Introduction to Hacking


Published on

basic but very useful ppt for hacking. feel free to contact me

Published in: Technology
1 Comment
  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Introduction to Hacking

  1. 1. INTRODUCTIONIntroduction To Ethical Hacking & Information Security !
  2. 2. ETHICAL HACKING OUTLINE Why we need Security Security & Usability Triangle Who is Hacker ? Types of Hackers Type of attack on a system Phases of Hacker Profile of Ethical Hacker Why ethical hacking is Necessary ? Specializations Essential Terminologys.
  3. 3. WHY WE NEED SECURITY• Important part of business is - Now lot of people use computer to store and share there valuable informations.• Security – A state of well – being of information and infrastructures in which the possibility of successful yet undetected theft.
  4. 4. WHAT IS INFORMATION SECURITY Information security means protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction. Term Information Security follows CIA Confidentiality Integrity Availability
  5. 5.  Confidentiality : Assurance that the information is accessible only to those authorized to have access. Confidentiality breaches may occur due to improper data handling or a hacking attempt. Integrity : The data or resources in term of preventing improper and unauthorized changes. Assurance that Information can be relied upon to be sufficiently accurate for its purpose. Availability : Assurance that the systems responsible for delivering storing , and processing Information are accessible when required by the authorized users.
  6. 6. SECURITY , FUNCTIONALITY &USABILITY TRIANGLE Level of security in any system can be defined by the strength of three ComponentsThis Triangle represents the Basic relationship between Security, Functionality andusability.You can move the Ball in either of the Direction, which will cause the Intensity of othertwo sides to decrease.For Example, you can remove all the complicated Security Measures such as Hybrid Passwords, Regular Password Resets, Security Tokens, which will make the System easy to use, however, the Security and Functionality will be reduced.
  7. 7. WHO IS HACKER ? Intelligent Individuals with excellent Computer Skills, with the Ability to create And explore into the computer’s Software and Hardware. For some hackers, hacking is a hobby to see how many computers or networks they can compromise. Some do hacking with Malicious intent behind their escapades, like stealing business data, credit card information, social security numbers, email passwords etc. Their intention can either be to gain knowledge or to poke around to do illegal things.
  8. 8. TYPES OF HACKERS Black Hats Technical Levels of Hackers– Good Technical Skills Neophyte- A Newbie in the– Involved in Malicious or field of Computer Security with illegal Activities. almost no knowledge. Script Kiddie- A non-expert White Hats who uses Tools or Scripts made– Use of Knowledge & skills for by others to Hack into SystemDefensive purpose, rather with little knowledge about theoffensive. concept working behind the tool. Gray Hats Elite- Also knows as 1337, it is a– Individuals who work on term used to describe the most both the sides – Ethical and technically advanced hackers Malicious. who use cutting edge technology.
  9. 9. TYPE OF ATTACKS ON A SYSTEM There are several ways an attacker can gain access to a System. The attacker must be able to exploit a weakness or vulnerability in a system.
  10. 10. PHASES OF HACKERInformation GatheringScanning Gaining access – Operating System/Application – Network level – Denial of serviceMaintaining access – Uploading/altering/ downloading programs or data -- Covering Tracks
  11. 11. PROFILE OF ETHICAL HACKER An Ethical Hacker will follow the same Techniques and Methodologies as a Malicious Hacker, however, in the end, The found vulnerabilities of Security Flaws are either Reported (Responsible Disclosure/Open Disclosure) or Fixed. This is also called Penetration Testing. The Complete Procedure depends upon the Type of Penetration Testing being conducted, which are primarily of 3 Types: Black Box Testing – No Previous Knowledge about the Target of Evaluation. White Box Testing – Full Knowledge about the Target. Purpose is to protect the system or product from insider attacks. Grey Box Testing – Partial Knowledge is available in this case.
  12. 12. WHY ETHICAL HACKING IS NECESSARY?  Computer Security Expert.  In-depth knowledge about Target Platforms (such as Windows, Unix, Linux, Mac).  In-depth knowledge about networking and related hardware/software.  Knowledge about Programming and Web Applications.  Knowledgeable about computer or system security.
  13. 13. SPECIALIZATIONS Just like any other Technical Field, Information Security and Hacking is very vast and Individuals generally specialize in single or multiple Domains which primarily are: Network Security/Attack Web Application Security/Attack Exploit Development and Reverse Engineering Malware Analysis/Development Cyber Forensics
  14. 14. ESSENTIAL TERMINOLOGYS Threat – An action or event which is a potential challenge to Security. Vulnerability – It is the existence of a Flaw or Error in the Design of the System which can cause undesired results ranging from Compromise of System Security to Service or System Unavailability. Attack – An action which attempts to violate or challenge the Integrity or Security of a System. Exploit – A defined way to breach the security of a System or Product using an identified vulnerability.
  15. 15. MODULES FOR WINDOWS HACKING Introduction to Windows Windows - Passwords LM Hashes and NTLM Hashes Syskey Windows Hacking Types of Attacks Tools used for Windows Password Cracking Securing passwords. Privilege Escalation Key loggers Covering Tracks Removing logs
  19. 19. Tools used for windows Password CrackingWindows passwords can be cracked by using the following tools:  Ophcrack Live CD and windows installer.  Hiren Boot CD.  ERD commander.  Cain n Able. Etc.
  21. 21. Keyloggers Keystroke logging (often called key logging) is the action of tracking (or logging) the keys struck on a keyboard, typically in a covert manner so that the person using the keyboard is unaware that their actions are being monitored. There are numerous key logging methods, ranging from hardware and software-based approaches to electromagnetic and acoustic analysis.
  23. 23. KEY FEATURES OF KEYLOGGERS Key Strokes Typed Screenshots Program Activities Clipboard Chat etc. File Tracking
  24. 24. THANK YOU