The document discusses the concept of ethical hacking, outlining information security principles including confidentiality, integrity, and availability. It covers various security threats, types of hackers, and the phases of a hacking attempt, from information gathering to maintaining access. Ethical hacking is framed as a legitimate method for companies to test their security by allowing hackers to penetrate their systems under authorized conditions.

1. Exploring Ethical Hacking
Behind Hackers and Security
: csivvn
: csi_vvn
: csi_vvn

2. Topics Covered :
 Information Security
 Information Security Threats
 Hacking Explained
 5 Phases For Hackers & Investigator
 Social Engineering & Techniques
 Need of Ethical Hacker
: csivvn
: csi_vvn
: csi_vvn

3. Information Security
 Information Security is not all about securing information from unauthorized
access. Information Security is basically the practice of preventing
unauthorized access, use, disclosure, disruption, modification, inspection,
recording or destruction of information. Information can be physical or
electrical one. Information can be anything like Your details or we can say
your profile on social media, your data in mobile phone, your biometrics etc.
Thus Information Security spans so many research areas like Cryptography,
Mobile Computing, Cyber Forensics, Online Social Media etc.
 Information Security programs are build around 3 + 2 objectives, commonly
known as CIA & AN. Cont..
: csivvn
: csi_vvn
: csi_vvn

4. Information Security
Confidentiality
Integrity
Availability
Authenticity
Non-repudiation
: csivvn
: csi_vvn
: csi_vvn

5. Information Security
 Confidentiality – means information is not disclosed to unauthorized
individuals, entities and process. For example if we say I have a password
for my Gmail account but someone saw while I was doing a login into Gmail
account. In that case my password has been compromised and
Confidentiality has been breached.
 Integrity – means maintaining accuracy and completeness of data. This
means data cannot be edited in an unauthorized way. For example if an
employee leaves an organization then in that case data for that employee
in all departments like accounts, should be updated to reflect status to JOB
LEFT so that data is complete and accurate and in addition to this only
authorized person should be allowed to edit employee data.
 Availability – means information must be available when needed. For
example if one needs to access information of a particular employee to
check whether employee has outstanded the number of leaves, in that case
it requires collaboration from different organizational teams like network
operations, development operations, incident response and policy/change
management.
Denial of service attack is one of the factor that can hamper the
availability of information.
: csivvn
: csi_vvn
: csi_vvn

6. Information Security
 Authenticity – means verifying that users are who they say they are and
that each input arriving at destination is from a trusted source. This
principle if followed guarantees the valid and genuine message received
from a trusted source through a valid transmission. For example if take
above example sender sends the message along with digital signature which
was generated using the hash value of message and private key. Now at the
receiver side this digital signature is decrypted using the public key
generating a hash value and message is again hashed to generate the hash
value. If the 2 value matches then it is known as valid transmission with the
authentic or we say genuine message received at the recipient side
 Non repudiation – means one party cannot deny receiving a message or a
transaction nor can the other party deny sending a message or a
transaction. For example in cryptography it is sufficient to show that
message matches the digital signature signed with sender’s private key and
that sender could have a sent a message and nobody else could have
altered it in transit. Data Integrity and Authenticity are pre-requisites for
Non repudiation.
: csivvn
: csi_vvn
: csi_vvn

7. 1)3 Types of Information Security Threats
1.) Network Threats
Identify
Vulnerabilities
Spoofing
Man-in-The
Middle Attack
Sniffing
Session
Hijacking
Dos/DDoS
Attack
ARP & DNS
Poisoning
Compromised
Key Attack
Network
Threats
: csivvn
: csi_vvn
: csi_vvn

8. 1)3 Types of Information Security Threats
2.) Host Threats
Host
Threats
Malware
Threat
Backdoor
Attacks
Password
Cracking
: csivvn
: csi_vvn
: csi_vvn

9. 1)3 Types of Information Security Threats
3.) Application Threats
Application
Threats
Authorization
Attacks
Authentication
Attack
Buffer
Overflow
Attack
SQL injection
False Error
Handling
Security Miss-
Configuration
: csivvn
: csi_vvn
: csi_vvn

10. WHAT IS HACK??
: csivvn
: csi_vvn
: csi_vvn

11. Technically, Hack is overriding or
modifying stuff to achieve
something uncommon to normal
user say overriding normal
procedures of doing things or
modifying things to achieve
something hidden or uncommon.
WHAT IS HACK??
: csivvn
: csi_vvn
: csi_vvn

