SlideShare a Scribd company logo

Domain 3 of CEH v11: System Hacking Phases and Attack Techniques

S
ShivamSharma909

Hacking is a dangerous process that hackers use to gain unauthorized access to any smartphone, television, computer, or other network system. The hackers constantly update their programming and computer skills to enter the target’s system without the target’s knowledge and gain valuable financial and personal information. https://www.infosectrain.com/blog/domain-3-of-ceh-v11-system-hacking-phases-and-attack-techniques/

Education
1 of 13
Download to read offline
CEH v11 System Hacking Phases & Attack Techniques DOMAIN 3 www.infosectrain.com
www.infosectrain.com | sales@infosectrain.com 01 Domains of CEH DOMAIN 1 Information Security & Ethical Hacking Overview DOMAIN 2 Reconnaissance Techniques DOMAIN 3 System hacking phases & Attack Techniques DOMAIN 4 Network and perimeter hacking DOMAIN 5 Web application hacking DOMAIN 6 Wireless network hacking DOMAIN 7 Mobile platform, IoT, & OT hacking DOMAIN 8 Cloud Computing DOMAIN 9 Cryptography CEH v11 DOMAINS 6% 21% 17% 14% 16% 6% 8% 6% 6%
www.infosectrain.com | sales@infosectrain.com 02 The six hacking phases are: > Reconnaissance > Scanning and enumeration > Gaining access > Ascendancy of privileges > Maintaining access > Track coverage DOMAIN 3 System Hacking Phases & Attack Techniques In this blog, we will discuss the 3rd domain of CEH, which is ‘System Hacking Phases & Attack Techniques’ System Hacking Phases
01 www.infosectrain.com | sales@infosectrain.com 03 Reconnaissance Reconnaissance is the first and pre-phase of hacking. Reconnaissance is the process of gathering all the information about the target system, like active ports, operating systems, and all the passive information. For example, assume you want to surprise your childhood friend who lost touch with you. The first thing you will do is gather all the information about them, like their city, area, home address, etc. The process of collecting this information is called reconnaissance. DOMAIN 3 System Hacking Phases & Attack Techniques
www.infosectrain.com | sales@infosectrain.com 04 02 Scanning & Enumeration This scanning and enumeration phase is where the attacker moves from passive to active information gathering. The scanning is performed to gain access to the target system, and the enumeration is performed to get detailed information, including the user account data. There are three types of scanning. Port scanning: Port scanning is a phase where hackers scan the target system for data like live systems, open ports, and different services running over the host. Network mapping: A network map depicts a network’s topology, routers, firewalls, servers, if any, and host information. During the hacking process, this network map can be a valuable source of information. Vulnerability scanning: The vulnerability scanning process involves scanning the target for weaknesses or vulnerabilities that could be exploited. This kind of scanning is usually done with automated tools. DOMAIN 3 System Hacking Phases & Attack Techniques
03 www.infosectrain.com | sales@infosectrain.com 05 Gaining Access Gaining access is one of the important phases of hacking any system/network. This is the phase where the attacker moves from simply examining the network to actually attacking it. Hackers can gain access by using various methodologies, like identifying a wireless access point or by identifying vulnerabilities within the web server software. Ultimately, a hacker’s method of accessing a network will depend on his skills, how much access he gains, and how the victim’s network is configured. DOMAIN 3 System Hacking Phases & Attack Techniques
04 Privileges Ascendancy www.infosectrain.com | sales@infosectrain.com 06 Even though the hacker has got access to the network or your system, he tries to escalate his privileges to an administrator because they are the individuals who control the whole network. In simple terms, privilege escalation can be described as exploiting a bug or vulnerability in an application or operating system to gain access to resources that would otherwise be protected from an average user. DOMAIN 3 System Hacking Phases & Attack Techniques
www.infosectrain.com | sales@infosectrain.com 07 05 Maintaining the Access Hackers have to maintain access to complete their tasks successfully. This can be done by using rootkits, trojans, and various other malicious files. DOMAIN 3 System Hacking Phases & Attack Techniques
06 Track Coverage www.infosectrain.com | sales@infosectrain.com 08 No one wants to get caught after doing a robbery. Hence, the hackers cover all their tracks so that the network/system owner will never know who attacked the network/system. A good hacker will cover or clear his tracks by changing the registry values and removing/changing/corrupting the log values. DOMAIN 3 System Hacking Phases & Attack Techniques
Different Attacking Techniques used by a Hacker DOMAIN 3 System Hacking Phases & Attack Techniques Bait and Switch Bait and Switch is a process where a hacker buys advertising space on any website, and he posts a very interesting ad that attracts users to click on it. Once the user clicks that ad, it will immediately redirect him to a malicious page, and from there, a hacker can install bugs and malicious codes into your system. So guys, be very careful whenever you are clicking an ad. www.infosectrain.com | sales@infosectrain.com 09
www.infosectrain.com | sales@infosectrain.com 10 Cookie Theft I think this is a dangerous attack because we save many passwords in our browsers, say our email passwords, bank accounts, or many important accounts. Once the attacker gets your cookie session, he can replicate you and conduct attacks or simply steal that information. So, make sure you regularly clear your search history and cache. DOMAIN 3 System Hacking Phases & Attack Techniques
DOMAIN 3 System Hacking Phases & Attack Techniques Installing various trojans and malware like trojan and spyware A hacker installs various malware on a target’s computer. These trojans and spyware frequently send the data to the attacker and perform few tasks like diverting traffic and sniffing the victim’s data. www.infosectrain.com | sales@infosectrain.com 11
www.infosectrain.com | sales@infosectrain.com

