Forwarded from UNDERCODE COMMUNITY
Presentation_Social_Engineering.pdf
3.4 MB
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦SOME INTERESTING HACKING COURSES FROM YOUTUBE
1) 9 hours hacking
https://www.youtube.com/watch?v=dz7Ntp7KQGA
2) 1 HOUR BURPSUITE :
https://www.youtube.com/watch?v=vKudm1kDu8k
3) 14 HOURS HACKING :
https://www.youtube.com/watch?v=3Kq1MIfTWCE
4) 40 MINUTES MOBILE HACKING :
https://www.youtube.com/watch?v=3XUo7UBn28o
5) 24 MINUTES jAVA Course Objects& Classes
https://youtu.be/84hGoR9HjAY
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦SOME INTERESTING HACKING COURSES FROM YOUTUBE
1) 9 hours hacking
https://www.youtube.com/watch?v=dz7Ntp7KQGA
2) 1 HOUR BURPSUITE :
https://www.youtube.com/watch?v=vKudm1kDu8k
3) 14 HOURS HACKING :
https://www.youtube.com/watch?v=3Kq1MIfTWCE
4) 40 MINUTES MOBILE HACKING :
https://www.youtube.com/watch?v=3XUo7UBn28o
5) 24 MINUTES jAVA Course Objects& Classes
https://youtu.be/84hGoR9HjAY
β β β Uππ»βΊπ«Δπ¬πβ β β β
YouTube
Ethical Hacking Full Course - Learn Ethical Hacking in 10 Hours | Ethical Hacking Tutorial | Edureka
π₯Certified Ethical Hacking Course - CEH v12 Training : https://www.edureka.co/ceh-ethical-hacking-certification-course
π₯CompTIA Security+ Certification Training: https://www.edureka.co/comptia-security-plus-certification-training
This Edureka video on "Ethicalβ¦
π₯CompTIA Security+ Certification Training: https://www.edureka.co/comptia-security-plus-certification-training
This Edureka video on "Ethicalβ¦
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦How to Install Xrdp Server (Remote Desktop) on Ubuntu 20.04 :
1) Install a Desktop Environment
Unless you are using Ubuntu for desktop (in which case you may ignore this step), you will need to download an externally available desktop environment to get started. For this demonstration, Gnome will be used as the desktop environment, as it is the default environment for newer versions of Ubuntu. So, this guide will be easy to follow for those who are already using an Ubuntu desktop.
$ sudo apt update
$ sudo apt install ubuntu-desktop
2) Install Xrdp
To download and install Xrdp from the standard Ubuntu repositories, enter the following command:
$ sudo apt install xrdp
Verify the install by entering the following command:
$ sudo systemctl status xrdp
3) There is a file in the /etc/ssl/private/ directory named ssl-cert-snakeoil.key that is fundamental to the functions of the Xrdp services. This file must be made readable for an xrdp user. To do so, use the following command:
$ sudo adduser xrdp ssl-cert
4) To make these modifications permanent, reboot the Xrdp service:
$ sudo systemctl restart xrdp
5) Getting Started with Xrdp
Configuring Firewall with Xrdp
We will now open up the Xrdp port, which is port 3389, by configuring the firewall. Enter the following command to allow access from a certain IP range:
$ sudo ufw allow from 192.168.33.0/24 to any port 3389
π¦Connect to the Xrdp Server (for Windows OS)
With the installation and firewall configurations taken care of, you may now connect to the Xrdp server. The following steps show you how to connect to the Xrdp server:
1) Head over to the windows search bar.
Type in βremote.β
2) Select βRemote Desktop Connectionβ to load the RDP client.
3) Navigate to the field labeled βcomputer.β
4) Paste the server IP address.
5) Hit the connect button.
6) The login screen will display, into which you will put your user credentials.
7) Click βok.β
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦How to Install Xrdp Server (Remote Desktop) on Ubuntu 20.04 :
1) Install a Desktop Environment
Unless you are using Ubuntu for desktop (in which case you may ignore this step), you will need to download an externally available desktop environment to get started. For this demonstration, Gnome will be used as the desktop environment, as it is the default environment for newer versions of Ubuntu. So, this guide will be easy to follow for those who are already using an Ubuntu desktop.