12. : csivvn
: csi_vvn
: csi_vvn

13. Let’s understand it with an example.
Suppose we wish to change the
administrator password of windows
operating system. Now we all know that
we can change windows password by
following below procedure:
For windows operating system:
GO TO CONTROL PANEL
>USER ACCOUNTS
>SELECT USER
>CHANGE PASS-WORD
>SAVE NEW PASSWORD.
: csivvn
: csi_vvn
: csi_vvn

14. The above explained procedure is
normal way that users use to change
windows administrator or users
password.
: csivvn
: csi_vvn
: csi_vvn

15. But we all know that
there are several
uncommon ways of
changing windows
administrator or users
password.
These ways is what we
call HACK.
: csivvn
: csi_vvn
: csi_vvn

16. Now in above explained
procedure won’t work if I
don’t have administrator
rights or I forgot the
administrator password.
Now how I will change the
administrator
password or unlock system.
: csivvn
: csi_vvn
: csi_vvn

17. Here the term Hack and Hacker will come into
picture. Now we have to use un-common ways to
achieve the target as normal procedure is no
longer working in our situation.
: csivvn
: csi_vvn
: csi_vvn

18. We can do above tasks by several methods according to levels of Hackers.
: csivvn
: csi_vvn
: csi_vvn

19. Novice Users: They will format the windows operating system or will take
experts help.
Script Kiddies (beginner level hackers): They will use Linux live disks or
Emergency rescue disks to reset the password.
Medium Level Hackers (who have good knowledge of system and hacking
tools): They will use advance Hacking tools like OPHCrack or Backtrack OS
to retrieve the password.
Elite Hackers (expert level hackers): Why to use any third party tool
(know how to do with third party tools): when I can do this manually by
breaking into sys-tem root and reset it.
I will explain all the above methods in forthcoming classes but I want
to tell the elite one’s procedure to give you an idea about up to what
level we will learn things.
: csivvn
: csi_vvn
: csi_vvn

20. So below is the procedure how Elite Hackers will do:
Elite Hackers do things based on situations say how I will
do if it’s my own system and if it’s somebody else’s
system (i.e. I want to break into his/her system without
getting tracked).
If it’s my own system, I have two choices: First, I can
reset the password and Second, I can retrieve the
password.
If it’s somebody else’s system, I am left with only one
choice i.e. I need to retrieve the password because if I
reset it then victim will know that somebody’s has
broken into his/her system and you cannot call yourself
elite if you can be tracked.
: csivvn
: csi_vvn
: csi_vvn

21. So as a elite hacker I will try to retrieve the
administrator password without getting tracked or caught
and its simplest way is using OPHCrack Live CD because
this is the only possible way to retrieve the existing
password without resetting it. All other methods reset
the windows password. Alternatively, I will insert
windows operating system CD/DVD and try to retrieve
the windows password encrypted file and then decrypt it
at my own system.
I will share the exact methods in
later classes.
: csivvn
: csi_vvn
: csi_vvn

22. WHAT IS HACKING??
: csivvn
: csi_vvn
: csi_vvn

23. Hacking is derived by merging two words HACK
and ING i.e. Hack and its working.
Technically, Hacking is an art of
exploring uncommon things or modifying
things to achieve uncommon
functionalities.
: csivvn
: csi_vvn
: csi_vvn

24. When I frankly asked people, why you want to
learn Hacking? This is the reply what I got:
1. I want to hack my friends emails and Facebook >> 40%
2. I want to have fun >> 30%
3. I want to become security professional or Ethical Hacker
>> 15%
4. I want to see what my girlfriend is doing >> 11%
5. I want to take revenge >> 3%
6. I want to learn cool stuff >> 1%
See only 16% people (15% Ethical hackers + 1% learn cool stuff) want to learn
ethical hacking for good reasons.
I will teach you everything but it’s solely your decision what’s your reason to
learn Hacking.
: csivvn
: csi_vvn
: csi_vvn

25. MOST IMPORTANT TERMS..!!
: csivvn
: csi_vvn
: csi_vvn

26. MOST IMPORTANT TERMS..!!
Threat – An action or event that might compromise security. Usually
a threat is a potential violation of security.
Exploit – It is defined way to breach the security of a computer or
network system through vulnerabilities found during system analysis
or penetration testing.
Vulnerability –It is a weakness, design, or implementation error that
can lead to an unexpected, undesirable event or module
compromising the security of the sys-tem.
Target – Target can be any system or network or web application
which a Hacker wishes to hack.
Attack – Attack is basically system violation which is launched
against any system or network or web application.
Security – It is a set of rules which are made to harden system so
that others can-not penetrate into the system.
: csivvn
: csi_vvn
: csi_vvn

