2. • Malware
• Social Engineering
• Denial of Service
• Firewalls and Honeypots
• Advantages
• Disadvantages
• Conclusion
• Introduction
• Hackers
• Types of Hackers
• Hacking Process
Foot Printing
Scanning
Enumeration
Attacking and Gaining
Access
Backdoor
3. Ethical hacking — also known as penetration testing or
white-hat hacking — involves the same tools, tricks, and
techniques that hackers use, but with one major
difference: Ethical hacking is legal. Ethical hacking is
performed with the target’s permission. The intent of
ethical hacking is to discover vulnerabilities from a
hacker’s viewpoint so systems can be better secured. It’s
part of an overall information risk management program
that allows for ongoing security improvements. Ethical
hacking can also ensure that vendors’ claims about the
security of their products are legitimate.
Introduction
4. Hackers
A computer hacker is any skilled computer expert that
uses their technical knowledge to overcome a problem.
While hacker can refer to any skilled computer
programmer, the term has become associated
in popular culture with a security hacker, someone who,
with their technical knowledge, uses bugs or exploits to
break into computer systems.
5. Types of Hackers
1. Black Hat
Also known as crackers, these
are the men and women you
hear about in the news. They
find banks or other companies
with weak security and steal
money or credit card
information. The surprising truth
about their methods of attack is
that they often use common
hacking practices they learned
early on.
6. 2. White Hat
Also known as ethical hackers, White Hat
hackers are the good guys of the hacker world.
They’ll help you remove a virus or PenTest a
company. Most White Hat hackers hold a
college degree in IT security or computer
science and must be certified to pursue a
career in hacking. The most popular
certification is the CEH (Certified Ethical
Hacker) from the EC-Council.
3. Grey Hat
Nothing is ever just black or white; the same is true in
the world of hacking. Gray Hat hackers don’t steal
money or information (although, sometimes they
deface a website or two), yet they don’t help people
for good (but, they could if they wanted to). These
hackers comprise most of the hacking world, even
though Black Hat hackers garner most (if not all) of
the media’s attention.
Also some more categories are also come :-
Red Hat
Green Hat
Script Kiddie
8. Footprinting
Footprinting (also known as reconnaissance) is the technique used for gathering
information about computer systems and the entities they belong to. To get this
information, a hacker might use various tools and technologies. This information
is very useful to a hacker who is trying to crack a whole system
Tools used:-
• Sam Spade
• nslookup
• traceroute
• Nmap & neotrace
9. Scanning is a set of procedures for identifying live hosts,
ports, and services, discovering Operating system and
architecture of target system, Identifying vulnerabilities and
threats in the network. Network scanning is used to create a
profile of the target organization.
Scanning
Tools:-
•Burp Suite
•Metasploit
•Nessus
10. Enumeration
Enumeration is defined as the process of extracting user
names, machine names, network resources, shares and
services from a system. In this phase, the attacker creates
an active connection to the system and performs directed
queries to gain more information about the target. The
gathered information is used to identify the
vulnerabilities or weak points in system security and
tries to exploit in the System gaining phase.
Tools:-
• DumpSec
• Legion
• Netcat
11. Gaining access is the most important phase
of an attack in terms of potential damage,
although attackers don’t always have to
gain access to the system to cause damage.
For instance, denial-of-service attacks can
either exhaust resources or stop services
from running on the target system.
Stopping a service can be carried out by
killing processes, using a logic/time bomb,
or even reconfiguring and crashing the
system. Resources can be exhausted locally
by filling up outgoing communication links.
Attacking and Gaining Access
12. Social engineering is the art of convincing
people to reveal confidential information.
By taking advantage of, basic human
nature like trust or a lack of knowledge,
the attacker deceives people to reveal
sensitive information.For it the
information is used that is gather by
various location like:-
Facebook,
Instagram, Social media sites
Etc.
Social Engineering
13. A backdoor is a method, often secret, of bypassing
normal authentication or encryption in a computer
system, a product, or an embedded device (e.g. a
home router), or its embodiment, e.g. as part of a
cryptosystem, an algorithm, a chipset, or a
"homunculus computer" —a tiny computer-
within-a-computer (such as that found in Intel's
AMT technology). Backdoors are often used for
securing remote access to a computer, or obtaining
access to plaintext in cryptographic systems. The
backdoor may be used to gain access to passwords,
delete data on hard drives, or transfer information
within the cloud.
That can be done by software or malware
Backdoors
14. In virus there are many types are like:-
File viruses , Macro viruses , Master boot record viruses
Boot sector viruses , Multipartite viruses etc.
Virus
Malware is short for malicious software and used as a single
term to refer to virus, spy ware, worm etc. Malware is
designed to cause damage to a stand alone computer or a
networked pc. So wherever a malware term is used it means
a program which is designed to damage your computer it
may be a virus, worm or Trojan.
Malware
Trojan In virus there are many types are like:-
Remote Access Trojans ,Data Sending Trojans , Destructive
Trojans , Proxy Trojans , FTP Trojans ,
security software disabler Trojans
There are some malware also :-
Adware , Spywares , Spam , Tracking cookies
Misleading applications.
15. A denial-of-service (DoS) is any type of
attack where the attackers (hackers)
attempt to prevent legitimate users from
accessing the service. In a DoS attack, the
attacker usually sends excessive messages
asking the network or server to
authenticate requests that have invalid
return addresses.
Denial of Service
16. In computing, a firewall is a network security system
that monitors and controls incoming and outgoing
network traffic based on predetermined security rules.
A firewall typically establishes a barrier between a
trusted internal network and untrusted external
network, such as the Internet.
A honeypot is a decoy computer system for trapping
hackers or tracking unconventional or new hacking
methods. Honeypots are designed to purposely engage
and deceive hackers and identify malicious activities
performed over the Internet. Multiple honeypots can be
set on a network to form a honeynet.
Firewalls and Honeypots
17. • Fighting against terrorism and national
security breaches
• Having a computer system that prevents
malicious hackers from gaining access
• Having adequate preventative measures in
place to prevent security breaches
• Give the information of vulnerability on
network or systems
Advantages
18. o The ethical hacker using the knowledge they
gain to do malicious hacking activities
o Allowing the company’s financial and banking
details to be seen
o The possibility that the ethical hacker will send
and/or place malicious code, viruses, malware
and other destructive and harmful things on a
computer system
o Massive security breaches
Disadvantages
19. o Even large organizations with top talent and significant
resources devoted to cybersecurity have suffered major
cybersecurity compromises, and organizations that do
not have such levels of talent or resources face even
greater challenges.
o The lack of ethical hackers in market.
o Silent and most important field in today life .
o Because the increments on IOT devices.
o And software cannot be created with zero vulnerability.
o Although the need for cybersecurity workers is likely to
continue to be high, it is difficult to forecast with
certainty the number of workers required or the needed
mix of cybersecurity knowledge and skills.
Conclusion