SlideShare a Scribd company logo

Ethi mini - ethical hacking

Download as PPT, PDF
Being Uniq Sonu
Being Uniq Sonu

This document discusses ethical hacking. It defines hacking as unauthorized computer and network access and explains that ethical hackers are trusted professionals who test systems for vulnerabilities to improve security. The document outlines different types of hackers, common hacking techniques like SQL injection and cross-site scripting, and the skills and knowledge required of an ethical hacker like operating systems, networking protocols, and project management.

Education
1 of 17
EthicalEthical HackingHacking Submitted by: Md. Khaja Pasha
What is Hacking ???What is Hacking ???  Hacking is unauthorized use of computerHacking is unauthorized use of computer and network resources. (The termand network resources. (The term "hacker" originally meant a very gifted"hacker" originally meant a very gifted programmer. In recent years though,programmer. In recent years though, with easier access to multiple systems, itwith easier access to multiple systems, it now has negative implications.)now has negative implications.)
Type of HackersType of Hackers  Script Kiddies or Cyber-PunksScript Kiddies or Cyber-Punks:: Between ageBetween age 12-30; bored in school; get caught due to12-30; bored in school; get caught due to bragging online .bragging online .  Professional Criminals or CrackersProfessional Criminals or Crackers:: Make aMake a living by breaking into systems and selling theliving by breaking into systems and selling the information.information.  Coders and Virus WritersCoders and Virus Writers:: These have strongThese have strong programming background and write code butprogramming background and write code but won’t use it themselves; have their ownwon’t use it themselves; have their own networks called “zoos”; leave it to others tonetworks called “zoos”; leave it to others to release their code into “The Wild” or Internet.release their code into “The Wild” or Internet.
What do Hackers do?What do Hackers do?  A few examples of Web application hacksA few examples of Web application hacks  File QueryFile Query  Browser cachingBrowser caching  Cookie and URL hacksCookie and URL hacks  SQL InjectionSQL Injection  Cross-site Scripting (# 1 threat today!)Cross-site Scripting (# 1 threat today!)
Web File QueryWeb File Query  A hacker tests for HTTP (80) or HTTPSA hacker tests for HTTP (80) or HTTPS (443)(443)  Does a “View Source” on HTML file toDoes a “View Source” on HTML file to detect directory hierarchydetect directory hierarchy  Can view sensitive information left byCan view sensitive information left by system administrators or programmerssystem administrators or programmers  Database passwords in /include filesDatabase passwords in /include files
Browser Page CachingBrowser Page Caching  Be aware of differences betweenBe aware of differences between browsers!browsers!  Pages with sensitive data should not bePages with sensitive data should not be cached: page content is easily accessedcached: page content is easily accessed usingusing browser’s historybrowser’s history
Cookies and URLsCookies and URLs  Sensitive data in cookies and URLs?Sensitive data in cookies and URLs?  Issues that arise are:Issues that arise are:  Information is stored on a local computer (as filesInformation is stored on a local computer (as files or in the browser’s history)or in the browser’s history)  Unencrypted data can be intercepted on theUnencrypted data can be intercepted on the network and/or logged into unprotected web lognetwork and/or logged into unprotected web log filesfiles
SQL Injection AttacksSQL Injection Attacks  SQL injection is a security vulnerability that occurs in the database layer of an application. Its source is the incorrect escaping of dynamically-generated string literals embedded in SQL statements.
Cross-Site Scripting (XSS)Cross-Site Scripting (XSS) AttacksAttacks  Malicious code can secretly gatherMalicious code can secretly gather sensitive data from user while usingsensitive data from user while using authentic website (login, password,authentic website (login, password, cookie)cookie)
What is Ethical Hacking ??What is Ethical Hacking ??  Ethical hackingEthical hacking –– defined “methodology adopteddefined “methodology adopted by ethical hackers to discover the harmedby ethical hackers to discover the harmed existing in information systems’ of operatingexisting in information systems’ of operating environments.”environments.”  With the growth of the Internet, computer security hasWith the growth of the Internet, computer security has become a major concern for businesses andbecome a major concern for businesses and governments.governments.  In their search for a way to approach the problem,In their search for a way to approach the problem, organizations came to realize that one of the bestorganizations came to realize that one of the best ways to evaluate the unwanted threat to theirways to evaluate the unwanted threat to their interests would be to have independent computerinterests would be to have independent computer security professionals attempt to break into theirsecurity professionals attempt to break into their computer systems.computer systems.
Who are Ethical Hackers?Who are Ethical Hackers?  ““One of the best ways to evaluate the intruder threat is to have anOne of the best ways to evaluate the intruder threat is to have an independent computer security professionals attempt to break theirindependent computer security professionals attempt to break their computer systems”computer systems”  Successful ethical hackers possess a variety of skills. First andSuccessful ethical hackers possess a variety of skills. First and foremost, they must be completely trustworthy.foremost, they must be completely trustworthy.  Ethical hackers typically have very strong programming andEthical hackers typically have very strong programming and computer networking skills.computer networking skills.  They are also adept at installing and maintaining systems that useThey are also adept at installing and maintaining systems that use the more popular operating systems (e.g., Linux or Windows 2000)the more popular operating systems (e.g., Linux or Windows 2000) used on target systems.used on target systems.  These base skills are detailed knowledge of the hardware andThese base skills are detailed knowledge of the hardware and software provided by the more popular computer and networkingsoftware provided by the more popular computer and networking hardware vendors.hardware vendors.
What do Ethical Hackers do?What do Ethical Hackers do?  An ethical hacker’s evaluation of a system’s securityAn ethical hacker’s evaluation of a system’s security seeks answers to these basic questions:seeks answers to these basic questions:  What can an intruder see on the target systems?What can an intruder see on the target systems?  What can an intruder do with that information?What can an intruder do with that information?  Does anyone at the target notice the intruder’s atDoes anyone at the target notice the intruder’s at tempts or successes?tempts or successes?  What are you trying to protect?What are you trying to protect?  What are you trying to protect against?What are you trying to protect against?  How much time, effort, and money are you willing toHow much time, effort, and money are you willing to expend to obtain adequate protection?expend to obtain adequate protection?
Required Skills of an EthicalRequired Skills of an Ethical HackerHacker  Routers:Routers: knowledge of routers, routing protocols, andknowledge of routers, routing protocols, and access control listsaccess control lists  Microsoft:Microsoft: skills in operation, configuration andskills in operation, configuration and management.management.  Linux:Linux: knowledge of Linux/Unix; security setting,knowledge of Linux/Unix; security setting, configuration, and services.configuration, and services.  Firewalls:Firewalls: configurations, and operation of intrusionconfigurations, and operation of intrusion detection systems.detection systems.  Mainframes : knowledge of mainframes .Mainframes : knowledge of mainframes .  Network Protocols:Network Protocols: TCP/IP; how they function and canTCP/IP; how they function and can be manipulated.be manipulated.  Project Management:Project Management: knowledge of leading, planning,knowledge of leading, planning, organizing, and controlling a penetration testing team.organizing, and controlling a penetration testing team.
Hacker ClassesHacker Classes  Hacker classesHacker classes  Black hatsBlack hats – highly skilled,– highly skilled,  malicious, destructive “crackers”malicious, destructive “crackers”  White hatsWhite hats – skills used for– skills used for  defensive security analystsdefensive security analysts  Gray hatsGray hats – offensively and– offensively and  defensively; will hack for differentdefensively; will hack for different  reasons, depends on situation.reasons, depends on situation.  HactivismHactivism – hacking for social and political cause.– hacking for social and political cause.  Ethical hackersEthical hackers – determine what attackers can gain– determine what attackers can gain access to, what they will do with the information, and canaccess to, what they will do with the information, and can they be detected.they be detected.
How to hack Windows-XPHow to hack Windows-XP PasswordsPasswords  Simple User PasswordSimple User Password :-:- simply boot the System and presssimply boot the System and press keyboard key “F8”. After this start thekeyboard key “F8”. After this start the system in safe made .And open thesystem in safe made .And open the Control panel-->User AccountControl panel-->User Accountchange orchange or remove the password.remove the password.
Any Questions???Any Questions??? OrOr suggestions???suggestions???
Ethi mini - ethical hacking

