SlideShare a Scribd company logo

Introduction to Hacking

Download as PPT, PDF
Rishabha Garg
Rishabha Garg

basic but very useful ppt for hacking. feel free to contact me

Technology
1 of 25
INTRODUCTION Introduction To Ethical Hacking & Information Security !
ETHICAL HACKING OUTLINE  Why we need Security  Security & Usability Triangle  Who is Hacker ?  Types of Hackers  Type of attack on a system  Phases of Hacker  Profile of Ethical Hacker  Why ethical hacking is Necessary ?  Specializations  Essential Terminology's.
WHY WE NEED SECURITY • Important part of business is - Now lot of people use computer to store and share there valuable information's. • Security – A state of well – being of information and infrastructures in which the possibility of successful yet undetected theft.
WHAT IS INFORMATION SECURITY  Information security means protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction.  Term Information Security follows CIA  Confidentiality  Integrity  Availability
 Confidentiality : Assurance that the information is accessible only to those authorized to have access. Confidentiality breaches may occur due to improper data handling or a hacking attempt.  Integrity : The data or resources in term of preventing improper and unauthorized changes. Assurance that Information can be relied upon to be sufficiently accurate for its purpose.  Availability : Assurance that the systems responsible for delivering storing , and processing Information are accessible when required by the authorized users.
SECURITY , FUNCTIONALITY & USABILITY TRIANGLE  Level of security in any system can be defined by the strength of three Components This Triangle represents the Basic relationship between Security, Functionality and usability. You can move the Ball in either of the Direction, which will cause the Intensity of other two sides to decrease. For Example, you can remove all the complicated Security Measures such as Hybrid Passwords, Regular Password Resets, Security Tokens, which will make the System easy to use, however, the Security and Functionality will be reduced.
WHO IS HACKER ?  Intelligent Individuals with excellent Computer Skills, with the Ability to create And explore into the computer’s Software and Hardware.  For some hackers, hacking is a hobby to see how many computers or networks they can compromise.  Some do hacking with Malicious intent behind their escapades, like stealing business data, credit card information, social security numbers, email passwords etc.  Their intention can either be to gain knowledge or to poke around to do illegal things.
TYPES OF HACKERS  Black Hats Technical Levels of Hackers – Good Technical Skills Neophyte- A Newbie in the – Involved in Malicious or field of Computer Security with illegal Activities. almost no knowledge. Script Kiddie- A non-expert  White Hats who uses Tools or Scripts made – Use of Knowledge & skills for by others to Hack into System Defensive purpose, rather with little knowledge about the offensive. concept working behind the tool.  Gray Hats Elite- Also knows as 1337, it is a – Individuals who work on term used to describe the most both the sides – Ethical and technically advanced hackers Malicious. who use cutting edge technology.
TYPE OF ATTACKS ON A SYSTEM  There are several ways an attacker can gain access to a System.  The attacker must be able to exploit a weakness or vulnerability in a system.
PHASES OF HACKER Information Gathering Scanning  Gaining access – Operating System/Application – Network level – Denial of service Maintaining access – Uploading/altering/ downloading programs or data -- Covering Tracks
PROFILE OF ETHICAL HACKER  An Ethical Hacker will follow the same Techniques and Methodologies as a Malicious Hacker, however, in the end, The found vulnerabilities of Security Flaws are either Reported (Responsible Disclosure/Open Disclosure) or Fixed. This is also called Penetration Testing.  The Complete Procedure depends upon the Type of Penetration Testing being conducted, which are primarily of 3 Types:  Black Box Testing – No Previous Knowledge about the Target of Evaluation.  White Box Testing – Full Knowledge about the Target. Purpose is to protect the system or product from insider attacks.  Grey Box Testing – Partial Knowledge is available in this case.
WHY ETHICAL HACKING IS NECESSARY?  Computer Security Expert.  In-depth knowledge about Target Platforms (such as Windows, Unix, Linux, Mac).  In-depth knowledge about networking and related hardware/software.  Knowledge about Programming and Web Applications.  Knowledgeable about computer or system security.
SPECIALIZATIONS  Just like any other Technical Field, Information Security and Hacking is very vast and Individuals generally specialize in single or multiple Domains which primarily are:  Network Security/Attack  Web Application Security/Attack  Exploit Development and Reverse Engineering  Malware Analysis/Development  Cyber Forensics
ESSENTIAL TERMINOLOGY'S  Threat – An action or event which is a potential challenge to Security.  Vulnerability – It is the existence of a Flaw or Error in the Design of the System which can cause undesired results ranging from Compromise of System Security to Service or System Unavailability.  Attack – An action which attempts to violate or challenge the Integrity or Security of a System.  Exploit – A defined way to breach the security of a System or Product using an identified vulnerability.
MODULES FOR WINDOWS HACKING Introduction to Windows Windows - Passwords LM Hashes and NTLM Hashes Syskey Windows Hacking Types of Attacks Tools used for Windows Password Cracking Securing passwords. Privilege Escalation Key loggers Covering Tracks Removing logs
PASSWORD HASHING METHOD
PASSWORD HASHING METHOD
WINDOWS HACKING
Tools used for windows Password Cracking Windows passwords can be cracked by using the following tools:  Ophcrack Live CD and windows installer.  Hiren Boot CD.  ERD commander.  Cain n Able. Etc.
SECURING PASSWORDS
Keyloggers  Keystroke logging (often called key logging) is the action of tracking (or logging) the keys struck on a keyboard, typically in a covert manner so that the person using the keyboard is unaware that their actions are being monitored. There are numerous key logging methods, ranging from hardware and software-based approaches to electromagnetic and acoustic analysis.
TYPES OF KEYLOGGERS
KEY FEATURES OF KEYLOGGERS  Key Strokes Typed  Screenshots  Program Activities  Clipboard  Chat etc.  File Tracking
THANK YOU
Introduction to Hacking

