Essential White‑Hat Hacker FAQ: Tools, Techniques, and Defense Strategies

1) What is a white‑hat hacker?

A white‑hat hacker is authorized by the system owner to attack a system, discover vulnerabilities, and help fix bugs.

2) Difference between IP address and MAC address

IP addresses are assigned to each device to locate it on a network, while MAC addresses are unique hardware identifiers for each network interface.

3) Common tools used by white‑hat hackers

Kali

Metasploit

Wireshark

Nmap

John the Ripper

Maltego

4) Types of hackers

Grey‑hat / Cyberwarrior

Black‑hat

White‑hat

Certified white‑hat

Red‑hat

5) What is footprinting and its techniques?

Footprinting gathers information about a target network before an attack. Techniques include open‑source reconnaissance, network enumeration, scanning, and stack fingerprinting.

6) What is a brute‑force attack?

A brute‑force attack tries many password combinations to gain access; tools such as Hydra are commonly used.

7) What is a DoS attack and its common forms?

Flooding (generic DoS)

Buffer overflow

SYN flood

Teardrop

Smurf

Virus‑based attacks

8) What is SQL injection?

SQL injection inserts malicious SQL commands into application inputs, causing the database to execute unintended queries and potentially exposing data.

9) What is network sniffing?

Network sniffing monitors data packets flowing over a network, useful for troubleshooting but also for stealing information.

10) What is ARP spoofing?

ARP spoofing sends forged ARP requests/replies to alter a target’s ARP cache, redirecting traffic within a LAN.

11) How to prevent ARP poisoning?

Packet filtering to block conflicting ARP packets

Minimize reliance on trusted protocols

Use ARP‑spoof detection software

Encrypt traffic with TLS/SSH

12) What is MAC flooding?

MAC flooding overwhelms a switch with numerous frames, causing it to broadcast traffic to all ports and enabling data theft.

13) What is a rogue DHCP server?

A rogue DHCP server operates without administrator control, assigning IP configuration to clients and potentially intercepting traffic.

14) What is XSS and its types?

Cross‑site scripting injects malicious code into trusted web pages. Types include reflected (non‑persistent), stored (persistent), and DOM‑based XSS.

15) What is Burp Suite and its tools?

Proxy

Spider

Scanner

Intruder

Repeater

Decoder

Comparer

Sequencer

16) What are domain pharming and defacement?

Pharming compromises DNS to redirect users to malicious sites; defacement replaces a website’s content with the attacker’s messages or media.

17) How to prevent website hacking?

Sanitize and validate user inputs to block SQL injection

Use firewalls to filter malicious traffic

Encrypt cookies and bind them to client IPs

Validate and verify all user input

Header validation and sanitization to mitigate XSS

18) What is a keylogger trojan?

A keylogger records keystrokes, stores them, and sends the data to a remote attacker.

19) What is enumeration?

Enumeration extracts system information such as machine names, usernames, network resources, shares, and services, often used in internal attacks.

20) What is NTP?

Network Time Protocol synchronizes clocks of networked computers via UDP port 123, maintaining accuracy within 10 ms on public networks.

21) What is MIB?

The Management Information Base is a virtual hierarchical database that defines network objects managed via SNMP, each identified by an OID.

22) Types of password‑cracking techniques

Brute‑force

Hybrid attacks

Syllable attacks

Rule‑based attacks

23) Stages of a hacker attack

Gaining access

Privilege escalation

Application hiding

Covering tracks

24) What is CSRF and how to prevent it?

Cross‑site request forgery forces an authenticated user’s browser to send unwanted requests; prevention involves adding unpredictable anti‑CSRF tokens tied to the user session.