SlideShare a Scribd company logo

Cyber security

Download as PPT, PDF
Sakib Sami
Sakib Sami

Presentation on Cyber Security presented on Workshop on Cyber Security and ICT Law at United International University

Technology
1 of 24
Cyber Security Md. Samiul Alim Sakib me@sakibsami.com http:/fb.me/s4kibs4mi http://www.sakibsami.com
Web Application Security Most Common Vulnerability SQL Injection ( SQLi ) : App Killer
SQL Injection SQL injection is a technique where a user can inject malicious SQL commands into an SQL statement, via web page input. A successful SQL injection exploit can read sensitive data from the database, modify database data (insert/update/delete) and compromise the security of a web application.
Example Lets assume this is our code of login page
Browser Interface & Injection Login Page Login Page with malicious code
SQLi on real site
SQLi on real site
SQLi on real site
Preventing SQL Injection  You can prevent SQL injection if you adopt an input validation technique in which user input is authenticated against a set of defined rules for length, type and syntax and also against business rules.  You should ensure that users with the permission to access the database have the least privileges. Additionally, do not use system administrator accounts. Also, you should always make sure that a database user is created only for a specific application and this user is not able to access other applications.
Other common web application bugs  Cross site scripting ( XSS )  Cross Site Request Forgery ( CSRF )  Remote Code Execution ( RCE )  Remote File Inclusion ( RFI )  Local File Inclusion ( LFI )  Broken authentication etc
Tools to Secure your Site  MetaSploit ( http://www.metasploit.com )  Zap ( http://sourceforge.net/projects/zaproxy/ )  Brup Suite ( http://portswigger.net/burp/download.html ) etc
SELF Security Case Study Securing yourself
Case Study SMS Spoofi ng :
Case Study You got trapped. You just installed attacker's hacking tool ( RAT )
Case Study You are connected to hackers bot
Case Study
Case Study Have a look, now what can hacker do with your device :D
Case Study Now Hacker can do call,send sms from your device.
Case Study Can Monitor calls and smsS
Stay Secure  Use Linux based operating systems B|  Never believe anyone  Use a better anti-virus  Always keep PC firewall ON  Check URL before visiting any website  Always download app from play-store/app-store  Check app permissions while installing app  Use 2nd step verification on email or social networks
And who wants to be a Hacker !! Programming Programming Programming Programming Programming Programming Programming Programming Programming
Hacking or Defacing Hacking in Bangladesh perspective.
Any Question ???
Thank You :)

Recommended

Securing data flow to and from organizations
Securing data flow to and from organizationsSecuring data flow to and from organizations
Securing data flow to and from organizationsOPSWAT
 
Cyber security
Cyber securityCyber security
Cyber securityManjushree Mashal
 
Enterprise Security and Cyber Security Cases
Enterprise Security and Cyber Security CasesEnterprise Security and Cyber Security Cases
Enterprise Security and Cyber Security CasesHakan Yüksel
 
Cyber security
Cyber securityCyber security
Cyber securitycolebassett
 
Cyber security
Cyber securityCyber security
Cyber securityShaibal Ahmed
 
A new way to prevent Botnet Attack
A new way to prevent Botnet AttackA new way to prevent Botnet Attack
A new way to prevent Botnet Attackyennhi2812
 
Cyber security Information security
Cyber security Information securityCyber security Information security
Cyber security Information securityAYESHA JAVED
 
Cyber Security
Cyber SecurityCyber Security
Cyber SecurityJay Moliya
 

Recommended

Securing data flow to and from organizations
Securing data flow to and from organizationsSecuring data flow to and from organizations
Securing data flow to and from organizationsOPSWAT
 
Cyber security
Cyber securityCyber security
Cyber securityManjushree Mashal
 
Enterprise Security and Cyber Security Cases
Enterprise Security and Cyber Security CasesEnterprise Security and Cyber Security Cases
Enterprise Security and Cyber Security CasesHakan Yüksel
 
