In this presentation , I am going to share with you the knowledge of fundamental of ethical hacking .

1. Fundamental of Ethical Hacking by
Waseem Rauf

2. Points to be discuss in this session
 Objectives of this Session
 Computer/Network Security
 Hacking
 Ethical Hacking and Types of Hackers
 Cyber Crime
 Common Terminology used in the Ethical Hacking
 Kali Linux
 Virtualization ( Virtual Machine ) Concept
 How to install Kali Linux on Virtual Machine
 Kali Linux Overview and Basic Commands of Linux
 Career in Ethical Hacking
 Future Sessions Discussion and Technical talks

3. Objective of this Session
 The Objective of this session is to give you awareness of ethical hacking .
 Session for beginner
 Teach only useful information
 Don’t share with you any illegal information about hacking
 After attending this session, you should have solid understanding of Ethical
hacking
 Specially for those who want to start their career as a ethical hacker
I hope, you will enjoy and love this session

4. Why Computer Security ?
Computer systems are ubiquitous in our daily life
 Computers store and process our data and information
 Computers access and control our resources
Valuable Data Private Data Dangerous Data

5. The Sony Breach
 An Example: The Playstation Network (PSN) Attack
 Illegal intrusion into network around April 2011
 Severe consequences for users and companies
 Financial damage of over 24 billion dollars

7. Hacking
 According to cyber.laws.com, “ Computer hacking refers to the
practice of modifying or altering computer software and
hardware to accomplish a goal that is considered to be outside
of the creator’s original objective”. Those individuals who
engage in computer hacking activities are typically referred to
as “hackers.”

8. Ethical Hacking
 Ethical hacking is when an expert attempts to hack a computer or network
with the express written permission of the assets owner.
 Also called White Hat Hacking
 Penetration Testing
 It is legal and Permission is obtained from the target
 Part of overall Security Program
 The ethical hackers are paid to find these vulnerabilities first and make the
company aware of the risks

9. Types of Hackers
 Black Hat Hackers : ( Bad Guys )
 White Hat Hackers : ( Good Guys )
 Gray Hat Hackers : (Combination of Black Hat and
White Hat )

10. Black Hat Hackers : ( Bad Guys )
 They hack the system/network/web without owner permission
 The intention of black hat hacker is very bad
 A black hat hacker may try to steal information such as social security
numbers, credit cards, personal identifiable information, bank account
Information and much more
 They do hacking for illegal purpose
 The have excellent computing and programming skills
 They hack the system for their own benefits
 Their main goal is to do damage and to expose or steal data

11. White Hat Hackers : ( Good Guys )
 They hack systems with the owner permission
 Company hire white hat hackers
 They are professional hackers who works in Industry
 They are also called ethical hackers
 They work for legal purpose
 They secure network/web of the company

12. Gray Hat Hackers : (Combination of
Black Hat and White Hat )
 The gray hat hacker is a unique type of hacker because they are freelancers
and operate without written consent
 They are known to discover systems weaknesses, without permission but
without malicious intent
 Their goal is to bring these flaws to the attention of the system owner so
they can be corrected

13. Pre-Requisite
 What should we know to enter in the field of Ethical Hacking
 You should have basic and solid Understanding of Programming
 You should have basic and solid Understanding of Networking
 You should have basic and solid Understanding of Linux OS etc.

14. Essential Terminology

15. Cryptography :
 Art and Science of keeping information secure

16.  Penetration testing (also called pen testing) is the practice of testing or evaluating
a computer system, network or Web application to find vulnerabilities that an
attacker could exploit.
 Vulnerability : Weakness in a System ex. Hardware/Software vulnerabilities
 Exploit : A method to intrude/penetrate in a System
 Metasploit : Metasploit is one of the most powerful and widely used tools for
penetration testing
 SQL Injection : SQL injection is a code injection technique that might destroy
your database. SQL injection is one of the most common web hacking
SQL injection is the placement of malicious code in SQL statements, via web page
input.
 Brute force Attack : a simple brute-force attack may have a dictionary of all
words or commonly used passwords and cycle through those words until it gains
access to the account.
 Keylogger : A keylogger, sometimes called a keystroke logger or system monitor,
is a type of surveillance technology used to monitor and record each keystroke
typed on a specific computer's keyboard.

17.  Phishing attack : Phishing is the attempt to obtain sensitive
information such as usernames, passwords, and credit card details (and,
indirectly, money), often for malicious reasons, by disguising as a
trustworthy entity in an electronic communication.
 Bug bounty Program : A bug bounty program is a deal offered by many
websites and software developers by which individuals can receive
recognition and compensation for reporting bugs, especially those
pertaining to exploits and vulnerabilities
 Footprinting : It is the process of gathering data about certain target
Or Information gathering
 Cyber Crime : Crime relevant to Computer
 Cloud Computing : Internet based computing

18. Virtual Machines
 A Software Computer
• A Computer within a computer
• Can be used just like any other computer
 Why use VMs
• A VM is stored on a physical HDD - thus extremely versatile
• You can transfer a VM just like any other file on your computer
• You can clone/repurpose VMs very easily
 Terminology
• Host Computer
• Guest VM

19.  A Host Computer can host Several VMs
 A Guest VM generally resides on a single host
 A Host Computer is generally a very powerful server that is designed to run
multiple Guest VMs
 Tips : Keep resources as low as possible and Turn off VMs when you are not using

20. KALI LINUX
 It is an Open Source
 Linux OS
 Specially designed for Hackers
 All tools are built in relevant to Hacking
 More than 300 penetration testing tools

21. Download and Install Virtual Box and
Kali Linux
 Step # 1 : Download Virtual Box
 https://www.virtualbox.org/wiki/Downloads
 Step # 2 : Install Virtual Box
 Step # 3 : Download Kali Linux
 https://www.offensive-security.com/kali-linux-vmware-virtualbox-image-
download/
 Step # 4 : Follow these steps ( Upcoming Slides )
 Default User Name is root and password is toor .

32. Let’s Explore Kali Linux

33. Tips ( How to Secure your Network )
 Always clear your browsers cookies
 Password should be strong

34. Career in Ethical Hacking
 Bright Career
 Information (Network/Computer/Cyber) Security is one the highest paid and
fastest growing job segment with a huge skill gap. According to
Forbes, there will be a global shortage of two million cyber security
professionals by 2019. Moreover, Info security complements all aspect of
computer science from mobile, networks, cloud, OS to web.

35. My next Sessions
 Mobile Application Development
 Web Designing and Development
 Introduction to Cloud Computing
 Artificial Intelligence and more ….
Contact with me on Facebook and Gmail:
waseemrauf7@gmail.com

36. THANK YOU
Please Subscribe my YouTube Channel for
further upcoming updates