Recommended

Domain 3 of CEH v11 System Hacking Phases and Attack Techniques.pptx
Domain 3 of CEH v11 System Hacking Phases and Attack Techniques.pptxDomain 3 of CEH v11 System Hacking Phases and Attack Techniques.pptx
Domain 3 of CEH v11 System Hacking Phases and Attack Techniques.pptx
Infosectrain3
 
systemhacking-170425062200.pdf
systemhacking-170425062200.pdfsystemhacking-170425062200.pdf
systemhacking-170425062200.pdf
ThasnimFathima
 
System hacking
System hackingSystem hacking
System hacking
CAS
 
Domain 2 of CEH v11: Reconnaissance Techniques
Domain 2 of CEH v11: Reconnaissance TechniquesDomain 2 of CEH v11: Reconnaissance Techniques
Domain 2 of CEH v11: Reconnaissance Techniques
ShivamSharma909
 
CEH Domain 2.pdf
CEH Domain 2.pdfCEH Domain 2.pdf
CEH Domain 2.pdf
infosec train
 
Security Operation Center Fundamental
Security Operation Center FundamentalSecurity Operation Center Fundamental
Security Operation Center Fundamental
Amir Hossein Zargaran
 
Ethical Hacking justvamshi .pptx
Ethical Hacking justvamshi .pptxEthical Hacking justvamshi .pptx
Ethical Hacking justvamshi .pptx
vamshimatangi
 
Ethical hacking
Ethical hacking Ethical hacking
Ethical hacking
Јаѓќеѕн Јажѕшаф
 

Recommended

Domain 3 of CEH v11 System Hacking Phases and Attack Techniques.pptx
Domain 3 of CEH v11 System Hacking Phases and Attack Techniques.pptxDomain 3 of CEH v11 System Hacking Phases and Attack Techniques.pptx
Domain 3 of CEH v11 System Hacking Phases and Attack Techniques.pptx
Infosectrain3
 
systemhacking-170425062200.pdf
systemhacking-170425062200.pdfsystemhacking-170425062200.pdf
systemhacking-170425062200.pdf
ThasnimFathima
 
System hacking
System hackingSystem hacking
System hacking
CAS
 
Domain 2 of CEH v11: Reconnaissance Techniques
Domain 2 of CEH v11: Reconnaissance TechniquesDomain 2 of CEH v11: Reconnaissance Techniques
Domain 2 of CEH v11: Reconnaissance Techniques
ShivamSharma909
 
CEH Domain 2.pdf
CEH Domain 2.pdfCEH Domain 2.pdf
CEH Domain 2.pdf
infosec train
 
Security Operation Center Fundamental
Security Operation Center FundamentalSecurity Operation Center Fundamental
Security Operation Center Fundamental
Amir Hossein Zargaran
 
Ethical Hacking justvamshi .pptx
Ethical Hacking justvamshi .pptxEthical Hacking justvamshi .pptx
Ethical Hacking justvamshi .pptx
vamshimatangi
 
