Basisbereiche
▪ Zwei-Faktor-Authentisierung
▪ Sichere Passwörter
▪ Schulung und Sensibilisierung
▪ Makros abschalten
▪ Firewall
▪ Virenschutz
▪ Updates
▪ Datensicherung+Wiederherstellung testen
Elemente der Informationssicherheit
▪ Confidentiality
▪ Integrity
▪ Availability
▪ Authenticity
▪ Non-Repudiation
Cyber Kill Chain
> Reconnaissance
>> Weaponization
>>> Delivery
>>>> Exploitation
>>>>> Installation
>>>>>> Command and Control
>>>>>>> Actions on Objectives
>>>>>>>> (Maintain Access)
Phasen Att&ack Framework
1: Initial Access
2: Execution
3: Persistence
4: Privilege Escalation
5: Defence Evation
6: Credential Access
7: Discovery
8: Lateral Movement
9: Collection and Exfiltration
10: Command and Control
Attackphasen nach EC-Council
Phase 1: Reconnaissance
Phase 2: Vulnerability Scanning
Phase 3: Gaining Access
Phase 4: Maintaining Access
Phase 5: Clearing Tracks
Beispiele aktiver Attacken
▪ Denial-of-service (DoS) attack
▪ Bypassing protection mechanisms
▪ Malware attacks (such as viruses, worms, ransomware)
▪ Modification of information
▪ Spoofing attacks
▪ Replay attacks
▪ Password-based attacks
▪ Session hijacking
▪ Man-in-the-Middle attack
▪ DNS and ARP poisoning
▪ Compromised-key attack
KI-Tools in der Cybersecurity
▪ ShellGPT
▪ AutoGPT
▪ WormGPT
▪ ChatGPT with DAN prompt
▪ FreedomGPT
▪ FraudGPT
▪ ChaosGPT
▪ PoisonGPT
▪ HackerGPT
▪ BurpGPT
▪ BugBountyGPT
▪ PentestGPT
▪ GPT White Hack
▪ CybGPT
▪ BugHunterGPT
▪ Hacking APIs GPT
▪ h4ckGPT
▪ HackerNewsGPT
▪ Ethical Hacker GPT
▪ GP(en)T(ester)
TOP Pentesting Tools
▪ Parrot / Kali OS
▪ nmap
▪ metasploit
▪ Burp Suite
▪ Nessus
▪ Wireshark
▪ Aircrack-ng
▪ John the Ripper
▪ Hydra
▪ Nikto
▪ sqlmap
▪ OWASP ZAP
...und viele andere.
Wie hilft KI-getriebenes Hacking?
▪ Automation of Repetitive Tasks
▪ Predictive Analysis
▪ Advanced Threat Detection
▪ Adaptive Learning
▪ Enhanced Decision Making
▪ Enhanced Reporting
▪ Simulation and Testing
▪ Scalability
▪ Continuous Monitoring
▪ Adaptive Defense Mechanisms
Incident Handling and Response
▪ Preparation
▪ Incident Recording and Assignment
▪ Incident Triage
▪ Notification
▪ Containment
▪ Evidence Gathering and Forensic Analysis
▪ Eradication
▪ Recovery
▪ Post-Incident Activities
▪ Incident Documentation
▪ Incident Impact Assessment
▪ Review and Revise Policies
▪ Close the Investigation
▪ Incident Disclosure
Wie KI/ML Cyberattacken verhindert
▪ Password Protection and Authentication
▪ Phishing Detection and Prevention
▪ Threat Detection
▪ Vulnerability Management
▪ Behavioral Analytics
▪ Network Security
▪ AI-based Antivirus
▪ Fraud Detection
▪ Botnet Detection
▪ AI to Combat AI Threats
Bereiche für Cyberattacken
▪ Hardwareebene (Krypto auf Hardware-Chips)
▪ Switche, Router
▪ Netzwerke
▪ Mobile Devices / Platforms
▪ Cloud Infrastruktur und Applikationen
▪ Intranet / DNS / Active Directory
▪ Datenbanken / SQL Injection
▪ OS Hacking
▪ Malware
▪ Social Engineering
▪ (D)DOS
▪ Session Hijacking
▪ Umgehung von IDS, Firewalls, Honeypots, Virenscannern
▪ (Web-)Server
▪ Webapplications
▪ Wireless Hacking
▪ IoT / OT Hacking
ISO/IEC
▪ ISO/IEC 27001:2022
▪ ISO/IEC 27701:2019
▪ ISO/IEC 27002:2022
▪ ISO/IEC 27005:2022
▪ ISO/IEC 27018:2019
▪ ISO/IEC 27032:2023
▪ ISO/IEC 27033-7:2023
▪ ISO/IEC 27036-3:2023
▪ ISO/IEC 27040:2024
▪ ISO/IEC 62443