Ethical Hacking With Python, JavaScript, and Kali Linux

 

Ethical Hacking With Python, JavaScript, and Kali Linux

What is hacking?

So, before start hacking You should know the basic terms used in hacking. Now, what is hacking? Hacking is the act of finding the possible entry points that exist in a computer system or a computer network and finally entering into them. 

Hacking generally refers to unauthorized intrusion into a computer or a network. Sometimes it is done to harm the systems or to steal sensitive information available on the computer—a person involved in hacking activities a hacker.

 Hacker finds the weaknesses in the system to gain access. Sometimes the purpose is to do pen-testing and finding vulnerabilities to make the system more secure, but sometimes hackers gain access to damage the system. A hacker is not an average person.

 Hacker always thinks outside the box. Hacker is more than just a login/logout user. Hacker still thinks critically. How the system works, which ports are open. 

Types of hackers and what they do?

Hacking is not always illegal, and all hackers are not criminals. As there are a lot of companies that pay millions of dollars to ethical hackers to find vulnerabilities in their system and secure them. so,

now let's move to types of hackers Well-known kinds of hackers are White Hat Hackers Black Hat Hackers and Grey Hat Hackers I will briefly explain who are they and what they do.

White hat hackers or ethical hackers?

 Let's talk about White hat hackers. A white-hat hacker is a computer security specialist who breaks into protected systems and networks to test and assess their security. White hat hackers use their skills to improve safety by exposing vulnerabilities before malicious hackers can detect and exploit them.

 Although the methods used by both are the same, the difference is white-hat hacker has permission to employ them against organization;

who are black hat hackers and what they do?

 however, black hat hackers do not use them officially. Or with the permission of the owner's Black Hat Hackers The term "black hat hacker" is derived from old Western movies, in which the good guys wore white hats and the bad guys wore black hats.

A black hat hacker is a person who attempts to find computer security weaknesses and vulnerabilities and exploit them for personal financial gain or other malicious reasons. This differs them from white hat hackers.

 Black hat hackers can inflict significant damage on individual computer users as well as large organizations by stealing personal financial information, compromising the security of substantial systems, or shutting down or altering the function of websites and networks.

who are grey hat hackers and what they do?

Grey Hat Hackers, Gray Hat Hackers act according to situations white or black hat hackers.

The Gray hat hackers do not act with malicious intent, but they do it for their fun, they exploit a security weakness in a computer system or network without the owner's permission. Their purpose is to bring the defect to the attention of the owners not using the fault or the vulnerability of the system for their gain, and then they get appreciation in terms of some reward from the owners.

who are those red hat hackers and what they do?

 Red hat hackers are again a blend of both black hat and white hat hackers. They usually on the level of hacking government agencies, top-secret information hubs. And generally, anything that falls under the category of sensitive information.

who are those blue hat hackers and what they do?

Blue Hat Hackers A blue hat hacker is someone who is used to bug-test a system before its launch.

They look for loopholes that can be exploited and try to close these gaps. Microsoft also uses the term "Blue Hat" to represent a series of security briefing events.

script kiddie what doe that mean and what they do?

Script kiddie, A script kiddie is a non-expert who breaks into computer systems by using pre-packaged automated tools written by others. They have nothing to do with the tool's code, or how commands in the devices are working. They download the tools and use them.

who are neophyte and what they can do?

Neophyte A neophyte is someone who is new to hacking or phreaking and has almost no knowledge or experience of the workings of technology and hacking.

hacktivists who are they? what they do?

Last but not least Hacktivist A hacktivist is a hacker who utilizes technology to announce a social, 

ideological, religious, or political message. In general, most hacktivism involves website defacement or denial-of-service attacks. I hope you have now understood all types of hackers and in which category you fall till now.

how can you use javascript in hacking ??

javascript

language sound simple thing in your mind but probably you never tested how powerful javascript can be. what is it you think of javascript? yes I know it makes the site interactive and dynamic but did you ever think javascript can be used hacking?

let's see the popular hacking methods that you can use javascript as the tool itself.

cross-site scripting [xss]

 I'm gonna show you the most popular way to hack a website where you can steal private information, hijack accounts, take over web pages, and other illegal things to get you thrown in jail!!

 HOLD ON! This isn't for illegal activity, it's for educational purposes only. Notice, the lights are on, I'm not wearing a hoodie and I don't even have a Matrix-themed terminal. So there's NO crime goin' on here. You have to promise me you'll use this information for GOOD and not EVIL.

So when you're ready, this is the recipe for the basics of Cross-Site Scripting. Hello, world! Cross-Site Scripting, or XSS, is a security vulnerability in web applications That allows evil hackers to inject their own code inside a web page.

