Cyber Security

Attacker attacks the victim through vulnerabilities to cause threats.

• Strong curiosity: Deeply understanding how systems and applications work, which make them stronger than white hackers mostly

• Problem-solving and challenge seeking: Finding vulnerabilities or unconventional ways to achieve goals

• Creativity and innovation: Using non-traditional methods to hack or protect systems

• Analysis and deconstruction: Breaking down software or networks to find weaknesses

• Persistence: Trying repeatedly until success

• Challenge: Never forgive, and repeat trials

• Self-starter: No one should onboard or help him

2- Hackers Technical skills

1. Networking & Protocols – TCP/IP, DNS, HTTP(S), VPN, NAT

2. Operating Systems – Deep understanding of Linux, Windows internals

3. Programming – Python, Bash, JavaScript, C/C++

4. Web Technologies – HTML, JS, cookies, sessions, REST APIs

5. Exploitation Techniques – XSS, SQLi, buffer overflow, privilege escalation

6. Tools Mastery – Nmap, Wireshark, Metasploit, Burp Suite, Aircrack-ng

7. Cryptography Basics – Hashing, symmetric/asymmetric encryption

8. Reverse Engineering – Decompiling, debugging, malware analysis

9. Cloud & Container Security – AWS, Azure, Docker, Kubernetes

10. Security Frameworks – OWASP, MITRE ATT&CK, NIST, ISO 27001

11. Business understanding: Can understand business and lifecycle

Hacker, we call him also MITM: Man-in-the-Middle attack — intercepting communications, you should have End-to-end encryption, HTTPS, and VPN.

We have different types of hackers as follows:

• White Hat

  1. 1. Ethical hackers who test security

     2. Help improve security

     3. Penetration testers, security researchers

• Black Hat

  1. 1. Malicious hackers who exploit systems

     2. Financial gain, disruption

     3. Cybercriminals, ransomware attackers

• Red Hat:

  1. 1. Anti Black-Hat Hackers

• Gray Hat

  1. 1. Between white and black — may hack without permission, but not for harm

     2. Often curiosity or “hacktivism”

     3. Hackers who disclose vulnerabilities publicly

• Green Hat:

  1. 1. New to hacking 

     2. Willing to learn

• Blue Hat:

  1. 1. Looking for revenge

• Script Kiddies

  1. 1. Inexperienced hackers using tools made by others

     2. Thrill, notoriety

     3. Novice attackers using public exploits

• Hacktivists

  1. 1. Hackers driven by political/social causes

     2. Protest, activism

     3. Anonymous group

• State-Sponsored

  1. 1. Hackers working for governments

     2. Espionage, sabotage

     3. APT groups (e.g., Fancy Bear)

• Insiders

  1. 1. Employees or contractors abusing access

     2. Revenge, financial gain

     3. Disgruntled employees

• Cyber Terrorists

  1. 1. Use hacking to cause terror or fear

     2. Political or ideological

     3. Attacks on critical infrastructure

• Red team

  1. 1. Ethical hackers who test security

     2. Help improve security

     3. Penetration testers, security researchers

• Blue team

  1. 1. Malicious hackers who exploit systems

     2. Financial gain, disruption

     3. Cybercriminals, ransomware attackers

• Purple team

  1. 1. Anti Black-Hat Hackers

     2. Thrill, notoriety

     3. Novice attackers using public exploits

• Hacktivists

  1. 1. Hackers driven by political/social causes

     2. Protest, activism

     3. Anonymous group

• State-Sponsored

  1. 1. Hackers working for governments

     2. Espionage, sabotage

     3. APT groups (e.g., Fancy Bear)

• Insiders

  1. 1. Employees or contractors abusing access

     2. Revenge, financial gain

     3. Disgruntled employees

• Cyber Terrorists

  1. 1. Use hacking to cause terror or fear

     2. Political or ideological

     3. Attacks on critical infrastructure