Recommended

Intrusion Detection Presentation
Intrusion Detection PresentationIntrusion Detection Presentation
Intrusion Detection PresentationMustafash79
 
Basic malware analysis
Basic malware analysisBasic malware analysis
Basic malware analysissecurityxploded
 
Introduction to ethical hacking
Introduction to ethical hackingIntroduction to ethical hacking
Introduction to ethical hackingVikram Khanna
 
Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)Fabiha Shahzad
 
Advanced Persistent Threat
Advanced Persistent ThreatAdvanced Persistent Threat
Advanced Persistent ThreatAmmar WK
 
White Hat vs Black Hat vs Grey Hat | Difference Between Black Hat White Hat G...
White Hat vs Black Hat vs Grey Hat | Difference Between Black Hat White Hat G...White Hat vs Black Hat vs Grey Hat | Difference Between Black Hat White Hat G...
White Hat vs Black Hat vs Grey Hat | Difference Between Black Hat White Hat G...Intellipaat
 
Malware analysis
Malware analysisMalware analysis
Malware analysisPrakashchand Suthar
 
Information Security- Threats and Attacks presentation by DHEERAJ KATARIA
Information Security- Threats and Attacks presentation by DHEERAJ KATARIAInformation Security- Threats and Attacks presentation by DHEERAJ KATARIA
Information Security- Threats and Attacks presentation by DHEERAJ KATARIADheeraj Kataria
 

Recommended

Intrusion Detection Presentation
Intrusion Detection PresentationIntrusion Detection Presentation
Intrusion Detection PresentationMustafash79
 
Basic malware analysis
Basic malware analysisBasic malware analysis
Basic malware analysissecurityxploded
 
Introduction to ethical hacking
Introduction to ethical hackingIntroduction to ethical hacking
Introduction to ethical hackingVikram Khanna
 
Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)Fabiha Shahzad
 
Advanced Persistent Threat
Advanced Persistent ThreatAdvanced Persistent Threat
Advanced Persistent ThreatAmmar WK
 
