Cyber warfare introduction

jagadeesh katla
jagadeesh katlaSoftware Engineer um Vrinda Techapps India Pvt Ltd
Cyber Warfare Introduction of cyber warfare Jagadeesh katla katla.jagadeesh@outlook.com @Hyntronix
Cyber Deterrence Cyber Deterrence is “to prevent an enemy from conducting future attacks by changing their minds, by attack their technology, or more palpable such as confiscation, termination, incarceration, death or destruction”. Challenges  To inherit difficulty of assigning attribution on the inherit.  To unpredictability of the effects of cyber attacks.  The potential for damage due to counter-realization
Reference Model Surveillance Penetration Testing Integration Advanced Honey nets Forensics Attribution Monitoring Reconnaissance Scanning Vulnerability Analysis Exploitation Data Fusion Meta Model Adapters Knowledge Services Parallel Scanning Botnet Installation DDoS Botnet Operation
Attacker Organization Attack Server Attack Server Control Server Control Server Control Server Control Server Bot Infected PC Bot Infected PC Bot Infected PC Bot Infected PC Bot Infected PC Victim Mode Foreign Govt. Defender
Surveillance  Computer and Network Surveillance is the monitoring of computer Activity and Data Stored on a hard Drive, or Data being Transferred over computer networks such as the internet.  The monitoring is often carried out covertly and may be completed by governments, corporations, criminal organizations, or individuals.  It may or may not be legal and may or may not require authorization from a court or other independent government agencies.
Honey Nets  Two or more Honeypots on a network form a honey net. Typically, a honey net used for monitoring a larger and/or more diverse network in which one honeypot be sufficient.  Honeypot Is a computer security mechanism set to detect, deflect, counteract attempts at unauthorised use of information security.  Honey nets and honeypots are usually implemented as parts of larger network intrusion detection systems.  A honey farm is a centralized collection of honeypots and analysis tools.
Tools for Honey nets High-Interaction Honeypots Honey wall CDROM Sebek Honey Bow High Interaction Honeypot Analysis Toolkit (HIHAT)  Low-Interaction Honeypots Capture-HPC HoneyC  Honeypot Infrastructure Google hack Honeypot Honey mole Honey stick  Data Analysis Honey snap Capture BAT
Forensics  Forensics is methodology of collect, preserve, and analyse scientific evidence during the course of an investigation.  It is mainly two types: * Physical Forensics *Digital Forensics  Physical forensics includes the fingerprints, DNA, or any item in the Physical world  Digital forensics includes the Network, data storage, small devices, computer, or any other digital devices in the electronic world.  Digital forensics commonly consists of 3 stages: acquisition or imaging of exhibits, analysis, and reporting.
General rules of Digital forensics  Never mishandle and never work with the original evidence.  Never trust the operating system and the original evidence device.  Document everything in the every step of the forensics phase.  Preserve the evidence for next stage usage. Tools of Digital Forensics Digital forensics framework (DFF) SANS SIFT Wireshark The sleuth Kit (+Autopsy) EnCase FTK Imager Volatility Magic Tree COFEE CAINE Xplico DEFT HELIX3
Attribution  Attribution is fundamental, In the computer network intrusions, attribution is commonly seen as one of the most intractable technical problems. As either solvable or not solvable, and as dependent mainly on the available forensic evidence.  Cyber attribution is the attempt to track and lay blame on the perpetrator of a cyber attack or hacking exploit.  The attribution problem is the idea the identifying the source of a cyber attack or cyber crime is often complicated and difficult because there is no physical act to observe and attackers can use digital tools to extensively cover their tracks
Monitoring  The monitoring is the supervising activities in progress to ensure they are on-cource and on-schedule in meeting the objectives and predominance targets.  The computer monitoring use for the Device, network, web, or any other digital device controlling, analysing, and supervise the activities of program. It is useful for computer administrators, auditors, and investigators, and security engineers.  Some of popular monitoring tools are: Nagios Zabbix PRTG SAM WebWatcher OP5 Zenose Core Open Nms Munin
