Khan - The Most Indepth Hackers Guide

- By: Dawood Khan aka, Aleri nV RT X (Volume: 1)

Book or V olume "The Most In-Depth Hackers Guide: Volume: 1 is tremendously complex to write, particularly without support of the Almighty GOD Allah. I express heartfelt credit to My Parents without them I have no existence. I am more than ever thankful to my teacher Sir. Khair Ullah for the inspiration which I got to write the book. I am also thankful to my friends and partner who facilitated me. To finish, I am thankful to you also as you are reading this book. I am sure this will book make creative and constructive role to build your life more secure and alert than ever before.

Who am I? You might have come across the term ethical hacker? The good guy? Yes, thats what exactly I like to call myself. For hacking you need to have a basic knowledge of programming. S omeone asked me, "How did you take interest in programming and hacking?" It was more like an inspiration that I got from my brother. My first ever attempt at programming was making a simple page in HTML with a big "Hello world" in it. To which of course my father smiled and said, "well done.". Then came hacking. My hacking career started back in 2009. 7 years passed and there is still so much to learn. My soul purpose of this book is not to sell it but to raise awareness of the danger we face today, and yes, to help teach people about the hackers tradition. :)

By learning you will teach, by teaching you will learn

- Latin Proverb

Copyright Notice

This report may not be copied or reproduced unless specific permissions have been personally given to you by the author Dawood Khan. Any unauthorized use, distributing, reproducing is strictly prohibited.

Liability Disclaimer

The information provided in this eBook is to be used for educational purposes only. The eBook creator is in no way responsible for any misuse of the information provided. All of the information in this eBook is meant to help the reader develop a hacker defense attitude in order to prevent the attacks discussed. In no way should you use the information to cause any kind of damage directly or indirectly. The word Hack or Hacking in this eBook should be regarded as Ethical Hack / Ethical hacking respectively. You implement the information given at your own risk.

This book is totally meant for providing information on " Computer Security , " Computer Programming and other related topics and is no way related towards the terms " CRACKING or " HACKING ( Unethical ).

Few articles (tutorials) in this book may contain the information related to " Hacking Passwords or " Hacking Email Accounts (Or Similar terms). These are not the GUIDES of Hacking . They only provide information about the legal ways of retrieving the passwords . You shall not misuse the information to gain unauthorized access. However you may try out these hacks on your own computer at your own risk. Performing hack attempts (without permission) on computers that you do not own is illegal.

Some of the tricks provided by us may no longer work due to fixture in the bugs that enabled the exploits. The author is not responsible for any direct or indirect damage caused due to the usage of the hacks provided in the book.

Contents

The Most In-depth Hacker s Guide

Chapter One: Introduction

What is a Hacker ?

Types of Hackers

What does it take to become a Hacker ?

Chapter Two: Website Hacking

Understanding SQL Injection

How to Use/ Create Dorks

Finding Columns & the Vulnerable Columns

Obtaining the SQL Version

Obtaining Tables and Columns

Understanding RFI

Advanced RFI using PHP streams

Understanding LFI

Exploiting LFI Vulnerabilities

Understanding XSS

XSS Attack

Understanding Broken Authentication and Session Management

Brute Force Attack

Session Hijacking

Understanding DNS Cache Poisoning

DNS Background

Cache poisoning without response forgery

Blind response forgery using birthday attack

Understanding Heartbleed

Heartbleed Vulnerability

The Impact of Heartbleed

Scanning Methodology

Impact on Popular Websites

Chapter Three: Remote Administration Tool

What is a RAT?

How to setup RAT

How is it being distributed?

Chapter Four: Keylogger

What is a Keylogger?

Keylogger Applications

How to setup Keylogger

Remotely installing Keylogger using Meterpreter

Chapter Five: Botnets and IRC Bots

Understanding Botnets and IRC Bots

Types of Botnets

Formation of Botnet / IRC Bots

Types of attacks

How to setup Botnet

How to setup IRC Botnet?

Chapter Six: Cryptography, Encryption, and Decryption

Understanding Cryptography

Historical Background (Cryptography)

Data Encryption and Decryption

Symmetric and Asymmetric Encryption

Secure Communications Equals Better Privacy

Cryptographic Hash Function

Files Encryption and Decryption

Term Crypter (Encryption software)

Chapter Seven: Introduction to Penetration Testing

What is Penetration test?

History (Penetration Testing)

Multiple Penetration Testing Tools

How to Conduct Penetration Testing?

Chapter Eight: Decompiling and Reverse Engineering

What is Reverse Engineering?

Reasons for Reverse Engineering.

Types of Reverse Engineering.

Software Obfuscation

What are .NET Decompilers?

Some tools for Reverse Engineering