Logo (2)

Elysium Spark Note: Certified Hacking

Elysium Academy

Elysium Spark Notes

Certified Hacking

1.Ethical Hacking Overview

1.1 What is Ethical Hacking?

  • Definition: The practice of legally hacking into systems to find vulnerabilities before malicious hackers do.
  • Objective: Protect networks, data, and systems from cyber threats.
  • Legal vs. Illegal Hacking:
    • White Hat: Ethical hackers (legal)
    • Black Hat: Malicious hackers (illegal)
    • Gray Hat: In between (not strictly ethical but not malicious)

2.Hacking Phases (Cyber Kill Chain)

Phase Description
1. Reconnaissance Information gathering (Passive/Active)
2. Scanning Identifying vulnerabilities (Nmap, Nessus)
3. Gaining Access Exploiting weaknesses (Metasploit, ExploitDB)
4. Maintaining Access Installing backdoors, rootkits
5. Covering Tracks Deleting logs, clearing traces

3.Information Gathering (Reconnaissance)

3.1 Passive vs. Active Reconnaissance

Type Method
Passive Google Dorking, WHOIS lookup, Shodan.io
Active Scanning, social engineering, email phishing

3.2 Tools for Reconnaissance

Tool Use
whois Domain information lookup
theHarvester Gather emails, subdomains, and names
Maltego OSINT visualization
Shodan Search for exposed devices

4.Scanning & Enumeration

4.1 Network Scanning Tools

Tool Function
Nmap Port scanning
Netcat Network debugging, banner grabbing
Nessus Vulnerability scanning
OpenVAS Security assessment

4.2 Common Port Numbers

Protocol Port
FTP 21
SSH 22
HTTP 80
HTTPS 443
RDP 3389

5.Gaining Access (Exploitation)

5.1 Common Exploits

Attack Type Description
Buffer Overflow Overwriting memory to execute malicious code
SQL Injection Injecting SQL queries into databases
Cross-Site Scripting (XSS) Injecting scripts into web pages
Privilege Escalation Gaining higher system privileges

5.2 Exploitation Tools

Tool Use
Metasploit Exploit framework
Exploit-DB Public database of exploits
SQLmap Automated SQL injection

6.Maintaining Access & Covering Tracks

6.1 Backdoor Techniques

  • Rootkits: Hides malicious activities
  • Trojan Horses: Disguised malware
  • Remote Access Trojans (RATs): Full system control

6.2 Log Cleaning Techniques

Method Tool
Clearing Logs rm /var/log/* (Linux)
Altering Timestamps touch -t 202304010000 file.txt
Hiding Processes rootkits

7.Wireless Hacking

7.1 Wireless Attacks

Attack Description
Evil Twin Attack Fake Wi-Fi to capture data
Deauthentication Attack Kicking users off a Wi-Fi network
WPS Attack Exploiting weak Wi-Fi Protected Setup (WPS)

7.2 Wireless Hacking Tools

Tool Function
Aircrack-ng Wi-Fi password cracking
Reaver WPS attack tool
Kismet Wireless network monitoring

8.Web Application Security

8.1 Common Web Attacks

Attack Description
SQL Injection Injecting SQL to extract data
Cross-Site Request Forgery (CSRF) Tricking users into executing unwanted actions
Broken Authentication Weak login mechanisms

8.2 Web Security Tools

Tool Function
Burp Suite Web vulnerability scanning
OWASP ZAP Automated web application testing

9.Cryptography & Steganography

9.1 Encryption Algorithms

Algorithm Type
AES Symmetric
RSA Asymmetric
SHA-256 Hashing

9.2 Cryptography Tools

Tool Function
John the Ripper Password cracking
Hashcat GPU-accelerated hash cracking
GPG File encryption

10.Social Engineering Attacks

10.1 Types of Social Engineering

Attack Type Description
Phishing Deceptive emails/websites
Vishing Voice phishing
Baiting Using infected USB drives
Pretexting Impersonation to gain information

10.2 Social Engineering Tools

Tool Function
SET (Social Engineering Toolkit) Simulated phishing attacks
Maltego OSINT analysis

11.Security Countermeasures

11.1 Best Practices

  • Keep software updated
  • Use strong passwords (min. 12 characters)
  • Enable Multi-Factor Authentication (MFA)
  • Use firewalls & IDS/IPS
  • Regular security audits & penetration testing

11.2 Security Tools

Tool Function
Snort Intrusion detection system (IDS)
Wireshark Network traffic analysis
Fail2Ban Prevents brute-force attacks

12.Command Line Cheat Sheet

Windows Commands

Copy Code 


ipconfig /all   # View network config
netstat -an     # View active connections
tasklist        # Show running processes

Linux Commands

Copy Code 


ifconfig         # Show network settings
nmap -sV 192.168.1.1  # Scan open ports
sudo john hash.txt  # Crack password hashes

Download Elysium Spark Note

Facebook
X
LinkedIn
Pinterest
WhatsApp