27. “We cannot make a system which is
completely unhackable; we can only
make system harden so that it
cannot be hacked.”
: csivvn
: csi_vvn
: csi_vvn

28. CAN HACKING BE ETHICAL?
Significant Cyber Security India - SCSI
: csivvn
: csi_vvn
: csi_vvn

29. IF YES, THEN HOW AND WHAT IS ETHICAL?
Yes, Hacking can be Ethical.
Major companies nowadays are expanding their business to attract
web users and we all know web world is still unsecure.
So these companies hire hackers to test their website against several
hacking attempts. This is also called Penetration testing.
Hence, Companies by themselves allows hackers to hack their web
application to test the security of their web application.
So the hackers which got the authority from company to hack their
system are called Ethical Hackers or Professional Hackers.
: csivvn
: csi_vvn
: csi_vvn

30. For performing such tasks Ethical hackers
are handsomely paid. In IT world
terminology this type of Hacking is
referred as Penetration testing. Is this the
only way to become Ethical Hacker?
: csivvn
: csi_vvn
: csi_vvn

31. Answer is absolutely NO. There are several
hackers who find out the bugs in the web
application or system and report them back to
company instead of using those bugs to attack
the web application. This type of hackers are
also considered as Ethical Hacker but technically
there is separate term defined in hacking world
for such hackers which is known as Grey Hat
Hackers.
: csivvn
: csi_vvn
: csi_vvn

32. DIFFERENCE BETWEEN
HACKERS AND CRACKERS
Significant Cyber Security India - SCSI
: csivvn
: csi_vvn
: csi_vvn

33. There is a very thin line difference between the hacker
and cracker. Like a coin has two faces heads or tails,
similar is true for computer experts. Some uses their
techniques and expertise to help the others and secure
the systems or networks and some misuses them and use
that for their own selfish reasons.
There are several traditional ways that determines the
difference between the hackers and crackers.
I will provide you these ways in order of their
acceptance in the computer and IT market.
First of all, let me provide you the basic definitions of
both hackers and crackers.
DIFFERENCE BETWEEN HACKERS AND CRACKERS
: csivvn
: csi_vvn
: csi_vvn

34. Hackers:
A Hacker is a person who is extremely interested in
exploring the things and recondite workings of any
computer system or networking system. Most often,
hackers are the expert programmers. These are also
called Ethical Hackers or white hat hackers. And the
technique or hacking they perform is called ethical
hacking.
Ethical Hacking Means you think like Hackers that is
first you Hack the Systems and find out the loop
holes and then try to correct those Loop Holes.
These types of hackers protect the cyber world from
every possible threat and fix the future coming
security loop holes. These peoples are also called as
"GURU's" of Computer Security. Significant Cyber Security India - SCSI
: csivvn
: csi_vvn
: csi_vvn

35. Crackers:
Crackers or Black Hat hackers or cheaters or simply
criminals, they are called criminals because they are
having the mindset of causing harm to security and they
steals very useful data and use it in wrong ways.
Phishers also come in this category who steals account
info and steal your credit card nos. and money over the
Net.
Significant Cyber Security India - SCSI
: csivvn
: csi_vvn
: csi_vvn

36. HOW HACKERS PERFORM
THEIR HACK ATTACKS?
: csivvn
: csi_vvn
: csi_vvn

37. There are several ways using which Hackers perform
Hack attacks. How a hacker performs hacking attempt
is solely dependent on Hacker but we can tell the
fundamentals of doing it because fundamentals are
always same. Most hackers architect their hacking
attempt before performing a hacking attempt to
understand what he is going to do and how he is going
to perform it and how he will prevent himself from
being caught. Hackers who hack without thinking
anything prior are considered as novice hackers and
they can be easily tracked or caught during the process
because each step is important. Also chances of success
increases when we follow some procedure rather than
following nothing.
HOW HACKERS PERFORM THEIR HACK ATTACKS?
: csivvn
: csi_vvn
: csi_vvn

38. I have divided any hacking attempt into 5 different
phases mentioned below:
Phase 1: Information Gathering and Reconnaissance
Phase 2: Scanning the target
Phase 3: Breaking the system and Gaining the Access
Phase 4: Maintaining the access without getting
acknowledged
Phase 5: Removing and covering traces
This is how a hacking attempt is launched or performed. Now let’s learn
these phases in detail to get a clear view.
: csivvn
: csi_vvn
: csi_vvn

39. PHASE 1: INFORMATION GATHERING AND
RECONNAISSANCE
As the name suggests, in this
phase we collect all the
necessary information that we
can gather or possible to
gather. We can call this phase
as preparatory phase also
because this is where the
preparation of hacking
attempt is made. What is the
use of this step? Practically
this is one of the most
important phases because this
step helps us in evaluating the
target and provides all basic
information that we can be
useful.
: csivvn
: csi_vvn
: csi_vvn

