Hacking: the gaining of access to data/resources in a system/computer
unauthorized
Common Hacker Archetypes
Choose Your Class
Black Hat
Motive: financial gain
Ethics: lawless
The archetype most associated with the term "hacker", they are malicious actors with the intent to steal financial data or other types of confidential information.
Will usually sell this information illegally on dark web marketplaces, or use it to directly extort their victim.
Grey Hat
Motive: fun, curiosity, reputation
Ethics: None
The middle area between black and white,
grey hats are not typically concerned with
harming nor helping anyone.
For grey hats, hacking is just a problem
solving activity/game.
They are a common type of hacker found in online communities.
Blue Hat
Motive:revenge
Ethics: eye for an eye
Blue hats often just employ pre-existing
malware/scripts to launch attacks for
personal reasons.
They may direct their attack to someone
they dislike, or someone they believed has
wronged them in some way.
For blue hats, hacking is merely a tool
for vengeance.
Script
Kiddie
Motive:to troll and cause inconvenience
Ethics: juvenile
Amateurs in a technical sense, script kiddies usually just run pre-existing tools and scripts in order to launch basic attacks.
Regularly use Denial of Service attacks
(see below).
The term is also used as an insult by
veteran hackers to criticize hackers who
don't write their own exploits, or have a shallow technical understanding of computers/networks.
State
Sponsored
Motive: warfare, national interest
Ethics: patriotic
Recruited and deployed by a nation-state
in order to use hacking for reasons
of national interest.
They take part in espionage, with the goal
of obtaining secret information or
confidential records of another nation.
Militaries and government organizations will recruit especially talented individuals for these roles, even from a young age. Wars are increasingly being fought on a cyber front.
White Hat
Motive: assist organizations against cyberthreats
Ethics: lawful
​
Opposite of the black hats, white hats
help implement security protocols and
identify vulnerabilities to help businesses
and other organizations.
​
Can be referred to as good/ethical hackers.
​
This role is becoming more in demand as
cyberthreats against organizations increase.
​
​
Red Hat
Motive:to serve vigilante justice
Ethics: utilitarian (whatever it takes)
Red hats actively hunt black hats, and
essentially, hack the hacker.
Rather than reporting the black hat's
identity to authorities, red hats believe
in "giving them a taste of their own medicine".
Often use ethically questionable methods, as they employ the same tactics as black hats.
Green Hat
Motive:to learn
Ethics: undetermined
A newbie in the hacking world, green hats
hang out in hacker chat rooms, forums,
and other online communities to learn
more about hacking and how other hackers
work.
Will usually eventually mature into another category of hacker.
Hacktivist
Motive:to bring attention to a social cause
Ethics: situational
A hacker-activist, they use hacking to raise awareness. Usually do this by attacking
a government/organization site or server
in order to make a point.
They may deface the site, or reveal confidential information to the public.
Sometimes collaborate with other individuals,
forming hacker groups, each with a unique philosophy or "modus operandi".
If their tactics are especially brutal, they can be labelled by others as cyber-terrorists
Cyber
Terrorist
Motive: to create social disruption/fear
Ethics: radical
May be politically motivated, these agents use
hacking as a way to further their interests.
Often mixed in with hacktivists, though cyberterrorists usually have different objectives.
Rather than just bringing attention to a social cause, they wish to cause harm and intimidate.
These individuals don't care if their actions lead to the physical harm of other people.
A highly dangerous and radical type of hacker.
Hover me
Player 1
Hover to see
descriptions
Vulnerabilities, Exploits, and Payloads
A Deadly Combo
Hover me
Vulnerability
1. A vulnerability is...
A software bug (error in programming), that can be taken advantage of by a hacker.
Used to achieve unintended (often malicious) behaviours/results.
To a hacker, this is an opening
for a cyberattack.
Ex: Not wearing a helmet, is a vulnerability in combat.
Analyzing weaknesses...
A payload is... what the action the hacker wants to take, after exploiting the vulnerability
Cover yourself, he's aiming!
Exploit
2. An exploit is...
​
A written piece of code that takes advantage of the vulnerability in order to achieve the hacker's intended results.
Ex: The archer shooting his arrow at the knight without a helmet, would be exploiting a vulnerability/opening.
This is the action the hacker takes when they see an opening.
Watch Out!
Payload
~
~
~
I don't feel so good
Ex: like the poison coating an arrow, the payload is what is injected once the vulnerability is exploited
3. A payload is...
What action the hacker wants to take, after exploiting the vulnerability.
Usually is some type of malicious code to be injected into a network/system.
You FOOL I told you to wear a helmet!
