Extreme Hacking
Advanced Ethical Hacking Institute in Pune
[Image: XpEeYA0.png]
AV – Antivirus is software installed on most computers to protect the computer from viruses
Backdoor – A program running on a host that we “own” so that we can connect to it at a later time even if the vulnerability is patched. For example, cryptcat is a backdoor with a nearly undetectable.
Crypter – A program used to encrypt/disguise a malicious program (like a RAT or other virus) so that antivirus software cannot detect it as a virus.
Cookies – files stored on your computer that are used by a webpage to track you, authenticate you and remember you. Stealing session cookies is a type of attack to access sites as someone else (by stealing their session cookie, the site thinks that you are them). You can remove unwanted cookies through your browsers settings and with flash cookie remover (flash cookies are stored separately to browser cookies).
Ddos/Dos – Distributed denial of service attack / Denial of service attack respectively. This is the term given to the flooding of hosts with packets of data from multiple sources / a single source and the server basically overloads. Ddos attacks are much more effective than Dos attacks.
DNS – Dynamic Name Server. This is a server which is used to find the IP address of hosts from their domain name – like an electronic phone book. DNS use uses port 53 for lookups.
E-Whoring – Not exactly hacking, this is a money making method. The name is pretty self-explanatory – online prostitution. But the e-whoring section is located inside beginner hacking, so I thought I would mention it here. A tip for running multiple skype accounts at once: run the second one with a command line and use the /secondary tag.
Embedded System – A mini computer embedded inside something like a car, ATM (95% of ATMs run windows XP), etc. We can “hack” these by getting the firmware off it (from the manufacturer’s website or from hardware debugging like jtag). Once we have the firmware, we can decompile it and find exploits similar to how we crack software. Embedded systems are also harder to hack from the point of view that we can only sometimes achieve a connection to them over which we can actually attack them (e.g. we can’t remotely attack a non-networked vending machine). Videos: hacking an ATM, hacking surveillance cameras.
FTP – File Transfer Protocol. An FTP server is a server used to store and send files.
FUD – Fully UnDetectable. A program which is FUD cannot be detected by ANY anti-virus program. UD – UnDetectable. A program which is UD is mostly undetectable but can be detected by some anti-virus programs. There are 2 types of detection: runtime and scantime. If a program is only FUD at scantime, it means that it can be detected as a virus when it is executed.
Hexadecimal – the base 16 number system which is commonly used to represent binary bytes in 2 digit codes (e.g. 00101010 binary = 42 decimal = 2A hexadecimal). You should familiarise yourself with the 3 different bases, especially for cracking and writing exploits.
Honeypot – A honeypot is a computer system that looks enticing to a hacker. It looks important and vulnerable, enough that the hacker attempts to break in. It is used to entrap hackers and as a way to study the techniques of hackers by the security community.
IDS – Intrusion Detection System. This is a device or software application that monitors network or system activities for malicious activities or policy violations and produces reports to a management station. We need to be careful to avoid detection by an IDS if we are attacking a network/computer. An example is Snort.
IP address – The address used to identify your network while on the Internet. Every computer has a different IP address, and therefore every IP address is unique.
JDB – Java Driveby. A malicious java applet embedded in a webpage, which will attempt to execute something (e.g. a virus) on a visitor’s computer. The victim is presented with a ‘allow plugin to run’ notification before the driveby can execute. This is a common spreading technique for RATs. Setup tutorial for a JDB.
Keylogger – A program which logs the keystrokes of a computer. Here is a tutorial on how to code a Keylogger in VB.
OS – Operating system. Common operating systems brands include Windows, Apple (OSX), Linux (many variations, open source), openBSD, etc.
Pentest – Penetration test. This is what “white hat hackers” perform, hacking into networks and systems to find vulnerabilities, and then reporting their findings to the company in order to help them improve their security.
Pivoting – Moving from one “owned” box on a network to attack others, in an attempt to “own” the entire network. Meterpreter can be used to do this very well.
Programming Languages – Structured languages that can be compiled into a program. Coding knowledge is essential to cracking software and creating exploits, etc – especially scripting ability in a language like perl. Other common languages include c/c++, Java, C#, F#, VB, Haskell, Scala, D, PHP, SQL, HTML (not actually a programming language), javascript, python, ruby, etc.
Proxy – A proxy is a host which redirects traffic through it. Proxy servers can be used for both anonymity and to control traffic/block sites. Most schools use a proxy server to control the sites accessed.
RAT – Remote Administration Tool/Trojan. RATs are a type of virus which can be used to control a computer remotely as well as other functionality. RATs are very popular hacking tools because once a user is infected you have a lot of control over their system. Used commonly with crypters.
Silent JDB – This is the same as a JDB, but there are no popups or notifications to the user when the applet is executed.
Spammer – Software which sends heaps of text messages or emails to a single address to either really annoy them or the equivalent of a DOS.
Spoofing – Making something look different to what it is. We can spoof email addresses and dns addresses in order to trick users into thinking an email came from another address, or that they are visiting a legitimate website, when instead they are looking at something the attacker has created.
SOCKS – Socket Secure is an Internet protocol that routes network packets between a client and server through a proxy server. It is a lower level protocol than HTTP (hypertext transfer protocol).
VPN – Virtual Private Network. A network between systems which doesn’t physically exist – it only exists over existing connections like the internet. A VPN can be used for anonymity, because you can use it to redirect your traffic through an anonymous proxy elsewhere in the world.
VPS – A virtual private server is a virtual machine sold as a service by an Internet hosting service. A VPS runs its own copy of an operating system, and customers have superuser-level access to that operating system instance, so can install almost any software that runs on that OS. Typically, you would set up some form of redirection/routing/forwarding on the server to use it as a proxy.

www.extremehacking.org
CEHv8 CHFIv8 ECSAv8 CAST ENSA CCNA CCNA SECURITY MCITP RHCE CHECKPOINT ASA FIREWALL VMWARE CLOUD ANDROID IPHONE NETWORKING HARDWARE TRAINING INSTITUTE IN PUNE,Certified Ethical Hacking, Center For Advanced Security Training in India,IT Security Training Information Security Traning Courses in Pune, ceh certification in pune, Ethical Hacking Course in Pune