You're reading from Hands-On Ethical Hacking Tactics Strategies, tools, and techniques for effective cyber defense

Product type Paperback

Published in May 2024

Publisher Packt

ISBN-13 9781801810081

Length 464 pages

Edition 1st Edition

Concepts

Ethical Hacking

Author (1):

Shane Hartman

View More author details

Table of Contents (20) Chapters

Preface

1. Part 1:Information Gathering and Reconnaissance

2. Chapter 1: Ethical Hacking Concepts FREE CHAPTER

3. Chapter 2: Ethical Hacking Footprinting and Reconnaissance

4. Chapter 3: Ethical Hacking Scanning and Enumeration

5. Chapter 4: Ethical Hacking Vulnerability Assessments and Threat Modeling

6. Part 2:Hacking Tools and Techniques

7. Chapter 5: Hacking the Windows Operating System

8. Chapter 6: Hacking the Linux Operating System

9. Chapter 7: Ethical Hacking of Web Servers

10. Chapter 8: Hacking Databases

11. Chapter 9: Ethical Hacking Protocol Review

12. Chapter 10: Ethical Hacking for Malware Analysis

13. Part 3:Defense, Social Engineering, IoT, and Cloud

14. Chapter 11: Incident Response and Threat Hunting

15. Chapter 12: Social Engineering

16. Chapter 13: Ethical Hacking of the Internet of Things

17. Chapter 14: Ethical Hacking in the Cloud

18. Index

Why subscribe?

19. Other Books You May Enjoy

User authentication and movement

One of the simplest ways to exploit systems through authentication is through passwords and password attacks. Password attacks can occur in one of three ways:

The first is to find and exploit a vulnerability to gain access to the system. Once the system has been breached, dump the account and password hashes and crack them later off the system. Once the passwords are cracked, the attacker can access the machines(s)/network using multiple accounts. In this example, the exploit preceded the password attack.
The second way uses the opposite approach, where the attacker performs automated password guessing to determine passwords for one or many accounts; this is also known as a brute force attack. Brute force attacks can use either a dictionary attack, which is just a list of passwords to try, or an algorithm that supplies a calculated sequence of letters, numbers, and symbols as the password. If successful, the attacker gains access to target...