Recommended

Full seminar report on ethical hacking
Full seminar report on ethical hackingFull seminar report on ethical hacking
Full seminar report on ethical hacking
Georgekutty Francis
 
Red team Engagement
Red team EngagementRed team Engagement
Red team Engagement
Indranil Banerjee
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
Keith Brooks
 
CEH
CEHCEH
CEH
Obaid Ur Rehman
 
Complete Ethical Hacking Course | Ethical Hacking Training for Beginners | Ed...
Complete Ethical Hacking Course | Ethical Hacking Training for Beginners | Ed...Complete Ethical Hacking Course | Ethical Hacking Training for Beginners | Ed...
Complete Ethical Hacking Course | Ethical Hacking Training for Beginners | Ed...
Edureka!
 
Threat Intelligence
Threat IntelligenceThreat Intelligence
Threat Intelligence
Deepak Kumar (D3)
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
Garla Prajwal
 
Ethical Hacking Certifications | Certified Ethical Hacker | Ethical Hacking |...
Ethical Hacking Certifications | Certified Ethical Hacker | Ethical Hacking |...Ethical Hacking Certifications | Certified Ethical Hacker | Ethical Hacking |...
Ethical Hacking Certifications | Certified Ethical Hacker | Ethical Hacking |...
Simplilearn
 

Recommended

Full seminar report on ethical hacking
Full seminar report on ethical hackingFull seminar report on ethical hacking
Full seminar report on ethical hacking
Georgekutty Francis
 
Red team Engagement
Red team EngagementRed team Engagement
Red team Engagement
Indranil Banerjee
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
Keith Brooks
 
CEH
CEHCEH
CEH
Obaid Ur Rehman
 
Complete Ethical Hacking Course | Ethical Hacking Training for Beginners | Ed...
Complete Ethical Hacking Course | Ethical Hacking Training for Beginners | Ed...Complete Ethical Hacking Course | Ethical Hacking Training for Beginners | Ed...
Complete Ethical Hacking Course | Ethical Hacking Training for Beginners | Ed...
Edureka!
 
