Your SlideShare is downloading. ×
How you can become a hacker with no security experience
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

How you can become a hacker with no security experience

488

Published on

0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
488
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
11
Comments
0
Likes
1
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. How You Can Become a Hacker With No Security Experience Andrei Avădănei President at CCSIR contact@ccsir.org
  • 2. Summary ● Short Bio ● What is a Cyber Hacker ● White Hat vs Black Hat Briefly ● Examples of Security Bypasses by 1337 Hackers ● Why They Matter? ● Are YOU Safe? ● Questions & Conclusions
  • 3. Short Bio ● President at CCSIR ● Founder & Coordinator of DefCamp ● Coordinator of Sparks ● Ambassador of Talks by Softbinator ● Blogger @worldit.info
  • 4. What is a Cyber Hacker ● seeks and exploits weaknesses in IT infrastructures ● motivated by profit, protest, or challenge ● computer programmers argues that they should be called crackers ● security culture is often referred to underground hacking
  • 5. White Hat vs Black Hat ● white-hat breaks security for non-malicious reasons ● black-hat violate computer security for personal benefits BUT - no phishing/spam/credit card stealling ... ● grey-hat may surf the net in order to find and report bugs ● 1337 hackers use various tools to steal or destroy
  • 6. #1 Password Reset Services ● What is Your Mother's Name? ● Where is Your Birthday Place? ● Your Favorite Movie? ● Your Loved One? Yeah, this still works. Don't believe me?
  • 7. But Now?
  • 8. #2 Phishing & Scams
  • 9. #3 Malware ● Tons of Malware Kits free or cheap ● Tons of FUD Crypters for AV bypass ● Tons of Spreading Methods ● Citadel, Zeus, Blackhole Means Something? ● 1337++
  • 10. #4 Wifi Sniffing ● Be The MAN (in the Middle) ● Session Hijacking ● Credentials Sniffing ● Traffic Alteration ● Aircrack-ng sounds friendly to you? ● 1338++
  • 11. #5 Hacking Websites ● Free & Easy to use Applications Scanners ● Nmap – old school (but awesome) port scanner ● SQLMap, Havij, Nessus, Acunetix, w3af for web security ● Metasploit – the Honey for Exploitation ● Many more third parties apps based on those above ● + Tons of Others That You Can Discover ● 1339++
  • 12. #6 - The Insiders ● Do You Trust Your Gf/Bf? You shouldn't! :-) 1339.1++
  • 13. Why They Matter ● these are really simple examples ● most of the „hackers“ of this kind are 14-20 ● they are irresponsible, destructive ● you will see private conversation leaked ● if you have a website they will probably deface it ● if somebody is MitM you might have the chance to see some porn ● if your password is guessed you might loose your accounts (Fb, Y!, GM, Tw, Ppl) ● PLEASE TRY THIS AT HOME, NOT ON YOUR „FRIENDS“!
  • 14. Are You Safe? ● #1 – Hard to Guess and unrelated answers ● #2 – Don't click on any suspicious stuff ● #3 – Use an AV licensed and updated + forgot Windows ● #4 – VPN Tunnels ● #5 – Firewalls, Code Review, Pentest, Audit ● #6 – Trust nobody, even you + LastPass or others
  • 15. Questions?

×