$ sudo apt update
$ sudo apt install ubuntu-desktop
2) Install Xrdp
To download and install Xrdp from the standard Ubuntu repositories, enter the following command:
$ sudo apt install xrdp
Verify the install by entering the following command:
$ sudo systemctl status xrdp
3) There is a file in the /etc/ssl/private/ directory named ssl-cert-snakeoil.key that is fundamental to the functions of the Xrdp services. This file must be made readable for an xrdp user. To do so, use the following command:
$ sudo adduser xrdp ssl-cert
4) To make these modifications permanent, reboot the Xrdp service:
$ sudo systemctl restart xrdp
5) Getting Started with Xrdp
Configuring Firewall with Xrdp
We will now open up the Xrdp port, which is port 3389, by configuring the firewall. Enter the following command to allow access from a certain IP range:
$ sudo ufw allow from 192.168.33.0/24 to any port 3389
π¦Connect to the Xrdp Server (for Windows OS)
With the installation and firewall configurations taken care of, you may now connect to the Xrdp server. The following steps show you how to connect to the Xrdp server:
1) Head over to the windows search bar.
Type in βremote.β
2) Select βRemote Desktop Connectionβ to load the RDP client.
3) Navigate to the field labeled βcomputer.β
4) Paste the server IP address.
5) Hit the connect button.
6) The login screen will display, into which you will put your user credentials.
7) Click βok.β
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦The connotation of safety :
#fAStTips
The security of the system includes the following aspects:
β Protect various resources in the system from natural and man-made damage;
β‘ Estimate various threats in the operating system and its special
problems;
β’ Effective development and implementation security policies to minimize the risks faced by the system;
β£ prepare appropriate contingency measures to enable the system to return to normal as soon as the destruction or attacks;
β€ regularly check the implementation of various security management measures.
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦The connotation of safety :
#fAStTips
The security of the system includes the following aspects:
β Protect various resources in the system from natural and man-made damage;
β‘ Estimate various threats in the operating system and its special
problems;
β’ Effective development and implementation security policies to minimize the risks faced by the system;
β£ prepare appropriate contingency measures to enable the system to return to normal as soon as the destruction or attacks;
β€ regularly check the implementation of various security management measures.
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Communication line and network security
#FastTips
Such as:
- destroy or delete the message,
- read the message, watch the message and its transmission mode
- change, delay, reorder or copy, forge the message
π¦System security features
Different computer operating systems have different security requirements, but in general the system should have the following characteristics:
(1) Confidentiality (Security) is accessed by authorized persons
(2) Integrity is changed by authorized persons
(3) ) Availability (Availability) Available to authorized persons
(3) Reliability (Authenticity) Can verify the user's identity
π¦Security threats-threat source
The threats to the security of computer systems mainly come from the following three aspects:
(1) accidental
(2) natural disasters
(3) man-made attacks-active threats
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Communication line and network security
#FastTips
Such as:
- destroy or delete the message,
- read the message, watch the message and its transmission mode
- change, delay, reorder or copy, forge the message
π¦System security features
Different computer operating systems have different security requirements, but in general the system should have the following characteristics:
(1) Confidentiality (Security) is accessed by authorized persons
(2) Integrity is changed by authorized persons
(3) ) Availability (Availability) Available to authorized persons
(3) Reliability (Authenticity) Can verify the user's identity
π¦Security threats-threat source
The threats to the security of computer systems mainly come from the following three aspects:
(1) accidental
(2) natural disasters
(3) man-made attacks-active threats
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Functions involved in operating system security
β User identification.
β‘ Memory protection.
β’ File and I/O device access control.
β£ Carry out distribution and access control to general entities, and implement certain control and protection on them.
β€ Sharing constraints.
β₯ While considering the security mechanism of the operating system, it is also necessary to ensure that system users enjoy fair services without permanent waiting services; it is also necessary to ensure that the operating system provides timely responses for process synchronization and asynchronous communication.
π¦Confidential and secure operating system design principles
The design principle of the safe OS, the
least privilege, the least privilege, the economy of the general security mechanism, the open design, the security strategy, the integrity of the
privilege separation
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Functions involved in operating system security
β User identification.
β‘ Memory protection.
β’ File and I/O device access control.
β£ Carry out distribution and access control to general entities, and implement certain control and protection on them.
β€ Sharing constraints.