Penetration Testing  It is a type of security testing that is used to test the insecurity of an application.  It is conducted to find the security risk which might be present in the system.  It is normally evaluates a system’s ability to protect its networks, applications, endpoints and users from external or internal threats.  It is also attempts to protect the security controls and ensures the only authorised access.  It has just seven steps:
 Planning and preparation  Reconnaissance  Discovery  Analysing Information and risks  Active Intrusion attempts  Final Analysis  Report Preparation  Penetration testing replicates the actions of an external or/and internal cyber attacker/s that is intended to break the information security and hack the valuable data or disrupt the normal functioning of the organization.
Reconnaissance It is a preparation phase of attacker gather the Information about the target. Commonly have seen steps listed below:  Gather Initial Information  Determine the network range  Identify active machines  Discover open ports and access points  Fingerprint the operating System  Uncover services on ports  Map the network
Foot printing It is a part of reconnaissance process which is used for gathering possible information about a target computer system or network. During this phase, a hacker can collect the following information: Domain name IP Addresses Namespaces Employee information Phone numbers E-mails Job Information
Scanning  Scanning is useful for attack gather Information and vulnerability Information.  Scanning is the act of sending networking traffic to host. The goal is to get Response back that tell details about the network.  Goals of scanning : * live host details * services details * Port Details * Protocols * os and application versions etc..  Scanning can be performed over any network connection.  Targets are network devices and hosts etc…  Goals are gather port, protocols, server, banner etc…
Scanning techniques  TCP Scan  ICMP Scan  UDP Scan  Mitigating Scans  Mitigation Scans Fingerprinting  Port Scanning  Ping Sweep  DNS Enumeration  OS Enumeration  Network Enumeration
Scanning Structure Server Firewall Router Internet Wireless MAIL WEB FTP PROXY DNS Switch HUB
Tools of Reconnaissance and Scanning  Nmap / Zenmap  Scanrand  Paratrace  Wireshark  Recon-ng  Super Scan  Ping / hping  Shodan search engine  Traceroute..etc
Vulnerability Analysis  Also know as Vulnerability assessment , is a process that defines, identifies, and classifies the security holes(vulnerabilities) in a computer, network, or communication infrastructure.  Vulnerability analysis can forecast the effectiveness of proposed countermeasures and evaluate their actual effectiveness after they are put into use.  It has several steps such as define and classifying network or system resource, assigning relative levels of importance to the resource, developing a strategy to deal with the most serious potential problems first , and Defining and implementing ways to minimize the consequence if an attack occurs.
Usefulness of data to attacker Interaction with target chance of detection OSINT, Passive Reconnaissance Infra Structure, Host detection, port scanner OS, Service, application, protocols Vulnerability scanning
Vulnerability Assessment Tools  OpenVas  Nexpose Community  Metasploit framework  Retina CS community  Burp Suite  Nikto  OWASP Zen Attack Proxy (ZAP)  Clair  Moloch
Exploitation  In Computing, an exploit is an attack on a computer system, especially one that takes advantage of a particular vulnerability that the system offers to intruders.  A remote exploit works over a network and exploits the security vulnerability without any prior access to the vulnerable system.  A local exploit requires prior access to the vulnerable system and usually increases the privileges of the person running the exploit past those granted by the system administrator.  Many exploits are designed to provide super user-level access to a computer system.
Some types of Exploits  Arbitary Code Execution  Buffer Overflow  Code Injection  Heap Spraying  Cross-side scripting  HTTP header injection  HTTP request smuggling  DNS Rebinding  Clickjacking  Cross-side request forgery (CSRF)  Ip spoofingEavesdropping  DoS  IP spoofing
Exploitation tools  Social Engineering Tool Kit (SET)  Meta sploit Framework  Exploit-db  Jboss-autopwn  Opensvp  Ptf  Sqlmap  Sql ninja  Sqlsus  Zarp  Cisco-torch  Armitage  Wireshark  Acunetix  Burp suite  BeEF
Thank You **Not completed another two parts of reference model
1 von 26

