[Admiral Nelson]

Hacking a website is near impossible. SQL Injection, Javascript Inserts, and XSS attacks are all easy to defend against. Sure you may need some help on how to avoid a DDOS attack, but that won't actually harm your site. Only will take it down for a bit.

By site, I mean 'location' or mapping out a location ( Like a building plan ).

Oh don't worry my website is fine! Hosted by Microsoft = Safe?... lol.

Otherwise I would of said a Website.

[Donald Trump]

I got no idea on Microsoft web site hosting services. Though Azure is a very good service for SQL database.

[SSR]

Hacking a website is near impossible. SQL Injection, Javascript Inserts, and XSS attacks are all easy to defend against. Sure you may need some help on how to avoid a DDOS attack, but that won't actually harm your site. Only will take it down for a bit.

May I ask where do you get your information from?

[Admiral Nelson]

It is quite easy to know about Website Attacks, SSR.

However, Dos 'dabbles' in 'hacking' sort to speak meaning he knows how to hack/plays with websites which allow him to experiment on ( Some websites are merely built for hackers to run exploits on but have no actual use ) .

I know the basics some he has even taught me.

But from researching I know Phishing, DDOS, port vulnerability ( and numbers ), SQL Injections then of course just a general Virus

Port Vulnerability's can be found using Burp-suite pro, for example for amazon you would look on Port 443

Phishing is when a 'website' is made to match another one; Recent example is the gmail 'Phishing' attack recently.

SQL Injections is how it is, where they 'insert' some 'data' into a websites database for there own needs so it feeds back to there 'server'

Javascript inserts is what I would imagine someone inserting a dangerous 'script' on a websites code so that they can receive credentials

Kali Linux for the win!

[Donald Trump]

My own experience. I have overseen a few taken down.

SQL - A few simple steps with google can stop an SQL injection. ie "If both required fields are not filled out, make site say "please fill in all required fields"

This is a code that uses Parameters in order to protect against such.

Spoiler: show

if (txt_UserName.Text == "" || txt_Password.Text == "")
{
MessageBox.Show("Please provide a Username and Password");
return;
}

try
{
// Create SqlConnection
SqlConnection con = new SqlConnection(cs);

SqlCommand cmd = new SqlCommand("Select * from (insert table name) where UserName = @username and Password = @password", con);

cmd.Parameters.AddWithValue("@username", txt_UserName.Text);
cmd.Parameters.AddWithValue("@password", txt_Password.Text);

con.Open();

SqlDataAdapter adapt = new SqlDataAdapter(cmd);
DataSet ds = new DataSet();
adapt.Fill(ds);

con.Close();

int count = ds.Tables[0].Rows.Count;

// If count is equal to 1, than show frmMain form
if (count == 1)
{
MessageBox.Show("You have a successful login!")
}

XSS is just a matter of sanitizing tags. ie: Img, svg, javascript

Spoiler: show

<javascript>alert("Hi")</script>

DDOS? - I guess you can create a timeout.

Bruteforce - Timeout requests on the username/password fields.



A lot of this is covered in DVWA - Damn Vulnerable Web Application

[Donald Trump]

It is quite easy to know about Website Attacks, SSR.

However, Dos 'dabbles' in 'hacking' sort to speak meaning he knows how to hack/plays with websites which allow him to experiment on ( Some websites are merely built for hackers to run exploits on but have no actual use ) .

I know the basics some he has even taught me.

But from researching I know Phishing, DDOS, port vulnerability ( and numbers ), SQL Injections then of course just a general Virus

Port Vulnerability's can be found using Burp-suite pro, for example for amazon you would look on Port 443

Phishing is when a 'website' is made to match another one; Recent example is the gmail 'Phishing' attack recently.

SQL Injections is how it is, where they 'insert' some 'data' into a websites database for there own needs so it feeds back to there 'server'

Javascript inserts is what I would imagine someone inserting a dangerous 'script' on a websites code so that they can receive credentials

Kali Linux for the win!

On the account of the general virus. I have made a few for experimentation of course. Testing on my VM. The scary part is when they are "crypted" so the ant-virus can't pick it up. But I guess if you know how a virus/Trojan works and where it goes; it helps a lot.. (Hidden files, %APPDATA%, %TEMP%). If you have every played around with DarkComet Trojan Creator.


^
This is a virus creator and a VERY popular one.

Cryptography is something I am looking into. I have already been working on creating my own crypter. Of course for experimental use. I use a lot of sources that are kind of shady. I don't know if they have viruses and they are so well made viruses that no anti malware scanner, but me could detect them and where they exist.

Currently hitting 25/54 detections on Virus Total. Ik, its trash . I am still working on the stub and encryption and plan to FuD it.

Guess that is why I was recently able to fend off a virus that would make most people just reinstall Windows. (so bad 2 Premium Virus scanners could not detect a TRACE of it, upon infection it shut off File Explorer actions and made my computer 10x slower). Later I went into safemode and pretty much refused to connect to WIFI (If you ever have a virus) NEVER CONNECT TO WIFI. The hacker can connect to your PC through WIFI and mess you up even more. If the Hacker is not using NO-IP (this is often a thing newbie hackers and stupid ones don't look into), you can reverse engineer that virus and mess them up (fun times).

Worst part about specialized viruses is that you are completely on your own. There is not "internet guide" for it. This is why I believe it is important to learn hacking and how a virus works. Because, a lot of the time some prick with a $50 Trojan Creator a $15 FuD Crypter will mess you up big time.

[Captain Jack]

get a long cable

Physcodad considering, the max 'Ethernet' cable length is 305 M I do not think that will work.

He has not specified what type of cable. So typically, his solution is not wrong.

[Admiral Nelson]

Are you going to help me Captain Jack, or just impose the idea that he is right?...

[Psychodad]

go towards the light...

fiber optic cable.

[Most Lee Harmless]

Just use 2 smart phones on all-you-can-eat data plans and hitch-hike across the telcom network.