12-04-2017, 12:54 PM
Welcome guys
In this part I will talk about some possible site attacks and how a site could be attacked. If i'm wrong, or missing anything just say.
(disclaimer: for educational purposes, redsec nor me are responsible for your actions :p)
First of all you can perform different "hacks" on sites, for different purposes. Pretty much the most famous attack is the well-known DDoS attack. The Distributed Denial of Service. Basically what it does is 'spam' the site so it responds to your request, for example if the site can handle 500 requests at the same time, and you send it 500 requests it has no requests left for other people, thus making the site unavailable for others.
Next off there's the deface, you gain acces in order to add delete or modify things on a site, for example lets say I gain admin acces to redsecurity.info, and then i can post memes on the homepage.
Last but not least, extracting data/penetrating hosts or clients. To gain acces to someones pc you have to somehow upload malware to the clients or hosts device. You can also extract data from the site (logins/account details etc) by breaching the database. These can for example be done by exploiting misconfigured sql, or by XSS(putting malicious code on the site).
This is it for now, very basic and boring I know, but you GOT TO KNOW THIS.
Next time were actually gonna do something...
In this part I will talk about some possible site attacks and how a site could be attacked. If i'm wrong, or missing anything just say.
(disclaimer: for educational purposes, redsec nor me are responsible for your actions :p)
First of all you can perform different "hacks" on sites, for different purposes. Pretty much the most famous attack is the well-known DDoS attack. The Distributed Denial of Service. Basically what it does is 'spam' the site so it responds to your request, for example if the site can handle 500 requests at the same time, and you send it 500 requests it has no requests left for other people, thus making the site unavailable for others.
Next off there's the deface, you gain acces in order to add delete or modify things on a site, for example lets say I gain admin acces to redsecurity.info, and then i can post memes on the homepage.
Last but not least, extracting data/penetrating hosts or clients. To gain acces to someones pc you have to somehow upload malware to the clients or hosts device. You can also extract data from the site (logins/account details etc) by breaching the database. These can for example be done by exploiting misconfigured sql, or by XSS(putting malicious code on the site).
This is it for now, very basic and boring I know, but you GOT TO KNOW THIS.
Next time were actually gonna do something...