Cyber security
Cyber securityCyber security
Cyber securitycolebassett
 
Cyber security
Cyber securityCyber security
Cyber securityShaibal Ahmed
 
A new way to prevent Botnet Attack
A new way to prevent Botnet AttackA new way to prevent Botnet Attack
A new way to prevent Botnet Attackyennhi2812
 
Cyber security Information security
Cyber security Information securityCyber security Information security
Cyber security Information securityAYESHA JAVED
 
Cyber Security
Cyber SecurityCyber Security
Cyber SecurityJay Moliya
 
Cyber security
Cyber securityCyber security
Cyber securitymanoj duli
 
cyber security
cyber securitycyber security
cyber securityBasineniUdaykumar
 
Cyber security by nayan pandey
Cyber security by nayan pandeyCyber security by nayan pandey
Cyber security by nayan pandeyRithikaD1
 
Cyber security
Cyber securityCyber security
Cyber securityManjushree Mashal
 
SYSTEM SECURITY - Chapter 1 introduction
SYSTEM SECURITY - Chapter 1 introductionSYSTEM SECURITY - Chapter 1 introduction
SYSTEM SECURITY - Chapter 1 introductionAfna Crcs
 
cyber security,need,security problem and types of cyber security
cyber security,need,security problem and types of cyber securitycyber security,need,security problem and types of cyber security
cyber security,need,security problem and types of cyber securityVansh Bathla
 
CYBER SECURITY
CYBER SECURITYCYBER SECURITY
CYBER SECURITYMohammad Shakirul islam
 
Icit analysis-identity-access-management
Icit analysis-identity-access-managementIcit analysis-identity-access-management
Icit analysis-identity-access-managementMark Gibson
 
Cyber Security
Cyber SecurityCyber Security
Cyber Securityimtnoida112
 
Cyber Security Vulnerabilities
Cyber Security VulnerabilitiesCyber Security Vulnerabilities
Cyber Security VulnerabilitiesSiemplify
 
Cyber Security Analytics – The Weapon to Fight Cyber Crime
Cyber Security Analytics – The Weapon to Fight Cyber Crime Cyber Security Analytics – The Weapon to Fight Cyber Crime
Cyber Security Analytics – The Weapon to Fight Cyber Crime Happiest Minds Technologies
 
CyberSecurity - UH IEEE Presentation 2015-04
CyberSecurity - UH IEEE Presentation 2015-04CyberSecurity - UH IEEE Presentation 2015-04
CyberSecurity - UH IEEE Presentation 2015-04Kyle Lai
 
Cyber security snowe vazeer
Cyber security snowe vazeerCyber security snowe vazeer
Cyber security snowe vazeersnowe123
 
What is cyber security
What is cyber securityWhat is cyber security
What is cyber securitySAHANAHK
 
Cyber security 22-07-29=013
Cyber security 22-07-29=013Cyber security 22-07-29=013
Cyber security 22-07-29=013Dr. Amitabha Yadav
 
Cyber safety
Cyber safetyCyber safety
Cyber safetyPrateekChaudhary44
 
Cybersecurity
CybersecurityCybersecurity
CybersecurityNebiyeLioul
 
Cyber crime and cyber security
Cyber crime and cyber securityCyber crime and cyber security
Cyber crime and cyber securityKaushal Solanki
 
Cyber security
Cyber securityCyber security
Cyber securityPrem Raval
 
Introduction to Cyber Security | Malware | Phishing attacks
Introduction to Cyber Security | Malware | Phishing attacksIntroduction to Cyber Security | Malware | Phishing attacks
Introduction to Cyber Security | Malware | Phishing attacksKumayl Rajani
 
4.Xss
4.Xss4.Xss
4.Xssphanleson
 
SQL injection exploitation internals
SQL injection exploitation internalsSQL injection exploitation internals
SQL injection exploitation internalsBernardo Damele A. G.
 

