DAY 1 --- Core Baics and Security basics
Intro to Cyber Security):
“Cyber security is the protection of digital systems, networks, and data from cyber threats and unauthorized access.”
CIA Triads (Pillars of Cyber Security)
There 3 to 5 pillars of cyber security:
1.Confidentiality :
It refers that only authorized person can access the system. Its done by : “Two step verification” and authentication.
2.Integrity :
Integrity means the trust-worthiness of data. Means that the only authorized person can update, delete and modify the system data.
Its done by checksum ( a mathematical number that ensure the integrity of data).
3.Availability :
It ensure that the system or data is available at the time of needs. Attack can be DDOS, and malware.
4.Authenticity :
Authenticity is the process of authentication.Its ensure the authentication of the users. That the user is authentic.
Done by biometric verification and smart cards.
5.Non-Repudiation :
Means that the sender and reciever of the information can’t denny later by sending and receiving the data and info.
TTP’S(Tactics, Techniques and Procedures)
Tactics: Means the strategy adopted by the hacker to perform attack.
Techniques: Means that the method used by an attacker to takeover the system.
Procedure: The systematic approach used by an attacker to fulfill attack and acheive the goal.
Vulnerability
It refers to the security weakness and loopholes in a system that cause a damaging the system and gateway for attacker to compromise the system.
Because of hardware and software misconfiguration and due to poor programming.
Classification of Attacks
There are 5 classes of attacks:
Active Attack : In this class of attack the directly involve with the target user or system to gather information or performing an attack.And Temper the data: e.g. MITM Attack, SQL Ijection, DDOS Attack...
Passive Attack : In passive attack the attacker dom’t temper the data or don’t involve directly with the target. for example attacks can be : OSINT Framework, Paid Services, and much more of these types.
Close-in-Attack : It describe that this type of attack can be performed when the attacker physically closed with the system. for example: social engineering, dumpster diving, and evasdropping attack.
Distribution Attack : This type of attack performed during the hardware and software development process.
Insider Attack : This type of attack can be performed when the attacker have the priveledge rights. For Example: backdoor, keylogger, malware.
In the cybersecurity world, a hacker is simply someone who uses technical skills to overcome a problem or bypass a limit. While the media often portrays them as "criminals," the community defines them by their intent and legality.
We usually categorize hackers by "hats"—a system derived from old Western movies where the color of the hat told you who the hero or villain was.
The Core Hacker Types
- White Hat (The Ethical Hacker) These are the "good guys." They have explicit permission to break into systems to find vulnerabilities before the bad guys do. Goal: To improve security and protect data. Method: Pentesting (Penetration Testing), bug bounties, and security audits. Legality: 100% Legal.
- Black Hat (The Cybercriminal) These are the hackers who break into systems for personal gain, malice, or to cause damage. Goal: Financial theft, data breaches, or corporate espionage. Method: Malware, ransomware, and phishing. Legality: Illegal.
- Grey Hat (The "Freelancer") These hackers fall in the middle. They might break into a system without permission to find a bug, but they don't do it to steal. They might report the bug to the company later—sometimes asking for a fee. Goal: Curiosity or a desire to "fix" things (unsolicited). Method: Unauthorized access but usually without malicious intent. Legality: Technically illegal (no permission), but morally ambiguous. Type Motivation Description Script Kiddie Attention / Thrills Non-technical people who use pre-made tools and scripts (like those found on GitHub) without understanding how they work. Hacktivist Social/Political Change Hackers who target organizations or governments to make a political statement (e.g., Anonymous). State-Sponsored National Security Highly skilled groups funded by governments to perform espionage or sabotage against other nations. Red Teamer Security Testing A specialized White Hat who acts as an "adversary" to test how well a company's defense team (Blue Team) responds. Suicide Hacker Destruction Hackers who carry out an attack knowing they will be caught, often for a "cause" or high-profile disruption.
Use A.I in Hacking
The "Perfect Impersonator" (Social Engineering)
Old way: A hacker sends 10,000 emails saying "Click here for a prize." Most people ignore them because the grammar is bad or it looks fake. AI way: AI studies your LinkedIn, your boss’s writing style, and your company’s internal projects. It sends one perfect email that looks exactly like it came from your boss, talking about a project you are actually working on. It can even clone your boss's voice for a quick phone call.
The "Master Key Maker" (Vulnerability Finding)
Old way: A hacker spends weeks reading thousands of lines of code, looking for one tiny mistake (a "hole" in the fence). AI way: You feed the code into an AI. In seconds, the AI says, "I found 5 holes, and here is the exact key to open them." It turns a "weeks-long" job into a "seconds-long" job.
The "Chameleon" (Malware)
Old way: A virus has a specific "fingerprint." Once an antivirus program learns that fingerprint, the virus is blocked everywhere. AI way: Every time the virus moves to a new computer, the AI rewrites the code. The "fingerprint" changes every time. The antivirus looks for the old fingerprint, but the virus now looks like a completely different, "safe" file.
Cyber Kill Chain Methodology
The Cyber Kill Chain Methodology is Intellignce driven used to identify and prevent the malicious activities.
There are 7 to 8 steps involved in it:
Reconnaissance
Weaponization
Delivery
Exploitation
Installation
Commands and Control
Action on Objectives
MITRE ATT&CK Framework
Its a knowledge base that is used for the development of threat model for an attack. Used in every sector like government and public sector.
It used steps like cyber killl chain to identify the attack and also used TTP’S.
Explain how, why, and what the exact method used by an attacker to perform an attack.
Encryption
Encryption is about converting the readable text into the cipher text. Means that encrypting using key that only authorized person access it.
Types of Encryption
Type How it Works Analogy Common Use
Symmetric Uses the same key for both encrypting and decrypting. A physical safe where you and your friend both have a copy of the same key. Hard drive encryption (BitLocker, FileVault).
Asymmetric Uses a pair of keys: a "Public Key" (to lock) and a "Private Key" (to unlock). A mailbox where anyone can drop mail in (Public), but only you have the key to open it (Private). HTTPS (browsing the web), Digital Signatures.
Top comments (0)