Ethical hacking
Ethical hacking Ethical hacking
Ethical hacking
Јаѓќеѕн Јажѕшаф
 
Introduction to Pre-Cybersecurity.pptx
Introduction to Pre-Cybersecurity.pptxIntroduction to Pre-Cybersecurity.pptx
Introduction to Pre-Cybersecurity.pptx
youfanlimboo
 
Final report ethical hacking
Final report ethical hackingFinal report ethical hacking
Final report ethical hacking
samprada123
 
Ethical Hacking Interview Questions and Answers.pdf
Ethical Hacking Interview Questions and Answers.pdfEthical Hacking Interview Questions and Answers.pdf
Ethical Hacking Interview Questions and Answers.pdf
ShivamSharma909
 
CEH Domain 5.pdf
CEH Domain 5.pdfCEH Domain 5.pdf
CEH Domain 5.pdf
infosec train
 
Domain 5 of the CEH: Web Application Hacking
Domain 5 of the CEH: Web Application HackingDomain 5 of the CEH: Web Application Hacking
Domain 5 of the CEH: Web Application Hacking
ShivamSharma909
 
Domain 5 of the CEH Web Application Hacking.pptx
Domain 5 of the CEH Web Application Hacking.pptxDomain 5 of the CEH Web Application Hacking.pptx
Domain 5 of the CEH Web Application Hacking.pptx
Infosectrain3
 
PowerPoint Presentation On Ethical Hacking in Brief (Simple)
PowerPoint Presentation On Ethical Hacking in Brief (Simple)PowerPoint Presentation On Ethical Hacking in Brief (Simple)
PowerPoint Presentation On Ethical Hacking in Brief (Simple)
Shivam Sahu
 
Top 20 certified ethical hacker interview questions and answer
Top 20 certified ethical hacker interview questions and answerTop 20 certified ethical hacker interview questions and answer
Top 20 certified ethical hacker interview questions and answer
ShivamSharma909
 
Introduction to Ethical Hacking pdf file
Introduction to Ethical Hacking pdf fileIntroduction to Ethical Hacking pdf file
Introduction to Ethical Hacking pdf file
debmajumder741249
 
Secure coding guidelines
Secure coding guidelinesSecure coding guidelines
Secure coding guidelines
Zakaria SMAHI
 
Andrews whitakrer lecture18-security.ppt
Andrews whitakrer lecture18-security.pptAndrews whitakrer lecture18-security.ppt
Andrews whitakrer lecture18-security.ppt
SilverGold16
 
Computer security system Unit1.pptx
Computer security system Unit1.pptxComputer security system Unit1.pptx
Computer security system Unit1.pptx
VIRAJDEY1
 
Network Security & Ethical Hacking
Network Security & Ethical HackingNetwork Security & Ethical Hacking
Network Security & Ethical Hacking
Sripati Mahapatra
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
Prabhat kumar Suman
 
Domain 2 of CEH v11 Reconnaissance Techniques (21%).pptx
Domain 2 of CEH v11 Reconnaissance Techniques (21%).pptxDomain 2 of CEH v11 Reconnaissance Techniques (21%).pptx
Domain 2 of CEH v11 Reconnaissance Techniques (21%).pptx
Infosectrain3
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
Aditya Vikram Singhania
 
certified-ethical-hacker-cehv12_course_content.pdf
certified-ethical-hacker-cehv12_course_content.pdfcertified-ethical-hacker-cehv12_course_content.pdf
certified-ethical-hacker-cehv12_course_content.pdf
infosec train
 
certified-ethical-hacker-cehv12_course_content
certified-ethical-hacker-cehv12_course_contentcertified-ethical-hacker-cehv12_course_content
certified-ethical-hacker-cehv12_course_content
priyanshamadhwal2
 
Module 1 Introduction
Module 1 IntroductionModule 1 Introduction
Module 1 Introduction
leminhvuong
 
Security protection On banking systems using ethical hacking.
Security protection On banking systems using ethical hacking.Security protection On banking systems using ethical hacking.
Security protection On banking systems using ethical hacking.
Rishabh Gupta
 
CYBERSECURITY Interview Questions for Freshers.pdf
CYBERSECURITY Interview Questions for Freshers.pdfCYBERSECURITY Interview Questions for Freshers.pdf
CYBERSECURITY Interview Questions for Freshers.pdf
ShivamSharma909
 