Cyber warfare introduction

Downloaden Sie, um offline zu lesen
Software

a brief introduction of cyber war and its methods, may be called "cyber warfare introduction" . i have good knowledge on this domain and i practically follow this method. in this presentation i explain the reference 50% and it will complete on my next upload. please give your feedback if any suggestions to help me. thank you.

jagadeesh katla
jagadeesh katlaSoftware Engineer um Vrinda Techapps India Pvt Ltd

Recomendados

Cyber warfare an architecture for deterrenceCyber warfare an architecture for deterrence
Cyber warfare an architecture for deterrenceBikrant Gautam
439 views20 Folien
Cyber Warfare vs. Hacking (in English)Cyber Warfare vs. Hacking (in English)
Cyber Warfare vs. Hacking (in English)Digicomp Academy AG
5K views18 Folien
Cyber Warfare - Jamie Reece MooreCyber Warfare - Jamie Reece Moore
Cyber Warfare - Jamie Reece MooreJamie Moore
1.6K views17 Folien
CyberwarfareCyberwarfare
CyberwarfareSpace Defense Newsletter
647 views16 Folien
Cyber warfare ssCyber warfare ss
Cyber warfare ssMaira Asif
1.2K views14 Folien
Insa cyber intelligence 2011Insa cyber intelligence 2011
Insa cyber intelligence 2011Mousselmal Tarik
5.4K views20 Folien

Más contenido relacionado

Was ist angesagt?

About cyber warAbout cyber war
About cyber wareugenvaleriu
2.3K views118 Folien
Cyber SecurityCyber Security
Cyber Securityfrcarlson
481 views17 Folien

Was ist angesagt?(20)

About cyber warAbout cyber war
About cyber war
eugenvaleriu2.3K views
Cyber espionage - Tinker, taylor, soldier, spyCyber espionage - Tinker, taylor, soldier, spy
Cyber espionage - Tinker, taylor, soldier, spy
b coatesworth3.1K views
The Sweet Spot of Cyber IntelligenceThe Sweet Spot of Cyber Intelligence
The Sweet Spot of Cyber Intelligence
Tieu Luu904 views
Cyber SecurityCyber Security
Cyber Security
frcarlson481 views
The Art of Cyber War: Cyber Security Strategies in a Rapidly Evolving TheatreThe Art of Cyber War: Cyber Security Strategies in a Rapidly Evolving Theatre
The Art of Cyber War: Cyber Security Strategies in a Rapidly Evolving Theatre
Radware6.1K views
CYBERWAR: THE NEXT THREAT TO NATIONAL SECURITYCYBERWAR: THE NEXT THREAT TO NATIONAL SECURITY
CYBERWAR: THE NEXT THREAT TO NATIONAL SECURITY
Talwant Singh1K views
Cyber war a threat to indias homeland security 2015Cyber war a threat to indias homeland security 2015
Cyber war a threat to indias homeland security 2015
Ajay Serohi2.1K views
Francesca Bosco, Le nuove sfide della cyber securityFrancesca Bosco, Le nuove sfide della cyber security
Francesca Bosco, Le nuove sfide della cyber security
Andrea Rossetti1.8K views
Honeypots and honeynetsHoneypots and honeynets
Honeypots and honeynets
Rasool Irfan2.2K views
Global Cyber Threat IntelligenceGlobal Cyber Threat Intelligence
Global Cyber Threat Intelligence
NTT Innovation Institute Inc.2.4K views
The Evolving Landscape on Information SecurityThe Evolving Landscape on Information Security
The Evolving Landscape on Information Security
Simoun Ung1.8K views
HackersHackers
Hackers
post_it771 views
Mark Arena - Cyber Threat Intelligence #uisgcon9Mark Arena - Cyber Threat Intelligence #uisgcon9
Mark Arena - Cyber Threat Intelligence #uisgcon9
UISGCON 1.6K views
Network securityNetwork security
Network security
Jaydeep Patel38 views
CyberterrorismCyberterrorism
Cyberterrorism
Gohar Sokhakyan443 views
Sans cyber-threat-intelligence-survey-2015Sans cyber-threat-intelligence-survey-2015
Sans cyber-threat-intelligence-survey-2015
Roy Ramkrishna429 views
Law Enforcement Cyber Incident Reporting Law Enforcement Cyber Incident Reporting
Law Enforcement Cyber Incident Reporting
David Sweigert1.3K views
Cyberwar threat to national securityCyberwar threat to national security
Cyberwar threat to national security
Talwant Singh1.6K views
Event: George Washington University -- National Security Threat Convergence: ...Event: George Washington University -- National Security Threat Convergence: ...
Event: George Washington University -- National Security Threat Convergence: ...
Chuck Brooks294 views
Hacking and Types of Hacker.Hacking and Types of Hacker.
Hacking and Types of Hacker.
Coder Tech13.5K views

