Rajgad Dnyanpeeth Technical Campus Polytechnic,Dhangawadi

Tal.Bhor,Dist.Pune–412206(M.S)India.

A MICROPROJECT REPORT
On

“Ethical Hacking’’

Is Submitted by

Miss. Vaishnavi Ganesh Ghone (2115320025)

Miss. PallaviSandipTalekar (2115320026)
Miss. Sanika Sanjay Talekar (2115320046)
Miss. Akanksha Rajendra Mujumale (2115320177)

Under the guidance of

Prof.Salunkhe A.A.

Subject:- Emerging Trends In Computer Engineering Information Technology

Inpartial fulfilment of

DiplomainT.Y.ComputerEngineering

(AcademicYear2023-2024)

Maharashtra State Board of Technical Education, Mumbai

Page | 1
 Certificate

This is to certify that following students

Miss. Vaishnavi Ganesh Ghone (2115320025)

Miss. PallaviSandipTalekar (2115320026)
Miss. Sanika Sanjay Talekar (2115320046)
Miss. Akanksha Rajendra Mujumale (2115320177)

Has successfully submitted their micro project report on “ Ethical Hacking ”

during the academic year 2023-2024 in the partial fulfilment towards the
completion of microproject in T.Y.Computer Engineering under
MSBTEMUMBAI.

Project Guide Head of Department

Prof. Salunkhe A .A Prof. Salunkhe A .A

Page | 2
 ACKNOWLEDGEMENT

I am personally indebted to a number of people who gave me their useful insights to aid in my
overall progress for this project. A complete acknowledgement would therefore be
encyclopedic. First of all, I would like to give my deepest gratitude to my parents for permitting
me to take up this course.

My heartfelt sense of gratitude goes to our respected Principal Prof. Khopade D. K.

for all his efforts and administration in educating us in his premiere institution. I take this
opportunity to also thank our Head of the Department Prof. Salunkhe A.A. for his
encouragement throughout the seminar.

I would like to express my sincere thanks and gratitude to my guide Prof. Salunkhe A .A. for
her commendable support and encouragement for the completion of Project with perfection. I
also convey my sincere thanks to Prof. Salunkhe A. A for his invaluable suggestions and for his
technical support rendered during the course of my project.

I would like to thank all faculty members and staff of the Department of Computer
Engineering for their generous help in various ways for the guidance of this project.

Student Name Enrollment No Sign

Vaishnavi Ganesh Ghone 2115320025

Pallavi Sandip Talekar 2115320026

Sanika Sanjay Talekar 2115320046

Akanksha Rajendra Mujumale 2115320177

Page | 3
 ABSTRACT
The ethical hacking project aims to explore the vulnerabilities and security flaws in computer
systems and networks in order to identify and address potential threats. This project involves
conducting authorized hacking activities with the goal of improving the overall security posture
of the target system.

Through a systematic and controlled approach, ethical hackers employ various techniques to
identify weaknesses in the system's infrastructure, applications, and processes. This may
include conducting penetration tests, vulnerability assessments, and social engineering
experiments.

The project follows a strict code of ethics, ensuring that all activities are legal, authorized, and
conducted with the consent of the system owner. The objective is to provide valuable insights
into the system's security vulnerabilities and recommend appropriate measures to mitigate these
risks.

By simulating real-world attacks, ethical hackers help organizations identify and patch
vulnerabilities before malicious hackers can exploit them. This proactive approach helps
enhance the overall security posture of the system, safeguarding sensitive data and protecting
against potential cyber threats.

The ethical hacking project requires a strong understanding of computer networks, operating
systems, programming languages, and security protocols. It also demands a high level of
professionalism, integrity, and adherence to ethical guidelines to ensure the project's objectives
are achieved in a responsible and lawful manner.

Overall, the ethical hacking project plays a crucial role in strengthening the security of
computer systems and networks, helping organizations stay one step ahead of potential cyber
threats.

Page | 4
 INTRODUCTION

An ethical hacking project involves conducting authorized hacking activities to identify and
address vulnerabilities in computer systems and networks. The main objective is to improve
the overall security posture of the target system. Ethical hackers, also known as white hat
hackers, follow a strict code of ethics and work with the consent of the system owner.

Through various techniques like penetration testing, vulnerability assessments, and social
engineering experiments, ethical hackers simulate real-world attacks to identify weaknesses in
the system's infrastructure, applications, and processes. By doing so, they can provide valuable
insights into the system's security vulnerabilities and recommend appropriate measures to
mitigate these risks.

The project requires a strong understanding of computer networks, operating systems,

programming languages, and security protocols. It also demands professionalism, integrity, and
adherence to ethical guidelines to ensure that all activities are legal and authorized.

The ultimate goal of an ethical hacking project is to help organizations strengthen their security
defenses by identifying and patching vulnerabilities before malicious hackers can exploit them.
By taking a proactive approach, ethical hackers play a crucial role in safeguarding sensitive
data and protecting against potential cyber threats.