White Hat vs Black Hat vs Grey Hat | Difference Between Black Hat White Hat G...
White Hat vs Black Hat vs Grey Hat | Difference Between Black Hat White Hat G...White Hat vs Black Hat vs Grey Hat | Difference Between Black Hat White Hat G...
White Hat vs Black Hat vs Grey Hat | Difference Between Black Hat White Hat G...Intellipaat
 
Malware analysis
Malware analysisMalware analysis
Malware analysisPrakashchand Suthar
 
Information Security- Threats and Attacks presentation by DHEERAJ KATARIA
Information Security- Threats and Attacks presentation by DHEERAJ KATARIAInformation Security- Threats and Attacks presentation by DHEERAJ KATARIA
Information Security- Threats and Attacks presentation by DHEERAJ KATARIADheeraj Kataria
 
Network security
Network securityNetwork security
Network securityEstiak Khan
 
Intrusion detection
Intrusion detectionIntrusion detection
Intrusion detectionCAS
 
Ethical hacking
Ethical hacking Ethical hacking
Ethical hacking Institute of Information Security (IIS)
 
Network attacks
Network attacksNetwork attacks
Network attacksManjushree Mashal
 
Information security
Information security Information security
Information securityJin Castor
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hackingMonika Deswal
 
Network Security Issues
Network Security IssuesNetwork Security Issues
Network Security IssuesAfreenYousaf
 
malware analysis
malware analysismalware analysis
malware analysis20CS201AkashR
 
Network defenses
Network defensesNetwork defenses
Network defensesG Prachi
 
Cyber security
Cyber securityCyber security
Cyber securityManjushree Mashal
 
IT Security management and risk assessment
IT Security management and risk assessmentIT Security management and risk assessment
IT Security management and risk assessmentCAS
 
Introduction to ethical hacking
Introduction to ethical hackingIntroduction to ethical hacking
Introduction to ethical hackingankit sarode
 
System hacking
System hackingSystem hacking
System hackingCAS
 
Practical Malware Analysis: Ch 0: Malware Analysis Primer & 1: Basic Static T...
Practical Malware Analysis: Ch 0: Malware Analysis Primer & 1: Basic Static T...Practical Malware Analysis: Ch 0: Malware Analysis Primer & 1: Basic Static T...
Practical Malware Analysis: Ch 0: Malware Analysis Primer & 1: Basic Static T...Sam Bowne
 
Introduction to security
Introduction to securityIntroduction to security
Introduction to securityMostafa Elgamala
 
System Security-Chapter 1
System Security-Chapter 1System Security-Chapter 1
System Security-Chapter 1Vamsee Krishna Kiran
 
Advanced Persistent Threats (APTs) - Information Security Management
Advanced Persistent Threats (APTs) - Information Security ManagementAdvanced Persistent Threats (APTs) - Information Security Management
Advanced Persistent Threats (APTs) - Information Security ManagementMayur Nanotkar
 
Basics of Denial of Service Attacks
Basics of Denial of Service AttacksBasics of Denial of Service Attacks
Basics of Denial of Service AttacksHansa Nidushan
 
Denial of service
Denial of serviceDenial of service
Denial of servicegarishma bhatia
 
Intrusion detection system
Intrusion detection system Intrusion detection system
Intrusion detection system gaurav koriya
 
Semantic web (Foundation – Architecture – Languages – Tools)
Semantic web (Foundation – Architecture – Languages – Tools)Semantic web (Foundation – Architecture – Languages – Tools)
Semantic web (Foundation – Architecture – Languages – Tools)Karwan Jacksi
 
Information security group presentation ppt
Information security group presentation pptInformation security group presentation ppt
Information security group presentation pptvaishalshah01
 

More Related Content

What's hot

Network security
Network securityNetwork security
Network securityEstiak Khan
 
Intrusion detection
Intrusion detectionIntrusion detection
Intrusion detectionCAS
 
Information security
Information security Information security
Information securityJin Castor
 
Network Security Issues
Network Security IssuesNetwork Security Issues
Network Security IssuesAfreenYousaf
 
Network defenses
Network defensesNetwork defenses
Network defensesG Prachi
 
IT Security management and risk assessment
IT Security management and risk assessmentIT Security management and risk assessment
IT Security management and risk assessmentCAS
 