Threat Intelligence
Threat IntelligenceThreat Intelligence
Threat Intelligence
Deepak Kumar (D3)
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
Garla Prajwal
 
Ethical Hacking Certifications | Certified Ethical Hacker | Ethical Hacking |...
Ethical Hacking Certifications | Certified Ethical Hacker | Ethical Hacking |...Ethical Hacking Certifications | Certified Ethical Hacker | Ethical Hacking |...
Ethical Hacking Certifications | Certified Ethical Hacker | Ethical Hacking |...
Simplilearn
 
Statistical analysis of HTTPS reachability
Statistical analysis of HTTPS reachabilityStatistical analysis of HTTPS reachability
Statistical analysis of HTTPS reachability
APNIC
 
Case Study of RSA Data Breach
Case Study of RSA Data BreachCase Study of RSA Data Breach
Case Study of RSA Data Breach
Kunal Sharma
 
EC-Council Certified Ethical Hacker (CEH) v9 - Hackers are here. Where are you?
EC-Council Certified Ethical Hacker (CEH) v9 - Hackers are here. Where are you?EC-Council Certified Ethical Hacker (CEH) v9 - Hackers are here. Where are you?
EC-Council Certified Ethical Hacker (CEH) v9 - Hackers are here. Where are you?
ITpreneurs
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
Manas Das
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
shinigami-99
 
Sophisticated Attacks vs. Advanced Persistent Security
Sophisticated Attacks vs. Advanced Persistent SecuritySophisticated Attacks vs. Advanced Persistent Security
Sophisticated Attacks vs. Advanced Persistent Security
Priyanka Aash
 
Mark Arena - Cyber Threat Intelligence #uisgcon9
Mark Arena - Cyber Threat Intelligence #uisgcon9Mark Arena - Cyber Threat Intelligence #uisgcon9
Mark Arena - Cyber Threat Intelligence #uisgcon9
UISGCON
 
Cyber Threat Hunting Workshop
Cyber Threat Hunting WorkshopCyber Threat Hunting Workshop
Cyber Threat Hunting Workshop
Digit Oktavianto
 
The Library of Sparta
The Library of SpartaThe Library of Sparta
The Library of Sparta
Lancope, Inc.
 
Threat hunting in cyber world
Threat hunting in cyber worldThreat hunting in cyber world
Threat hunting in cyber world
Akash Sarode
 
Hacking Cracking 2008
Hacking Cracking 2008Hacking Cracking 2008
Hacking Cracking 2008
Jim Geovedi
 
Information Security Lesson 2 - Attackers and Attacks - Eric Vanderburg
Information Security Lesson 2 - Attackers and Attacks - Eric VanderburgInformation Security Lesson 2 - Attackers and Attacks - Eric Vanderburg
Information Security Lesson 2 - Attackers and Attacks - Eric Vanderburg
Eric Vanderburg
 
CSCSS Science of Security - Developing Scientific Foundations for the Operati...
CSCSS Science of Security - Developing Scientific Foundations for the Operati...CSCSS Science of Security - Developing Scientific Foundations for the Operati...
CSCSS Science of Security - Developing Scientific Foundations for the Operati...
Shawn Riley
 
IRJET- Study of Hacking and Ethical Hacking
IRJET- Study of Hacking and Ethical HackingIRJET- Study of Hacking and Ethical Hacking
IRJET- Study of Hacking and Ethical Hacking
IRJET Journal
 
How To Prevent Cyber Attacks | Types of Cyber Attack | What is Cyber Attack |...
How To Prevent Cyber Attacks | Types of Cyber Attack | What is Cyber Attack |...How To Prevent Cyber Attacks | Types of Cyber Attack | What is Cyber Attack |...
How To Prevent Cyber Attacks | Types of Cyber Attack | What is Cyber Attack |...
Intellipaat
 
Learn Ethical Hacking in 10 Hours | Ethical Hacking Full Course | Edureka
Learn Ethical Hacking in 10 Hours | Ethical Hacking Full Course | EdurekaLearn Ethical Hacking in 10 Hours | Ethical Hacking Full Course | Edureka
Learn Ethical Hacking in 10 Hours | Ethical Hacking Full Course | Edureka
Edureka!
 