Page | 5
MICRO-PROJECTPROPOSAL

• TITLE: Ethical Hacking

• AIMS/BENEFITS OF THE MICROPROJECT:

1. Enhanced security
2. Proactive approach
3. Compliance and regulations
4. Risk mitigation
5. Improved incident response
6. Security awareness
7. Continuous improvement

• COURSEOUTCOMES:

1. Understanding of cybersecurity concepts

2. Hands-on experience with tools and techniques
3. Knowledge of ethical hacking methodologies
4. Vulnerability assessment and penetration testing skills
5. Incident response and mitigation
6. Compliance and legal considerations

PROPOSED METHODOLOGY:

First, you need to plan and scope the project, defining its objectives and limitations.
Then, you gather information about the target systems through techniques like open-
source intelligence gathering. After that, you conduct active scanning and enumeration
to identify potential vulnerabilities. Once vulnerabilities are identified, you perform a
comprehensive vulnerability assessment, prioritizing them based on severity. Next, you
ethically exploit the vulnerabilities to gain unauthorized access or escalate privileges.
Post-exploitation, you explore the compromised systems and establish persistence if
needed. Finally, you document all findings, prepare a detailed report, and provide
recommendations for remediation. Follow-up testing is also conducted to verify the
effectiveness of implemented security measures. That's the general overview of the
proposed methodology.

Page | 6
➢ What Is Ethical Hacking

Ethical hackers have the same skills and use the same tools and tactics as malicious
hackers, but their goal is always to improve network security without harming the network
or its users.

In many ways, ethical hacking is like a rehearsal for real-world cyberattacks. Organizations
hire ethical hackers to launch simulated attacks on their computer networks. During these
attacks, the ethical hackers demonstrate how actual cybercriminals break into a network
and the damage they could do once inside.

The organization’s security analysts can use this information to eliminate vulnerabilities,
strengthen security systems and protect sensitive data.

The terms "ethical hacking" and "penetration testing" are sometimes used interchangeably.
However, penetration tests are only one of the methods that ethical hackers use. Ethical
hackers can also conduct vulnerability assessments, malware analysis and other
information security services.

Ethical hacking is the use of hacking techniques by friendly parties in an attempt to

uncover, understand and fix security vulnerabilities in a network or computer system.

Page | 7
➢ Need For Ethical Hacking
To save personal and confidential material from intruders, ethical hacking subsists.
Hackers try to steal important data, which can be stopped by ethical hacking. Tracking
vulnerabilities and threats to confidential data are possible only if a business uses ethical
hacking.

The government authorizes ethical hacking to prevent intelligence information on

influencing politics, a hostile state, and other topics from reaching the people. Every
nation's security is the top priority, and ethical hacking helps to ensure that cyber-
terrorism and terrorist assaults ethical hacking is avoided.

Ethical hacking helps keep business and government organizations out of trouble caused
by hackers trying to steal important data. If the hackers invade privacy, they might be
able to blackmail or leak data. By increasing digital network security, one can e asily
avoid security breaches by doing real-world testing.

It gives a great benefit if precautionary methods are taken in advance by all the firms.
By working on safety, one can easily ensure that the clients and customers have all of
their faith in one's organization. Hackers are clear and know all the potential entry points
to enter the system. It is essential to repair those entry points to avoid a crisis .

Ethical hackers tend to use quality assurance testers and have created tools and
procedures to help speed up the detection and eradication of all system flaws.

It can assist owners in identifying problems inside the organization's firewall or system
safety. It also enables companies to assess security from a hacker's perspective,
rectifying any vulnerabilities while they threaten the achievement.

Regardless of the scandal involving the notion, malware analysis assists firms and
governments in protecting sensitive data from unfriendly hands. Their multiple benefits
and relevance suggest that, as digitizing increases, stronger security techniques are
essential to improve cybercrime.

With the advancement of ethical hacking new job opportunities are now available for the
people who are interested in ethical hacking.

Page | 8
➢ Why Ethical Hacking Is Important
Given today's market, there are numerous malware analysis opportunities accessible.
There in the enterprise, cyber terrorism is very useful for evaluating software solutions.
Ethical hacking ensures that almost all facilities are safe against black-hat hackers.
Unfortunately, cyber-attacks are increasing day by day.

Many large corporations and systems have been compromised. For example, the Uber
website was recently hacked. As a result, around 50 million people's personal
information became public.

Organizations of all sizes try different security precautions to secure their safety and
protection; however, merely locking doors and closing windows will not assure safety.
In today's environment, businesses must take proactive precautions and regularly
upgrade their security. It is better to safeguard the data before any crisis. Hackers have
all the solutions to steal data creatively. Ethical hacking helps in preventing such a
situation.

Being the white hat hackers, ethical hackers safeguard the client's data. They ensure all
the safety measures to keep the firm's data safe and secured. In simpler words, ethical
hackers hack the system and ensure that all the company's data remains safe. Due to this
preventive method to keep the data secure, the data actually remain secure. This stops
critical data theft in the company.