More Related Content

What's hot

Cyber security
Cyber securityCyber security
Cyber securitymanoj duli
 
Cyber security by nayan pandey
Cyber security by nayan pandeyCyber security by nayan pandey
Cyber security by nayan pandeyRithikaD1
 
SYSTEM SECURITY - Chapter 1 introduction
SYSTEM SECURITY - Chapter 1 introductionSYSTEM SECURITY - Chapter 1 introduction
SYSTEM SECURITY - Chapter 1 introductionAfna Crcs
 
cyber security,need,security problem and types of cyber security
cyber security,need,security problem and types of cyber securitycyber security,need,security problem and types of cyber security
cyber security,need,security problem and types of cyber securityVansh Bathla
 
Icit analysis-identity-access-management
Icit analysis-identity-access-managementIcit analysis-identity-access-management
Icit analysis-identity-access-managementMark Gibson
 
Cyber Security Vulnerabilities
Cyber Security VulnerabilitiesCyber Security Vulnerabilities
Cyber Security VulnerabilitiesSiemplify
 
Cyber Security Analytics – The Weapon to Fight Cyber Crime
Cyber Security Analytics – The Weapon to Fight Cyber Crime Cyber Security Analytics – The Weapon to Fight Cyber Crime
Cyber Security Analytics – The Weapon to Fight Cyber Crime Happiest Minds Technologies
 
CyberSecurity - UH IEEE Presentation 2015-04
CyberSecurity - UH IEEE Presentation 2015-04CyberSecurity - UH IEEE Presentation 2015-04
CyberSecurity - UH IEEE Presentation 2015-04Kyle Lai
 
Cyber security snowe vazeer
Cyber security snowe vazeerCyber security snowe vazeer
Cyber security snowe vazeersnowe123
 
What is cyber security
What is cyber securityWhat is cyber security
What is cyber securitySAHANAHK
 
Cyber crime and cyber security
Cyber crime and cyber securityCyber crime and cyber security
Cyber crime and cyber securityKaushal Solanki
 
Cyber security
Cyber securityCyber security
Cyber securityPrem Raval
 
Introduction to Cyber Security | Malware | Phishing attacks
Introduction to Cyber Security | Malware | Phishing attacksIntroduction to Cyber Security | Malware | Phishing attacks
Introduction to Cyber Security | Malware | Phishing attacksKumayl Rajani
 

What's hot (20)

Cyber security
Cyber securityCyber security
Cyber security
 
cyber security
cyber securitycyber security
cyber security
 
Cyber security by nayan pandey
Cyber security by nayan pandeyCyber security by nayan pandey
Cyber security by nayan pandey
 
Cyber security
Cyber securityCyber security
Cyber security
 
SYSTEM SECURITY - Chapter 1 introduction
SYSTEM SECURITY - Chapter 1 introductionSYSTEM SECURITY - Chapter 1 introduction
SYSTEM SECURITY - Chapter 1 introduction
 
cyber security,need,security problem and types of cyber security
cyber security,need,security problem and types of cyber securitycyber security,need,security problem and types of cyber security
cyber security,need,security problem and types of cyber security
 
CYBER SECURITY
CYBER SECURITYCYBER SECURITY
CYBER SECURITY
 
Icit analysis-identity-access-management
Icit analysis-identity-access-managementIcit analysis-identity-access-management
Icit analysis-identity-access-management
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
 
Cyber Security Vulnerabilities
Cyber Security VulnerabilitiesCyber Security Vulnerabilities
Cyber Security Vulnerabilities
 
Cyber Security Analytics – The Weapon to Fight Cyber Crime
Cyber Security Analytics – The Weapon to Fight Cyber Crime Cyber Security Analytics – The Weapon to Fight Cyber Crime
Cyber Security Analytics – The Weapon to Fight Cyber Crime
 
CyberSecurity - UH IEEE Presentation 2015-04
CyberSecurity - UH IEEE Presentation 2015-04CyberSecurity - UH IEEE Presentation 2015-04
CyberSecurity - UH IEEE Presentation 2015-04
 
Cyber security snowe vazeer
Cyber security snowe vazeerCyber security snowe vazeer
Cyber security snowe vazeer
 
What is cyber security
What is cyber securityWhat is cyber security
What is cyber security
 
Cyber security 22-07-29=013
Cyber security 22-07-29=013Cyber security 22-07-29=013
Cyber security 22-07-29=013
 