Careers in Cyber Security
Careers in Cyber SecurityCareers in Cyber Security
Careers in Cyber Security
Deep Shankar Yadav
 
AI for CyberSecurity
AI for CyberSecurityAI for CyberSecurity
AI for CyberSecurity
Satnam Singh
 
IRJET- Ethical Hacking Techniques and its Preventive Measures for Newbies
IRJET- Ethical Hacking Techniques and its Preventive Measures for NewbiesIRJET- Ethical Hacking Techniques and its Preventive Measures for Newbies
IRJET- Ethical Hacking Techniques and its Preventive Measures for Newbies
IRJET Journal
 
Science of Security: Cyber Ecosystem Attack Analysis Methodology
Science of Security: Cyber Ecosystem Attack Analysis MethodologyScience of Security: Cyber Ecosystem Attack Analysis Methodology
Science of Security: Cyber Ecosystem Attack Analysis Methodology
Shawn Riley
 
Ethical hacking presentation
Ethical hacking presentationEthical hacking presentation
Ethical hacking presentation
Georgekutty Francis
 
Ethi mini1 - ethical hacking
Ethi mini1 - ethical hackingEthi mini1 - ethical hacking
Ethi mini1 - ethical hacking
Being Uniq Sonu
 

More Related Content

What's hot

Case Study of RSA Data Breach
Case Study of RSA Data BreachCase Study of RSA Data Breach
Case Study of RSA Data Breach
Kunal Sharma
 
EC-Council Certified Ethical Hacker (CEH) v9 - Hackers are here. Where are you?
EC-Council Certified Ethical Hacker (CEH) v9 - Hackers are here. Where are you?EC-Council Certified Ethical Hacker (CEH) v9 - Hackers are here. Where are you?
EC-Council Certified Ethical Hacker (CEH) v9 - Hackers are here. Where are you?
ITpreneurs
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
Manas Das
 
Mark Arena - Cyber Threat Intelligence #uisgcon9
Mark Arena - Cyber Threat Intelligence #uisgcon9Mark Arena - Cyber Threat Intelligence #uisgcon9
Mark Arena - Cyber Threat Intelligence #uisgcon9
UISGCON
 
The Library of Sparta
The Library of SpartaThe Library of Sparta
The Library of Sparta
Lancope, Inc.
 
Hacking Cracking 2008
Hacking Cracking 2008Hacking Cracking 2008
Hacking Cracking 2008
Jim Geovedi
 
CSCSS Science of Security - Developing Scientific Foundations for the Operati...
CSCSS Science of Security - Developing Scientific Foundations for the Operati...CSCSS Science of Security - Developing Scientific Foundations for the Operati...
CSCSS Science of Security - Developing Scientific Foundations for the Operati...
Shawn Riley
 
Learn Ethical Hacking in 10 Hours | Ethical Hacking Full Course | Edureka
Learn Ethical Hacking in 10 Hours | Ethical Hacking Full Course | EdurekaLearn Ethical Hacking in 10 Hours | Ethical Hacking Full Course | Edureka
Learn Ethical Hacking in 10 Hours | Ethical Hacking Full Course | Edureka
Edureka!
 
AI for CyberSecurity
AI for CyberSecurityAI for CyberSecurity
AI for CyberSecurity
Satnam Singh
 

What's hot (20)

Statistical analysis of HTTPS reachability
Statistical analysis of HTTPS reachabilityStatistical analysis of HTTPS reachability
Statistical analysis of HTTPS reachability
 
Case Study of RSA Data Breach
Case Study of RSA Data BreachCase Study of RSA Data Breach
Case Study of RSA Data Breach
 
EC-Council Certified Ethical Hacker (CEH) v9 - Hackers are here. Where are you?
EC-Council Certified Ethical Hacker (CEH) v9 - Hackers are here. Where are you?EC-Council Certified Ethical Hacker (CEH) v9 - Hackers are here. Where are you?
EC-Council Certified Ethical Hacker (CEH) v9 - Hackers are here. Where are you?
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
 
Sophisticated Attacks vs. Advanced Persistent Security
Sophisticated Attacks vs. Advanced Persistent SecuritySophisticated Attacks vs. Advanced Persistent Security
Sophisticated Attacks vs. Advanced Persistent Security
 
Mark Arena - Cyber Threat Intelligence #uisgcon9
Mark Arena - Cyber Threat Intelligence #uisgcon9Mark Arena - Cyber Threat Intelligence #uisgcon9
Mark Arena - Cyber Threat Intelligence #uisgcon9
 
Cyber Threat Hunting Workshop
Cyber Threat Hunting WorkshopCyber Threat Hunting Workshop
Cyber Threat Hunting Workshop
 
The Library of Sparta
The Library of SpartaThe Library of Sparta
The Library of Sparta
 
Threat hunting in cyber world
Threat hunting in cyber worldThreat hunting in cyber world
Threat hunting in cyber world
 
Hacking Cracking 2008
Hacking Cracking 2008Hacking Cracking 2008
Hacking Cracking 2008
 
Information Security Lesson 2 - Attackers and Attacks - Eric Vanderburg
Information Security Lesson 2 - Attackers and Attacks - Eric VanderburgInformation Security Lesson 2 - Attackers and Attacks - Eric Vanderburg
Information Security Lesson 2 - Attackers and Attacks - Eric Vanderburg
 
CSCSS Science of Security - Developing Scientific Foundations for the Operati...
CSCSS Science of Security - Developing Scientific Foundations for the Operati...CSCSS Science of Security - Developing Scientific Foundations for the Operati...
CSCSS Science of Security - Developing Scientific Foundations for the Operati...
 