Similar a Cyber warfare introduction

NetWitnessNetWitness
NetWitnessTechBiz Forense Digital
2.9K views48 Folien
Penetration testing Penetration testing
Penetration testing PTC
691 views16 Folien

Similar a Cyber warfare introduction(20)

NetWitnessNetWitness
NetWitness
TechBiz Forense Digital2.9K views
Penetration testing Penetration testing
Penetration testing
PTC691 views
Understanding Intrusion Detection & Prevention Systems (1).pptxUnderstanding Intrusion Detection & Prevention Systems (1).pptx
Understanding Intrusion Detection & Prevention Systems (1).pptx
Rineri112 views
Network and web securityNetwork and web security
Network and web security
Nitesh Saitwal3.2K views
Is3110 Lab 5 EssayIs3110 Lab 5 Essay
Is3110 Lab 5 Essay
Tammy Davis3 views
Ethical hacking/ Penetration TestingEthical hacking/ Penetration Testing
Ethical hacking/ Penetration Testing
ANURAG CHAKRABORTY692 views
Running Head Security Assessment Repot (SAR) .docxRunning Head Security Assessment Repot (SAR) .docx
Running Head Security Assessment Repot (SAR) .docx
SUBHI73 views
Final project.pptFinal project.ppt
Final project.ppt
shreyng312 views
Introduction To Ethical HackingIntroduction To Ethical Hacking
Introduction To Ethical Hacking
Raghav Bisht324 views
4777.team c.final4777.team c.final
4777.team c.final
AlexisHarvey838 views
How to protect your corporate from advanced attacksHow to protect your corporate from advanced attacks
How to protect your corporate from advanced attacks
Microsoft59 views
Intrusion_Detection_By_loay_elbasyouniIntrusion_Detection_By_loay_elbasyouni
Intrusion_Detection_By_loay_elbasyouni
Loay Elbasyouni429 views
Network ForensicsNetwork Forensics
Network Forensics
primeteacher3213.1K views
Basic Dynamic Analysis of MalwareBasic Dynamic Analysis of Malware
Basic Dynamic Analysis of Malware
Natraj G1.9K views
HackingHacking
Hacking
gvsai50135 views
HackingHacking
Hacking
gvsai50140 views
Data Mining and Intrusion Detection Data Mining and Intrusion Detection
Data Mining and Intrusion Detection
amiable_indian12.6K views
IDS+Honeypots Making Security SimpleIDS+Honeypots Making Security Simple
IDS+Honeypots Making Security Simple
Gregory Hanis2.8K views
Survey on classification techniques for intrusion detectionSurvey on classification techniques for intrusion detection
Survey on classification techniques for intrusion detection
csandit534 views
Internship ankita jainInternship ankita jain
Internship ankita jain
Ankita Jain50 views

Último

Tridens DevOpsTridens DevOps
Tridens DevOpsTridens
9 views28 Folien

Último(20)

