Recommended
More Related Content
What's hot
What's hot (20)
Similar to Website ethical hacking and testing
Similar to Website ethical hacking and testing (20)
Recently uploaded
Recently uploaded (20)
Website ethical hacking and testing
- 1. WEBSITE ETHICAL HACKING AND TESTING SUMMER TRAINING PROJECT CHANDIGARH UNIVERSITY SUBMITTED BY: NAME: KARAN JINDAL UID: 17BCS3171
- 2. A LIST OF DIVISIONS What is hacking and ethical hacking? Subdivision of hacking. Information Gathering. Google Hacking Website Testing Testing Techniques Proxy
- 3. What is hacking? Hacking is an shot to exploit a digital computer or into a private network inside a computer. Simply put it is gaining unauthorised access to take some personal information for some wrongful purpose. What is ethical hacking? Ethical hacking refers to the act of locating weaknesses and vulnerabilities of computer and information systems by duplicating the intent and actions of malicious hackers. Ethical hacking is also known as penetration testing, intrusion testing, or red teaming.
- 4. What are benefits of ethical hacking? The primary benefit of ethical hacking is to prevent data from being stolen and misused by malicious attackers, as well as: • Discovering vulnerabilities • Implementing a secure network • Defending national security• Gaining trust of customers and investors
- 6. INFORMATION GATHERNING Information Gathering and getting to know the target systems is the first process in ethical hacking. Reconnaissance is a set of processes and techniques ( Foot-printing , Scanning & Enumeration) used to covertly discover and collect information about a target system. There are many ways to know about the target system’s services ,like Social engineering “Whois.com” “Pipl.com” “archive.org” “reverseip.domaintools.com”
- 7. “Whois.com” This website provides all the details of the target domain like owner e-mail, phone number, server names, registration services etc.
- 8. “archive.org” This domain provides all the previous snapshots of the target domain since the website was first updated, these screen shots help hacker to know about the details of the website that were updated. Domain name to gather information About. This shows the changes made on domain.
- 9. GOOGLE DORKING Google hacking involves using advanced operators in the Google search engine to locate specific strings of text within search results. The commonly used operators are like : Intitle: Inurl: Site: url: Filetype:
- 10. Google hacking database (GHDB) is a website which contains all the dorks that are used to know more about google hacking.
- 12. z WEBSITE TESTING Website testing is basically getting into website in a way a hacker can gain access to website database or make changes to website illegally and then closing all the ways to get hacker into it.
- 13. z HOW A HACKER CAN GET INTO WEBSITE?
- 14. z SQL INJECTION SQL injection is a code injection technique, used to attack data- driven applications, in which malicious SQL statements are inserted into an entry field for execution.
- 15. z SQL Injection Based on 1=1 is Always True SQL Injection Based on ""="" is Always True
- 16. z DISTRIBUTED-DOS ATTACK DDoS is short for Distributed Denial of Service. DDoS is a type of DOS attack where multiple compromised systems, are used to target a single system causing a Denial of Service (DoS) attack.
- 17. z
- 18. z TOOLS FOR DOS ATTACK LOIC (Low Orbit Ion Canon) XOIC HOIC JMETER HP LOADRUNNER
- 19. z LOIC
- 20. z How to know that website is attacked? “uptimerobot.com” “Cloudflare.com” “Sucuri.net” PREVENTION OF DENIAL OF SERVICE ATTACK • By more bandwidth. • Build redundancy into infrastructure. • Firewall. • Internet service provider(ISP). • Protect your DNS server.
- 21. z PROXY