Introduction to ethical hacking
Introduction to ethical hackingIntroduction to ethical hacking
Introduction to ethical hackingankit sarode
 
System hacking
System hackingSystem hacking
System hackingCAS
 
Practical Malware Analysis: Ch 0: Malware Analysis Primer & 1: Basic Static T...
Practical Malware Analysis: Ch 0: Malware Analysis Primer & 1: Basic Static T...Practical Malware Analysis: Ch 0: Malware Analysis Primer & 1: Basic Static T...
Practical Malware Analysis: Ch 0: Malware Analysis Primer & 1: Basic Static T...Sam Bowne
 
Advanced Persistent Threats (APTs) - Information Security Management
Advanced Persistent Threats (APTs) - Information Security ManagementAdvanced Persistent Threats (APTs) - Information Security Management
Advanced Persistent Threats (APTs) - Information Security ManagementMayur Nanotkar
 
Basics of Denial of Service Attacks
Basics of Denial of Service AttacksBasics of Denial of Service Attacks
Basics of Denial of Service AttacksHansa Nidushan
 
Intrusion detection system
Intrusion detection system Intrusion detection system
Intrusion detection system gaurav koriya
 

What's hot (20)

Network security
Network securityNetwork security
Network security
 
Intrusion detection
Intrusion detectionIntrusion detection
Intrusion detection
 
Ethical hacking
Ethical hacking Ethical hacking
Ethical hacking
 
Network attacks
Network attacksNetwork attacks
Network attacks
 
Information security
Information security Information security
Information security
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
 
Network Security Issues
Network Security IssuesNetwork Security Issues
Network Security Issues
 
malware analysis
malware analysismalware analysis
malware analysis
 
Network defenses
Network defensesNetwork defenses
Network defenses
 
Cyber security
Cyber securityCyber security
Cyber security
 
IT Security management and risk assessment
IT Security management and risk assessmentIT Security management and risk assessment
IT Security management and risk assessment
 
Introduction to ethical hacking
Introduction to ethical hackingIntroduction to ethical hacking
Introduction to ethical hacking
 
System hacking
System hackingSystem hacking
System hacking
 
Practical Malware Analysis: Ch 0: Malware Analysis Primer & 1: Basic Static T...
Practical Malware Analysis: Ch 0: Malware Analysis Primer & 1: Basic Static T...Practical Malware Analysis: Ch 0: Malware Analysis Primer & 1: Basic Static T...
Practical Malware Analysis: Ch 0: Malware Analysis Primer & 1: Basic Static T...
 
Introduction to security
Introduction to securityIntroduction to security
Introduction to security
 
System Security-Chapter 1
System Security-Chapter 1System Security-Chapter 1
System Security-Chapter 1
 
Advanced Persistent Threats (APTs) - Information Security Management
Advanced Persistent Threats (APTs) - Information Security ManagementAdvanced Persistent Threats (APTs) - Information Security Management
Advanced Persistent Threats (APTs) - Information Security Management
 
Basics of Denial of Service Attacks
Basics of Denial of Service AttacksBasics of Denial of Service Attacks
Basics of Denial of Service Attacks
 
Denial of service
Denial of serviceDenial of service
Denial of service
 
Intrusion detection system
Intrusion detection system Intrusion detection system
Intrusion detection system
 

Viewers also liked

Semantic web (Foundation – Architecture – Languages – Tools)
Semantic web (Foundation – Architecture – Languages – Tools)Semantic web (Foundation – Architecture – Languages – Tools)
Semantic web (Foundation – Architecture – Languages – Tools)Karwan Jacksi
 
Information security group presentation ppt
Information security group presentation pptInformation security group presentation ppt
Information security group presentation pptvaishalshah01
 
Chicago Architecture Foundation - Around Chicago in 85 Tours by Jennifer Lucente
Chicago Architecture Foundation - Around Chicago in 85 Tours by Jennifer LucenteChicago Architecture Foundation - Around Chicago in 85 Tours by Jennifer Lucente
Chicago Architecture Foundation - Around Chicago in 85 Tours by Jennifer LucenteChicago AMA
 