Common Toolkit:
Required Skills
Hover me
Basic - Fundamental
Computer
cat computer.txt
Basic Computer Skills are required to become a hacker. These Include: being able to use the command prompt, navigating directories, understanding the common types of files/programs that exist, understanding administrator privileges, being aware of software updates in commonly used programs and operating systems. One that is often overlooked, but important is the ability to use internet search engines to research topics. Hackers must stay up-to-date as new tech developments release over time.
curious.user@hackattackclub:
Wireless
cat wireless.txt
To hack wireless tech, a hacker must have the preliminary knowledge to understand how these systems work. Wireless networks are common in our modern world, but they have security threats.
A skilled hacker may be able to sniff the network using a packet analyzer (sniffer) without being in the same location as the network. Wireless networks utilize radio waves, which a sniffer tools can analyze from a nearby location.
curious.user@hackattackclub:
Linux OS
cat penguin.txt
Linux is essential for hackers as most web servers run on the Linux operating system. Thus, if the hacker can gain access to this server, they would be able to check for vulnerabilities to exploit.
Hackers also use Linux because of the many advantages the system offers: i) Linux is open-source, so the source code can be manipulated/tweaked to the hacker’s liking.
ii) Linux also offers granular control by allowing the hacker to easily program certain aspects of the operating system using scripting languages such as BASH or Python.
curious.user@hackattackclub:
Networking
cat networks.txt
All good hackers know Networking as it is the most fundamental skill necessary for hacking. The key is to understand the different types of networks (DHCP, NAT, Subnetting). This allows hackers to explore interconnected computers in a network and determine potential exploits. After all, most computers are connected to networks to allow the transfer of data between multiple machines. The point where data is transferred is often the opportunity a hacker needs to break into a machine/system.
curious.user@hackattackclub:
Using Tools
cat toolbox.txt
Many beginners cannot write their own exploits, so the usage of well known pre-made scripts & software is crucial at this stage.
Two common tools include NMAP and Metasploit.
NMAP (Network Mapper) is an open source tool used for network discovering & security auditing.
Metasploit is a well-known and powerful tool used to generate/run exploits. Metasploit can be used with a command prompt or with the Web UI to penetrate small networks. Its capabilities include checking for vulnerabilities, discovering networks, importing scan data and running individual exploits on hosts.
curious.user@hackattackclub:
cat SQL.txt
Databases
Since organizations will typically store their data using some type of DataBase Management System (DBMS), many hacks are targeted towards databases.
A common type is SQL Injection (see below).
To understand databases, a hacker should have a solid foundation in SQL (Structured Query Language). This is a common language used for managing data in relational databases. Commonly used Database Management Systems that run on SQL include (MySQL, SQL Server, MS Access).
curious.user@hackattackclub:
.png)
curious.user@hackattackclub:
Intermediate - Advanced
cat crypto.txt
Encryption methods convert plain-text data into encoded messages using an algorithm (cipher) & key (a password/input). This can conceal a system's flaws, since a hacker must revert the data back into a readable format to properly analyze it.
Thus, hackers will use various encryption-cracking tools such as...
i) Traffic Injectors: can insert a hacker's encrypted messages into a network, allowing them to obtain both encrypted & plaintext messages. Then, the hacker can figure out the meaning of the message(s) by comparing the two forms (via the tool).
ii) Decrypting Tools: one tool will gather packets (units of network-carried data), which are then inputted into an analyzer tool (uses algorithm) to decrypt the packet.
iii) Brute Force Attack tools: gather data packets & attempt to crack the encryption code by using many keys stored within the data packets. The software in brute force attack tools will attempt to decrypt the packets key by key until the right one is found.
curious.user@hackattackclub:
Cryptography
cat stick2script.txt
To graduate from "script kiddie" to a legit hacker, one must begin to develop their own exploits and possibly even payloads.
Scripting is when a code is injected by the hacker which allows them to execute malicious JavaScript in someone else’s browser. In this type of hacking, the victim is not directly targeted, but instead exploits a vulnerability in the website that the victim is visiting. By exploiting this vulnerability, the hacker is able deliver the malicious JavaScript to the victim in a form that would seem normal to the victim. These attacks can help the hacker gather data from account hijacking, changing of user settings, cookie theft and creating DoS attacks (see below for definition).
curious.user@hackattackclub:
Scripting/
Programming
cat sherlock.txt
Digital forensics is when an individual such as a hacker or a digital investigator determines the who, what, where, how and when of what took place in the digital system. Every individual leaves behind digital footprints, and that is what hackers or digital investigators look for.