[PHPCon 2023] “Kto to pisał?!... a, to ja.”, czyli sposoby żeby znienawidzić ...[PHPCon 2023] “Kto to pisał?!... a, to ja.”, czyli sposoby żeby znienawidzić ...
[PHPCon 2023] “Kto to pisał?!... a, to ja.”, czyli sposoby żeby znienawidzić ...
Mateusz Zalewski51 views
Tridens DevOpsTridens DevOps
Tridens DevOps
Tridens9 views
DSD-INT 2023 FloodAdapt - A decision-support tool for compound flood risk mit...DSD-INT 2023 FloodAdapt - A decision-support tool for compound flood risk mit...
DSD-INT 2023 FloodAdapt - A decision-support tool for compound flood risk mit...
Deltares5 views
Manufacturing route card system with Xero integration.pdfManufacturing route card system with Xero integration.pdf
Manufacturing route card system with Xero integration.pdf
BlackCatComputers12 views
How to Make the Most of Regression and Unit Testing.pdfHow to Make the Most of Regression and Unit Testing.pdf
How to Make the Most of Regression and Unit Testing.pdf
Abhay Kumar7 views
VBA work.pdfVBA work.pdf
VBA work.pdf
BlackCatComputers5 views
Cycleops - Automate deployments on top of bare metal.pptxCycleops - Automate deployments on top of bare metal.pptx
Cycleops - Automate deployments on top of bare metal.pptx
Thanassis Parathyras26 views
Consulting for Data Monetization Maximizing the Profit Potential of Your Data...Consulting for Data Monetization Maximizing the Profit Potential of Your Data...
Consulting for Data Monetization Maximizing the Profit Potential of Your Data...
Flexsin 11 views
Best Mics For Your Live StreamingBest Mics For Your Live Streaming
Best Mics For Your Live Streaming
ontheflystream6 views
Mark Simpson - UKOUG23 - Refactoring Monolithic Oracle Database Applications ...Mark Simpson - UKOUG23 - Refactoring Monolithic Oracle Database Applications ...
Mark Simpson - UKOUG23 - Refactoring Monolithic Oracle Database Applications ...
marksimpsongw74 views
DSD-INT 2023 SFINCS Modelling in the U.S. Pacific Northwest - ParkerDSD-INT 2023 SFINCS Modelling in the U.S. Pacific Northwest - Parker
DSD-INT 2023 SFINCS Modelling in the U.S. Pacific Northwest - Parker
Deltares6 views
LAVADORA ROLO.docxLAVADORA ROLO.docx
LAVADORA ROLO.docx
SamuelRamirez835246 views
Topic 1 What is Evolutionary Prototyping.pptxTopic 1 What is Evolutionary Prototyping.pptx
Topic 1 What is Evolutionary Prototyping.pptx
AHMADAIMAN777 views
Geospatial Synergy: Amplifying Efficiency with FME & Esri ft. Peak Guest Spea...Geospatial Synergy: Amplifying Efficiency with FME & Esri ft. Peak Guest Spea...
Geospatial Synergy: Amplifying Efficiency with FME & Esri ft. Peak Guest Spea...
Safe Software257 views
Citi TechTalk Session 2: Kafka Deep DiveCiti TechTalk Session 2: Kafka Deep Dive
Citi TechTalk Session 2: Kafka Deep Dive
confluent13 views
How to Install and Activate Email-ResearcherHow to Install and Activate Email-Researcher
How to Install and Activate Email-Researcher
eGrabber17 views
Embedded RustEmbedded Rust
Embedded Rust
Jens Siebert512 views
[PHPCon 2023] Blaski i ciebie BDD[PHPCon 2023] Blaski i ciebie BDD
[PHPCon 2023] Blaski i ciebie BDD
Mateusz Zalewski41 views
What Can Employee Monitoring Software Do?​What Can Employee Monitoring Software Do?​
What Can Employee Monitoring Software Do?​
wAnywhere14 views
BSides Lisbon 2023 - AI in Cybersecurity.pdfBSides Lisbon 2023 - AI in Cybersecurity.pdf
BSides Lisbon 2023 - AI in Cybersecurity.pdf
Tiago Henriques66 views

