Ethical hacking

2,055 views

Published on

Basic Ethical Hacking ppt for the beginners & a well seminar ppt for the students on ethical hacking

Published in: Education
0 Comments
2 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
2,055
On SlideShare
0
From Embeds
0
Number of Embeds
3
Actions
Shares
0
Downloads
330
Comments
0
Likes
2
Embeds 0
No embeds

No notes for slide

Ethical hacking

  1. 1. BySourabh S. Badve(CEH/ECSA)
  2. 2. INTRODUCTIONWhat is hacking?
  3. 3. TYPES OF HACKERS  White hat hacker  Black hat hacker  Gray hat hacker  Ghost hacker  Script kiddies
  4. 4. What is “Ethical Hacking” ?  Penetration Testing  Security Testing
  5. 5. Steps involved in Ethical Hacking : Signing of Contract Footprinting OR Reconnaisance Enumeration & Fingerprinting (Scanning) Identification of vulnerabilities Attack – Exploit the vulnerabilities Reporting
  6. 6. Signing of contract • A contract between the tester i.e. ethical hacker and organization i.e. client • specifies certain conditions and terms of test being conducted • signed by both the parties.
  7. 7. Footprinting OR Reconnaissance Collecting as much information about the target. Tools used – nslookup, traceroute, whois etc.
  8. 8. Enumeration & Fingerprinting (scanning)• Determining the target.• Identification of services and open ports.• Enumerating operating system. Tools used- Nmap, SNMP scanner, netcat, telnet etc.
  9. 9. Identification of vulnerabilities• Insecure configuration• Weak passwords• Unpatched vulnerabilities in services, operating system and application• Possible vulnerabilities in services, operating system and applications• Insecure programming• Weak Access control• Tools and Techniques used- Vulnerability scanners like Nessus, Listening totraffic, Password crackers, Default passwords, Bruteforce, Social engineering, SQL injection,vulnerability information website e.g.http://cve.mitre.org,http://www.securityfocus.com
  10. 10. Attack – Exploit the vulnerabilities• Obtain information(trophies) from the target system• Gaining normal access• Escalating privileges• Obtain access to other connected systems• Operating system attacks• Tools used- Nessus, Metasploit, Framework,
  11. 11.  Tools
  12. 12. Thank you!

×