YOU ARE READING

Hacking Articles

Random

Hacking Articles is an article/guides about basic hacking and any topics related to Hacking/Technology. This was written by Rovic Balingbing a.k.a. Baby Esue, it consists of 30 parts, this "Hacking Articles" consists of some articles, guides, tutor...

#articles #cryptocurrencies #ehis #ethical #guides #hacking #linux #programming #tutorials #vpns

Hacking Articles Part 29

65 3 1 
                                        

                                                  
Terminologies that can tackle as a Security Tester or IT Professional

                              
[Disclaimer: The content of this article is for educational purposes only. It was written to help readers test their skills on using computers and/or Kali Linux and share knowledge about important terminologies that we can tackle as security tester ot IT Professional while using Kali Linux to the users. The writer of this article/guide take no responsibility for actions resulting from the inappropriate usage of informations contained of this article/guide.]

                              
This is mostly the second to the last but don't worry, we have more adventures to go and more knowledge to share, this terminologies can be tackle when you are a security tester or a IT Professional and it was associated with maintaining access and this terminologies are not just definitions, but a brief introduction to the relationship with maintaining access and post exploitation practices. Let's get into it!

                              
Malware 

                              
- It is a sort of malicious software and it is an overarching name for a viruses, worms, Trojas, keyloggers, and bots.

                              
Backdoors 

                              
- It is a program that is left running on the compromised system to facilitate later entry without having to exploit the vulnerability again and again. It does not necessarily have to be part of a Trojan but this are applications or scripts that was run like a Trojan horse but do not provide any functionality to the user of the compromised system.

                              
Trojan Horse 

                              
- It is commonly reffered to simply as a "Trojan" and this one is a malicious program that installed onto a host to perform a desired, or overt, function, but instead conceals and executes hiddem, or covert, programs within its code to create backdoors, run scripts, steal information, and in some cases socially exploit untrained people into divulging personal information such as credit card numbers.

                              
Viruses 

                              
- It is a malicious code that infects an existing process or a file is classified as a virus. The infection from a virus can infect files, memory space (RAM or Paged Memory), boot sectors, and hardware. There are 2 subclasses and they are called: Resident and Nonresident.

                              
Worms 

                              
- Much like viruses, worms can have the same destructive force. What sets worms apart from viruses is that worms do not need human interactions to replicate. Worms target vulnerability and then execute commands to move from its current host to another system and continue infecting other vulnerable systems automatically. Due to the veracious nature and incredible risk of a worm getting out beyond the control of the security tester, worms are not typically used for penetration testing. All technical and analytical work with worms should be conducted in a lab environment that has absolutely no access to adjacent networks, especially the Internet.

                              
Keyloggers 

                              
- As the name suggests, keyloggers capture keystrokes from a user and feed that information back to the security tester. Volumes of documentation and books have been written about the extensive methodologies for creating, employing, and detecting keyloggers. The keylogger is an essential tool for a penetration tester and is used routinely on mission engagements. However, the use of keyloggers could violate ROE with certain companies that wish to protect the privacy of its employees, as keyloggers will capture certain information about personal authentication mechanisms such as private email and banking information. Be sure to check with the client for authorization for the use of keyloggers while conducting a penetration test. If approved, use of a keylogger should be thoroughly documented in the ROE. Any information captured by a keylogger should be kept under strict supervision and destroyed after engagement.

                              
Botnets 

                              
- Bots, short for robots and sometimes referred to as zombies, are networks of computers that are controlled by single attacker often called a bot master. Systems that are infected with viruses, Trojans, and backdoors can be part of a bot network. The bot master (attacker) controls a master server which in turn commands other command and control systems in different colocations that in turn pass the commands down to the individual bots. Common uses for botnets include DoS, DDoS, spam services, distributed brute forcing of authentication controls and passwords, and other malicious services that steal information or socially engineer its victims. A bot network can be very small, consisting of a few infect machines, or large including thousands of machines, multiple servers, and even multiple bot masters.

                              
Colocation

                              
- Colocation is a fancy term for services hosted off-site. While an attacker can pay for hosting services with businesses that offer complete anonymity ranging in just a couple of dollars a month to several thousand dollars a year. Colocation doesn't have to be hosted by a third party, the service can come from a compromised system or inclusion of multiple infected networks that are capable of using the system's resources. An example of botnets that don't require the use of a third-party hosting service is a spamming botnet. A colocation server can even be hosted by the company that is providing a penetration test to its customers.

                              
Remote Communications 

                              
- Remote communication is applied in this book to cover communications such as VPN, point-to-point tunneling protocols, remote desktop, and any other form of communication between a host and server not on the same local area network. The establishment of remote communications is necessary for security testers to keep exploit sessions, backdoors, command and control systems, or tunnels open with the client's compromised hosts. Covert channels and encryption can be leveraged to evade services, like intrusion detection systems, that would alert system administrators of their presence. Encrypting communications is outside the scope of this book.

                              
Command and Control 

                              
- Command and control (C2) systems are used to manage remote sessions from compromised hosts. From a command and control program interface, a security tester can send commands directly from the program or access a remote shell. During a penetration test, a security tester can deploy a remote access terminal (RAT) on a compromised host that dials back to a command and control server. Later in this chapter, a popular command and control system known as Poison Ivy will be discussed as a hands on demonstration. 

                              
That's all for today guys, they are some terminologies so don't take it seriously and as a IT Professional, this terms will be useful to you. Thanks for following this group and don't forget to subscribe for more articles to go especiall my last part of Hacking Articles soon. Thank You!!
Hacking ArticlesWhere stories live. Discover now