Inetsecurity.in Ethical Hacking presentation
Inetsecurity.in Ethical Hacking presentationInetsecurity.in Ethical Hacking presentation
Inetsecurity.in Ethical Hacking presentationJoshua Prince
 
15 Years of Web Security: The Rebellious Teenage Years
15 Years of Web Security: The Rebellious Teenage Years15 Years of Web Security: The Rebellious Teenage Years
15 Years of Web Security: The Rebellious Teenage YearsJeremiah Grossman
 
The 10 Principles of Enterprise Architecture
The 10 Principles of Enterprise ArchitectureThe 10 Principles of Enterprise Architecture
The 10 Principles of Enterprise ArchitectureInfo-Tech Research Group
 
Information security & ethical hacking
Information security & ethical hackingInformation security & ethical hacking
Information security & ethical hackingeiti panchkula
 
How Much and How Your Can Earn on Internet from Contextual Ads, What Content ...
How Much and How Your Can Earn on Internet from Contextual Ads, What Content ...How Much and How Your Can Earn on Internet from Contextual Ads, What Content ...
How Much and How Your Can Earn on Internet from Contextual Ads, What Content ...Ten3 Business e-Coach
 
Information Security Lecture #1 ppt
Information Security Lecture #1 pptInformation Security Lecture #1 ppt
Information Security Lecture #1 pptvasanthimuniasamy
 
Computer architecture
Computer architectureComputer architecture
Computer architectureRishabha Garg
 
INFORMATION SECURITY
INFORMATION SECURITYINFORMATION SECURITY
INFORMATION SECURITYAhmed Moussa
 

Viewers also liked (14)

Semantic web (Foundation – Architecture – Languages – Tools)
Semantic web (Foundation – Architecture – Languages – Tools)Semantic web (Foundation – Architecture – Languages – Tools)
Semantic web (Foundation – Architecture – Languages – Tools)
 
Information security group presentation ppt
Information security group presentation pptInformation security group presentation ppt
Information security group presentation ppt
 
Chicago Architecture Foundation - Around Chicago in 85 Tours by Jennifer Lucente
Chicago Architecture Foundation - Around Chicago in 85 Tours by Jennifer LucenteChicago Architecture Foundation - Around Chicago in 85 Tours by Jennifer Lucente
Chicago Architecture Foundation - Around Chicago in 85 Tours by Jennifer Lucente
 
Inetsecurity.in Ethical Hacking presentation
Inetsecurity.in Ethical Hacking presentationInetsecurity.in Ethical Hacking presentation
Inetsecurity.in Ethical Hacking presentation
 
15 Years of Web Security: The Rebellious Teenage Years
15 Years of Web Security: The Rebellious Teenage Years15 Years of Web Security: The Rebellious Teenage Years
15 Years of Web Security: The Rebellious Teenage Years
 
The 10 Principles of Enterprise Architecture
The 10 Principles of Enterprise ArchitectureThe 10 Principles of Enterprise Architecture
The 10 Principles of Enterprise Architecture
 
Mr Sergio Arzeni (CFE)- Emerging Trends in SME and Entrepreneurship Finance: ...
Mr Sergio Arzeni (CFE)- Emerging Trends in SME and Entrepreneurship Finance: ...Mr Sergio Arzeni (CFE)- Emerging Trends in SME and Entrepreneurship Finance: ...
Mr Sergio Arzeni (CFE)- Emerging Trends in SME and Entrepreneurship Finance: ...
 
Database Security
Database SecurityDatabase Security
Database Security
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
 
Information security & ethical hacking
Information security & ethical hackingInformation security & ethical hacking
Information security & ethical hacking
 
How Much and How Your Can Earn on Internet from Contextual Ads, What Content ...
How Much and How Your Can Earn on Internet from Contextual Ads, What Content ...How Much and How Your Can Earn on Internet from Contextual Ads, What Content ...
How Much and How Your Can Earn on Internet from Contextual Ads, What Content ...
 
