Scribd Logo
Upload

Welcome to Scribd!

  • Ethical Hacking Workshop

    Uploaded by

    Viswanadh Jvs
    522 views5 pages
    The document provides guidance on getting started with ethical hacking. It recommends downloading VMware player and learning Linux and Windows commands. It also suggests learning networking basics by completing courses on networking fundamentals. Additional topics covered include cryptography, penetration testing, capture the flag challenges, bug bounty programs, web application security, and creating backdoors using Python. The document also provides tips on phishing, WiFi hacking, retrieving Windows passwords, and generating malware. It recommends the OSCP certification and includes contact information for additional support.

    Original Description:

    Workshop Content of Ethical Hacking

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    The document provides guidance on getting started with ethical hacking. It recommends downloading VMware player and learning Linux and Windows commands. It also suggests learning networking basics by completing courses on networking fundamentals. Additional topics covered include cryptography, penetration testing, capture the flag challenges, bug bounty programs, web application security, and creating backdoors using Python. The document also provides tips on phishing, WiFi hacking, retrieving Windows passwords, and generating malware. It recommends the OSCP certification and includes contact information for additional support.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    522 views5 pages

    Ethical Hacking Workshop

    Uploaded by

    Viswanadh Jvs
    The document provides guidance on getting started with ethical hacking. It recommends downloading VMware player and learning Linux and Windows commands. It also suggests learning networking basics by completing courses on networking fundamentals. Additional topics covered include cryptography, penetration testing, capture the flag challenges, bug bounty programs, web application security, and creating backdoors using Python. The document also provides tips on phishing, WiFi hacking, retrieving Windows passwords, and generating malware. It recommends the OSCP certification and includes contact information for additional support.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 5

    Things required to get started into ​Ethical

    Hacking​:
     
    Download ​VMware​ player free.

    Operating Systems ​(Linux, Windows) commands:


    ● Linux mostly used commands list
    ● Windows commands
    ● Using Vim and nano(CLI based) text editors.
    ● complete ​comptia linux+​ course

    Networking Basics​:
    From the ​Cybrary network+ course,​ complete,

    ● Module 1.1, 1.2, 1.3, 1.5, 1.6, 1.7


    ● Module 2.3
    ● Module 4.1, 4.3, 4.4
    ● Module 5.2, 5.6
    ● OSI,TCP/IP model
    ● TCP / UDP
    ○ Diffrences
    ○ HTTP, HTTPS, FTP, Telnet, SSH definitions and their
    default ports.
    ○ Task: Try Putty in windows and SSH in Linux
    ● IP address.
    ○ IPv4, IPv6
    ○ Public IP, Private IP
    ○ What is Localhost or 127.0.0.1
    ● Commonly used ports
    ● Linux file system
    ● Download vmware player​ free.
    ● Vmware image for kali linux ​download
    Cryptography:

    Types of encryption

    ○ Symmetric encryption
    ○ Asymmetric encryption
    ● Hashing
    ○ Try ​SHA256​, ​MD5
    ○ Try ​Base64 encoding/decoding
    ● Digital signatures

    Also learn
    ● Wireshark
    ● Git & GitHub

    Read this for few more details


    https://medium.com/@gnsrikanth/fundamentals-to-get-started
    -into-cyber-security-and-ethical-hacking-e4dd4d54e607

    [+] ​How To become a ​hacker:

    Things to follow:
    ● Cybrary.it​ has many free courses with free certificate.
    ● Penetration Testing and Ethical Hacking​ course from
    cybrary
    ● Securitytube
    ● Python course from ​datacamp

    CTF​:
    Capture the flags are the type of challenges, where you need to
    hack a system to get a flag. This will increase your skills in
    security. Here is a good list where you can do CTF.
    ● Hackthissite.org
    ● hackthebox.eu
    ● https://www.amanhardikar.com/mindmaps/Practice.html
    ● Vulnhub.com
    ● https://www.hackingarticles.in/capture-flag-challenges/
    ● http://captf.com/practice-ctf/
    Youtube channels:
    ● Liveoverflow
    ● Ippsec
    ● John hammond

