SYSTEM HACKING



Windows Password Cracking
Guessing
• Shoulder Surfing
• Dumpster Diving
Password Dump
• Social Engineering (Powershell)
• Sniffing & MiTM (Cain,SMBRelay)
Bypassing Windows
RubberDucky (ducktoolkit, ducky-payload-generator)
Getting Hashes
Dumping Stored Passwords
Tools
• Countermeasures

Scanning vulnerabilities
• OpenVAS
• Nessus
• MBSA

Exploiting Vulnerabilities in Metasploitable
VSFTPD V2.3.4
UNREALIRCD 3.2.8.1

Creating Payload & Remote Administration

• Shellter
• Pupy
• Veil Evasion
• TheFatRat
The Lazy Script
Zirikatu
Empire
• PowerSploit
• EXE+JPG
• BAT TO EXE

Delivering Payload
• USB Rubberducky
• Email
• Web

Post Exploitation
Meterpreter
MSFConsole
Privilege Escalation
Persistence Backdoor
Trojan
Keylogger
Gather Information

Hiding

Before Exploitation : 
• EXE+JPG
• BAT TO EXE
Trojanizer

After Exploitation :
• Hiding & Locking Folders
• Hiding User
• Hiding Registry
• Disable auditing

Rootkits

Covering Tracks
Clearing Logs (ELSave)
• Clearing Registry
• CMD History
• TEMP Files

Countermeasures
• Patching system
• Using Good Antivirus
• Anti Rootkit Software
• Hardening System
• STIG (Standerd Technical Implementation Guide)
• Training
• Comman Sense

No comments:

Post a Comment

Popular Posts