Scribd
Upload
125 views13 pages

3.ethical Hacking Part Lanjutan

This document outlines the steps of an ethical hacking penetration test, which includes: 1. Setting up a hacking lab with VirtualBox, Kali Linux, and Metasploitable. 2. Learning basic Linux commands and file/directory management. 3. The five steps of penetration testing: reconnaissance, scanning, vulnerability analysis, exploitation, and post-exploitation. 4. Additional topics like web hacking, man-in-the-middle attacks, wireless hacking, password cracking, and Android hacking.

Uploaded by

yyelia lia
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
125 views13 pages

3.ethical Hacking Part Lanjutan

This document outlines the steps of an ethical hacking penetration test, which includes: 1. Setting up a hacking lab with VirtualBox, Kali Linux, and Metasploitable. 2. Learning basic Linux commands and file/directory management. 3. The five steps of penetration testing: reconnaissance, scanning, vulnerability analysis, exploitation, and post-exploitation. 4. Additional topics like web hacking, man-in-the-middle attacks, wireless hacking, password cracking, and Android hacking.

Uploaded by

yyelia lia
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 13

ETHICAL

HACKING
Tahap-tahap PenTest
Presentation title 2

SETTING HACKING LAB


1. Install Virtual Box
2. Install Virtual Machine
3. Kali Linux
4. Metasploitable
5. Network Setting
Presentation title 3

DASAR-DASAR
LINUX
• System navigation
• File & Dir Management
• File System
• Sudo Privilege
TAHAP-TAHAP
PENTESTING
1. Reconnaissane (Inormation Gathering)
• Mengidentiikasikan IP address, physical
address, email address, username dll.
• Tool: Whois, Whatsweb, theHarvester,
Hunter.io, Sherlock
• Membuat tool sendiri di Phyton
2. Scanning (information gathering-private)
• TCP & UDP
• Port Scanning
• Port Service Version Scanning
• Operating System Scanning
• Firewall/IDS
• Bypassing firewalls
- Decoys & packet fragmentation
- Security evasion
• Tools: Netdiscover, Nmap
• Membuat tools port scanner sendiri dengan phyton
3. Vulnerability Analysis
• Menganalisa dari sebuah system
• Tools:
- Nmaps Scripts
- Searchsploit
- Nessus
- dll
4. Exploitation (Target System)
• Pengenalan Reverse Shell dan bind shell
- Telnet Exploit
- Samba Exploitation
- Vstpd 2.3.4 Exploitation
- SSH – Bruteforce Attack
- Eternal Blue Attack
- Double Pulsar Attack
- BlueKeep Attack
- Routersploit
• Tools: Metasploit framework
5. Post Exploitation
• Msvenom: membuat payload, virus, trojan
• Mendalami meterpreter
- Windows control dengan privilege penuh
- Membuat keylogger (apasaja yg diketik oleh user bisa
di simpan)
- Mengambil screenshot
- Menjalankan screen recorder
- Mengakses kamera
- Mengakses Audio
- Menginstall program
- Menghapus Program
- Membuat,Menghapus, Mengupload, mendownload file
• Membuat script backdoor dengan bahasa phyton
WEB HACKING
Presentation title 9

• HTTP request & response


• Dirb Tool
• Burpsuite Coniguration
• Shellshock Exploitation
• Command Injection Exploitation
• Relected XSS & Cookie Stealing
• HTML Injection
• SQL Injection
• CSR Vulnerability
• Hydra Bruteorce Attack
• Burpsuite Intruder
Presentation title 10

MAN IN THE MIDDLE (MITM)


• Spy aktivitas user di internet
Contoh: situs apa yang ia kunjungi, apa yang user ketik saat login di sebuah akun.
• Tools: Bettercap ARP Spoofing, Ettercap Password Snifing, Scapy.
Presentation title 11

WIRELESS ACCESS POINT WAP


• Aircrack Password Cracking
CRACKING
• Hashcat password Cracking
Presentation title 12

ANDROID HACKING
• Menginstall Kali Linux di Android
• Hack Android dengan Metasploit
• Mengakses android dengan android meterpreter
• Evil Droid
• Lemon
• Memasukkan malware ke apk
• Ghost ramework
• Ngrok
THANK YOU

You might also like