3. Services we Provide
ILLUMINAITVE
WORKS
SERVICES
PHP and APPILCATION
Ruby On Rails SEO
Frameworks DEVELOPMENT
3 Illuminative works
4. Php and It’s Frameworks
ILLUMINAITVE
WORKS
services
PHP and
Frameworks
Wordpress Magento Joomla Zend
4 Illuminative works
5. ILLUMINAITVE
WORKS
SERVICES TRAINING
PHP and Ruby On Rails
Frameworks
APPILCATION
SEO ONLINE OFFLINE
DEVELOPMENT
6. Types of training
TRAINING
Courses ONLINE Workshops
Blogs Webcast Webinars
6 Illuminative works
7. Workshop and training on
Application •Mobile Application development
•Facebook application development
development •Twitter application development
•Ethical Hacking level -1
Ethical Hacking •Hack the Hacker (method to trackback to hacker)
•HACKERS ON CHARITY (Coming soon )
Website •Php
•Wordpress
development •Joomla
Electronics and •Electric Circuit and PCB designing.
•Advanced 8051 Architecture, Programming &
communication Interfacing
7 Illuminative works
8. How can you learn from us?
Series of Webinars.
Watch webcast.
Blogs
Workshop
Hack with hackers
8 Illuminative works
9. What we will discuss today ?
1. Understanding hacker objectives
2. Outlining the differences between ethical hackers
and malicious hackers/crackers
3. Examining the ethical hacking processes.
4. Starting the ethical hacking process
9 Illuminative works
10. Who are Hackers ?
Recently, hacker has taken on a new meaning —
who maliciously breaks into systems for personal gain.
Technically, these criminals are crackers
They modify, delete, and steal critical information, often
making other people miserable
The good-guy (white-hat) hackers don’t like being in the
same category as the bad-guy (black-hat) hackers.
10 Illuminative works
11. Types of Hacker
People Categorize Hacker into many different ways
But everyone agrees that there is 3 basic type of
hacker
Black Hat White Hat Grey Hat
• Individual with • Individual • They work for
extraordinary Professional defensive and
computing skills Hacker offensive at their
• Does destructive • Used for own will
work always Defensive
Purpose
11 Illuminative works
12. Types of Ethical Hacker
Former • Reformed crackers
• First Hand Experienced
Black Hats • Less credibility
• Independent security Consultants (can
White Hats be group too)
• Claim to be knowledgeable about
black hat activities
Consulting • Part of ICT firms.
• Certified professionals.
Firms • Good credibility.
12 Illuminative works
13. Steps of Hacking
Information
Gathering
&
Scanning
Covering System
Tracks Hacking
Plant
Rootkits
and
Backdoors
13 Illuminative works
14. Information Gathering
Is used to gather information as much as hacker can for
the target
It is also know as ratting the door knob.
By information that a hacker has gathered he/she can
know what type of attack to use.
This is basic and important step in hacking
More knowledge in this step will make other upcoming
step easy.
14 Illuminative works
15. Scanning
Scanning refers to pre attack phase where a hacker
scan the network to find / gather information about
network
Scanning includes
Network scan
Port scan
Venerability scan , ect
A Hacker can get some high venerability which can
give access easily.
15 Illuminative works
16. System Hacking
Also know as gaining access
The venerability that has been found during
Information Gathering and scanning is been
exploited here
There can be many exploits with different level of
threats
Some of the threats that we are going to discuss are
Sql Injection
XXS cross site scripting
LFI , RFI
16 Illuminative works
17. Backdoor and rootkits
It is also called as maintaining access.
This is done so a hacker can have all type of access
for next time without bypassing or breaking the
security
For this many stuffs are used
Trojans
Backdoors ,rootkits
Shells , ect
17 Illuminative works
18. Covering Tracks
This is smallest and most important part in Hacking
If this is not done then a Hacker can easily get track
back.
This is step were hacker removes all his/her identity
or tracks
History files :
sh : .sh_history
csh : .history
ksh : .sh_history
bash: .bash_history
zsh : .history
Backup Files :
dead.letter, *.bak, *~
18 Illuminative works
19. What does Ethical Hacker do ?
They basically ask themselves following question
What does a hacker/ cracker sees in the target ?
Information gathering
Scanning
What can he do with that vulnerability ?
Gaining Access
Maintaining it
System hacking
Has anyone already noticed the vulnerability ?
Maintaining Access
Footprinting
19 Illuminative works
20. What is vulnerability Research ?
Discovering and designing vulnerability in any
system is called vulnerability.
It can be classified in two ways
Threat Level
Low
Medium
High
Exploit Range
Local
Remote
20 Illuminative works
21. Why a Ethical hacker need to have vulnerability ?
To identify correct network vulnerability
Protect network form being attack
To get information that helps to prevent security
problems
To gather information about virus/ worms/ Trojan
To find weakness in n/w and inform it to admin
To know how to recover from such attacks
21 Illuminative works
22. From were you can research ?
There are several websites from where you can stay
up dated and can research
Mine favourite are
Packet storm : www.packetstormsecurity.com
Security focus: www.securityfocus.com
SANS internet storm : http://isc.sans.edu
Security magazine : www.securitymagazine.com
Exploit-db: www.exploit-db.com
22 Illuminative works
23. How can you conduct Ethical Hacking ?
Talk to your client on the needs of testing
Prepare NDA document and ask them to sign them
Prepare a team of Ethical Hacker and create a schedule for testing
Conduct the test
Analyze the result and prepare the report
Deliver the report to the client
23 Illuminative works
24. Process of Ethical Hacking
Formulating the Plan
specific plan Risk involve Venerability management
Selecting Tools
Adequate Reports on presented to managers
Licensed/OS Tools
documentation vulnerabilities or nontechie types
Executing the plan
narrow your focus
Search Internet Narrow your scope Perform the attacks,
with a more critical eye
24 Illuminative works
25. How many times we should do ?
Make sure your systems are secure.
New hacker exploits and security vulnerabilities are
regularly uncovered
At any time , everything can change
Software upgrades
Adding computer systems
Applying patches.
Thus regularly testing should be done.
25 Illuminative works
26. Future webinar dates
• Information Gathering & Scanning Methodologies-
2-2-12 NitishMehta
• Google Hacking – Nitish Mehta
16-12-12
• SQL injection attacks -Nitish Mehta / Naveen Badoni
6-1-13
• Facebook and Email Hacking- Arif Ali Khan
20-1-13
• Social Engineering-Arif Ali Khan / Nitish Mehta
2-2-13
26 Illuminative works
27. Q/A Round
Thank You
Nitish Mehta
(Illuminative works –CEO and Founder)
nitish@illuminativeworks.com
Facebook.com/illuminativeworks
27 Illuminative works
Editor's Notes
As name suggest that this phase is used to gather information