Firstly, disclaimer. The information here is for research purposes only. Use the tools and techniques listed here at your own risk and only on systems that you are authorised to do so.
Secondly. The interesting quote that sums up this page… “An old poacher makes the best gamekeeper“. To properly protect digital systems, you have to truly understand the weaknesses that are present in most digital systems that are in use today. you have to look behind the branding, the pretty pictures and curved edges on boxes and truly see what is happening in the background. The reality is that most systems are vulnerable in one way or another, and these vulnerabilities are often the direct result of ignorance by the person, team or companies developing these solutions. There is no magic box that ticks off security when it comes to digital systems, which is why it is essential to truly understand where issues are, so you can patch them before they are exploited.
This page is about giving you the tools and techniques to interrogate your own systems so that you can break into your own systems before others do. Some call this penetration testing, personally I just like to think of it as building a solid product that doesn’t put your data, or your customer’s data at risk. So over time, this page will be expanded to become a handy resource for how to protect your own systems by learning how to identify where the weaknesses lie.
Content in progress, when I get the time to add new things 🙂
Common Hacking and Cyber Attacking Techniques
- Keyloggers – Installing, listening and tracking
- Distributed Denial of Service Attacks (DDoS) – Infecting computers with remote control software, utilising popular free Content Management Systems (CMS) such as WordPress to trigger highly targeted DDoS attacks
- Man in the Middle Attacks – Coffee shops, fake wireless networks
- Phishing Attacks
- IoT Device Attacks
- Clickbait Attacks
- Company Director Email Attacks – Fake invoices, email spoofing
- Cross Site Scripting Attacks (XSS)
- Insecure HTTP Attacks
- HTTP GET Attacks – Viewing data that should be hidden
- Code Exploit Attacks
- 3rd Party Code Plugin Attacks
- SQL Injection Attacks
- Broken Authentication Attacks
- Content Management System Attacks
- Server Attacks
- Server Software Attacks
- Brute Force Attacks
- Hiding in Plain Sight – Avoiding detection
- Remote Access Trojans –Â https://github.com/malwares/Remote-Access-Trojan