Downloaded 34 times
Uploaded bynitish mehta
Introduction to hacking
This document provides an introduction to ethical hacking. It discusses the differences between ethical hackers and malicious hackers, outlining the typical steps an ethical hacker takes including information gathering, scanning, system hacking, maintaining access, and covering tracks. The document also discusses how ethical hackers conduct research on vulnerabilities and how they test systems, preparing documentation and reports to deliver to clients. Regular testing is recommended to ensure security as software and systems change over time.
Introduction to hacking
- 1. Introduction to EthicalHacking By Nitish Mehta (Illuminative works)
- 2. What we do? 2 Illuminative works
- 3. Services we Provide ILLUMINAITVE WORKS SERVICES PHP and APPILCATION Ruby On Rails SEO Frameworks DEVELOPMENT 3 Illuminative works
- 4. Php and It’sFrameworks ILLUMINAITVE WORKS services PHP and Frameworks Wordpress Magento Joomla Zend 4 Illuminative works
- 5. ILLUMINAITVE WORKS SERVICES TRAINING PHP and Ruby On Rails Frameworks APPILCATION SEO ONLINE OFFLINE DEVELOPMENT
- 6. Types of training TRAINING Courses ONLINE Workshops Blogs Webcast Webinars 6 Illuminative works
- 7. Workshop and trainingon Application •Mobile Application development •Facebook application development development •Twitter application development •Ethical Hacking level -1 Ethical Hacking •Hack the Hacker (method to trackback to hacker) •HACKERS ON CHARITY (Coming soon ) Website •Php •Wordpress development •Joomla Electronics and •Electric Circuit and PCB designing. •Advanced 8051 Architecture, Programming & communication Interfacing 7 Illuminative works
- 8. How can youlearn from us? Series of Webinars. Watch webcast. Blogs Workshop Hack with hackers 8 Illuminative works
- 9. What we willdiscuss today ? 1. Understanding hacker objectives 2. Outlining the differences between ethical hackers and malicious hackers/crackers 3. Examining the ethical hacking processes. 4. Starting the ethical hacking process 9 Illuminative works
- 10. Who are Hackers? Recently, hacker has taken on a new meaning — who maliciously breaks into systems for personal gain. Technically, these criminals are crackers They modify, delete, and steal critical information, often making other people miserable The good-guy (white-hat) hackers don’t like being in the same category as the bad-guy (black-hat) hackers. 10 Illuminative works
- 11. Types of Hacker People Categorize Hacker into many different ways But everyone agrees that there is 3 basic type of hacker Black Hat White Hat Grey Hat • Individual with • Individual • They work for extraordinary Professional defensive and computing skills Hacker offensive at their • Does destructive • Used for own will work always Defensive Purpose 11 Illuminative works
- 12. Types of EthicalHacker Former • Reformed crackers • First Hand Experienced Black Hats • Less credibility • Independent security Consultants (can White Hats be group too) • Claim to be knowledgeable about black hat activities Consulting • Part of ICT firms. • Certified professionals. Firms • Good credibility. 12 Illuminative works
- 13. Steps of Hacking Information Gathering & Scanning Covering System Tracks Hacking Plant Rootkits and Backdoors 13 Illuminative works
- 14. Information Gathering Is used to gather information as much as hacker can for the target It is also know as ratting the door knob. By information that a hacker has gathered he/she can know what type of attack to use. This is basic and important step in hacking More knowledge in this step will make other upcoming step easy. 14 Illuminative works
- 15. Scanning Scanning refers to pre attack phase where a hacker scan the network to find / gather information about network Scanning includes Network scan Port scan Venerability scan , ect A Hacker can get some high venerability which can give access easily. 15 Illuminative works
- 16. System Hacking Also know as gaining access The venerability that has been found during Information Gathering and scanning is been exploited here There can be many exploits with different level of threats Some of the threats that we are going to discuss are Sql Injection XXS cross site scripting LFI , RFI 16 Illuminative works
- 17. Backdoor and rootkits It is also called as maintaining access. This is done so a hacker can have all type of access for next time without bypassing or breaking the security For this many stuffs are used Trojans Backdoors ,rootkits Shells , ect 17 Illuminative works
- 18. Covering Tracks This is smallest and most important part in Hacking If this is not done then a Hacker can easily get track back. This is step were hacker removes all his/her identity or tracks History files : sh : .sh_history csh : .history ksh : .sh_history bash: .bash_history zsh : .history Backup Files : dead.letter, *.bak, *~ 18 Illuminative works
- 19. What does EthicalHacker do ? They basically ask themselves following question What does a hacker/ cracker sees in the target ? Information gathering Scanning What can he do with that vulnerability ? Gaining Access Maintaining it System hacking Has anyone already noticed the vulnerability ? Maintaining Access Footprinting 19 Illuminative works
- 20. What is vulnerabilityResearch ? Discovering and designing vulnerability in any system is called vulnerability. It can be classified in two ways Threat Level Low Medium High Exploit Range Local Remote 20 Illuminative works
- 21. Why a Ethicalhacker need to have vulnerability ? To identify correct network vulnerability Protect network form being attack To get information that helps to prevent security problems To gather information about virus/ worms/ Trojan To find weakness in n/w and inform it to admin To know how to recover from such attacks 21 Illuminative works
- 22. From were youcan research ? There are several websites from where you can stay up dated and can research Mine favourite are Packet storm : www.packetstormsecurity.com Security focus: www.securityfocus.com SANS internet storm : http://isc.sans.edu Security magazine : www.securitymagazine.com Exploit-db: www.exploit-db.com 22 Illuminative works
- 23. How can youconduct Ethical Hacking ? Talk to your client on the needs of testing Prepare NDA document and ask them to sign them Prepare a team of Ethical Hacker and create a schedule for testing Conduct the test Analyze the result and prepare the report Deliver the report to the client 23 Illuminative works
- 24. Process of EthicalHacking Formulating the Plan specific plan Risk involve Venerability management Selecting Tools Adequate Reports on presented to managers Licensed/OS Tools documentation vulnerabilities or nontechie types Executing the plan narrow your focus Search Internet Narrow your scope Perform the attacks, with a more critical eye 24 Illuminative works
- 25. How many timeswe should do ? Make sure your systems are secure. New hacker exploits and security vulnerabilities are regularly uncovered At any time , everything can change Software upgrades Adding computer systems Applying patches. Thus regularly testing should be done. 25 Illuminative works
- 26. Future webinar dates • Information Gathering & Scanning Methodologies- 2-2-12 NitishMehta • Google Hacking – Nitish Mehta 16-12-12 • SQL injection attacks -Nitish Mehta / Naveen Badoni 6-1-13 • Facebook and Email Hacking- Arif Ali Khan 20-1-13 • Social Engineering-Arif Ali Khan / Nitish Mehta 2-2-13 26 Illuminative works
- 27. Q/A Round Thank You Nitish Mehta (Illuminative works –CEO and Founder) [email protected] Facebook.com/illuminativeworks 27 Illuminative works
Editor's Notes
- #15 As name suggest that this phase is used to gather information