Information Security Lecture #1 ppt
Information Security Lecture #1 pptInformation Security Lecture #1 ppt
Information Security Lecture #1 ppt
 
Computer architecture
Computer architectureComputer architecture
Computer architecture
 
INFORMATION SECURITY
INFORMATION SECURITYINFORMATION SECURITY
INFORMATION SECURITY
 

Similar to Introduction to Hacking

Ethical Hacking and Network Defence 1.pptx
Ethical Hacking and Network Defence 1.pptxEthical Hacking and Network Defence 1.pptx
Ethical Hacking and Network Defence 1.pptxJanani S
 
Ethical hacking seminardk fas kjfdhsakjfh askfhksahf.pptx
Ethical hacking seminardk fas kjfdhsakjfh askfhksahf.pptxEthical hacking seminardk fas kjfdhsakjfh askfhksahf.pptx
Ethical hacking seminardk fas kjfdhsakjfh askfhksahf.pptxGovandJamalSaeed
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hackingAnumadil1
 
Ethical Hacking.pptx
Ethical Hacking.pptxEthical Hacking.pptx
Ethical Hacking.pptxachint20
 
ethical hacking report
ethical hacking report ethical hacking report
ethical hacking reportAkhilesh Patel
 
GETTING STARTED WITH THE ETHICAL HACKING.pptx
GETTING STARTED WITH THE ETHICAL HACKING.pptxGETTING STARTED WITH THE ETHICAL HACKING.pptx
GETTING STARTED WITH THE ETHICAL HACKING.pptxBishalRay8
 
Ethical Hacking n VAPT presentation by Suvrat jain
Ethical Hacking n VAPT presentation by Suvrat jainEthical Hacking n VAPT presentation by Suvrat jain
Ethical Hacking n VAPT presentation by Suvrat jainSuvrat Jain
 
Introduction To Ethical Hacking
Introduction To Ethical HackingIntroduction To Ethical Hacking
Introduction To Ethical Hackingchakrekevin
 
Fundamental of ethical hacking
Fundamental of ethical hackingFundamental of ethical hacking
Fundamental of ethical hackingWaseem Rauf
 
CSE-Ethical-Hacking-ppt.pptx
CSE-Ethical-Hacking-ppt.pptxCSE-Ethical-Hacking-ppt.pptx
CSE-Ethical-Hacking-ppt.pptxVishnuVarma47
 
Ethical-Hacking-ppt.pptx
Ethical-Hacking-ppt.pptxEthical-Hacking-ppt.pptx
Ethical-Hacking-ppt.pptxMaheshDhope1
 
Final report ethical hacking
Final report ethical hackingFinal report ethical hacking
Final report ethical hackingsamprada123
 
CSE-Ethical-Hacking-ppt.pptx
CSE-Ethical-Hacking-ppt.pptxCSE-Ethical-Hacking-ppt.pptx
CSE-Ethical-Hacking-ppt.pptxAnshumaanTiwari2
 
IRJET- Study of Hacking and Ethical Hacking
IRJET- Study of Hacking and Ethical HackingIRJET- Study of Hacking and Ethical Hacking
IRJET- Study of Hacking and Ethical HackingIRJET Journal
 
Hacking and Penetration Testing - a beginners guide
Hacking and Penetration Testing - a beginners guideHacking and Penetration Testing - a beginners guide
Hacking and Penetration Testing - a beginners guidePankaj Dubey
 

Similar to Introduction to Hacking (20)

Ethical Hacking and Network Defence 1.pptx
Ethical Hacking and Network Defence 1.pptxEthical Hacking and Network Defence 1.pptx
Ethical Hacking and Network Defence 1.pptx
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
 
Ethical hacking seminardk fas kjfdhsakjfh askfhksahf.pptx
Ethical hacking seminardk fas kjfdhsakjfh askfhksahf.pptxEthical hacking seminardk fas kjfdhsakjfh askfhksahf.pptx
Ethical hacking seminardk fas kjfdhsakjfh askfhksahf.pptx
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
 