Cyber safety
Cyber safetyCyber safety
Cyber safety
 
Cybersecurity
CybersecurityCybersecurity
Cybersecurity
 
Cyber crime and cyber security
Cyber crime and cyber securityCyber crime and cyber security
Cyber crime and cyber security
 
Cyber security
Cyber securityCyber security
Cyber security
 
Introduction to Cyber Security | Malware | Phishing attacks
Introduction to Cyber Security | Malware | Phishing attacksIntroduction to Cyber Security | Malware | Phishing attacks
Introduction to Cyber Security | Malware | Phishing attacks
 

Viewers also liked

SQL injection exploitation internals
SQL injection exploitation internalsSQL injection exploitation internals
SQL injection exploitation internalsBernardo Damele A. G.
 
Advanced SQL Injection
Advanced SQL InjectionAdvanced SQL Injection
Advanced SQL Injectionamiable_indian
 
SQL injection: Not Only AND 1=1 (updated)
SQL injection: Not Only AND 1=1 (updated)SQL injection: Not Only AND 1=1 (updated)
SQL injection: Not Only AND 1=1 (updated)Bernardo Damele A. G.
 
Study: The Future of VR, AR and Self-Driving Cars
Study: The Future of VR, AR and Self-Driving CarsStudy: The Future of VR, AR and Self-Driving Cars
Study: The Future of VR, AR and Self-Driving CarsLinkedIn
 

Viewers also liked (6)

4.Xss
4.Xss4.Xss
4.Xss
 
SQL injection exploitation internals
SQL injection exploitation internalsSQL injection exploitation internals
SQL injection exploitation internals
 
Advanced SQL Injection
Advanced SQL InjectionAdvanced SQL Injection
Advanced SQL Injection
 
SQL injection: Not only AND 1=1
SQL injection: Not only AND 1=1SQL injection: Not only AND 1=1
SQL injection: Not only AND 1=1
 
SQL injection: Not Only AND 1=1 (updated)
SQL injection: Not Only AND 1=1 (updated)SQL injection: Not Only AND 1=1 (updated)
SQL injection: Not Only AND 1=1 (updated)
 
Study: The Future of VR, AR and Self-Driving Cars
Study: The Future of VR, AR and Self-Driving CarsStudy: The Future of VR, AR and Self-Driving Cars
Study: The Future of VR, AR and Self-Driving Cars
 

Similar to Cyber security

Application Security Vulnerabilities: OWASP Top 10 -2007
Application Security Vulnerabilities: OWASP Top 10 -2007Application Security Vulnerabilities: OWASP Top 10 -2007
Application Security Vulnerabilities: OWASP Top 10 -2007Vaibhav Gupta
 
Why You Need A Web Application Firewall
Why You Need A Web Application FirewallWhy You Need A Web Application Firewall
Why You Need A Web Application FirewallPort80 Software
 
Andrews whitakrer lecture18-security.ppt
Andrews whitakrer lecture18-security.pptAndrews whitakrer lecture18-security.ppt
Andrews whitakrer lecture18-security.pptSilverGold16
 
Secure coding guidelines
Secure coding guidelinesSecure coding guidelines
Secure coding guidelinesZakaria SMAHI
 
Ceh v5 module 12 web application vulnerabilities
Ceh v5 module 12 web application vulnerabilitiesCeh v5 module 12 web application vulnerabilities
Ceh v5 module 12 web application vulnerabilitiesVi Tính Hoàng Nam
 
React security vulnerabilities
React security vulnerabilitiesReact security vulnerabilities
React security vulnerabilitiesAngelinaJasper
 
Domain 5 of the CEH Web Application Hacking.pptx
Domain 5 of the CEH Web Application Hacking.pptxDomain 5 of the CEH Web Application Hacking.pptx
Domain 5 of the CEH Web Application Hacking.pptxInfosectrain3
 
Domain 5 of the CEH: Web Application Hacking
Domain 5 of the CEH: Web Application HackingDomain 5 of the CEH: Web Application Hacking
Domain 5 of the CEH: Web Application HackingShivamSharma909
 
Security In PHP Applications
Security In PHP ApplicationsSecurity In PHP Applications
Security In PHP ApplicationsAditya Mooley
 