Cyber warfare introduction

  • 1. Cyber Warfare Introduction of cyber warfare Jagadeesh katla katla.jagadeesh@outlook.com @Hyntronix
  • 2. Cyber Deterrence Cyber Deterrence is “to prevent an enemy from conducting future attacks by changing their minds, by attack their technology, or more palpable such as confiscation, termination, incarceration, death or destruction”. Challenges  To inherit difficulty of assigning attribution on the inherit.  To unpredictability of the effects of cyber attacks.  The potential for damage due to counter-realization
  • 3. Reference Model Surveillance Penetration Testing Integration Advanced Honey nets Forensics Attribution Monitoring Reconnaissance Scanning Vulnerability Analysis Exploitation Data Fusion Meta Model Adapters Knowledge Services Parallel Scanning Botnet Installation DDoS Botnet Operation
  • 4. Attacker Organization Attack Server Attack Server Control Server Control Server Control Server Control Server Bot Infected PC Bot Infected PC Bot Infected PC Bot Infected PC Bot Infected PC Victim Mode Foreign Govt. Defender
  • 5. Surveillance  Computer and Network Surveillance is the monitoring of computer Activity and Data Stored on a hard Drive, or Data being Transferred over computer networks such as the internet.  The monitoring is often carried out covertly and may be completed by governments, corporations, criminal organizations, or individuals.  It may or may not be legal and may or may not require authorization from a court or other independent government agencies.
  • 6. Honey Nets  Two or more Honeypots on a network form a honey net. Typically, a honey net used for monitoring a larger and/or more diverse network in which one honeypot be sufficient.  Honeypot Is a computer security mechanism set to detect, deflect, counteract attempts at unauthorised use of information security.  Honey nets and honeypots are usually implemented as parts of larger network intrusion detection systems.  A honey farm is a centralized collection of honeypots and analysis tools.
  • 7. Tools for Honey nets High-Interaction Honeypots Honey wall CDROM Sebek Honey Bow High Interaction Honeypot Analysis Toolkit (HIHAT)  Low-Interaction Honeypots Capture-HPC HoneyC  Honeypot Infrastructure Google hack Honeypot Honey mole Honey stick  Data Analysis Honey snap Capture BAT
  • 8. Forensics  Forensics is methodology of collect, preserve, and analyse scientific evidence during the course of an investigation.  It is mainly two types: * Physical Forensics *Digital Forensics  Physical forensics includes the fingerprints, DNA, or any item in the Physical world  Digital forensics includes the Network, data storage, small devices, computer, or any other digital devices in the electronic world.  Digital forensics commonly consists of 3 stages: acquisition or imaging of exhibits, analysis, and reporting.
  • 9. General rules of Digital forensics  Never mishandle and never work with the original evidence.  Never trust the operating system and the original evidence device.  Document everything in the every step of the forensics phase.  Preserve the evidence for next stage usage. Tools of Digital Forensics Digital forensics framework (DFF) SANS SIFT Wireshark The sleuth Kit (+Autopsy) EnCase FTK Imager Volatility Magic Tree COFEE CAINE Xplico DEFT HELIX3
  • 10. Attribution  Attribution is fundamental, In the computer network intrusions, attribution is commonly seen as one of the most intractable technical problems. As either solvable or not solvable, and as dependent mainly on the available forensic evidence.  Cyber attribution is the attempt to track and lay blame on the perpetrator of a cyber attack or hacking exploit.  The attribution problem is the idea the identifying the source of a cyber attack or cyber crime is often complicated and difficult because there is no physical act to observe and attackers can use digital tools to extensively cover their tracks
  • 11. Monitoring  The monitoring is the supervising activities in progress to ensure they are on-cource and on-schedule in meeting the objectives and predominance targets.  The computer monitoring use for the Device, network, web, or any other digital device controlling, analysing, and supervise the activities of program. It is useful for computer administrators, auditors, and investigators, and security engineers.  Some of popular monitoring tools are: Nagios Zabbix PRTG SAM WebWatcher OP5 Zenose Core Open Nms Munin
