Cybersecurity Notes

File Hash Checking

A form of integrity check for files

Social Engineering Toolkit (SET)

A group of tools for social engineering

Vulnerability

A synonym for weakness in cybersecurity

Exploited Protocol for On-Path Position

ARP

Hiding User from User List

Adding $ to hide a user in the user list

Privilege Escalation Mitigation

BIOS password, storage encryption, and physical security

SQLi vs. Blind SQLi

Blind SQLi has no visible output

JavaScript Characteristics

Can be added to HTML pages, affects behavior, manages communication, and handles events

CVE

Common Vulnerabilities and Exposures

Consequences of XSS

Defacing, cookie theft, clickjacking, and trojan delivery

Highest Privileges in Windows Enterprise

Enterprise admin

Easiest SQL Injection Attack

Error based SQLi

Social Engineering

Exploiting human error for malicious purposes

Talos

Gathers global information about cyber attacks

Targeted Wordlist

Generated by the CUPP tool based on inputs

Basis of Social Engineering Attacks

Human errors

EternalBlue

Known Windows exploit

LFI

Local File Inclusion

Non-Relational Databases

MongoDB, Redis, Elasticsearch, and Cassandra

Database Servers

MySQL and Oracle

Rational Databases

MySQL, Oracle, PostgreSQL, and MariaDB

OWASP

Open Web Application Security Project

SQL Database Enumeration

Performed using the SQLMAP tool

Requirements for Ethical Hacking

Permission to evaluate a system

Social Engineering Methods

Phishing, vishing, and scareware

Encrypting GRUB

Prevents GRUB root access

GRUB Password

Prevents editing and unwanted reboots

DNS Poisoning

Redirecting DNS requests to a target IP

XSS Types

Reflected XSS, Stored XSS, and DOM XSS

XSS Mitigation Methods

Regex, htmlspecialchars, and htmlentities

sslstrip command

Removes SSL from a website for local machine

BOOLEAN

Represents a true/false value

INT Data Type

Represents an integer

HIPAA Certification

Required for hospitals

Rainbow Dictionary Brute Forcing

Running hashes against precomputed hashes

ARP Poisoning

Sending malicious ARP packets to intercept traffic

Cookie Theft via XSS

Stealing another user's session

Root Privileges

The goal when escalating privileges

Burp Suite

Tool for intercepting and modifying HTTP traffic

On-Path Attack

Traffic interception for eavesdropping in a LAN

SQL Query to Charge Existing Values

UPDATE query

Bloodhound

Used for lateral movement after initial foothold

Net.exe Command

Used to manage users, groups, and services

Bypassing SQL Database Login

Using '../../../../etc/shadow' as input

Webpage Copying

Using a copy of a webpage, also known as site mirroring

HTTP Server Attack Defense

Using security headers

Decrypting /etc/shadow

Using the unshadow command

Eternal Blue

Windows exploit developed by the NSA

Port Stealing

Works in LANs to gain unauthorized access

Metasploit Command

msfconsole is used to launch Metasploit