Woah.
This past week has been crazy!
I managed to get through a module a day these being, Scanning and Networks, Enumeration, Vulnerability Analysis, System Hacking, Malware Threats, Sniffing, and Social Engineering.
I have also figured out how I will be planning my time studying and what/ when I will be releasing posts. I have decided to keep at 1 module a day until the 14th of June when I finish the last module.
I will be making a post every Sunday/Monday and once I have completed all modules I will be doing a more in depth guide into each module as well as providing some study materials I have used such as flashcards or mind maps.
This week my favorite module so far is definitely Social Engineering, I love learning all of the ways you can gain crucial information by having normal conversations or just by browsing others’ social media. But it was very packed full of new and interesting information, such as designing and deploying my own forms of malware and viruses.
Scanning and Networks:
What I learned: What banner grabbing is and how to perform both types (Active and Passive) using tools such as Wireshark.
What I found interesting: Learning about proxy’s and proxy chaining was really interesting as while I have used many VPN’s of the years I never fully understood the reasons and how a proxy worked.
What I will need to come back to: The process of evading an IDS or a firewall as the content is pretty straight forward, it just involves alot of steps a require more and more work depending on the security level of the target system.
Enumeration:
What I learned: Nmap can basically do everything especially when using its nbstat NSE script to obtain MAC addresses and NetBios names.
What I found interesting: The importance of having an accurate NTP as well as keeping it secure due to the data it can provide an attacker.
What I will need to come back to: I will 100% have to revisit the services and what ports and OS’s each run under.
Vulnerability Analysis:
What I learned: I have learnt the numerous components of a vulnerability assessment report, while it is not the most interesting part about being an Ethical Hacker it is definitely one of the most important parts.
What I found interesting: I really enjoyed poking my head around each of the numerous vulnerability scoring systems and databases and just reading up upon some critical level vulnerabilities.
What I will need to come back to: I learned of the 9 step pre assessment phase but will have to come back to fully understand and be able to correctly order the 9 step.
System Hacking:
What I learned: I learned how to perform my own buffer overflow attacks utilising Vulnserver through Immunity Debugger.
What I found interesting: I have always liked the idea of Steganography and I really found it interesting finding out how to class different types of Steganography and perform it myself.
What I will need to come back to: I will have to come back to the clearing logs section of the module and be able to complete different types of log clearing without using applications.
Malware Threats:
What I learned: From this module I now understand how to how to propagate and deploy a trojan onto a target machine.
What I found interesting: I will always find it intriguing how a virus or piece of malware is created and with the labs attacked to this module I was able to create Trojans with njRAT.
What I will need to come back to: I will have to be able to fully remember the 10 step process to static malware analysis as it will be a critical part of being a Ethical Hacker.
Sniffing:
What I learned: I learned the ins and outs of a rouge DHCP attack and how the difference between a successful and unsuccessful one comes down to the speed of the response to a DHCP discovery request
What I found interesting: I really enjoyed performing a DHCP starvation attack on a system using Yersinia
What I will need to come back to: I will need to spend some good time in Wireshark understanding what each attack and form of poisoning looks like
Social Engineering:
What I learned: I found out their are numerous categories of insider threats and that over 50% of them are accidental or caused by negligence.
What I found interesting: I like the idea of computer based social engineering and how you are able to utilise seemingly worthless information to be able to build a report/idea on how a company operates.
What I will need to come back to: I will have to take some time to fully understand mobile based social engineering and grasp how malicious apps are used and created for social engineering.
Fina1lly at the end of my week 1 recap. This certification is quite content heavy but alot of it is enjoyable making it easy to study for longer durations of time and making it easier to absorb all of the information.
I you have any questions or any feedback feel free to comment or leave a message on the homepage as that will send directly to me!
Thanks for reading!