 Yep. That's bad. With the power of scripting, cybercriminals can use your web applications to steal passwords, install malware, or WORSE... The first step in Cross-Site Scripting is to inject a script element into a web page.

Now, web pages are built using HTML, which uses tags to create elements. Yep. There are a lot of 'em. Let's get started. You can see that when you type something in a input section like a search bar or any and click the UPDATE/enter button, it gets rendered on the page. So if you add more HTML, what do you think would happen? 

Open an HTML tag using less-than and greater-than characters surrounding an element name, like p for the paragraph, Then add some content, and then add a closing tag after that – which is just the same as an opening tag only there's a slash in front of the element name. Then click the  UPDATE/ENTER  button. You see that instead of writing text, you actually changed the HTML of the web page by adding a new paragraph element.

example of using javascript in an XSS attack

While simple, this is very, very powerful, because JavaScript controls the web page. And if you can inject a  script element instead, you now control exactly what happens in the browser. And THIS is how XSS works.

So go ahead and inject script tags this time. Start with your opening script tag, followed by your closing script tag. Now for the content that goes inside... This, my friends, is where we enter the f-[bleep]-d up the world of JavaScript.

The WONDERFUL world of JavaScript! Javascript can be...confusing at times. But what it does well, it does EXCEPTIONALLY well like letting you hack websites or... making them more INTERACTIVE. Performing actions in JavaScript is like any other programming language where you just call functions. You can do this by typing the name followed by a parenthesis. 

And anything that goes inside the parenthesis gets passed as data, or arguments, that the function can use. AND like other programming languages, you can set values using an equals sign.

 Right now, try calling the alert function within your script tags. So type in alert followed by parenthesis then click the UPDATE/ENTER button and watch your script execute. Because you see this alert pop up it means your script was injected into the page successfully and ran due to an XSS vulnerability.

While you're at it, get some practice with arguments as well. So type in the number 1 to the alert function. Click the UPDATE button and you'll see it alert 1. Or pass in text surrounded by either single or double quotes to make a  string, 

and you can alert something you really love. I'm going to alert "you have been hacked". Because I love it.

I'm always thinking about – WAIT for A SECOND!... Alerting is the most common function used by both cybercriminals and security researchers alike to find vulnerabilities in websites. Now keep in mind that the alert functions just a placeholder showing that a script can be injected.

the idea of exploitations

 And once a vulnerability is found an attacker can easily replace this with a malicious exploit that causes much more damage. Consider something simple: instead of alerting in our example, let's just destroy the whole web page by removing all the HTML. In JavaScript,

document.documentElement.innerHTMLcontains all the HTML of the web page, so just change it by setting it equal to an empty string. In our example, if we type that in: Click the UPDATE button and... it's gone. I'm gonna show you more about how cybercriminals can exploit websites in the course, 

but if you're just testing for vulnerabilities, an alert is really all you need most of the time. So from here, what you really need is just to be creative and explore so you can find more vulnerabilities. Say you need to type in something in a website, such as a username or a status update,

there's always a chance that it could contain an XSS vulnerability, so it's worth a shot. Of course, websites do have protections against XSS, some of them even built directly into the frameworks on which they're built.

But despite this, and despite the frameworks being around for several years, the number of XSS vulnerabilities is still rising like crazy! And that's because writing secure, resilient code can be quite tricky at times.

And even with automatic protection, you can still screw things up pretty badly. Trust me. I've done it more than once. And I'll do it again, I promise! But that's the point of having defense-in-depth, which I will teach you as we go along in this course. But mistakes happen, so let's look on the bright side: at least there are plenty of vulnerabilities to find and fix before cybercriminals can command hack your application. Wait, that's not comforting at all... But that's all the time I have for now. Goodbye, friends. 

the course will cover full Python and Linux how to use them in hacking

get the full course for full

file type: RAR contains: 12th parts

each part: 1GB

total: 12GB

course type: videos

OS used: Linux

and so on

how to download and ma ke it in arranged

1st create a folder give any name then put all those 12 parts it will extract all in at once

so that all and bookmark this page if you can't download 12 GB at once

Preview Of The Course

preview link: google drive

1st pa

2nd part

3rd part

4th part

6th part

7th part

8th part

9th part

10th part 

11th part

12th part

Tags: the complete ethical hacking course: beginner to advanced free course sites, the complete ethical hacking course: beginner to advanced free with the certificate, the complete ethical hacking course: beginner to advanced free coupon, the complete ethical hacking course: beginner to advanced google drive, learn ethical hacking from scratch, the complete ethical hacking course: beginner to advanced