Ethical Hacking.pptx
Ethical Hacking.pptxEthical Hacking.pptx
Ethical Hacking.pptx
 
ethical hacking report
ethical hacking report ethical hacking report
ethical hacking report
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
 
GETTING STARTED WITH THE ETHICAL HACKING.pptx
GETTING STARTED WITH THE ETHICAL HACKING.pptxGETTING STARTED WITH THE ETHICAL HACKING.pptx
GETTING STARTED WITH THE ETHICAL HACKING.pptx
 
Ethical Hacking n VAPT presentation by Suvrat jain
Ethical Hacking n VAPT presentation by Suvrat jainEthical Hacking n VAPT presentation by Suvrat jain
Ethical Hacking n VAPT presentation by Suvrat jain
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
 
Introduction To Ethical Hacking
Introduction To Ethical HackingIntroduction To Ethical Hacking
Introduction To Ethical Hacking
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
 
Fundamental of ethical hacking
Fundamental of ethical hackingFundamental of ethical hacking
Fundamental of ethical hacking
 
CSE-Ethical-Hacking-ppt.pptx
CSE-Ethical-Hacking-ppt.pptxCSE-Ethical-Hacking-ppt.pptx
CSE-Ethical-Hacking-ppt.pptx
 
Ethical-Hacking-ppt.pptx
Ethical-Hacking-ppt.pptxEthical-Hacking-ppt.pptx
Ethical-Hacking-ppt.pptx
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
 
Final report ethical hacking
Final report ethical hackingFinal report ethical hacking
Final report ethical hacking
 
CSE-Ethical-Hacking-ppt.pptx
CSE-Ethical-Hacking-ppt.pptxCSE-Ethical-Hacking-ppt.pptx
CSE-Ethical-Hacking-ppt.pptx
 
IRJET- Study of Hacking and Ethical Hacking
IRJET- Study of Hacking and Ethical HackingIRJET- Study of Hacking and Ethical Hacking
IRJET- Study of Hacking and Ethical Hacking
 
Hacking and Penetration Testing - a beginners guide
Hacking and Penetration Testing - a beginners guideHacking and Penetration Testing - a beginners guide
Hacking and Penetration Testing - a beginners guide
 

Recently uploaded

Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningLars Bell
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostZilliz
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfPrecisely
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfRankYa
 

Recently uploaded (20)

Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine Tuning
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdf
 

