Cybersecurity Techniques: Email Tracking, Keylogging, and HTTP Tunneling

Posted on Feb 7, 2026 in Computers

Email Tracking Explained

Definition

E-mail tracking is the technique used to monitor and record information about emails sent, such as whether the email was opened, when it was opened, how many times it was opened, and from which location or IP address. It is mainly used during footprinting and information gathering to collect useful details about the recipient.

Explanation

E-mail tracking works by embedding a tracking element (such as a tracking pixel or link) inside the email. When the receiver opens the email or clicks a link, the system automatically sends information back to the sender. This technique helps attackers or investigators understand:

  • Whether the email was opened
  • Time and date of opening
  • IP address of the recipient
  • Device or mail client used

Uses of E-mail Tracking

  1. To gather business and personal information about the target
  2. To track email opens and clicks
  3. To identify recipient’s IP address and location
  4. To monitor response behavior of the target
  5. Used in footprinting and social engineering attacks

Short Note on Keystroke Logging

Definition

Keystroke logging (Keylogging) is a technique used to record every keystroke typed by a user on a keyboard. It is commonly used by attackers to steal usernames, passwords, credit card numbers, and other sensitive information without the user’s knowledge.

Explanation

In keystroke logging, a malicious program called a keylogger is installed on the victim’s system. This program runs in the background and captures all keyboard inputs. The recorded data is then stored locally or sent to the attacker through the Internet. Keylogging attacks are often used in social engineering and malware-based attacks.

Types of Keystroke Loggers

  1. Software Keyloggers: Installed through malware, phishing emails, or malicious downloads.
  2. Hardware Keyloggers: Physical devices attached between the keyboard and computer to record keystrokes.

HTTP Tunneling Techniques

Definition

HTTP Tunneling is a technique used to transmit non-HTTP traffic inside HTTP requests and responses. It is commonly used to bypass firewalls and security restrictions, since HTTP traffic (port 80/443) is usually allowed. In ethical hacking, HTTP tunneling is studied to understand how attackers evade network security controls.

Explanation of HTTP Tunneling

In this technique, data from a restricted protocol (such as SSH, FTP, or TCP commands) is encapsulated inside HTTP packets. To the firewall, the traffic appears as normal web traffic, but internally it carries hidden data.

HTTP Tunneling Techniques

1) HTTP GET Tunneling

  • Data is hidden inside the URL parameters of HTTP GET requests
  • Easy to implement
  • Limited data size
  • Commonly detected by IDS

2) HTTP POST Tunneling

  • Data is sent inside the body of HTTP POST requests
  • Allows larger data transfer
  • Harder to detect than GET tunneling

3) HTTP Response Tunneling

  • Server sends hidden data back inside HTTP responses
  • Used for command-and-control communication

4) Encrypted HTTP Tunneling (HTTPS)

  • Data is tunneled through HTTPS (SSL/TLS)
  • Very difficult to inspect or detect
  • Commonly used by attackers

Hacker Classes in Brief

Introduction

Hacker classes categorize hackers based on their intent, skills, and legality of actions. Understanding these classes helps in designing effective security measures.

Hacker Classes

1) White Hat Hackers

  • Also called ethical hackers
  • Work with authorization
  • Identify vulnerabilities to improve security
  • Employed by organizations for security testing

2) Black Hat Hackers

  • Also known as crackers
  • Perform illegal activities
  • Steal data, damage systems, or cause financial loss
  • Motivated by money or malicious intent

3) Gray Hat Hackers

  • Fall between white and black hats
  • May hack without permission, but not for harm
  • Often disclose vulnerabilities after discovery

4) Script Kiddies

  • Have limited technical knowledge
  • Use ready-made tools and scripts
  • Cause damage without understanding systems fully

5) Hacktivists

  • Hack systems for political or social causes
  • Activities include website defacement and data leaks