Top Interview Questions to Master as a CompTIA Security+ Certified Profession...
Top Interview Questions to Master as a CompTIA Security+ Certified Profession...Top Interview Questions to Master as a CompTIA Security+ Certified Profession...
Top Interview Questions to Master as a CompTIA Security+ Certified Profession...
ShivamSharma909
 

More Related Content

Similar to Domain 3 of CEH v11: System Hacking Phases and Attack Techniques

Introduction to Pre-Cybersecurity.pptx
Introduction to Pre-Cybersecurity.pptxIntroduction to Pre-Cybersecurity.pptx
Introduction to Pre-Cybersecurity.pptx
youfanlimboo
 
Final report ethical hacking
Final report ethical hackingFinal report ethical hacking
Final report ethical hacking
samprada123
 
Ethical Hacking Interview Questions and Answers.pdf
Ethical Hacking Interview Questions and Answers.pdfEthical Hacking Interview Questions and Answers.pdf
Ethical Hacking Interview Questions and Answers.pdf
ShivamSharma909
 
Top 20 certified ethical hacker interview questions and answer
Top 20 certified ethical hacker interview questions and answerTop 20 certified ethical hacker interview questions and answer
Top 20 certified ethical hacker interview questions and answer
ShivamSharma909
 
Andrews whitakrer lecture18-security.ppt
Andrews whitakrer lecture18-security.pptAndrews whitakrer lecture18-security.ppt
Andrews whitakrer lecture18-security.ppt
SilverGold16
 
Module 1 Introduction
Module 1 IntroductionModule 1 Introduction
Module 1 Introduction
leminhvuong
 

Similar to Domain 3 of CEH v11: System Hacking Phases and Attack Techniques (20)

Introduction to Pre-Cybersecurity.pptx
Introduction to Pre-Cybersecurity.pptxIntroduction to Pre-Cybersecurity.pptx
Introduction to Pre-Cybersecurity.pptx
 
Final report ethical hacking
Final report ethical hackingFinal report ethical hacking
Final report ethical hacking
 
Ethical Hacking Interview Questions and Answers.pdf
Ethical Hacking Interview Questions and Answers.pdfEthical Hacking Interview Questions and Answers.pdf
Ethical Hacking Interview Questions and Answers.pdf
 
CEH Domain 5.pdf
CEH Domain 5.pdfCEH Domain 5.pdf
CEH Domain 5.pdf
 
Domain 5 of the CEH: Web Application Hacking
Domain 5 of the CEH: Web Application HackingDomain 5 of the CEH: Web Application Hacking
Domain 5 of the CEH: Web Application Hacking
 
Domain 5 of the CEH Web Application Hacking.pptx
Domain 5 of the CEH Web Application Hacking.pptxDomain 5 of the CEH Web Application Hacking.pptx
Domain 5 of the CEH Web Application Hacking.pptx
 
PowerPoint Presentation On Ethical Hacking in Brief (Simple)
PowerPoint Presentation On Ethical Hacking in Brief (Simple)PowerPoint Presentation On Ethical Hacking in Brief (Simple)
PowerPoint Presentation On Ethical Hacking in Brief (Simple)
 
Top 20 certified ethical hacker interview questions and answer
Top 20 certified ethical hacker interview questions and answerTop 20 certified ethical hacker interview questions and answer
Top 20 certified ethical hacker interview questions and answer
 
Introduction to Ethical Hacking pdf file
Introduction to Ethical Hacking pdf fileIntroduction to Ethical Hacking pdf file
Introduction to Ethical Hacking pdf file
 
Secure coding guidelines
Secure coding guidelinesSecure coding guidelines
Secure coding guidelines
 
Andrews whitakrer lecture18-security.ppt
Andrews whitakrer lecture18-security.pptAndrews whitakrer lecture18-security.ppt
Andrews whitakrer lecture18-security.ppt
 
Computer security system Unit1.pptx
Computer security system Unit1.pptxComputer security system Unit1.pptx
Computer security system Unit1.pptx
 
Network Security & Ethical Hacking
Network Security & Ethical HackingNetwork Security & Ethical Hacking
Network Security & Ethical Hacking
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
 
