發表文章

CEH Practical Notes

Module 03: Scanning Networks Lab1-Task1: Host discovery Lab2-Task3: Port and Service Discovery Lab3-Task2: OS Discovery Module 04: Enumeration Module 13: Hacking Web Servers Lab2-Task1: Crack FTP Credentials using a Dictionary Attack Module 14: Hacking Web Applications Lab2-Task1: Perform a Brute-force Attack using Burp Suite

CEH v11 筆記-

 5 Phases of Hacking Reconnaissance:被動資料收集 Scanning:掃描目標,了解目標主機配置狀態與弱點對應 Gaining Access:獲得權限 Maintaining Access:維持存取權限(如後門或木馬) Clearing Tracks:破壞足跡的完整性,並把自己藏在正常行為中 Cyber Kill Chain 網路攻擊鏈 https://infosecdecompress.com/posts/ep42_cyber_kill_chain 偵查 (Reconnaissance): 武裝 (Weaponization): 遞送 (Delivery): 開發 (Exploitation): 安裝 (Installation): 發令與控制 (Command and Control,簡稱C2): 採取行動 (Actions on Objectives): 釣魚(Phishing)分類: 釣魚(Phishing) 常見的釣魚郵件一般以無特定目標廣撒式發送,採「願者上鉤」的方式釣取受害人; 魚叉式網路釣魚(Spear Phishing) 不廣撒,僅針對特定人員、公司、組織的發送,目標為釣取特定人員機敏資料或於其電腦植入木馬,此行為被稱為魚叉式網路釣魚(Spear Phishing); 鯨釣(Whaling) 更進一步,較魚叉式網路釣魚更具針對性的鯨釣(Whaling),則是直接瞄準大型公司、重要人物發送特定釣魚郵件的攻擊。

CEH v11 筆記---法規

  SOX(會計方面) Widespread fraud at Enron, WorldCom, and Tyco led to the creation of a law that was designed to improve the accuracy and accountability of corporate disclosures. It covers accounting firms and third parties that provide financial services to some organizations and came into effect in 2002. This law is known by what acronym? PCI-DSS  (信用卡方面) https://en.wikipedia.org/wiki/Payment_Card_Industry_Data_Security_Standard The Payment Card Industry Data Security Standard (PCI DSS) is an information security standard for organizations that handle branded credit cards from the major card schemes. HIPAA  (醫療方面) Which of the following requires establishing national standards for electronic health care transactions and national identifiers for providers, health insurance plans, and employers?

CEH v11 筆記 --TCP/UDP埠列表

  TCP/UDP埠列表 53/TCP,UDP DNS(域名服務系統) 123/UDP NTP(Network Time Protocol) - 用於時間同步 137/TCP,UDP NetBIOS NetBIOS 名稱服務 官方 138/TCP,UDP NetBIOS NetBIOS 資料報服務 官方 139/TCP,UDP NetBIOS NetBIOS 對談服務 161/TCP,UDP 簡單網路管理協定(SNMP) 389/TCP,UDP 輕型目錄存取協定 LDAP 636/TCP,UDP LDAP over TLS(加密傳輸,也被稱為LDAPS) 445/TCP,UDP Microsoft-DS 伺服器訊息區塊(SMB)檔案分享 515/TCP Line Printer Daemon protocol - 用於 LPD 印表機伺服器 631/TCP,UDP 網際網路列印協定 The Internet Printing Protocol (IPP)  9100/tcp Jetdirect HP Print Services

Certified Ethical Hacker Practical For NOTE

My experience on CEH v11 Practical Exam By Gustav Shen https://gustavshen.medium.com/my-experience-on-ceh-v11-practical-exam-cbf50ec2c260

[筆記]糖尿糖

  糖尿病的定義,以下條件,任何條件重覆兩次或任何兩個條件滿足 空腹血糖大於126 糖化血色素大於6.5% 口服葡萄糖耐受性測試2小時大於200 任何時間點的機血糖大於200,且吃多喝多尿多,體重減輕。 參考資料: https://www.youtube.com/watch?v=icPCZiqo19I

[筆記]brave瀏覽器

圖片
 https://brave.com/zh/faq/#distribution 為您發佈到網絡的內容賺取更多收入 https://publishers.basicattentiontoken.org/ Your own website YouTube Your own publication Twitch