Understanding Ethical Hacking

Quick Summary

Ethical hacking involves using the same techniques as malicious hackers, but with the intent of identifying and addressing security vulnerabilities to improve an organization’s overall security posture.

Who

  • Ethical hacking is relevant for cybersecurity professionals, penetration testers, and IT security teams.
  • Key stakeholders include CISOs, IT managers, and developers responsible for securing systems and applications.
  • Organizations of all sizes and industries can benefit from ethical hacking to proactively identify and fix security weaknesses.

What

  • Ethical hacking involves legally and consensually exploiting systems and networks to uncover vulnerabilities.
  • Common ethical hacking techniques include network scanning, vulnerability assessment, social engineering, and exploitation.
  • Ethical hackers use a variety of specialized tools and frameworks like Kali Linux, Metasploit, and OWASP ZAP.
  • The goal is to provide detailed reports with actionable recommendations to improve an organization’s security posture.

When

  • Ethical hacking should be performed regularly as part of an organization’s security testing and compliance efforts.
  • It is typically conducted before major system changes, software releases, or after a security breach.
  • Ethical hacking has been used since the 1970s, but has become increasingly important as cyber threats have evolved.
  • Ongoing monitoring and periodic re-assessments are required to keep up with new vulnerabilities and attack vectors.

Where

  • Ethical hacking is typically performed within an organization’s internal network and systems, with the full knowledge and consent of the owners.
  • Resources and training for ethical hacking can be found online, through certification programs, and at security conferences.
  • Ethical hacking skills are in high demand and the practice is widely adopted across industries.

Why

  • Ethical hacking helps organizations proactively identify and address security vulnerabilities before they can be exploited.
  • It provides valuable insights that inform an organization’s security strategy and investments.
  • Ethical hacking supports compliance with industry standards and regulations like PCI-DSS, HIPAA, and GDPR.
  • Addressing vulnerabilities found through ethical hacking can significantly reduce the risk of data breaches and cyber attacks.

How

  • Ethical hacking typically follows a structured methodology: reconnaissance, scanning, gaining access, maintaining access, and covering tracks.
  • Penetration testers use a variety of tools and techniques to ethically exploit systems and uncover vulnerabilities.
  • Findings are carefully documented, and remediation steps are provided to the organization.
  • Ethical hackers collaborate closely with security teams to ensure vulnerabilities are patched effectively.

Best Practices

  • Obtain written authorization and scope agreement before conducting ethical hacking activities.
  • Ensure ethical hacking efforts comply with all relevant laws and regulations.
  • Establish clear rules of engagement and communication protocols with the organization.
  • Maintain detailed documentation of the process and findings.
  • Provide comprehensive reports with prioritized remediation recommendations.

Examples

  • Uncovering SQL injection vulnerabilities in a web application.
  • Exploiting misconfigured firewall rules to gain unauthorized access to internal servers.
  • Tricking employees into revealing login credentials through a phishing campaign.

References

Updates and Revisions

  • Last updated: November 8, 2024
  • No major changes yet

SpL 2

Is a search language that supports both spl + sql

Powerful language to dev and script

This is used by

Dev – script and develop

Admin – data prepare

End user – search

Internships

Anyone looking for the internships please share 👍

  1. Apple internships & graduates roles: https://lnkd.in/gNVdicpN
  2. Google Associate Product Manager (APM) program: https://lnkd.in/gqF_QEqA
  3. PayPal internships and university hiring: https://lnkd.in/gkwqH-2W
  4. Lyft internships and early talent: https://lnkd.in/gBHDuhCM
  5. Google internships: https://lnkd.in/gNuQzbY3
  6. Tesla internships: https://lnkd.in/gaHx8_kE
  7. Juniper Networks university hiring: https://lnkd.in/gRhXh9Pw
  8. Coinbase APM program: https://lnkd.in/gbPPBrtc
  9. Meta internships and graduate roles: https://lnkd.in/gCp4i79b
  10. LinkedIn internships & early talent roles: https://lnkd.in/gGgZ6PfZ
  11. Amazon internships: https://lnkd.in/gyEtYUum
  12. IBM internships: https://lnkd.in/g2-gc-iP
  13. United Airlines student & early career roles: https://lnkd.in/gZFxt-Pd
  14. Hilton Hotels & Resorts internships & graduates: https://lnkd.in/gpmkbaMn
  15. Federal Reserve Board internships: https://lnkd.in/ga89V8TK
  16. Federal Reserve Bank of San Francisco: https://lnkd.in/gCkUH3tu
  17. Microsoft students & graduates: https://lnkd.in/gD43H2Ee
  18. Goldman Sachs interns & graduates: https://lnkd.in/g9nBaaWv
  19. NASA Jet Propulsion Laboratory https://lnkd.in/gj6rbReT
  20. NASA’s internship programs: https://intern.nasa.gov/
  21. Kaiser Permanente interns & new graduates: https://lnkd.in/gNBHcsFg
  22. Lawrence Livermore National Laboratory (LLNL): https://lnkd.in/g586h-UP
  23. Stripe internships & early career roles: https://lnkd.in/gxCZ7ZDM
  24. NVIDIA internships & early grads: https://lnkd.in/gbwvVhaW

