Kali Linux a Debian-derived Linux distribution designed for digital forensics and penetration testing.
You can download this and start to get handon from : https://www.kali.org/
Download the intentionally vulnerable linux from : https://information.rapid7.com/metasploitable-download.html
Metasploitable will help you to get hands on for knowing and understanding how and exploit can be exploited from outside like using tools from Kali Linux.
Exploit database : https://www.rapid7.com/db/modules/
Cyber crimes
Avoid BlackHat SEO to be on good pages with Search Engines
https://unamo.com/blog/seo/8-risky-black-hat-seo-techniques-used-today
Cloaking : Present different content to user and to bots(search engine spiders).
Doorway pages : A page that lists many keywords and hope of increasing search engine ranking. There will be scripts on pages that will be redirected to attackers page. SEO where the page is optimized to be visited with giving keywords but when user enters the page it will be very less relevant to given keywords.
BOTNET C & C(command and control):
1. IRC(internet relay chat) Channels
2. P2P botnets.
3. Fast Flux DNS.
4. Random DNS generation.
Top three countries where spam directed visitors added items to their shopping cart.
1. United States
2. Canada
3. Philippines
Ref : https://cs.gmu.edu/~mccoy/papers/purchasepair-usesec11.pdf
Scamming ain't easy as one should find and pay extra for their service for,
1. Shady domain name providers.
2. Finding bulletproof DNS provides.
3. Finding bulletproof web server providers.
Indeed one has to have resilient hosting with distributed web-server, domain randomization & DNS fast flux enabled.
Penetration testing
Helps to evaluate:
1. Procedural : e.g. incident response processes, management oversight.
2. Operational
3. Technological
Benefits are,
1. Clear understanding of security of network.
2. Discovery of any vulnerabilities.
3. Demonstration of any Threats that could happen.
Scope of penetration testing is not just technical and cyber operations but also social engineering and gaining access to organization physical assets
Methodologies.
1. Footprinting : whois, nslookup
2. Scanning : nmap, fping, TCP/UDP superscan, OS detection queso
3. Enumeration : dumpACL (dumpSec), showmount legion, rpcinfo, list user accounts by sid2usre, list file shares by tool legion, identify application by rpcinfo & telnet or netcat.
4. Gaining Access : password eavesdropping by tcpdump/ssldump & L0phtcrack, fileshare bruteforcing by NAT legion, password file grap by pwddump2 & tftp(trivial file transfer program),
5. Escalating privileges : L0phtcrack, John the ripper(free pwd craking tool), getadmin and sechole exploits. To increase the privilege from normal user access gain in above set to root/admin access.
6. Pilfering : Ones one get privileged access to system then he can steal information from system which may help to gain further access to other trusted systems which trusts the system which has been compromised or get access to any data.
Tools : rhosts, LSA secrets.
7. Covering tracks : To avoid detection from getting tracked and blacklisted by administrator this step is performed. Tools ZAP, Event log GUI are used to edit/clear system logs, or using hiding tools like rootkits for hiding malware.
8. Creating backdoor : Gaining first time access to new system is hard ones that is gained one can create trapdoors/backdoors for subsequent access to be easy. Ex : like creation of rouge user accounts, or place remote access utilities. Tools like remote desktop, netcat, remote.exe, vnc, bo2k. Replaces apps with Trojans, edit registry key, fpnwcint.dll.
Social Engineering is most cheap and cost effective way of getting in to the system in a network as the attacker need not have specialized tools and technical knowledge.
RSA explanation of how its security was breached by social engineering method.
https://www.theregister.co.uk/2011/04/04/rsa_hack_howdunnit/
One email caused a loss of $66million to company.
Command social engineering techniques involve:
- Impersonating
- Help desk
- Third party authorization.
- Tailgating.
- Snail mails.
- Tech support.
- Pop-up windows.
- Email attachements.
- Websites.
- Email scams.
- Instant messaging & IRC(Internet Relay Chat).