IRJET- Study of Hacking and Ethical Hacking
IRJET- Study of Hacking and Ethical HackingIRJET- Study of Hacking and Ethical Hacking
IRJET- Study of Hacking and Ethical Hacking
 
How To Prevent Cyber Attacks | Types of Cyber Attack | What is Cyber Attack |...
How To Prevent Cyber Attacks | Types of Cyber Attack | What is Cyber Attack |...How To Prevent Cyber Attacks | Types of Cyber Attack | What is Cyber Attack |...
How To Prevent Cyber Attacks | Types of Cyber Attack | What is Cyber Attack |...
 
Learn Ethical Hacking in 10 Hours | Ethical Hacking Full Course | Edureka
Learn Ethical Hacking in 10 Hours | Ethical Hacking Full Course | EdurekaLearn Ethical Hacking in 10 Hours | Ethical Hacking Full Course | Edureka
Learn Ethical Hacking in 10 Hours | Ethical Hacking Full Course | Edureka
 
Careers in Cyber Security
Careers in Cyber SecurityCareers in Cyber Security
Careers in Cyber Security
 
AI for CyberSecurity
AI for CyberSecurityAI for CyberSecurity
AI for CyberSecurity
 
IRJET- Ethical Hacking Techniques and its Preventive Measures for Newbies
IRJET- Ethical Hacking Techniques and its Preventive Measures for NewbiesIRJET- Ethical Hacking Techniques and its Preventive Measures for Newbies
IRJET- Ethical Hacking Techniques and its Preventive Measures for Newbies
 
Science of Security: Cyber Ecosystem Attack Analysis Methodology
Science of Security: Cyber Ecosystem Attack Analysis MethodologyScience of Security: Cyber Ecosystem Attack Analysis Methodology
Science of Security: Cyber Ecosystem Attack Analysis Methodology
 

Similar to Ethi mini - ethical hacking

Ethi mini1 - ethical hacking
Ethi mini1 - ethical hackingEthi mini1 - ethical hacking
Ethi mini1 - ethical hacking
Being Uniq Sonu
 
CSE-Ethical-Hacking-ppt.pptx
CSE-Ethical-Hacking-ppt.pptxCSE-Ethical-Hacking-ppt.pptx
CSE-Ethical-Hacking-ppt.pptx
VishnuVarma47
 
CSSE-Ethical-Hacking-ppt.pptx
CSSE-Ethical-Hacking-ppt.pptxCSSE-Ethical-Hacking-ppt.pptx
CSSE-Ethical-Hacking-ppt.pptx
VishnuVarma47
 

Similar to Ethi mini - ethical hacking (20)

Ethical hacking presentation
Ethical hacking presentationEthical hacking presentation
Ethical hacking presentation
 
Ethi mini1 - ethical hacking
Ethi mini1 - ethical hackingEthi mini1 - ethical hacking
Ethi mini1 - ethical hacking
 
Hacking ppt
Hacking pptHacking ppt
Hacking ppt
 
Fundamental of ethical hacking
Fundamental of ethical hackingFundamental of ethical hacking
Fundamental of ethical hacking
 
Ethichack 2012
Ethichack 2012Ethichack 2012
Ethichack 2012
 
Ethical Hacking Overview
Ethical Hacking OverviewEthical Hacking Overview
Ethical Hacking Overview
 
CSE-Ethical-Hacking-ppt.pptx
CSE-Ethical-Hacking-ppt.pptxCSE-Ethical-Hacking-ppt.pptx
CSE-Ethical-Hacking-ppt.pptx
 
CSSE-Ethical-Hacking-ppt.pptx
CSSE-Ethical-Hacking-ppt.pptxCSSE-Ethical-Hacking-ppt.pptx
CSSE-Ethical-Hacking-ppt.pptx
 
Hacking
HackingHacking
Hacking
 
CSE-Ethical-Hacking-ppt.pptx
CSE-Ethical-Hacking-ppt.pptxCSE-Ethical-Hacking-ppt.pptx
CSE-Ethical-Hacking-ppt.pptx
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
 