Domain 2 of CEH v11 Reconnaissance Techniques (21%).pptx
Domain 2 of CEH v11 Reconnaissance Techniques (21%).pptxDomain 2 of CEH v11 Reconnaissance Techniques (21%).pptx
Domain 2 of CEH v11 Reconnaissance Techniques (21%).pptx
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
 
certified-ethical-hacker-cehv12_course_content.pdf
certified-ethical-hacker-cehv12_course_content.pdfcertified-ethical-hacker-cehv12_course_content.pdf
certified-ethical-hacker-cehv12_course_content.pdf
 
certified-ethical-hacker-cehv12_course_content
certified-ethical-hacker-cehv12_course_contentcertified-ethical-hacker-cehv12_course_content
certified-ethical-hacker-cehv12_course_content
 
Module 1 Introduction
Module 1 IntroductionModule 1 Introduction
Module 1 Introduction
 
Security protection On banking systems using ethical hacking.
Security protection On banking systems using ethical hacking.Security protection On banking systems using ethical hacking.
Security protection On banking systems using ethical hacking.
 

More from ShivamSharma909

Top 15 aws security interview questions
Top 15 aws security interview questionsTop 15 aws security interview questions
Top 15 aws security interview questions
ShivamSharma909
 

More from ShivamSharma909 (20)

CYBERSECURITY Interview Questions for Freshers.pdf
CYBERSECURITY Interview Questions for Freshers.pdfCYBERSECURITY Interview Questions for Freshers.pdf
CYBERSECURITY Interview Questions for Freshers.pdf
 
Top Interview Questions to Master as a CompTIA Security+ Certified Profession...
Top Interview Questions to Master as a CompTIA Security+ Certified Profession...Top Interview Questions to Master as a CompTIA Security+ Certified Profession...
Top Interview Questions to Master as a CompTIA Security+ Certified Profession...
 
Top 20 Incident Responder Interview Questions and Answers (1).pdf
Top 20 Incident Responder Interview Questions and Answers (1).pdfTop 20 Incident Responder Interview Questions and Answers (1).pdf
Top 20 Incident Responder Interview Questions and Answers (1).pdf
 
Top 25 Azure Architect Interview Questions and Answers.pdf
Top 25 Azure Architect Interview Questions and Answers.pdfTop 25 Azure Architect Interview Questions and Answers.pdf
Top 25 Azure Architect Interview Questions and Answers.pdf
 
Top 20 Azure Administrator Interview Questions.pdf
Top 20 Azure Administrator Interview Questions.pdfTop 20 Azure Administrator Interview Questions.pdf
Top 20 Azure Administrator Interview Questions.pdf
 
Threat Hunting Professional Online Training Course
Threat Hunting Professional Online Training CourseThreat Hunting Professional Online Training Course
Threat Hunting Professional Online Training Course
 
Why cloud security engineers find CCSE as a perfect fit
Why cloud security engineers find CCSE as a perfect fitWhy cloud security engineers find CCSE as a perfect fit
Why cloud security engineers find CCSE as a perfect fit
 
Top 20 azure interview questions
Top 20 azure interview questionsTop 20 azure interview questions
Top 20 azure interview questions
 
Top 15 aws security interview questions
Top 15 aws security interview questionsTop 15 aws security interview questions
Top 15 aws security interview questions
 
EC-Council Certified SOC Analyst
EC-Council Certified SOC AnalystEC-Council Certified SOC Analyst
EC-Council Certified SOC Analyst
 
Ctia course outline
Ctia course outlineCtia course outline
Ctia course outline
 
Domain 6 of CEH: Wireless Network Hacking
Domain 6 of CEH: Wireless Network HackingDomain 6 of CEH: Wireless Network Hacking
Domain 6 of CEH: Wireless Network Hacking
 
Domain 4 of CEH V11: Network and Perimeter Hacking
Domain 4 of CEH V11: Network and Perimeter HackingDomain 4 of CEH V11: Network and Perimeter Hacking
Domain 4 of CEH V11: Network and Perimeter Hacking
 
Domain 1 of CEH v11: Information Security and Ethical Hacking
Domain 1 of CEH v11: Information Security and Ethical HackingDomain 1 of CEH v11: Information Security and Ethical Hacking
Domain 1 of CEH v11: Information Security and Ethical Hacking
 
How is az 303 different from az-304
How is az 303 different from az-304How is az 303 different from az-304
How is az 303 different from az-304
 
The importance of understanding the global cybersecurity index
The importance of understanding the global cybersecurity indexThe importance of understanding the global cybersecurity index
The importance of understanding the global cybersecurity index
 
