05/08/2015
Professional Hacking Tricks and Attacks List
What is hacking?
Hacking is the practice of modifying the features of a system, in order to accomplish a goal outside of the creator's original purpose. The person who is consistently engaging in hacking activities, and has accepted hacking as a lifestyle and philosophy of their choice, is called a hacker.
Computer hacking is the most popular form of hacking nowadays, especially in the field of computer security, but hacking exists in many other forms, such as phone hacking, brain hacking, etc. and it's not limited to either of them.
Due to the mass attention given to blackhat hackers from the media, the whole hacking term is often mistaken for any security related cyber crime. This damages the reputation of all hackers, and is very cruel and unfair to the law abiding ones of them, from who the term itself originated. The goal of this website is to introduce people the true philosophy and ethics of hackers, hopefully clearing their name and giving them the social status they deserve.
There are three types of hackers :-
1. White hat hacker (WHH)
2. Black hat hacker (BHH)
3. Gray hat hacker (GHH)
4. Script Kiddie
Here is some Professional hacking attacks, Hope every beginner will like to read this article.
ɗ4Rk ƒυs3 ђαcќєɾs
I created a list call it as a Pro hack attack (PHA)
Download This Complete List From here
Session One Getting the basics right
TCP/IP Fundamentals
System Fundamentals
Firewall Technologies
Programming & Database Fundamentals
Session Two - Network Cartography
Advanced Google Hacking
Fingerprinting
Nmapping the network
Footprinting
Session Three - Exploitation
Hacking networks
Hacking servers
Hacking databases
Backdooring
Session Four - Advanced Exploitation
Hacking WLANs
Evading IDS, Firewalls and Detecting Honey Pots
Web Application Hacking
Advanced Web Hacking
Hacking Web Browsers (Firefox, IE)
Session Five - Black-belt Hacking
Buffer overflows
Metasploiting the universe
Reverse Engineering
Covert Hacking
Session Six - Social Engineering
What is Social Engineering?
Common Types of Attacks
Social Engineering by Phone
Dumpster Diving
Online Social Engineering
Reverse Social Engineering
Policies and Procedures
Employee Education
Session Seven - Cryptography
Encryption and Decryption
Cryptographic Algorithms DES RC RC Blowfish MD SHA
Government Access Key - GAK
Digital Signature
Cryptography Tools
Code Breaking Methodologies
Cryptography Attacks
Session Eight - Honeypots
What is Honeypot?
Honey net Project
Types of Honey Pot
Honey Pot Replacement
Various Open Source and Commercial Honey Pots
Session Nine - Esoteric Hacking
RFID Hacking
Hacking Mobile Phones, PDA and Handheld Devices
VoIP Hacking
Cyber Warfare
Hacking E-mails Accounts
Corporate Espionage
Botnets
Bluetooth Hacking
Hacking USB Devices
Spamming
Session PHA attacks
SQL Injection attack
Blind SQL Injection attack
HTML Injection attack
PHP Code Injection attack
Java Applet attack method
SET attacks
Web Jacking attack
Spoofing attacks
Backtrack Information Gathering Tools
Backtrack have More than 65 Hacking TOOLS
Session Ten - Password Cracking
How to Steal Passwords
Hashing Algorithm
Active Brute Forcing
Passive Brute Forcing
Web-Based Password Cracking Techniques
Session Eleven - Trojans and Backdoors
Session Twelve - Viruses and Worms
Writing Virus Codes
Session Thirteen - Phishing
Session Fourteen – Exploit Writing
Assembly Language Tutorial
Exploit Writing
Session Fifteen - Privacy on the Internet
Session Sixteen - Spying Technologies
Session Seventeen - Credit Card Frauds
Session Eighteen - Software Piracy and Warez
Session Nineteen – Securing Laptop Computers
Session Twenty - Data Loss Prevention
Session Twenty One - Physical Security
Session Twenty Two - Basics of Digital Forensics
Hacking Incidents
Defining the Forensics Process
Digital Forensics Essentials – A’s
Investigation Guidelines
Disk Based Forensics v/s Network Based Forensics
Chain of Custody
Hands-on Exercises
In-depth exploration of TCP/IP using Wireshark
Exercise Analysis of tcpdump output to determine attacks
In-depth usage of Nmap
Cracking WLANs
Hacking Oracle
Building your own exploit
Metasploit
Arbitrary File Deletion
Code Ex*****on Hacking(LFI,RFI,Iframe Injection, Remote Code Ex*****on)
Cookie Manipulation (Meta HTTP-EQUIV & CRLF Injection)
CRLF Injection (HTTP response splitting & Headers Injection)
Cross Frame Scripting ( XFS )
Cross-Site Scripting ( XSS - Persistent, Non-Persistent, DOM Based)
Directory traversal including shell uploading
Email Injection
File Inclusion (LFI,RFI with and without null byte)
Full Path Disclosure
LDAP Injection
PHP code injection
PHP curl_exec() url is controlled by user
PHP invalid data type error message
PHP preg_replace used on user input
PHP unserialize() used on user input
Remote XSL inclusion
Script source code disclosure
Server-Side Includes (SSI) Injection
Structured Query Language Injection(SQL Injection)
URL Redirection
XPath Injection vulnerability
EXIF
Buffer Overflows
Clickjacking
Dangling Pointers
Format String Attack
FTP Bounce Attack
Symlinking and Server Rooting
Blind SQL injection (timing - Boolean Based)
Blind SQL Injection (Blind SQL String Based and Double Query Blind Based)
8.3 DOS Filename Source Code Disclosure
Search for Backup files
Cross Site Scripting in URI
PHP super-globals-overwrite
Script errors (such as the Microsoft IIS Cookie Variable Information Disclosure)
WebDAV (very vulnerable component of IIS servers)
Application error message
Check for common files
Directory Listing
Email address found
Local path disclosure
Possible sensitive files
Microsoft Office possible sensitive information
Possible internal IP address disclosure
Possible server path disclosure (Unix and Windows)
Possible username or password disclosure
Sensitive data not encrypted
Source code disclosure
Cross-Site Request Forgery (CSRF)
