This article includes some skills that can be danger.
Please use it proper way!!
What it this course?
This course is held by SiSOC, the research group in the University of Tokyo. It promotes research, education and proposal if public policies in cybersecurity. This course was held from February 18th to February 20th, and two workers invited from Deloitte gave me three days classes about cyber security.
Here is a summary of the course.
Why I joined this course?
I was interested in the computer security, while I knew nothing. I thought that studying cyber security on my own was a little risky, because it can be a crime if I did something wrong. It was nice opportunity for me to study cyber security in a safe way, so I joined it.
What I learnt
Day1
- Introduction
- security trends
- What are hackers/ what is hacking
- types of attackers
- Cybercrime Law
- Vulnerability management
- What hackers are targeting/ Underground economy
- management is required
- What hackers are targeting/ Underground economy
- Vulnerability assessment
- preparation and planning
- determine approach and technique
- information gathering
- passive information gathering
- WWW
- WHOIS
- DNS
- active information gathering
- DNS
- Portscanning
- passive information gathering
- vulnerability detection
- Nessus
- vulnerability exploitation
- privilege escalation
- code execution
- denial of service
- How to repot the vulnerability
- preparation and planning
- Infrastructure hacking
- Attacks on the internal network
- SNMP
- DNS Spoofing
- ARP posoning
- MAC flooding
- Attacks on the internal network
Day2
- Application architecture
- history
- web system
- web browser
- URL
- web server
- HTTP
- Cookies and sessions
- HTML
- Practice Burp
- OWASP top 10
- SQL injection
- Broken authentication
- Sensitive data exposure
- XEE
- XSS
Day3
- CTF
- penetration test
Thanks to this opportunity, I could know the work as a cyber security white hacker. I could also the basic skills for CTF. When I have time, I will try to the CTF again.
I wrote something important also for readers below.
Something important also for readers
- Connecting to the public wi-fi can be danger
- Using the same password to the other website is dangerous
- Some websites have vulnerability, which leaks your password
- Password must be complicated one
- Easy one can easily broken with the database which is for hackers
- Don’t use the same word with ID
- Software update must be done
- Some professional hackers already wrote an exploit cord against old software.
- Every member in a group must be careful about the attack
- Privilege escalation is dangerous.
- As a constructor, consider what information we are revealing.
The tools I used
1. WHOIS
WHOIS is a query and response protocol. We can gather information about owner and contact. IP address can’t be taken from WHOIS, so use “WHOIS Gateway”, if you need it.
2. nslookup
Commonly used tools to perform DNS query.
3. Nmap
Nmap is a port scanner. It scans every port of a server and find what service is used on what number. It also gives information about the services’ version ¥, which can be vulnerability if it is out-date.
4. Nessus
Nessus is a software that can detect the vulnerability in a server. It answers the vulnerability and what type of attack can be done.
5. Metasploit
Metasploit is a software that can easily exploit a server.
6. dig
Dig is a tool used to perform DNS queries, which is more powerful than nslookup.
“dig @(IP address) (domain) (what we want to know)”.
7. Wireshark
Wireshark is a tool that is used to do sniffing which is the method to capture network data thorough a given network interface.
8. Burp Suite
Burp Suite is a tool that is used to find a vulnerability on the web.
12/5/2018