Cisa domain 4
Cisa domain 4Cisa domain 4
Cisa domain 4
 
Cisa domain 3
Cisa domain 3Cisa domain 3
Cisa domain 3
 
CISA DOMAIN 2 Governance & Management of IT
CISA DOMAIN 2 Governance & Management of ITCISA DOMAIN 2 Governance & Management of IT
CISA DOMAIN 2 Governance & Management of IT
 
CISA Domain 1 The Process On AUDITING INFORMATION SYSTEMS
CISA Domain 1 The Process On AUDITING INFORMATION SYSTEMSCISA Domain 1 The Process On AUDITING INFORMATION SYSTEMS
CISA Domain 1 The Process On AUDITING INFORMATION SYSTEMS
 

Recently uploaded

Gardella_PRCampaignConclusion Pitch Letter
Gardella_PRCampaignConclusion Pitch LetterGardella_PRCampaignConclusion Pitch Letter
Gardella_PRCampaignConclusion Pitch Letter
MateoGardella
 
Gardella_Mateo_IntellectualProperty.pdf.
Gardella_Mateo_IntellectualProperty.pdf.Gardella_Mateo_IntellectualProperty.pdf.
Gardella_Mateo_IntellectualProperty.pdf.
MateoGardella
 
Making and Justifying Mathematical Decisions.pdf
Making and Justifying Mathematical Decisions.pdfMaking and Justifying Mathematical Decisions.pdf
Making and Justifying Mathematical Decisions.pdf
Chris Hunter
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdf
ciinovamais
 
1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf
QucHHunhnh
 
1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf
QucHHunhnh
 
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in DelhiRussian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
kauryashika82
 

Recently uploaded (20)

Gardella_PRCampaignConclusion Pitch Letter
Gardella_PRCampaignConclusion Pitch LetterGardella_PRCampaignConclusion Pitch Letter
Gardella_PRCampaignConclusion Pitch Letter
 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
 
Unit-IV; Professional Sales Representative (PSR).pptx
Unit-IV; Professional Sales Representative (PSR).pptxUnit-IV; Professional Sales Representative (PSR).pptx
Unit-IV; Professional Sales Representative (PSR).pptx
 
PROCESS RECORDING FORMAT.docx
PROCESS RECORDING FORMAT.docxPROCESS RECORDING FORMAT.docx
PROCESS RECORDING FORMAT.docx
 
Z Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphZ Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot Graph
 
Gardella_Mateo_IntellectualProperty.pdf.
Gardella_Mateo_IntellectualProperty.pdf.Gardella_Mateo_IntellectualProperty.pdf.
Gardella_Mateo_IntellectualProperty.pdf.
 
Measures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SDMeasures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SD
 
Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The Basics
 
Making and Justifying Mathematical Decisions.pdf
Making and Justifying Mathematical Decisions.pdfMaking and Justifying Mathematical Decisions.pdf
Making and Justifying Mathematical Decisions.pdf
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activity
 
Holdier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfHoldier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdf
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdf
 
1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf
 
1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf
 
Advance Mobile Application Development class 07
Advance Mobile Application Development class 07Advance Mobile Application Development class 07
Advance Mobile Application Development class 07
 
Unit-V; Pricing (Pharma Marketing Management).pptx
Unit-V; Pricing (Pharma Marketing Management).pptxUnit-V; Pricing (Pharma Marketing Management).pptx
Unit-V; Pricing (Pharma Marketing Management).pptx
 
Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17
 
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in DelhiRussian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
 
Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingGrant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy Consulting
 