Introduction to Hacking

  • 1. INTRODUCTION Introduction To Ethical Hacking & Information Security !
  • 2. ETHICAL HACKING OUTLINE  Why we need Security  Security & Usability Triangle  Who is Hacker ?  Types of Hackers  Type of attack on a system  Phases of Hacker  Profile of Ethical Hacker  Why ethical hacking is Necessary ?  Specializations  Essential Terminology's.
  • 3. WHY WE NEED SECURITY • Important part of business is - Now lot of people use computer to store and share there valuable information's. • Security – A state of well – being of information and infrastructures in which the possibility of successful yet undetected theft.
  • 4. WHAT IS INFORMATION SECURITY  Information security means protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction.  Term Information Security follows CIA  Confidentiality  Integrity  Availability
  • 5.  Confidentiality : Assurance that the information is accessible only to those authorized to have access. Confidentiality breaches may occur due to improper data handling or a hacking attempt.  Integrity : The data or resources in term of preventing improper and unauthorized changes. Assurance that Information can be relied upon to be sufficiently accurate for its purpose.  Availability : Assurance that the systems responsible for delivering storing , and processing Information are accessible when required by the authorized users.
  • 6. SECURITY , FUNCTIONALITY & USABILITY TRIANGLE  Level of security in any system can be defined by the strength of three Components This Triangle represents the Basic relationship between Security, Functionality and usability. You can move the Ball in either of the Direction, which will cause the Intensity of other two sides to decrease. For Example, you can remove all the complicated Security Measures such as Hybrid Passwords, Regular Password Resets, Security Tokens, which will make the System easy to use, however, the Security and Functionality will be reduced.
  • 7. WHO IS HACKER ?  Intelligent Individuals with excellent Computer Skills, with the Ability to create And explore into the computer’s Software and Hardware.  For some hackers, hacking is a hobby to see how many computers or networks they can compromise.  Some do hacking with Malicious intent behind their escapades, like stealing business data, credit card information, social security numbers, email passwords etc.  Their intention can either be to gain knowledge or to poke around to do illegal things.
  • 8. TYPES OF HACKERS  Black Hats Technical Levels of Hackers – Good Technical Skills Neophyte- A Newbie in the – Involved in Malicious or field of Computer Security with illegal Activities. almost no knowledge. Script Kiddie- A non-expert  White Hats who uses Tools or Scripts made – Use of Knowledge & skills for by others to Hack into System Defensive purpose, rather with little knowledge about the offensive. concept working behind the tool.  Gray Hats Elite- Also knows as 1337, it is a – Individuals who work on term used to describe the most both the sides – Ethical and technically advanced hackers Malicious. who use cutting edge technology.
  • 9. TYPE OF ATTACKS ON A SYSTEM  There are several ways an attacker can gain access to a System.  The attacker must be able to exploit a weakness or vulnerability in a system.
  • 10. PHASES OF HACKER Information Gathering Scanning  Gaining access – Operating System/Application – Network level – Denial of service Maintaining access – Uploading/altering/ downloading programs or data -- Covering Tracks
  • 11. PROFILE OF ETHICAL HACKER  An Ethical Hacker will follow the same Techniques and Methodologies as a Malicious Hacker, however, in the end, The found vulnerabilities of Security Flaws are either Reported (Responsible Disclosure/Open Disclosure) or Fixed. This is also called Penetration Testing.  The Complete Procedure depends upon the Type of Penetration Testing being conducted, which are primarily of 3 Types:  Black Box Testing – No Previous Knowledge about the Target of Evaluation.  White Box Testing – Full Knowledge about the Target. Purpose is to protect the system or product from insider attacks.  Grey Box Testing – Partial Knowledge is available in this case.
  • 12. WHY ETHICAL HACKING IS NECESSARY?  Computer Security Expert.  In-depth knowledge about Target Platforms (such as Windows, Unix, Linux, Mac).  In-depth knowledge about networking and related hardware/software.  Knowledge about Programming and Web Applications.  Knowledgeable about computer or system security.
  • 13. SPECIALIZATIONS  Just like any other Technical Field, Information Security and Hacking is very vast and Individuals generally specialize in single or multiple Domains which primarily are:  Network Security/Attack  Web Application Security/Attack  Exploit Development and Reverse Engineering  Malware Analysis/Development  Cyber Forensics
  • 14. ESSENTIAL TERMINOLOGY'S  Threat – An action or event which is a potential challenge to Security.  Vulnerability – It is the existence of a Flaw or Error in the Design of the System which can cause undesired results ranging from Compromise of System Security to Service or System Unavailability.  Attack – An action which attempts to violate or challenge the Integrity or Security of a System.  Exploit – A defined way to breach the security of a System or Product using an identified vulnerability.
  • 15. MODULES FOR WINDOWS HACKING Introduction to Windows Windows - Passwords LM Hashes and NTLM Hashes Syskey Windows Hacking Types of Attacks Tools used for Windows Password Cracking Securing passwords. Privilege Escalation Key loggers Covering Tracks Removing logs
  • 19. Tools used for windows Password Cracking Windows passwords can be cracked by using the following tools:  Ophcrack Live CD and windows installer.  Hiren Boot CD.  ERD commander.  Cain n Able. Etc.
  • 21. Keyloggers  Keystroke logging (often called key logging) is the action of tracking (or logging) the keys struck on a keyboard, typically in a covert manner so that the person using the keyboard is unaware that their actions are being monitored. There are numerous key logging methods, ranging from hardware and software-based approaches to electromagnetic and acoustic analysis.
  • 23. KEY FEATURES OF KEYLOGGERS  Key Strokes Typed  Screenshots  Program Activities  Clipboard  Chat etc.  File Tracking