AI Websites to check on for

https://youtube.com/shorts/rjVTe_5HXow?si=Pkc7Z5QidlaUmS2Q

https://dev.to/m4rri4nne/automating-your-api-tests-using-python-and-pytest-23cc

Lexica.art – images to a animated

https://www.marktechpost.com/2024/03/31/top-data-science-books-to-read-in-2024/

https://247wallst.com/technology-3/2024/03/31/nvidia-vs-broadcom-stock-split-rivals-battling-for-the-future-of-ai/

https://www.psypost.org/kids-outsmart-leading-artificial-intelligence-models-in-a-simple-creativity-test/

https://www.thestreet.com/investing/stocks/1-billion-fund-manager-favors-several-big-tech-stocks

https://www.firstpost.com/tech/megalomaniac-difficult-to-work-with-why-silicon-valley-vcs-are-now-avoiding-sam-altman-13753301.html

https://techcrunch.com/2024/03/26/ai-and-data-infrastructure-drives-demand-for-open-source-startups/

https://www.marktechpost.com/2024/03/26/meet-quivr-an-open-source-rag-framework-with-38k-github-stars/

https://www.theguardian.com/technology/2024/mar/27/anthropic-amazon-ai-startup

https://www.forbes.com/sites/jodiecook/2024/03/27/5-chatgpt-prompts-to-build-your-personal-brand-from-zero-start-today/

https://www.theregister.com/2024/03/27/nvidia_blackwell_efficiency/

https://techcrunch.com/2024/03/26/fireworks-ai-open-source-api-puts-generative-ai-in-reach-of-any-developer/

https://www.tomsguide.com/ai/google-gemini/7-google-gemini-prompts-to-try-this-weekend

https://www.youtube.com/watch?v=-dJPoLm_gtE MLOps Course – Build Machine Learning Production Grade Projects – YouTube

https://www.businesstoday.in/technology/news/story/project-gr00t-nvidia-ceo-jensen-huang-announces-new-project-to-help-build-human-like-robots-422506-2024-03-22

https://www.techlearning.com/how-to/8-ways-to-create-ai-proof-writing-prompts

https://www.youtube.com/watch?v=4fdZwKg9IbU Run ANY Open-Source LLM Locally (No-Code LMStudio Tutorial)

https://hackaday.com/2024/03/22/generative-ai-now-encroaching-on-music/

Ai powered e-bikes https://insideevs.com/news/698006/eclair-ai-powered-ebike/

Amazon Reinvent- code whisperer

Q chathttps://www.pymnts.com/news/artificial-intelligence/2024/this-week-in-ai-human-like-reasoning-robots-and-open-source/

https://m.economictimes.com/industry/healthcare/biotech/healthcare/genai-has-potential-to-completely-transform-indias-healthcare-system-pwc-india/articleshow/108706508.cms

https://youtube.com/shorts/XgfHQBfRB5o?si=DsM5Ow9yghYoQkpR co rover

Claude

Moon valley https://youtube.com/shorts/NupAwJqra58?si=KIICbtvOtIlQ1tP4

Bing chat / copilot vs chat gpt

Chat gpt 3.5, j4 and 5

https://www.openculture.com/2023/11/generative-ai-for-everyone-a-free-course-from-ai-pioneer-andrew-ng.html

Einstein ai https://www.youtube.com/watch?v=ug_fkLFPhMw Our data cloud is an ‘incredible new product’, says Salesforce CEO Marc Benioff – YouTube

https://www.kdnuggets.com/5-free-courses-to-master-data-science

https://www.entrepreneur.com/starting-a-business/20-ways-to-master-your-brand-on-linkedin-in-2024/464619

https://cloud.google.com/blog/topics/training-certifications/new-skills-badges-help-train-cloud-skilled-professionals

https://hackaday.com/2023/11/12/data-science-the-stanford-way/

https://www.marktechpost.com/2023/11/12/google-deepmind-researchers-propose-a-framework-for-classifying-the-capabilities-and-behavior-of-artificial-general-intelligence-agi-models-and-their-precursors/

https://www.youtube.com/watch?v=1wPbZaQtSkA NEW ChatGPT Update: Create Your Own GPT’s! (Full Guide) – YouTube

https://thenewstack.io/new-ai-dev-platform-allows-you-to-customize-open-source-llms/

https://hbr.org/2023/11/the-skills-your-employees-need-to-work-effectively-with-ai

https://venturebeat.com/ai/forget-chatgpt-why-llama-and-open-source-ai-win-2023/

humata AI –  upload school or any any syllabus and ask questions- helps for studying

kaiber.ai – converts video to animation from young to old

https://venturebeat.com/ai/microsoft-unveils-lema-a-revolutionary-ai-learning-method-mirroring-human-problem-solving/

https://analyticsindiamag.com/5-new-ai-courses-launched-by-andrew-ng/

https://www.moneycontrol.com/news/technology-startup/newsletters/MCTech3/tech3-10-trouble-for-founders-accenture-s-guidance-hits-indian-it-stocks-and-more/

https://www.youtube.com/watch?v=DtpA7hgy6_w Microsoft AI Copilot Now Included in Windows 11’s Major Update + More AI Features – YouTube

https://www.cnbc.com/2023/11/02/the-most-in-demand-ai-job-of-2023-can-pay-over-200000-and-offers-remote-opportunities.html

https://inc42.com/startups/how-portkey-ai-is-steering-indian-enterprises-through-the-genai-maze/

https://neurosciencenews.com/machine-learning-peace-language-25137/

https://the-decoder.com/anthropics-prompt-optimizer-turns-short-prompts-into-detailed-templates/

https://interestingengineering.com/innovation/neural-network-ai-outperforms-chatgpt

 

Automation Framework – POM – Page Object Model

Approach used in Automation framework,

For each page we have a separate class/object ?

Lets See on the General understanding of the few of the topics

object – instance of class

classes – collections of states and behaviours

methods (functions) – logic used for the computation

Return statements – print?

arguments – variables used in methods for the computations

— Each page has a class. separate file

— test data can be picked form the excel sheet’s specified tab.

— utility classes – has the details of the excel sheet, tab etc..