    Bug Bounty:
    With bug bounty programs, one can make money through
    finding bugs. This is a better way to practicing hacking skills on
    real time websites.
    Hackerone.com
    Bugcrowd.com

    Practice web security from


    ● Best website to practice easy most common Web Vulns.
    https://www.hacksplaining.com/lessons
    ● Bugcrowd tutorials for web security
    https://forum.bugcrowd.com/t/researcher-resources-tutor
    ials/370

    Learn penetration testing:


    ● /r/Netsec on Reddit
    ● JackkTutorials on YouTube
    ● DEFCON Conference videos
    ● Hak5 on YouTube

    Also,
    CCTV hacking:
    Using google dorks, that is by using google, we can see live
    CCTV.
    ● inurl:”CgiStart?page=”
    ● inurl:/view.shtml
    ● intitle:”Live View/ — AXIS”
    ● inurl:iview/view.shtml
    ● inurl:ViewerFrame?M0de=
    ● inurl:ViewerFrame?M0de=Refresh
    ● inurliaxis-cgi/jpg
    ● inurliaxis-cgi/mjpg (motion-JPEG) (disconnected)
    ● inurl:view/indexFrame.shtml
    ● inurliview/index.shtml
    ● inurliview/view.shtml
    ● liveapplet
    ● intitle:”live view” intitle:axis
    ● intitleiliveapplet
    ● allintitle:”Network Camera NetworkCamera” (disconnected)
    ● intitleiaxis intitle:”video server”
    ● intitleiliveapplet inurl:LvAppl
    ● intitle:”EvoCam” inurl:”webcam.html”
    ● intitle:”Live NetSnap Cam-Server feed”
    ● intitle:”Live View/ — AX|S”
    ● intitle:”Live View/ — AXIS 206M”
    ● inti’r|e”‘l ive View / — AXIS 706W”
    ● intitle:”Live View/ — AXIS 210?
    ● inurl:indexFrame.shtml Axis
    ● inurl1″MultiCameraFrame?Mode=Motion” (disconnected)
    ● intitleistart inurl:cgistart
    ● intitle:”WJ-NTI 04 Main Page”
    ● intitleisnc-220 inurl:home/
    ● intitleisnc-cs3 inurl:home/
    ● intitleisnc-r230 inurl:home/
    ● intitle:”Toshiba Network Camera” user Iogin
    ● intitle:”netcam live image” (disconnected)
    ● intitle:”i-Catcher Console — Web Monitor”

    Paste any of these in google and open the result links, the
    results would be live cameras.

    Phishing​(Harvesting passwords):
    Tools: ​https://github.com/thelinuxchoice/blackeye

    Android: ​DroidJack(Tool)
    WiFi hacking:​ Wifite(tool)
    https://null-byte.wonderhowto.com/how-to/crack-wpa-wpa2-wi
    th-wifite-0161976/

    Get Windows ​saved passwords:


    https://github.com/AlessandroZ/LaZagne

    Malware​(Backdoor) generation:
    ● https://github.com/Screetsec/TheFatRat
    ● https://github.com/EmpireProject/Empire
    ● https://github.com/Veil-Framework
    ● https://github.com/n1nj4sec/pupy

    Tutorial ​to create your own backdoor using python:


    https://medium.com/@gnsrikanth/creating-a-tcp-backdoor-usi
    ng-python-9edafc213f91

    OSCP: ​Best certification to get into cyber security career.


    Website:
    https://www.offensive-security.com/information-security-certifi
    cations/oscp-offensive-security-certified-professional/

    Video: ​https://www.youtube.com/watch?v=78J6A8irz3M

    Email: ​nagasrikanthgrandhi@gmail.com
    Twitter: ​twitter.com/gn_srikanth
    Feel Free to contact me for any doubts :)
    Grandhi Naga Srikanth

    You might also like