Web Application Security
Web Application SecurityWeb Application Security
Web Application SecurityChris Hillman
 
Top 10 Web Security Vulnerabilities (OWASP Top 10)
Top 10 Web Security Vulnerabilities (OWASP Top 10)Top 10 Web Security Vulnerabilities (OWASP Top 10)
Top 10 Web Security Vulnerabilities (OWASP Top 10)Brian Huff
 
Security risks awareness
Security risks awarenessSecurity risks awareness
Security risks awarenessJanagi Kannan
 
WEB APPLICATION VULNERABILITIES: DAWN, DETECTION, EXPLOITATION AND DEFENSE
WEB APPLICATION VULNERABILITIES: DAWN, DETECTION, EXPLOITATION AND DEFENSEWEB APPLICATION VULNERABILITIES: DAWN, DETECTION, EXPLOITATION AND DEFENSE
WEB APPLICATION VULNERABILITIES: DAWN, DETECTION, EXPLOITATION AND DEFENSEAjith Kp
 
Owasp Top 10 - Owasp Pune Chapter - January 2008
Owasp Top 10 - Owasp Pune Chapter - January 2008Owasp Top 10 - Owasp Pune Chapter - January 2008
Owasp Top 10 - Owasp Pune Chapter - January 2008abhijitapatil
 
GDG Dev Fest 2014 Cyber Security & Bangladesh (Raffiqunnabi Rumman )
GDG Dev Fest 2014 Cyber Security & Bangladesh (Raffiqunnabi Rumman )GDG Dev Fest 2014 Cyber Security & Bangladesh (Raffiqunnabi Rumman )
GDG Dev Fest 2014 Cyber Security & Bangladesh (Raffiqunnabi Rumman )Md Raffiqunnabi Rumman
 

Similar to Cyber security (20)

Application Security Vulnerabilities: OWASP Top 10 -2007
Application Security Vulnerabilities: OWASP Top 10 -2007Application Security Vulnerabilities: OWASP Top 10 -2007
Application Security Vulnerabilities: OWASP Top 10 -2007
 
Why You Need A Web Application Firewall
Why You Need A Web Application FirewallWhy You Need A Web Application Firewall
Why You Need A Web Application Firewall
 
Andrews whitakrer lecture18-security.ppt
Andrews whitakrer lecture18-security.pptAndrews whitakrer lecture18-security.ppt
Andrews whitakrer lecture18-security.ppt
 
Secure coding guidelines
Secure coding guidelinesSecure coding guidelines
Secure coding guidelines
 
Methods Hackers Use
Methods Hackers UseMethods Hackers Use
Methods Hackers Use
 
Ceh v5 module 12 web application vulnerabilities
Ceh v5 module 12 web application vulnerabilitiesCeh v5 module 12 web application vulnerabilities
Ceh v5 module 12 web application vulnerabilities
 
React security vulnerabilities
React security vulnerabilitiesReact security vulnerabilities
React security vulnerabilities
 
Cyber ppt
Cyber pptCyber ppt
Cyber ppt
 
Domain 5 of the CEH Web Application Hacking.pptx
Domain 5 of the CEH Web Application Hacking.pptxDomain 5 of the CEH Web Application Hacking.pptx
Domain 5 of the CEH Web Application Hacking.pptx
 
CEH Domain 5.pdf
CEH Domain 5.pdfCEH Domain 5.pdf
CEH Domain 5.pdf
 
Domain 5 of the CEH: Web Application Hacking
Domain 5 of the CEH: Web Application HackingDomain 5 of the CEH: Web Application Hacking
Domain 5 of the CEH: Web Application Hacking
 
Web Application Security 101
Web Application Security 101Web Application Security 101
Web Application Security 101
 
T04505103106
T04505103106T04505103106
T04505103106
 
Security In PHP Applications
Security In PHP ApplicationsSecurity In PHP Applications
Security In PHP Applications
 
Web Application Security
Web Application SecurityWeb Application Security
Web Application Security
 
