Cybersecurity Notes
File Hash Checking
A form of integrity check for files
Social Engineering Toolkit (SET)
A group of tools for social engineering
Vulnerability
A synonym for weakness in cybersecurity
Exploited Protocol for On-Path Position
ARP
Hiding User from User List
Adding $ to hide a user in the user list
Privilege Escalation Mitigation
BIOS password, storage encryption, and physical security
SQLi vs. Blind SQLi
Blind SQLi has no visible output
JavaScript Characteristics
Can be added to HTML pages, affects behavior, manages communication, and handles events
CVE
Common Vulnerabilities and Exposures
Consequences of XSS
Defacing, cookie theft, clickjacking, and trojan delivery
Highest Privileges in Windows Enterprise
Enterprise admin
Easiest SQL Injection Attack
Error based SQLi
Social Engineering
Exploiting human error for malicious purposes
Talos
Gathers global information about cyber attacks
Targeted Wordlist
Generated by the CUPP tool based on inputs
Basis of Social Engineering Attacks
Human errors
EternalBlue
Known Windows exploit
LFI
Local File Inclusion
Non-Relational Databases
MongoDB, Redis, Elasticsearch, and Cassandra
Database Servers
MySQL and Oracle
Rational Databases
MySQL, Oracle, PostgreSQL, and MariaDB
OWASP
Open Web Application Security Project
SQL Database Enumeration
Performed using the SQLMAP tool
Requirements for Ethical Hacking
Permission to evaluate a system
Social Engineering Methods
Phishing, vishing, and scareware
Encrypting GRUB
Prevents GRUB root access
GRUB Password
Prevents editing and unwanted reboots
DNS Poisoning
Redirecting DNS requests to a target IP
XSS Types
Reflected XSS, Stored XSS, and DOM XSS
XSS Mitigation Methods
Regex, htmlspecialchars, and htmlentities
sslstrip command
Removes SSL from a website for local machine
BOOLEAN
Represents a true/false value
INT Data Type
Represents an integer
HIPAA Certification
Required for hospitals
Rainbow Dictionary Brute Forcing
Running hashes against precomputed hashes
ARP Poisoning
Sending malicious ARP packets to intercept traffic
Cookie Theft via XSS
Stealing another user's session
Root Privileges
The goal when escalating privileges
Burp Suite
Tool for intercepting and modifying HTTP traffic
On-Path Attack
Traffic interception for eavesdropping in a LAN
SQL Query to Charge Existing Values
UPDATE query
Bloodhound
Used for lateral movement after initial foothold
Net.exe Command
Used to manage users, groups, and services
Bypassing SQL Database Login
Using '../../../../etc/shadow' as input
Webpage Copying
Using a copy of a webpage, also known as site mirroring
HTTP Server Attack Defense
Using security headers
Decrypting /etc/shadow
Using the unshadow command
Eternal Blue
Windows exploit developed by the NSA
Port Stealing
Works in LANs to gain unauthorized access
Metasploit Command
msfconsole is used to launch Metasploit