Learn Hacking
Learn HackingLearn Hacking
Learn Hacking
 
ethical hacking
ethical hackingethical hacking
ethical hacking
 
Cse ethical hacking ppt
Cse ethical hacking pptCse ethical hacking ppt
Cse ethical hacking ppt
 
Ethical-Hacking-ppt.pptx
Ethical-Hacking-ppt.pptxEthical-Hacking-ppt.pptx
Ethical-Hacking-ppt.pptx
 
my new HACKING
my new HACKINGmy new HACKING
my new HACKING
 
Ethical Hacking, Its relevance and Its Prospects
Ethical Hacking, Its relevance and Its ProspectsEthical Hacking, Its relevance and Its Prospects
Ethical Hacking, Its relevance and Its Prospects
 
Presentation on ethical hacking
Presentation on ethical hackingPresentation on ethical hacking
Presentation on ethical hacking
 
Cyber Security PPT
Cyber Security PPTCyber Security PPT
Cyber Security PPT
 
hacking basics
hacking basicshacking basics
hacking basics
 

Recently uploaded

Industrial Training Report- AKTU Industrial Training Report
Industrial Training Report- AKTU Industrial Training ReportIndustrial Training Report- AKTU Industrial Training Report
Industrial Training Report- AKTU Industrial Training Report
Avinash Rai
 

Recently uploaded (20)

[GDSC YCCE] Build with AI Online Presentation
[GDSC YCCE] Build with AI Online Presentation[GDSC YCCE] Build with AI Online Presentation
[GDSC YCCE] Build with AI Online Presentation
 
How to Manage Notification Preferences in the Odoo 17
How to Manage Notification Preferences in the Odoo 17How to Manage Notification Preferences in the Odoo 17
How to Manage Notification Preferences in the Odoo 17
 
How to Create Map Views in the Odoo 17 ERP
How to Create Map Views in the Odoo 17 ERPHow to Create Map Views in the Odoo 17 ERP
How to Create Map Views in the Odoo 17 ERP
 
2024_Student Session 2_ Set Plan Preparation.pptx
2024_Student Session 2_ Set Plan Preparation.pptx2024_Student Session 2_ Set Plan Preparation.pptx
2024_Student Session 2_ Set Plan Preparation.pptx
 
Phrasal Verbs.XXXXXXXXXXXXXXXXXXXXXXXXXX
Phrasal Verbs.XXXXXXXXXXXXXXXXXXXXXXXXXXPhrasal Verbs.XXXXXXXXXXXXXXXXXXXXXXXXXX
Phrasal Verbs.XXXXXXXXXXXXXXXXXXXXXXXXXX
 
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
 
Industrial Training Report- AKTU Industrial Training Report
Industrial Training Report- AKTU Industrial Training ReportIndustrial Training Report- AKTU Industrial Training Report
Industrial Training Report- AKTU Industrial Training Report
 
The Benefits and Challenges of Open Educational Resources
The Benefits and Challenges of Open Educational ResourcesThe Benefits and Challenges of Open Educational Resources
The Benefits and Challenges of Open Educational Resources
 
size separation d pharm 1st year pharmaceutics
size separation d pharm 1st year pharmaceuticssize separation d pharm 1st year pharmaceutics
size separation d pharm 1st year pharmaceutics
 
UNIT – IV_PCI Complaints: Complaints and evaluation of complaints, Handling o...
UNIT – IV_PCI Complaints: Complaints and evaluation of complaints, Handling o...UNIT – IV_PCI Complaints: Complaints and evaluation of complaints, Handling o...
UNIT – IV_PCI Complaints: Complaints and evaluation of complaints, Handling o...
 
Gyanartha SciBizTech Quiz slideshare.pptx
Gyanartha SciBizTech Quiz slideshare.pptxGyanartha SciBizTech Quiz slideshare.pptx
Gyanartha SciBizTech Quiz slideshare.pptx
 
Application of Matrices in real life. Presentation on application of matrices
Application of Matrices in real life. Presentation on application of matricesApplication of Matrices in real life. Presentation on application of matrices
Application of Matrices in real life. Presentation on application of matrices
 
How to Break the cycle of negative Thoughts
How to Break the cycle of negative ThoughtsHow to Break the cycle of negative Thoughts
How to Break the cycle of negative Thoughts
 
Pragya Champions Chalice 2024 Prelims & Finals Q/A set, General Quiz
Pragya Champions Chalice 2024 Prelims & Finals Q/A set, General QuizPragya Champions Chalice 2024 Prelims & Finals Q/A set, General Quiz
Pragya Champions Chalice 2024 Prelims & Finals Q/A set, General Quiz
 
Basic Civil Engineering Notes of Chapter-6, Topic- Ecosystem, Biodiversity G...
Basic Civil Engineering Notes of Chapter-6, Topic- Ecosystem, Biodiversity G...Basic Civil Engineering Notes of Chapter-6, Topic- Ecosystem, Biodiversity G...
Basic Civil Engineering Notes of Chapter-6, Topic- Ecosystem, Biodiversity G...
 