Ethical hacking can help companies find the flaws in their software security. However,
one must look at their cybersecurity from a hacker's viewpoint and fix issues, or they
can become a problem for the firm .

Page | 9
➢ Types of Ethical Hacking
With every system, website, and technology advancement, it is obvious that a hacker can hack
every system. To understand the next step of a hacker, an ethical hacker must know all the tricks
and tips well. In addition, the ethical hacker should know each strategy to safeguard the data from
the hacker. For a better understanding of types of ethical hacking are mentioned below:

1. Web application hacking

Web apps are popular owing to the widespread availability of web browsers and the ease with
which they may be used as clients. Several of the major reasons underlying their popularity is the
capability to upgrade and administer web apps while having to download programs on potentially
thousands of client computers, as well as the inherent support for cross-platform compatibility.
Frequent web applications include webmail, online retail transactions, online auctions, wikis, and
various other services.

Internet hacking is altering a program's graphical web interface, tampering with the Uniform
Resource Identifier (URI), or messing with HTTP components not contained in the URI to attack
it through HTTP. Additionally, Digital systems may be hacked via SQL injection attacks, Cross -
Site Scripting (XSS), Cross-Site Request Forgeries (CSRF), Insecure Communications, and other
means

2. System Hacking

Any infiltration into software applications to control answers to the victim machine and steal or
misuse confidential material is known as network hacking. In this case, a hostile hacker takes
advantage of flaws in a computer system or network to obtain unauthorized access to data or gain
an unfair advantage.

A hacker can access a computer system because they are familiar with how computers and software
function. A hacker needs an understanding of systems, networking, and other areas of computer
science to do this. Anyone who uses a computer and is linked to the internet is vulnerable to the
risks of unscrupulous hackers.

3. Social engineering

Social engineering is the art of inducing anyone to reveal personal data. The attacker deceives
individuals into disclosing sensitive information by exploiting basic human nature like trust or a
lack of understanding. Social engineering has become a common (and extremely successful)
method of determining how vulnerable an organization's employees are to ethical hacking. When
applied ethically, social engineering can help uncover flaws and solve staff security concerns more
effectively. A social engineering mandate also aims to establish solutions to improve the
worldwide degree of confidentiality, integrity, and availability of the company's data.

Page | 10
4. Hacking wireless networks

Wireless networks provide several benefits, including connections beyond walls, wireless
connectivity, quick internet access even in locations where installing cables is problematic, speed,
and sharing. However, wireless networks have several drawbacks, the most serious of which is the
lack of security. Wireless networks are convenient and popular, yet they are vulnerable to attack
due to inadequate setup and encryption. Hackers can leverage Wi-Fi flaws to get access to the
entire network. Security experts must be able to identify, block, and defeat such threats using the
most up-to-date technologies and procedures.

5. Web Server Hacking

When a hacker is practicing ethical hacking, they are looking for flaws. For example, an ethical
hacker may attempt to obtain illegal control of a web server for various purposes, the most
important of which is to test the server and its software for vulnerabilities. Through this, one can
try to access a server using the same tools and methods that bad attackers use. If the hacker is
successful, they can determine which repairs and updates are required to strengthen security and
detect and respond to harmful behavior.

➢ Roles and Responsibilities of Ethical Hacker

• Meeting with your client to go through the security systems currently put in place
• Verifying the organization’s system, network topology, and vulnerable entry points
• Performing penetration testing on the system(s)
• Identifying and documenting security flaws and vulnerabilities
• Testing the level of security in the network
• Finding out the best security solutions
• Creating penetration test reports
• Performing penetration testing after the implementation of suggested or new security
features
• Finding out alternatives to security features, which are not working

➢ Phases of Ethical Hacking

Page | 11
➢ Advantages of Ethical Hacking

➢ Disadvantages of Ethical Hacking

Page | 12
 CONCLUSION
Enhancement of technologies is also increasing security threats which have opened so many ways
for a hacker to intrude whenever they want to. The ways of stealing data have also increased with
time, and now hackers have devised creative ways to intrude and steal confidential and important
data. All the firms who have taken preventive measures can save their image from getting spoiled
when important data is leaked. These measures will help the firms to maintain their trust in the
eyes of their clients.

Ethical hacking has a great scope in the future. One should learn ethical hacking because this will
help to save the data of bigger firms in the future. Those interested in ethical hacking can profit
by doing the right hacking for the firms and the government. .

Page | 13
 REFERENCE

✓ https://www.synopsys.com/glossary/what-is-ethical-hacking.html
✓ https://www.ibm.com/topics/ethical-hacking
✓ https://www.comptia.org/content/articles/what-is-ethical-hacking
✓ https://www.javatpoint.com/ethical-hacking
✓ https://bootcamp.du.edu/blog/the-complete-guide-to-ethical-hacking/

Page | 14