Digital forensic investigations are part of nearly every criminal investigations in the modern world as a vast majority of digital perpetrators leave behind a digital “signature”.
curious.user@hackattackclub:
Forensics
cat gnireenignE.txt
Reverse Engineering is used by hackers to incorporate new features into existing software, even when the source code is unknown. Reverse engineering requires a few tools such as:
i) Disassemblers: dissect binary codes into assembly codes and help convert the language into a user-friendly format.
ii) Debuggers: set breakpoints & edit assembly code at run-time.
iii) Hex Editors: allow the hacker to view and edit the binary according to the software requirements, making it possible to manipulate the binary data that makes up the computer file.
iv) PE and Resource Viewers: allow the hacker to view and edit the resources in the EXE file. PE explorer helps the hacker translate applications which do not have source codes.
curious.user@hackattackclub:
Reverse
Engineering
cat misc.txt
In the world of hacking, technical skills are not everything. A good hacker must be able to problem solve, think creatively, conduct research independently, and most importantly, be persistent.
While hackers spend time manipulating machines, it is just as equally important to understand how humans can be manipulated. Most would benefit from knowledge regarding Human Psychology in order to gain better understanding of how Social Engineering (see below for definition) works.
curious.user@hackattackclub:
Misc/
Intangibles
PH15H1NG
Occurs when an attacker sends a fraudulent message,
often in the form of an e-mail.
​
Used to deceive an individual into revealing personal information (fake login screens/forms) or redirects to a page that installs malicious software.
​
​
EXPLOITS: Shortened URLs, Uses Urgency
Business Operations,
DEFENCE: Email Filters, User Training
!
5OC1AL ENG1N33R1NG
Psychological manipulation of an individual in order to initiate an action or to reveal personal information.
​
Often an element of several types of attacks
EXPLOITS: Human Psychology/Biases
DEFENCE: Education and Protocols
SQL INJECTION
A code-injection technique - used to attack web applications.
Inserts SQL code (Structured Query Language - a language used to design/manage data in various relational database management systems) from the client side to the server side.
​
Can potentially allow a hacker to:
-
read sensitive/confidential data (ex: user information)
-
modify database entries (ex: direct deposit information)
-
execute admin operations on the database (ex: shut it down)
EXPLOITS: Sites Using SQL-Based Database Systems
DEFENCE: Parameterized Statements,
Keeping Web App Software Updated,
Using Least-Privilege Principles
MALWARE INJECTING DEVICES
The use of hardware to infect malware onto a computer.
Infected USB sticks can allow hackers access into your machine.
​
Sometimes malicious actors will leave these devices hanging around computers, hoping that human curiosity will finish the job.
EXPLOITS: Unprotected Computers, Human Curiousity
DEFENCE: USB Anti-Virus, Awareness
D3N1AL 0F SERV1CE (DOS)
/DISTRIBUTED D3NIAL 0F SERVICE (DDOS)
The bombardment of a server with large amounts traffic.
Effectively giving the server more requests than can be handled, causing it to crash.
​
Used to take down websites
(often businesses/government/organizations).
​
DDOS operates in the same fashion but employs the use of a
botnet: "a network/group of computers, infected by malware and under the control of a single owner (attacker)"
​
EXPLOITS: Poorly Managed Servers
DEFENCE: DOS Protection Softwares, Firewall
KEYL0GGING
Keylogging is when malicious software called spyware is used to record your keystrokes, keeping track of the usernames and passwords a user enters.
​
​
EXPLOITS: Same as phishing and social engineering
DEFENCE: Malware Scanner that detects KeyLoggers
BRUTE FORCE
Attacker submits many passwords in the attempt to guess one correctly. Uses Trial and Error.
​
Often done using an algorithm. When the attacker refers to a commonly used password database, it is called a dictionary attack.
​
EXPLOITS: Common/Easy-to guess passcodes
******************
DEFENCE: Unique, strong passphrases
MALWARE - VIRUSES & WORMS
Viruses are the most well-known type of malware.
​
A malicious code that spreads from device to device.
Intended to damage a host computer or steal its data.
Must be triggered by the victim/host
​
Worms are similar but require no initiation from the host.
​
EXPLOITS: Same as phishing and social engineering
DEFENCE: Anti-virus software, cyber-vigilance
Hello Friend
BAIT AND SWITCH
The use of advertisements to redirect users to malicious sites.
Upon visiting the site the attacker can attempt to install malware.
​
Uses eye-catching/interesting advertisements to entice the user.
​
EXPLOITS: Trusted Platforms (ad spaces)
DEFENCE: AD-Blockers, inspecting links
FAKE WEBSITES
The use of cloned websites designed to look very similar to sites that host well-known software. When the user attempts to download the software, they are actually downloading malware.
​
Uses deceptive website layouts and URLs to trick the user. Has also been used in tandem with BAIT AND SWITCH.
​
EXPLOITS: The user's trust in a particular product
DEFENCE: Vigilance, anti-virus software
_gif.gif){kind=small}
