Remesh R

How to Become an Ethical Hacker

An essential guide to becoming an ethical hacker

I receive lots of mails asking for guidance on how to become an ethical hacker. Most requests are on how to become a black hat hacker which are usually ignored. Let’s take a look at the definition of an ethical hacker. Read More :  https://www.linkedin.com/pulse/how-become-ethical-hacker-ramesh-r

Remesh Ramachandran

Top Usernames And Passwords Used By Hackers To Attack Your Servers

During the past one year, the cyber security firm Rapid7 has been collecting data from Heisenberg — its public-facing network of low-interaction honeypots. The honeypots were made to look like the real-life office, PoS, and kiosk payment systems with their RDP port open.

Under this project, Rapid7’s servers collected 221,203 login attempts that were spread across 119 countries and came from 5,076 IP addresses. During these attempts, hackers tried to break the system using 1,809 different usernames and 3,969 passwords.

The test also measured the complexity of the passwords. The findings showed that the majority of passwords attempted were very simple, indicating the widespread use of convenient passwords and ignorance of security risks.

Easy-to-use passwords are easy-to-hack!

Surprisingly, the most tried password was “x” (11,865 times), followed closely by “Zz” (10,591 times) and “[email protected]” (8,014 times). Here’s the top to most attempted passwords by hackers:

  1. x
  2. Zz
  3. [email protected]
  4. 1
  5. [email protected]
  6. bl4ck4ndwhite
  7. admin
  8. alex
  9. …….
  10. administrator

At the end of 2015, password management company SpashData released its annual report of the Worst Passwords of 2015 and “12345” and “password” remained at the top. The report stated that regular humans are terrible at selecting passwords. Keeping such trends in mind, hackers are inclined towards making simple guesses.

If we look at the username attempts that were made, a similar trend was observed. The top most tried out usernames were “administrator” (77, 125 times), “Administrator” (53,427 times), and “user1” (8,575 times). Here’s the complete top 10 list of most attempted usernames by hackers:

  1. administrator
  2. Administrator
  3. user1
  4. admin
  5. alex
  6. pos
  7. demo
  8. db2admin
  9. Admin
  10. sql

Most password login attacks came from China!

It should be noted that most of the login attempts came from China (88,227 attempts), followed by the US, (54,977) and South Korea (13,182). The other countries in the top 10 are Netherlands, Vietnam, the UK, Taiwan, France, Germany, and Canada.

Kali Linux 2016.2 — Download Latest Release

As promised at the Black Hat and Def Con security and hacking conferences, Offensive Security – the creators of Swiss army knife for researchers, penetration testers, and hackers – has finally released the much awaited Kali Linux 2016.2.

Kali Linux is an open-source Debian-based Linux distribution designed to help ethical hackers and security professionals with a wide range of tools for penetration testing, forensics, hacking and reverse engineering together into a single package.

Earlier the Kali Linux distribution was known as BackTrack.

You can download the latest Kali Linux 2016.2 ISOs from its official website now. The Kali Linux team has also promised to bring a lot of exciting announcements in the next few weeks, so keep an eye on its announcements for the latest updates.

Best Operating Systems For Ethical Hacking And Penetration Testing

Kali Linux:

kali_linux

Developed by Offensive Security as the rewrite of BackTrack, Kali Linux distro tops our list of the best operating systems for hacking purposes. This Debian-based OS comes with 600+ preinstalled pen testing tools that make your security toolbox richer. These versatile tools are updated regularly and are available for different platforms like ARM and VMware. For a forensic job, this top hacking operating system comes with a live boot capability that provides a perfect environment for vulnerability detection.

Download Kali Linux

Parrot Security OS:

parrot

Debian-based Parrot Security OS is developed by Frozenbox’s team. This cloud-friendly operating system is designed for ethical hacking, pen testing, computer forensics, ethical hacking, cryptography etc. Compared to others, Parrot Security OS promises a lightweight OS that is highly efficient. Along with its plethora of legally recognized tools, you also get the opportunity to work and surf anonymously.

For those who don’t know, Parrot Security OS is a mixture of Frozenbox OS and Kali Linux. The OS uses Kali repos for updating its tools, but it has its own dedicated repo for storing the custom packets. It comes with MATE desktop environment and the powerful interface is derived from famous Gnome 2. This highly customizable hacking oeprating system also comes with a strong community support.

Download Parrot Security OS

BackBox:

backbox

BackBox Linux is an Ubuntu-based operating system with its focus on security assessment and penetration testing. BackBox Linux comes with a wide range of security analysis tools that help you in web application analysis, network analysis etc. This fast and easy to use hackers’ favorite Linux distro comes with a complete desktop environment. The software repos of the hacking tools in this hacking operating system are regularly updated with the most stable versions.

Download BackBox Linux

BlackArch Linux:

blackarch_linux

BlackArch Linux is available as a complete Linux distribution for security researchers and ethical hackers. It’s derived from Arch Linux and one can also install the BlackArch Linux components on top of it.

The constantly growing repo of this useful operating system for hacking purposes is stuffed with more than 1400 tools that are thoroughly tested before being added to the codebase.

Download BlackArch Linux