Professional Hacking Tricks And Attacks List 2013

What is hacking?
Hacking is the practice of modifying the features of a system, in order to accomplish a goal outside of the creator's original purpose. The person who is consistently engaging in hacking activities, and has accepted hacking as a lifestyle and philosophy of their choice, is called a hacker.

Computer hacking is the most popular form of hacking nowadays, especially in the field of computer security, but hacking exists in many other forms, such as phone hacking, brain hacking, etc. and it's not limited to either of them.
Due to the mass attention given to blackhat hackers from the media, the whole hacking term is often mistaken for any security related cyber crime. This damages the reputation of all hackers, and is very cruel and unfair to the law abiding ones of them, from who the term itself originated. The goal of this website is to introduce people the true philosophy and ethics of hackers, hopefully clearing their name and giving them the social status they deserve.

There are three types of hackers :-
1. White hat hacker (WHH)
2. Black hat hacker  (BHH)
3. Gray hat hacker (GHH)
4. Script Kiddie

Here is some Professional hacking attacks, Hope every beginner will like to read this article.

                                              I created a list call it as a Pro hack attack (PHA)
                                Download This Complete List From here


♦ Session One Getting the basics right
♦ TCP/IP Fundamentals
♦ System Fundamentals
♦ Firewall Technologies
♦ Programming & Database Fundamentals
♦ Session Two - Network Cartography
♦ Advanced Google Hacking
♦ Fingerprinting
♦ Nmapping the network
♦ Footprinting
♦ Session Three - Exploitation
♦ Hacking networks
♦ Hacking servers
♦ Hacking databases
♦ Backdooring
♦ Session Four - Advanced Exploitation
♦ Hacking WLANs
♦ Evading IDS, Firewalls and Detecting Honey Pots
♦ Web Application Hacking
♦ Advanced Web Hacking
♦ Hacking Web Browsers (Firefox, IE)
♦ Session Five - Black-belt Hacking
♦ Buffer overflows
♦ Metasploiting the universe
♦ Reverse Engineering
♦ Covert Hacking
♦ Session Six - Social Engineering
♦ What is Social Engineering?
♦ Common Types of Attacks
♦ Social Engineering by Phone
♦ Dumpster Diving
♦ Online Social Engineering
♦ Reverse Social Engineering
♦ Policies and Procedures
♦ Employee Education
♦ Session Seven - Cryptography
♦ Encryption and Decryption
♦ Cryptographic Algorithms
♦ . DES
♦ . RC
♦ . RC
♦ . Blowfish
♦ . MD
♦ . SHA
♦ Government Access Key - GAK
♦ Digital Signature
♦ Cryptography Tools
♦ Code Breaking Methodologies
♦ Cryptography Attacks
♦ Session Eight - Honeypots
♦ What is Honeypot?
♦ Honey net Project
♦ Types of Honey Pot
♦ Honey Pot Replacement
♦ Various Open Source and Commercial Honey Pots
♦ Session Nine - Esoteric Hacking
♦ RFID Hacking
♦ Hacking Mobile Phones, PDA and Handheld Devices
♦ VoIP Hacking
♦ Cyber Warfare
♦ Hacking E-mails Accounts
♦ Corporate Espionage
♦ Botnets
♦ Bluetooth Hacking
♦ Hacking USB Devices
♦ Spamming
♦ Session PHA attacks
♦ SQL Injection attack
♦ Blind SQL Injection attack
♦ HTML Injection attack
♦ PHP Code Injection attack
♦ Java Applet attack method
♦ SET attacks
♦ Web Jacking attack
♦ Spoofing attacks
♦ Backtrack  Information Gathering Tools
♦ Backtrack have More than 65 Hacking TOOLS
♦ Session Ten - Password Cracking
♦ How to Steal Passwords
♦ Hashing Algorithm
♦ Active Brute Forcing
♦ Passive Brute Forcing
♦ Web-Based Password Cracking Techniques
♦ Session Eleven - Trojans and Backdoors
♦ Session Twelve - Viruses and Worms
♦ Writing Virus Codes
♦ Session Thirteen - Phishing
♦ Session Fourteen – Exploit Writing
♦ Assembly Language Tutorial
♦ Exploit Writing
♦ Session Fifteen - Privacy on the Internet
♦ Session Sixteen - Spying Technologies
♦ Session Seventeen - Credit Card Frauds
♦ Session Eighteen - Software Piracy and Warez
♦ Session Nineteen – Securing Laptop Computers
♦ Session Twenty - Data Loss Prevention
♦ Session Twenty One - Physical Security
♦ Session Twenty Two - Basics of Digital Forensics
  Hacking Incidents
  Defining the Forensics Process
  Digital Forensics Essentials –  A’s
  Investigation Guidelines
  Disk Based Forensics v/s Network Based Forensics
  Chain of Custody
♦ Hands-on Exercises
♦ In-depth exploration of TCP/IP using Wireshark
♦ Exercise  Analysis of tcpdump output to determine attacks
♦ In-depth usage of Nmap
♦ Cracking WLANs
♦ Hacking Oracle
♦ Building your own exploit
♦ Metasploit
 Arbitrary File Deletion
 Code Execution Hacking(LFI,RFI,Iframe Injection, Remote Code Execution)
 Cookie Manipulation (Meta HTTP-EQUIV & CRLF Injection)
 CRLF Injection (HTTP response splitting & Headers Injection)
 Cross Frame Scripting ( XFS )
 Cross-Site Scripting ( XSS - Persistent, Non-Persistent, DOM Based)
 Directory traversal including shell uploading
 Email Injection
 File Inclusion (LFI,RFI with and without null byte)
 Full Path Disclosure
 LDAP Injection
 PHP code injection
 PHP curl_exec() url is controlled by user
 PHP invalid data type error message
 PHP preg_replace used on user input
 PHP unserialize() used on user input
 Remote XSL inclusion
 Script source code disclosure
 Server-Side Includes (SSI) Injection
 Structured Query Language Injection(SQL Injection)
 URL Redirection
 XPath Injection vulnerability
 EXIF
 Buffer Overflows
 Clickjacking
 Dangling Pointers
 Format String Attack
 FTP Bounce Attack
 Symlinking and Server Rooting
 Blind SQL injection (timing - Boolean Based)
 Blind SQL Injection (Blind SQL String Based and Double Query Blind Based)
 8.3 DOS Filename Source Code Disclosure
 Search for Backup files
 Cross Site Scripting in URI
 PHP super-globals-overwrite
 Script errors (such as the Microsoft IIS Cookie Variable Information Disclosure)
 WebDAV (very vulnerable component of IIS servers)
 Application error message
 Check for common files
 Directory Listing
 Email address found
 Local path disclosure
 Possible sensitive files
 Microsoft Office possible sensitive information
 Possible internal IP address disclosure
 Possible server path disclosure (Unix and Windows)
 Possible username or password disclosure
 Sensitive data not encrypted
 Source code disclosure
 Cross-Site Request Forgery (CSRF)