β₯ While considering the security mechanism of the operating system, it is also necessary to ensure that system users enjoy fair services without permanent waiting services; it is also necessary to ensure that the operating system provides timely responses for process synchronization and asynchronous communication.
π¦Confidential and secure operating system design principles
The design principle of the safe OS, the
least privilege, the least privilege, the economy of the general security mechanism, the open design, the security strategy, the integrity of the
privilege separation
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦ Basic technology to realize system security
All ways for Login to your account = Authentication mechanism
1) Password
Confirm a user's identity symbol string of
security passwords: the brute-force attack is not feasible, the system restricts access to the plaintext password table, encrypted password file
2) Illegally obtaining passwords
exhaustive experience try search system password table, asking the user program interception, dictionary / A Probability search
< to select a password
character type, length, to avoid the conventional word, the secret password protection, one-time password
3) encryption password
for Password/password file encryption, traditional encryption method, one-way encryption method
4) Problems
with password authentication mechanism Trojan Horse (Trojan Horse)
Like malicious programs such as viruses and worms, Trojan Horses also delete or modify files, format hard drives, upload and download files, harass users, and expel other malicious programs. Program
Trojan horses also have their unique characteristics-stealing content, remote control-which makes them the most dangerous malware.
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦ Basic technology to realize system security
All ways for Login to your account = Authentication mechanism
1) Password
Confirm a user's identity symbol string of
security passwords: the brute-force attack is not feasible, the system restricts access to the plaintext password table, encrypted password file
2) Illegally obtaining passwords
exhaustive experience try search system password table, asking the user program interception, dictionary / A Probability search
< to select a password
character type, length, to avoid the conventional word, the secret password protection, one-time password
3) encryption password
for Password/password file encryption, traditional encryption method, one-way encryption method
4) Problems
with password authentication mechanism Trojan Horse (Trojan Horse)
Like malicious programs such as viruses and worms, Trojan Horses also delete or modify files, format hard drives, upload and download files, harass users, and expel other malicious programs. Program
Trojan horses also have their unique characteristics-stealing content, remote control-which makes them the most dangerous malware.
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦How to detect a hidden Trojan ?
the status of the Trojan in communication
1) When you browse a website, it is normal that some advertisement windows pop up Things, but if you didn't open the browser at all, and the browser suddenly opened by itself and entered a certain website, then you have to be careful.
2) You are operating a computer, and suddenly a warning box or a question box pops up, asking some questions you have never touched on the computer.
3) Your Windows system configuration is always automatically and inexplicably changed. For example, the text displayed on the screensaver, time and date, sound size, mouse sensitivity, and CD-ROM automatic operation configuration.
4) The hard disk always reads the disk for no reason, the floppy drive light often turns on by itself, and the network connection and mouse screen appear abnormal.
π¦Emergency measures after infection
1) All accounts and passwords must be changed immediately, such as dial-up connection, ICQ, mIRC, FTP, your personal site, free email, etc., wherever a password is required, you must change the password Change it as soon as possible.
2) Delete all the things that did not exist on your hard disk.
3) Antivirus, check whether there is a virus on the hard disk once.
Written by
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦How to detect a hidden Trojan ?
the status of the Trojan in communication
1) When you browse a website, it is normal that some advertisement windows pop up Things, but if you didn't open the browser at all, and the browser suddenly opened by itself and entered a certain website, then you have to be careful.
2) You are operating a computer, and suddenly a warning box or a question box pops up, asking some questions you have never touched on the computer.
3) Your Windows system configuration is always automatically and inexplicably changed. For example, the text displayed on the screensaver, time and date, sound size, mouse sensitivity, and CD-ROM automatic operation configuration.
4) The hard disk always reads the disk for no reason, the floppy drive light often turns on by itself, and the network connection and mouse screen appear abnormal.
π¦Emergency measures after infection
1) All accounts and passwords must be changed immediately, such as dial-up connection, ICQ, mIRC, FTP, your personal site, free email, etc., wherever a password is required, you must change the password Change it as soon as possible.
2) Delete all the things that did not exist on your hard disk.
3) Antivirus, check whether there is a virus on the hard disk once.
Written by
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦IDEAs & NOTE FOR BEGINERS :
#forBeginers
1) Worms (Worms)
network worms spread from one system to another through a network connection
. The network mechanism used by the worm to complete its own replication.
