This is the beginning of the “Hacking websites” series which will try to explain why sites are hacked, how they are hacked and how to protect your website(s) from being hacked and broken. Motivated with rather discouraging results form Breach and WhiteHat security statistics reports I decided to start these series which will, hopefully, educate readers enough to protect their websites from top 10 vulnerability classes.
In a process of hacking information system the attacker will be using one or more hacking tools to accomplish his objective. The hacking tools can be divided into two main categories: procedural classification and functional classification. Procedural classification describes which tools are use during seven steps of hacking attacker is going through. Functional classification is describing the main four categories based on the tools functionalities.
For every step of the hacking process one or more tools could be required for the attacker to complete his objective. Although there are thousand of hacking tools variations all of them can be categorized to 14 basic categories.
Although, when talking about “tools” many will think about software solutions. But in a broader sense, hackers toolkit is much more than just software and it can be anything from piece of paper and a pen to human activities for collection of sensitive information and the penetration into the target system.
Hacking an information system which can be a computer network, server or a web site collection can be, and it is, very complex procedure and different procedure for every information system. But in it’s essence follows the basic seven steps of hacking into some kind of information system. From basic scouting to full takeover these seven steps [...]