Top 10 Web Security Vulnerabilities (OWASP Top 10)
Top 10 Web Security Vulnerabilities (OWASP Top 10)Top 10 Web Security Vulnerabilities (OWASP Top 10)
Top 10 Web Security Vulnerabilities (OWASP Top 10)
 
Security risks awareness
Security risks awarenessSecurity risks awareness
Security risks awareness
 
WEB APPLICATION VULNERABILITIES: DAWN, DETECTION, EXPLOITATION AND DEFENSE
WEB APPLICATION VULNERABILITIES: DAWN, DETECTION, EXPLOITATION AND DEFENSEWEB APPLICATION VULNERABILITIES: DAWN, DETECTION, EXPLOITATION AND DEFENSE
WEB APPLICATION VULNERABILITIES: DAWN, DETECTION, EXPLOITATION AND DEFENSE
 
Owasp Top 10 - Owasp Pune Chapter - January 2008
Owasp Top 10 - Owasp Pune Chapter - January 2008Owasp Top 10 - Owasp Pune Chapter - January 2008
Owasp Top 10 - Owasp Pune Chapter - January 2008
 
GDG Dev Fest 2014 Cyber Security & Bangladesh (Raffiqunnabi Rumman )
GDG Dev Fest 2014 Cyber Security & Bangladesh (Raffiqunnabi Rumman )GDG Dev Fest 2014 Cyber Security & Bangladesh (Raffiqunnabi Rumman )
GDG Dev Fest 2014 Cyber Security & Bangladesh (Raffiqunnabi Rumman )
 

Recently uploaded

Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWERMadyBayot
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MIND CTI
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Jeffrey Haguewood
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businesspanagenda
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...apidays
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfOverkill Security
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?Igalia
 
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu SubbuApidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbuapidays
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobeapidays
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...Zilliz
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodJuan lago vázquez
 

Recently uploaded (20)

Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu SubbuApidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 

Cyber security

  • 1. Cyber Security Md. Samiul Alim Sakib me@sakibsami.com http:/fb.me/s4kibs4mi http://www.sakibsami.com
  • 2. Web Application Security Most Common Vulnerability SQL Injection ( SQLi ) : App Killer
  • 3. SQL Injection SQL injection is a technique where a user can inject malicious SQL commands into an SQL statement, via web page input. A successful SQL injection exploit can read sensitive data from the database, modify database data (insert/update/delete) and compromise the security of a web application.
  • 4. Example Lets assume this is our code of login page
  • 5. Browser Interface & Injection Login Page Login Page with malicious code
  • 9. Preventing SQL Injection  You can prevent SQL injection if you adopt an input validation technique in which user input is authenticated against a set of defined rules for length, type and syntax and also against business rules.  You should ensure that users with the permission to access the database have the least privileges. Additionally, do not use system administrator accounts. Also, you should always make sure that a database user is created only for a specific application and this user is not able to access other applications.
  • 10. Other common web application bugs  Cross site scripting ( XSS )  Cross Site Request Forgery ( CSRF )  Remote Code Execution ( RCE )  Remote File Inclusion ( RFI )  Local File Inclusion ( LFI )  Broken authentication etc
  • 11. Tools to Secure your Site  MetaSploit ( http://www.metasploit.com )  Zap ( http://sourceforge.net/projects/zaproxy/ )  Brup Suite ( http://portswigger.net/burp/download.html ) etc
  • 14. Case Study You got trapped. You just installed attacker's hacking tool ( RAT )
  • 15. Case Study You are connected to hackers bot
  • 17. Case Study Have a look, now what can hacker do with your device :D
  • 18. Case Study Now Hacker can do call,send sms from your device.
  • 19. Case Study Can Monitor calls and smsS
  • 20. Stay Secure  Use Linux based operating systems B|  Never believe anyone  Use a better anti-virus  Always keep PC firewall ON  Check URL before visiting any website  Always download app from play-store/app-store  Check app permissions while installing app  Use 2nd step verification on email or social networks
  • 21. And who wants to be a Hacker !! Programming Programming Programming Programming Programming Programming Programming Programming Programming
  • 22. Hacking or Defacing Hacking in Bangladesh perspective.