attacks using local system

Certified Penetration Testing

Upload: arjun-trivedi

Post on 14-Apr-2017

89 views

Category:

Education

0 download

Report

Download

Embed Size (px):

TRANSCRIPT

CertifiedPenetration Testing

Attacks Using Local System:

• Session Hijacking

• Windows Hacking• Scanning

• Phishing

Windows HackingHacking : -Art of exploring various security breaches is termed as Hacking.

-Legal or illegal but unauthorised way of bypass any security mechanism

Windows Hacking – Art Of windows Security bypass and Find Loop whole and vulnerability is call a windows Hacking

Compute security :

• BIOS –Password• Syskey• Login

PhishingPhishing: -Spear phishing is a targeted email scam with the sole purpose of obtaining unauthorized access to sensitive data

Phishing attacks generally target:

* Bank information – e.g. VISA and PayPal accounts.* Username and password information.* Social Security numbers.* Information which can be used to retrieve forgotten or lost credentials.

MOBILE PHISHING:

Phishing scams are not limited to the internet. Some phishers use the telephone to make requests for information. If you get a call from your banking institution asking for personal information, hang up and call your bank directly. Your bank will have your social security number and account information on file and should only ask you to verify a few digits.

like Iphone,Apple ,iTunes n more...By SMS

EXAMPLE:-

>>Congratulations! Your mobile phone has won US$ 10 Million prize money. To claim your money, call this number XXXXXXXX,give your permanent address,pin number,account number or credit card number...

ScaningScanning is basically use to scan local LAN and NETWORK It also motoring To all Input and output data packets and connections

• Angry IP Scanner• NetScan Tools• Unicorn scan• Nmap

Example : netstat –an

Session HijackingSession hijacking can be done at two levels:

• Network Level• Application Level.

Network layer hijacking involves TCP and UDP sessions, whereas Application level session hijack occurs with HTTP sessions. Successful attack on network level sessions will provide the attacker some critical information which will than be used to attack

application level sessions, so most of the time they occur together depending on the system that is attacked. Network level attacks are most attractive to an attacker because they do not have to be customized on web application basis; they simply attack the data flow of the protocol, which is common for all web applications

Heart Attacks Stroke - IBEW Local 353 | Excellence At Work

Web Server Attacks and Mitigation Using Snort

Client side attacks using PowerShell

Wi-Fi attacks using ESP32

Local Model Poisoning Attacks to Byzantine-Robust ... · Local Model Poisoning Attacks to Byzantine-Robust Federated Learning Minghong Fang∗1, Xiaoyu Cao∗2, Jinyuan Jia2, Neil

Defeating Internet Attacks Using Risk Awareness …sefcom.asu.edu/publications/defeating-internet-attacks-iwia2004.pdfDefeating Internet Attacks Using Risk Awareness and Active Honeypots

Attacking Deterministic Signature Schemes using Fault Attacks · 2017. 10. 12. · Attacking Deterministic Signature Schemes using Fault Attacks Damian Poddebniak , Juraj Somorovskyy,

Defending Malicious Script Attacks Using Machine Learning ...downloads.hindawi.com/journals/wcmc/2017/5360472.pdf · Defending Malicious Script Attacks Using Machine Learning Classifiers

Using Analytics to Predict Future Attacks and Breaches · Using Analytics to Predict Future Attacks and Breaches. ... the 2015 SANS Analytics and Intelligence Survey, ... Using Analytics

How to Curb Anxiety and Panic Attacks Using CBT Techniques · PDF fileHow to Curb Anxiety and Panic Attacks Using CBT ... How to Stop Having Panic Attacks Using CBT Techniques

Using OTP prevent Phishing attacks

The Enemy Within: Stopping Advanced Attacks Against Local Users