Hiện đang trống: 0 ₫
What you’ll learn
-
Ethical hacking is a good career because it is one of the best ways to test a network.
-
Ethical hacking involves a hacker agreeing with an organization or individual who authorizes the hacker to levy cyber attacks on a system or network
-
In addition to proficiency in basic computer skills and use of the command line, ethical hackers must also develop technical skills
-
Many hackers use the Linux operating system (OS) because Linux is a free and open-source OS, meaning that anyone can modify it.
-
Ethical hacking is legal because the hacker has full, expressed permission to test the vulnerabilities of a system.
-
The different types of hackers include white hat hackers who are ethical hackers and are authorized to hack systems, black hat hackers
-
Whether you want to get your first job in IT security, become a white hat hacker, or prepare to check the security of your own home network
-
Penetration testing skills make you a more marketable IT tech. Understanding how to exploit servers, networks, and applications
-
Penetration tests have five different stages. The first stage defines the goals and scope of the test and the testing methods that will be used.
-
There are many types of penetration testing. Internal penetration testing tests an enterprise’s internal network.
-
Penetration testing, or pen testing, is the process of attacking an enterprise’s network to find any vulnerabilities that could be present to be patched.
-
Set up a virtual environment to practice without affecting main systems
-
Install Kali Linux – a penetration testing Debian distro
-
Install virtual system which has vulnerable web applications
-
Basic terms, standards, services, protocols and technologies
-
HTTP protocol, requests and responses
-
HTTPS, TLS/SSL
-
Intercepting HTTP traffic using a personal proxy
-
Gather sensitive information in websites
-
Find known vulnerabilities using vulnerability database
-
Find known vulnerabilities using search engines
-
Google Hack Database (GHDB)
-
Discover unpublished directories and files associated with a target website
-
Input and output manipulation
-
Input and output validation approaches
-
Discover and exploit reflected XSS vulnerabilities
-
Discover and exploit stored XSS vulnerabilities
-
Discover DOM-based XSS vulnerabilities
-
Prevent XSS vulnerabilities
-
Discover and exploit SQL injection vulnerabilities, and prevent them
-
Bypass login mechanisms using SQL injections and login a website without password
-
Find more in a database using SQL injection vulnerabilities: databases, tables and sensitive data such as passwords
-
Discover & exploit blind SQL injections
-
Prevent SQL injections
-
Authentication methods and strategies
-
Bypass authentication mechanisms
-
Find unknown usernames and passwords: brute force & dictionary attacks
-
Launch a dictionary attack
-
Access unauthorized processes
-
Escalate privileges
-
Access sensitive data using path traversal attack
-
Session management mechanism
-
Impersonating victim by session fixation attack
-
Discover and exploit CSRF (Cross Site Request Forgery)
-
In many situations, a network seems impenetrable only because it hasn’t succumbed to an attack in years.
-
An ethical hacker is also sometimes referred to as a white hat hacker. Many depend on ethical hackers to identify weaknesses in their networks
-
Ethical hackers and security experts carry out these tests to find any weak spots in a system’s security