Danh sách HSG Bộ môn cấp trường - Cấp THPT.pdf
Danh sách HSG Bộ môn cấp trường - Cấp THPT.pdfDanh sách HSG Bộ môn cấp trường - Cấp THPT.pdf
Danh sách HSG Bộ môn cấp trường - Cấp THPT.pdf
 
GIÁO ÁN DẠY THÊM (KẾ HOẠCH BÀI BUỔI 2) - TIẾNG ANH 8 GLOBAL SUCCESS (2 CỘT) N...
GIÁO ÁN DẠY THÊM (KẾ HOẠCH BÀI BUỔI 2) - TIẾNG ANH 8 GLOBAL SUCCESS (2 CỘT) N...GIÁO ÁN DẠY THÊM (KẾ HOẠCH BÀI BUỔI 2) - TIẾNG ANH 8 GLOBAL SUCCESS (2 CỘT) N...
GIÁO ÁN DẠY THÊM (KẾ HOẠCH BÀI BUỔI 2) - TIẾNG ANH 8 GLOBAL SUCCESS (2 CỘT) N...
 
B.ed spl. HI pdusu exam paper-2023-24.pdf
B.ed spl. HI pdusu exam paper-2023-24.pdfB.ed spl. HI pdusu exam paper-2023-24.pdf
B.ed spl. HI pdusu exam paper-2023-24.pdf
 
The Last Leaf, a short story by O. Henry
The Last Leaf, a short story by O. HenryThe Last Leaf, a short story by O. Henry
The Last Leaf, a short story by O. Henry
 
MARUTI SUZUKI- A Successful Joint Venture in India.pptx
MARUTI SUZUKI- A Successful Joint Venture in India.pptxMARUTI SUZUKI- A Successful Joint Venture in India.pptx
MARUTI SUZUKI- A Successful Joint Venture in India.pptx
 