  • 12. Penetration Testing  It is a type of security testing that is used to test the insecurity of an application.  It is conducted to find the security risk which might be present in the system.  It is normally evaluates a system’s ability to protect its networks, applications, endpoints and users from external or internal threats.  It is also attempts to protect the security controls and ensures the only authorised access.  It has just seven steps:
  • 13.  Planning and preparation  Reconnaissance  Discovery  Analysing Information and risks  Active Intrusion attempts  Final Analysis  Report Preparation  Penetration testing replicates the actions of an external or/and internal cyber attacker/s that is intended to break the information security and hack the valuable data or disrupt the normal functioning of the organization.
  • 14. Reconnaissance It is a preparation phase of attacker gather the Information about the target. Commonly have seen steps listed below:  Gather Initial Information  Determine the network range  Identify active machines  Discover open ports and access points  Fingerprint the operating System  Uncover services on ports  Map the network
  • 15. Foot printing It is a part of reconnaissance process which is used for gathering possible information about a target computer system or network. During this phase, a hacker can collect the following information: Domain name IP Addresses Namespaces Employee information Phone numbers E-mails Job Information
  • 16. Scanning  Scanning is useful for attack gather Information and vulnerability Information.  Scanning is the act of sending networking traffic to host. The goal is to get Response back that tell details about the network.  Goals of scanning : * live host details * services details * Port Details * Protocols * os and application versions etc..  Scanning can be performed over any network connection.  Targets are network devices and hosts etc…  Goals are gather port, protocols, server, banner etc…
  • 17. Scanning techniques  TCP Scan  ICMP Scan  UDP Scan  Mitigating Scans  Mitigation Scans Fingerprinting  Port Scanning  Ping Sweep  DNS Enumeration  OS Enumeration  Network Enumeration
  • 19. Tools of Reconnaissance and Scanning  Nmap / Zenmap  Scanrand  Paratrace  Wireshark  Recon-ng  Super Scan  Ping / hping  Shodan search engine  Traceroute..etc
  • 20. Vulnerability Analysis  Also know as Vulnerability assessment , is a process that defines, identifies, and classifies the security holes(vulnerabilities) in a computer, network, or communication infrastructure.  Vulnerability analysis can forecast the effectiveness of proposed countermeasures and evaluate their actual effectiveness after they are put into use.  It has several steps such as define and classifying network or system resource, assigning relative levels of importance to the resource, developing a strategy to deal with the most serious potential problems first , and Defining and implementing ways to minimize the consequence if an attack occurs.
  • 21. Usefulness of data to attacker Interaction with target chance of detection OSINT, Passive Reconnaissance Infra Structure, Host detection, port scanner OS, Service, application, protocols Vulnerability scanning
  • 22. Vulnerability Assessment Tools  OpenVas  Nexpose Community  Metasploit framework  Retina CS community  Burp Suite  Nikto  OWASP Zen Attack Proxy (ZAP)  Clair  Moloch
  • 23. Exploitation  In Computing, an exploit is an attack on a computer system, especially one that takes advantage of a particular vulnerability that the system offers to intruders.  A remote exploit works over a network and exploits the security vulnerability without any prior access to the vulnerable system.  A local exploit requires prior access to the vulnerable system and usually increases the privileges of the person running the exploit past those granted by the system administrator.  Many exploits are designed to provide super user-level access to a computer system.
  • 24. Some types of Exploits  Arbitary Code Execution  Buffer Overflow  Code Injection  Heap Spraying  Cross-side scripting  HTTP header injection  HTTP request smuggling  DNS Rebinding  Clickjacking  Cross-side request forgery (CSRF)  Ip spoofingEavesdropping  DoS  IP spoofing
  • 25. Exploitation tools  Social Engineering Tool Kit (SET)  Meta sploit Framework  Exploit-db  Jboss-autopwn  Opensvp  Ptf  Sqlmap  Sql ninja  Sqlsus  Zarp  Cisco-torch  Armitage  Wireshark  Acunetix  Burp suite  BeEF
  • 26. Thank You **Not completed another two parts of reference model