40. Consider an example:
I want to hack somebody’s Facebook account. Now
what exactly we are looking in Information Gathering
Phase; First whose Facebook account I want to hack,
name of the user, his date of birth, his email address,
his phone numbers(current and previous one if
possible), his/her fiancé/spouse details, his city of
birth, his education background, his favorite things,
passions, hobbies etc.
: csivvn
: csi_vvn
: csi_vvn

41. We all know that we can extract above mentioned things
quite easily. Now how this can be useful.
First we can use above information for launching Social
Engineering attack (according to latest research 80% people
use passwords that are related to above details).
Secondly we can use these details to retrieve accounts or
recover passwords.
Thirdly, we can use his/her favorites/hobbies/passions to
create a phishing/Key logging trap. We can do much more
these are just examples.
I hope this clears why this is so much important step or
phase.
: csivvn
: csi_vvn
: csi_vvn

42. PHASE 2: SCANNING THE TARGET
This phase is applicable to selected
category to hacking attempts like
hacking networks, operating
systems, web applications, web
hosting servers etc.
In this phase we launch a Port (in
case of network) or URL (in case of
Websites) to identify the
vulnerability in the system like open
ports or vulnerable URL’s. This is
one of the most important steps for
launching hacking attempts on
websites or network servers or
web servers.
: csivvn
: csi_vvn
: csi_vvn

43. Consider an example:
I want hack some website. In
information gathering phase,
I will identify all the basic
details about the website and
its admin or owner.
In scan phase I will launch a
URL scan to identify infected
URL’s (URL’s that can
vulnerable to Injection
attacks, Cross Site scripting
attacks, other script based
attacks) and launch a scan on
web server to identify
anonymous logins or other FTP
or port related bugs.
: csivvn
: csi_vvn
: csi_vvn

44. PHASE 3: BREAKING THE SYSTEM AND GAINING
THE ACCESS
This is the step where the
actual hacking attempt is
launched. In this system hacker
exploits the vulnerabilities that
are found in the scanning phase
to gain the access of the
system.
Continuing the above example,
now user has identified that so
and so URL is vulnerable to SQL
Injection attack. Now in this
phase Hacker will launch the
SQL injection attack on the
website to get the admin or
root access.
: csivvn
: csi_vvn
: csi_vvn

45. PHASE 4: MAINTAINING THE ACCESS WITHOUT
GETTING ACKNOWLEDGED
In this phase Hacker
tries to maintain his
ownership inside the
victim’s system or
web server.
By ownership, I
meant that we can
upload, download,
configure or
manipulate the data
whenever we want.
: csivvn
: csi_vvn
: csi_vvn

46. Maintaining access depends upon
the host system.
For Example, if we have hacked
into victim’s computer system, we
will install key loggers, backdoors
or spy root kits so that we can
remain inside the victim’s system.
Now if we have hacked into some
website, then we will create one
more admin user inside the
database or change the file
permissions or simply enable the
anonymous login so that
whenever we want, we can hack
into website again.
Hence the tools like key loggers,
Rats, Trojans, spywares are
general tools to maintain access
into the system.
: csivvn
: csi_vvn
: csi_vvn

47. PHASE 5: REMOVING AND COVERING TRACES
This is one of the most important phase of any hacking attempt.
This is the step where you cover your tracks or misdeeds from
getting detected or being caught.
This is necessary to avoid detection and most importantly to
avoid legal action against you.
: csivvn
: csi_vvn
: csi_vvn

48. This step generally involves deleting
of logs, altering of logs, tunneling,
proxifying your details including IP
ad-dress and other important data.
Why this is so important?
: csivvn
: csi_vvn
: csi_vvn

49. I hacked into someone’s website and defaced it. Now if
victim is good enough then he will check the upload
logs. Upload logs contains the IP address and system
details from which file has been upload and if he want
he can lodge a complaint against you in cyber cell and
believe me cyber cell hardly takes 10 minutes to reach
anywhere.
Then either you go to jail or need to pay defamation
charges. Hence it’s always mandatory to cover your
tracks to avoid legal action against you.
Consider one example,
: csivvn
: csi_vvn
: csi_vvn

50. : csivvn
: csi_vvn
: csi_vvn

51. Thanks to All
Any Query?
Call : +91.9099082532
: csivvn
: csi_vvn
: csi_vvn
Like/Follow for Notification of Latest Cyber
Security & Technology's Update.