Domain 3 of CEH v11: System Hacking Phases and Attack Techniques

  • 1. CEH v11 System Hacking Phases & Attack Techniques DOMAIN 3 www.infosectrain.com
  • 2. www.infosectrain.com | sales@infosectrain.com 01 Domains of CEH DOMAIN 1 Information Security & Ethical Hacking Overview DOMAIN 2 Reconnaissance Techniques DOMAIN 3 System hacking phases & Attack Techniques DOMAIN 4 Network and perimeter hacking DOMAIN 5 Web application hacking DOMAIN 6 Wireless network hacking DOMAIN 7 Mobile platform, IoT, & OT hacking DOMAIN 8 Cloud Computing DOMAIN 9 Cryptography CEH v11 DOMAINS 6% 21% 17% 14% 16% 6% 8% 6% 6%
  • 3. www.infosectrain.com | sales@infosectrain.com 02 The six hacking phases are: > Reconnaissance > Scanning and enumeration > Gaining access > Ascendancy of privileges > Maintaining access > Track coverage DOMAIN 3 System Hacking Phases & Attack Techniques In this blog, we will discuss the 3rd domain of CEH, which is ‘System Hacking Phases & Attack Techniques’ System Hacking Phases
  • 4. 01 www.infosectrain.com | sales@infosectrain.com 03 Reconnaissance Reconnaissance is the first and pre-phase of hacking. Reconnaissance is the process of gathering all the information about the target system, like active ports, operating systems, and all the passive information. For example, assume you want to surprise your childhood friend who lost touch with you. The first thing you will do is gather all the information about them, like their city, area, home address, etc. The process of collecting this information is called reconnaissance. DOMAIN 3 System Hacking Phases & Attack Techniques
  • 5. www.infosectrain.com | sales@infosectrain.com 04 02 Scanning & Enumeration This scanning and enumeration phase is where the attacker moves from passive to active information gathering. The scanning is performed to gain access to the target system, and the enumeration is performed to get detailed information, including the user account data. There are three types of scanning. Port scanning: Port scanning is a phase where hackers scan the target system for data like live systems, open ports, and different services running over the host. Network mapping: A network map depicts a network’s topology, routers, firewalls, servers, if any, and host information. During the hacking process, this network map can be a valuable source of information. Vulnerability scanning: The vulnerability scanning process involves scanning the target for weaknesses or vulnerabilities that could be exploited. This kind of scanning is usually done with automated tools. DOMAIN 3 System Hacking Phases & Attack Techniques
  • 6. 03 www.infosectrain.com | sales@infosectrain.com 05 Gaining Access Gaining access is one of the important phases of hacking any system/network. This is the phase where the attacker moves from simply examining the network to actually attacking it. Hackers can gain access by using various methodologies, like identifying a wireless access point or by identifying vulnerabilities within the web server software. Ultimately, a hacker’s method of accessing a network will depend on his skills, how much access he gains, and how the victim’s network is configured. DOMAIN 3 System Hacking Phases & Attack Techniques
  • 7. 04 Privileges Ascendancy www.infosectrain.com | sales@infosectrain.com 06 Even though the hacker has got access to the network or your system, he tries to escalate his privileges to an administrator because they are the individuals who control the whole network. In simple terms, privilege escalation can be described as exploiting a bug or vulnerability in an application or operating system to gain access to resources that would otherwise be protected from an average user. DOMAIN 3 System Hacking Phases & Attack Techniques
  • 8. www.infosectrain.com | sales@infosectrain.com 07 05 Maintaining the Access Hackers have to maintain access to complete their tasks successfully. This can be done by using rootkits, trojans, and various other malicious files. DOMAIN 3 System Hacking Phases & Attack Techniques
  • 9. 06 Track Coverage www.infosectrain.com | sales@infosectrain.com 08 No one wants to get caught after doing a robbery. Hence, the hackers cover all their tracks so that the network/system owner will never know who attacked the network/system. A good hacker will cover or clear his tracks by changing the registry values and removing/changing/corrupting the log values. DOMAIN 3 System Hacking Phases & Attack Techniques
  • 10. Different Attacking Techniques used by a Hacker DOMAIN 3 System Hacking Phases & Attack Techniques Bait and Switch Bait and Switch is a process where a hacker buys advertising space on any website, and he posts a very interesting ad that attracts users to click on it. Once the user clicks that ad, it will immediately redirect him to a malicious page, and from there, a hacker can install bugs and malicious codes into your system. So guys, be very careful whenever you are clicking an ad. www.infosectrain.com | sales@infosectrain.com 09
  • 11. www.infosectrain.com | sales@infosectrain.com 10 Cookie Theft I think this is a dangerous attack because we save many passwords in our browsers, say our email passwords, bank accounts, or many important accounts. Once the attacker gets your cookie session, he can replicate you and conduct attacks or simply steal that information. So, make sure you regularly clear your search history and cache. DOMAIN 3 System Hacking Phases & Attack Techniques
  • 12. DOMAIN 3 System Hacking Phases & Attack Techniques Installing various trojans and malware like trojan and spyware A hacker installs various malware on a target’s computer. These trojans and spyware frequently send the data to the attacker and perform few tasks like diverting traffic and sniffing the victim’s data. www.infosectrain.com | sales@infosectrain.com 11