Ethi mini - ethical hacking

  • 2. What is Hacking ???What is Hacking ???  Hacking is unauthorized use of computerHacking is unauthorized use of computer and network resources. (The termand network resources. (The term "hacker" originally meant a very gifted"hacker" originally meant a very gifted programmer. In recent years though,programmer. In recent years though, with easier access to multiple systems, itwith easier access to multiple systems, it now has negative implications.)now has negative implications.)
  • 3. Type of HackersType of Hackers  Script Kiddies or Cyber-PunksScript Kiddies or Cyber-Punks:: Between ageBetween age 12-30; bored in school; get caught due to12-30; bored in school; get caught due to bragging online .bragging online .  Professional Criminals or CrackersProfessional Criminals or Crackers:: Make aMake a living by breaking into systems and selling theliving by breaking into systems and selling the information.information.  Coders and Virus WritersCoders and Virus Writers:: These have strongThese have strong programming background and write code butprogramming background and write code but won’t use it themselves; have their ownwon’t use it themselves; have their own networks called “zoos”; leave it to others tonetworks called “zoos”; leave it to others to release their code into “The Wild” or Internet.release their code into “The Wild” or Internet.
  • 4. What do Hackers do?What do Hackers do?  A few examples of Web application hacksA few examples of Web application hacks  File QueryFile Query  Browser cachingBrowser caching  Cookie and URL hacksCookie and URL hacks  SQL InjectionSQL Injection  Cross-site Scripting (# 1 threat today!)Cross-site Scripting (# 1 threat today!)
  • 5. Web File QueryWeb File Query  A hacker tests for HTTP (80) or HTTPSA hacker tests for HTTP (80) or HTTPS (443)(443)  Does a “View Source” on HTML file toDoes a “View Source” on HTML file to detect directory hierarchydetect directory hierarchy  Can view sensitive information left byCan view sensitive information left by system administrators or programmerssystem administrators or programmers  Database passwords in /include filesDatabase passwords in /include files
  • 6. Browser Page CachingBrowser Page Caching  Be aware of differences betweenBe aware of differences between browsers!browsers!  Pages with sensitive data should not bePages with sensitive data should not be cached: page content is easily accessedcached: page content is easily accessed usingusing browser’s historybrowser’s history
  • 7. Cookies and URLsCookies and URLs  Sensitive data in cookies and URLs?Sensitive data in cookies and URLs?  Issues that arise are:Issues that arise are:  Information is stored on a local computer (as filesInformation is stored on a local computer (as files or in the browser’s history)or in the browser’s history)  Unencrypted data can be intercepted on theUnencrypted data can be intercepted on the network and/or logged into unprotected web lognetwork and/or logged into unprotected web log filesfiles
  • 8. SQL Injection AttacksSQL Injection Attacks  SQL injection is a security vulnerability that occurs in the database layer of an application. Its source is the incorrect escaping of dynamically-generated string literals embedded in SQL statements.
  • 9. Cross-Site Scripting (XSS)Cross-Site Scripting (XSS) AttacksAttacks  Malicious code can secretly gatherMalicious code can secretly gather sensitive data from user while usingsensitive data from user while using authentic website (login, password,authentic website (login, password, cookie)cookie)
  • 10. What is Ethical Hacking ??What is Ethical Hacking ??  Ethical hackingEthical hacking –– defined “methodology adopteddefined “methodology adopted by ethical hackers to discover the harmedby ethical hackers to discover the harmed existing in information systems’ of operatingexisting in information systems’ of operating environments.”environments.”  With the growth of the Internet, computer security hasWith the growth of the Internet, computer security has become a major concern for businesses andbecome a major concern for businesses and governments.governments.  In their search for a way to approach the problem,In their search for a way to approach the problem, organizations came to realize that one of the bestorganizations came to realize that one of the best ways to evaluate the unwanted threat to theirways to evaluate the unwanted threat to their interests would be to have independent computerinterests would be to have independent computer security professionals attempt to break into theirsecurity professionals attempt to break into their computer systems.computer systems.
  • 11. Who are Ethical Hackers?Who are Ethical Hackers?  ““One of the best ways to evaluate the intruder threat is to have anOne of the best ways to evaluate the intruder threat is to have an independent computer security professionals attempt to break theirindependent computer security professionals attempt to break their computer systems”computer systems”  Successful ethical hackers possess a variety of skills. First andSuccessful ethical hackers possess a variety of skills. First and foremost, they must be completely trustworthy.foremost, they must be completely trustworthy.  Ethical hackers typically have very strong programming andEthical hackers typically have very strong programming and computer networking skills.computer networking skills.  They are also adept at installing and maintaining systems that useThey are also adept at installing and maintaining systems that use the more popular operating systems (e.g., Linux or Windows 2000)the more popular operating systems (e.g., Linux or Windows 2000) used on target systems.used on target systems.  These base skills are detailed knowledge of the hardware andThese base skills are detailed knowledge of the hardware and software provided by the more popular computer and networkingsoftware provided by the more popular computer and networking hardware vendors.hardware vendors.
  • 12. What do Ethical Hackers do?What do Ethical Hackers do?  An ethical hacker’s evaluation of a system’s securityAn ethical hacker’s evaluation of a system’s security seeks answers to these basic questions:seeks answers to these basic questions:  What can an intruder see on the target systems?What can an intruder see on the target systems?  What can an intruder do with that information?What can an intruder do with that information?  Does anyone at the target notice the intruder’s atDoes anyone at the target notice the intruder’s at tempts or successes?tempts or successes?  What are you trying to protect?What are you trying to protect?  What are you trying to protect against?What are you trying to protect against?  How much time, effort, and money are you willing toHow much time, effort, and money are you willing to expend to obtain adequate protection?expend to obtain adequate protection?
  • 13. Required Skills of an EthicalRequired Skills of an Ethical HackerHacker  Routers:Routers: knowledge of routers, routing protocols, andknowledge of routers, routing protocols, and access control listsaccess control lists  Microsoft:Microsoft: skills in operation, configuration andskills in operation, configuration and management.management.  Linux:Linux: knowledge of Linux/Unix; security setting,knowledge of Linux/Unix; security setting, configuration, and services.configuration, and services.  Firewalls:Firewalls: configurations, and operation of intrusionconfigurations, and operation of intrusion detection systems.detection systems.  Mainframes : knowledge of mainframes .Mainframes : knowledge of mainframes .  Network Protocols:Network Protocols: TCP/IP; how they function and canTCP/IP; how they function and can be manipulated.be manipulated.  Project Management:Project Management: knowledge of leading, planning,knowledge of leading, planning, organizing, and controlling a penetration testing team.organizing, and controlling a penetration testing team.
  • 14. Hacker ClassesHacker Classes  Hacker classesHacker classes  Black hatsBlack hats – highly skilled,– highly skilled,  malicious, destructive “crackers”malicious, destructive “crackers”  White hatsWhite hats – skills used for– skills used for  defensive security analystsdefensive security analysts  Gray hatsGray hats – offensively and– offensively and  defensively; will hack for differentdefensively; will hack for different  reasons, depends on situation.reasons, depends on situation.  HactivismHactivism – hacking for social and political cause.– hacking for social and political cause.  Ethical hackersEthical hackers – determine what attackers can gain– determine what attackers can gain access to, what they will do with the information, and canaccess to, what they will do with the information, and can they be detected.they be detected.
  • 15. How to hack Windows-XPHow to hack Windows-XP PasswordsPasswords  Simple User PasswordSimple User Password :-:- simply boot the System and presssimply boot the System and press keyboard key “F8”. After this start thekeyboard key “F8”. After this start the system in safe made .And open thesystem in safe made .And open the Control panel-->User AccountControl panel-->User Accountchange orchange or remove the password.remove the password.