E-mail mechanism.
Remote execution capability.
Remote login capability. The
process of worm reproduction.
Check the host table or similar place where the remote system address is stored. Search for the system to be infected,
establish a connection with the remote host,
copy yourself into the remote system and run the copy of the
2) computer virus (Viruses), the
biological concept of a virus,
small DNA or RNA gene segments
According to statistics, as of 2000.11, there are a total of more than 55,000
viruses with the characteristics of
viruses.
Antivirus methods
π§ββοΈComputer viruses (referred to as viruses) are programs that can infect other programs. The main characteristics of viruses are as follows:
β Dependence.
β‘ The virus is contagious.
β’ The virus is latent.
β£ Viruses are destructive.
β€ The virus is targeted.
π§ββοΈThe structural :
-boot module of the virus is responsible for guiding the virus to the memory, protecting the corresponding storage space to prevent it from being overwritten by other programs, and modifying some necessary system parameters to prepare for the activation of the virus.
-The infection module is responsible for infecting viruses to other computer programs. It is the core of the entire virus program and consists of two parts: one part judges whether the infection conditions are met, and the other part implements the infection.
-The performance module virus trigger condition determines
the specific performance part of some viruses.
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦IDEAs & NOTE FOR BEGINERS :
#forBeginers
1) Worms (Worms)
network worms spread from one system to another through a network connection
. The network mechanism used by the worm to complete its own replication.
E-mail mechanism.
Remote execution capability.
Remote login capability. The
process of worm reproduction.
Check the host table or similar place where the remote system address is stored. Search for the system to be infected,
establish a connection with the remote host,
copy yourself into the remote system and run the copy of the
2) computer virus (Viruses), the
biological concept of a virus,
small DNA or RNA gene segments
According to statistics, as of 2000.11, there are a total of more than 55,000
viruses with the characteristics of
viruses.
Antivirus methods
π§ββοΈComputer viruses (referred to as viruses) are programs that can infect other programs. The main characteristics of viruses are as follows:
β Dependence.
β‘ The virus is contagious.
β’ The virus is latent.
β£ Viruses are destructive.
β€ The virus is targeted.
π§ββοΈThe structural :
-boot module of the virus is responsible for guiding the virus to the memory, protecting the corresponding storage space to prevent it from being overwritten by other programs, and modifying some necessary system parameters to prepare for the activation of the virus.
-The infection module is responsible for infecting viruses to other computer programs. It is the core of the entire virus program and consists of two parts: one part judges whether the infection conditions are met, and the other part implements the infection.
-The performance module virus trigger condition determines
the specific performance part of some viruses.
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦SOME 2020 ANDROID/IOS HACKING APPS :
https://github.com/wszf/androrat
https://www.zimperium.com/zanti-mobile-penetration-testing
https://f-droid.org/en/packages/org.csploit.android/
https://www.cydiahacks.net/xsellize-repo-source.html
(ios cracked cydia repo)
https://github.com/BishopFox/iSpy
https://github.com/GeoSn0w/Myriam
https://github.com/S3Jensen/iRET
https://extigy.github.io/repo/
https://itunes.apple.com/us/app/iweppro-wifi-passwords-generator/id578135585?mt=8
https://github.com/GeoSn0w/Myriam
https://github.com/BishopFox/iSpy
https://github.com/BishopFox/firecat
https://www.highsterspyapp.com/
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦SOME 2020 ANDROID/IOS HACKING APPS :
https://github.com/wszf/androrat
https://www.zimperium.com/zanti-mobile-penetration-testing
https://f-droid.org/en/packages/org.csploit.android/
https://www.cydiahacks.net/xsellize-repo-source.html
(ios cracked cydia repo)
https://github.com/BishopFox/iSpy
https://github.com/GeoSn0w/Myriam
https://github.com/S3Jensen/iRET
https://extigy.github.io/repo/
https://itunes.apple.com/us/app/iweppro-wifi-passwords-generator/id578135585?mt=8
https://github.com/GeoSn0w/Myriam
https://github.com/BishopFox/iSpy
https://github.com/BishopFox/firecat
https://www.highsterspyapp.com/
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
GitHub
GitHub - wszf/androrat: androrat
androrat. Contribute to wszf/androrat development by creating an account on GitHub.