2. SOCIAL ENGINEERING
Social engineering is the term
used for a broad range of
malicious activities
human
accomplished through
interactions. It uses
psychological manipulation to
trick users into making security
mistakes or giving away
sensitive information.
3. DENIAL-OF-SERVICE(DOS)
A Denial-of-Service (DoS) attack
is an attack meant to shut down a
machine or network, making it
inaccessible to its intended users.
DoS attacks accomplish this by
flooding the target with traffic, or
sending it information that triggers
a crash.
4. Malware attack is a type of
cyberattack in which malware
or malicious software performs
activities on the victim's
computer system, usually
without his/her knowledge
MALWARE ATTACKS
5. SQL INJECTION
SQL injection, also known as
SQLI, is a common attack vector
that uses malicious SQL code for
backend database manipulation
to access information that was
not intended to be displayed.
6. PHISHING ATTACK
Phishing is a type of social
engineering attack often used to
steal user data, including login
credentials and credit card
numbers. It occurs when an
attacker, masquerading as a
trusted entity, dupes a victim into
opening an email, instant
message, or text message.
7. MITM ATTACK
A man in the middle (MITM)
attack is a general term for when
a perpetrator positions himself in
a conversation between a user
and an application—either to
eavesdrop or to impersonate one
of the parties, making it appear as
if a normal exchange of
information is underway.
8. CROSS SITE SCRIPTING (XSS)
Cross site scripting (XSS) is a
common attack vector that
injects malicious code into a
vulnerable web application. XSS
differs from other web attack
vectors (e.g., SQL injections), in
that it does not directly target the
application itself. Instead, the
users of the web application are
the ones at risk.
9. WHAT IS THE NEED FOR ETHICAL HACKING?
Viruses, Trojan Horses,
and Worms
Social
Engineering
Automated
Attacks
Accidental Breaches in
Security
Denial of
Service (DoS)
Organizational
Attacks
Restricted
Data
Protection from possible External Attacks
10. NEED FOR ETHICAL HACKING
• ’To catch a thief you have to
think like a thief”
• Helps in closing the open
holes in the system network
• Provides security to banking
and financial establishments
• Prevents website
defacements
• An evolving technique
11. Required Skills of an Ethical Hacker
• Microsoft: skills in operation, configuration
and management.
• Linux: knowledge of Linux/Unix; security
setting, configuration, and services.
• Firewalls: configurations, and operation of
intrusion detection systems.
• Routers: knowledge of routers, routing
protocols, and access control lists
• Mainframes
• Network Protocols: TCP/IP; how they
function and can be manipulated.
• Project Management: leading, planning,
organizing, and controlling a penetration
testing team.
12. Hashcat is the world's fastest and most advanced password
recovery utility, supporting five unique modes of attack for over
200 highly-optimized hashing algorithms.
Features of Hashcat.
• World's fastest password cracker
• World's first and only in-kernel rule engine
• Free
• Open-Source (MIT License)
• Multi-OS (Linux, Windows and macOS)
13. What is Hashing Algorithm?
A hashing algorithm is a cryptographic
hash function. It is a mathematical
algorithm that maps data of arbitrary
size to a hash of a fixed size. It’s
designed to be a one-way function,
infeasible to invert.
14. 1.It should be fast to compute the hash value for any kind of
data
2.It should be impossible to regenerate a message from its
hash value (brute force attack as the only option)
3.It should avoid hash collisions; each message has its own
hash.
4.Every change to a message, even the smallest one, should
change the hash value. It should be completely different. It’s
called the avalanche effect