption
standard(AES) is a
specification for the
encryption of
electronic data
established by the
U.S National Institute of
Standards and Technology(NIST) in 2001. AES is widely used today as it is a much stronger
than DES and triple DES despite being harder to implement.
Points to remember:
1. AES is a block cipher.
2. The key size can be 128/192/256 bytes
3. Encrypts data in blocks of 128 bits each.
AES Encryption:
JavaInUse is an online tool for both AES and DES encryption. It provides both CBC
and ECB modes of encryption and decryption.
AES Decryption: By using the encrypted data and the secret key, we can perform
decryption.
Breaking Windows password:
Windows is the most common desktop platform currently in use. As a result, it is not
uncommon for hackers to encounter a Windows password that they need to crack in
order to gain access to a specific account on a machine or move laterally throughout
the network.
Now a days, Hackers using many tools to crack the windows passwords. Some of
them are:
1. Password Cracker
2. Rainbow Crack
3. Cain and Abel
4. John The Ripper
5. WFuzz
Password Cracker:
Password Cracker is a desktop tool that will let you view hidden passwords in
Windows applications. Some applications hide passwords by asterisks for security
purposes when creating an account. Using the tool, you don’t have to note down the
passwords on a piece of paper. When enabled, you only have to hover the mouse to
the Test field to see the password.
Cain and Abel:
Cain and Abel is a free password cracking tool that was developed for forensics staff,
security professionals, and network professionals. The application can act as a sniffer
for monitoring network data. Additionally, the application can recover passwords by
recording VoIP conversations, analysing routing protocols, decoding scrambled
passwords, and reveal cached passwords.
John The Ripper:
John The Ripper is a free tool that can be used for remote and local password
recovery. The software can be used by security experts to find out the strength of the
password. This tool uses Brute Force attack and Dictionary Attack features to detect
passwords.
BitLocker is a security feature built into Microsoft Windows that encrypts all hard
drives, including the operating system, system files, and user data. The encryption
process is designed to protect sensitive data on a computer from unauthorized
access, theft, or hacking attempts.
When you turn on BitLocker, it uses encryption to protect all the files stored on
the hard drives. It does this by converting the data into unreadable code, which can
only be unlocked with a specific key. The encryption key can be unlocked by
BitLocker using either the user's password or a smart card.
We use Base64 Encode and Decode - Online tool to encrypt and decrypt.
Decoding: By using above code, we can decode the data
Hashing(SHA-256):
Hashing i
s a one-
way
mathematical function that turns data into a string of nondescript text that
cannot be reversed or decoded.
SHA-256 is one of the cryptographic hashing algorithm used for message file and
data integrity verification.
CIA
Triad:
The CIA Triad
refers to
AAA Framework:
Authentication authorization and accounting(AAA) is a security framework for
controlling and tracking user access within a computer network. AAA intelligently
controls access to computer resources, enforces policies, audits usage and provides
the information necessary to build for services.
Authentication: Authentication provides a way of identifying a user typically by
having them enter a valid user name and password before access is granted. Other
authentication processes can be used instead, such as biometrics or a smart card.
Authorization:
The user must be authorized to perform certain tasks. After logging into a system, for
instance, they might try to issue commands. The authorization process determines
whether the user has the authority to issue such commands.
Accounting:
Accounting measures the resources
the user consumes during access.
This can include the amount of system
time or data the user has sent and
received during a session.
NonRepudiation(Digital Signatures):
Non-repudiation is a security mechanism used to ensure that a party involved in a
transaction or communication cannot deny their involvement in the activity.
Digital Signatures for Nonrepudiation:
Data breaches are a huge problem and not just for companies and organizations that
get hacked. Data breaches can result in identity theft, stolen funds, and damaged trust
from a user’s perspective. The most vulnerable asset in any organization is its data.
Types of VAPT:
Network penetration testing.
VAPT tools are a group of software tools used to test the security of a system,
network, or application. Here are some of the top open-source tools that can perform
VAPT:
1.Wireshark:
Wireshark is a network traffic analyzer, monitoring software that allows you to see
what traffic flows through your system network. It is open-source and is the most
popular network analyzer in the world.
2.Nmap:
3.Metasploit:
Metasploit is a framework for developing and executing exploit code against a remote
target machine. It was initially released in 2003 by H.D. Moore as an open-source
project. Penetration
VAPT(Nmap):
Nmap is one of the tools that can be slotted into the Metasploit Framework. It is a
command line system that detects all devices connected to a network. Network
professionals will find the GUI front end for Nmap easier to use – that is called
Zenmap. Both Nmap and Zenmap are available for free.
With this utility, you can understand the different attributes of any objective
network, including the hosts accessible on the network, the kind of framework
running, and the type of bundled channels or firewalls that are set up.
Key Features:
Vulnerability Scanning:
Vulnerability Scanner(Acunetix):
Acunetix Web Vulnerability Scanner combines its penetration testing procedures
with its vulnerability scanner to create continuous automated threat detection for
web pages The security reports produced by the tool are compliant with HIPAA, PCI-
DSS, and ISO/IEC 27001 standards.
It is very similar to
the In victim system
in that it focuses on
discovering security
weaknesses in
websites and other
Web-based systems,
such as
microservices and
mobile apps. This
package can also be
used as a
continuous tester in
a CI/CD pipeline.
Some of the scans rely on sensors being placed within the code of a website and its
applications However, that potential vulnerability doesn’t seem to worry the very
impressive client list of Acunetix, which includes the US Air Force, AVG, and AWS.
Over the years, SIEM software has evolved to incorporate user and entity behaviour
analytics (UEBA), as well as other advanced security analytics, AI and machine
learning capabilities for identifying anomalous behaviours and indicators of advanced
threats. Today SIEM has become a staple in modern-day security operation centres
(SOCs) for security monitoring and compliance management use cases.
SOLARWINDS:
Solar winds is a network management tool that helps companies manage networks,
systems, and other infrastructure. The products provided by SolarWinds are effective,
accessible and easy to use. It was found by Donald Yonce and David Yonce(brothers)
in the year 1999 with its headquarters in Austin, Texas. Solar winds has acquired
numerous companies that offer services from security to database management.
SolarWinds network performance monitor(NPM) is used to detect outages, diagnose
and resolve network performance issuesThe database performance emulator helps in
quickly identifying and resolving database performance problems.
Advantages of SolarWinds:
2. Hop-by-hop analysis:
You can view the performance and monitor devices that are on premise, in the
cloud or across hybrid environments.