WELCOME

ETHICAL HACKING

ByAnuj Kumar

WHAT IS SECURITY Security is the degree of resistance to, or protection from, harm.

It is the state of being free from danger or threat.

Overview of Hacking

Hacker• The person who hacks

Cracker • System intruder/ destroyer

History Of HackingThe first hacker was appeared in 1960’s at the

Massachusetts Institute Of Technology(MIT)During the 1970’s, a different kind of hacker

appeared: Phone Phreaker or Phone Hacker

Hacker and Ethical Hacker Hacker• Access computer system or network without

authorization • Breaks the law

Ethical Hacker• Performs most of the same activities but with owner’s

permission• Employed by companies to perform Penetration Tests

Types of Hacker White Hat Hacker• Good guys• Don’t use their skill for illegal purpose• Computer security experts and help to protect from

Black Hats.

Black Hat Hacker• Bad guys• Use their skill maliciously for personal gain• Hack banks, steal credit cards and deface websites

Grey Hat Hacker• It is a combination of White hat n Black Hat Hackers• Goal of grey hat hackers is to provide national

security

Hacking Process

Footprinting

Scanning

EnumerationAttack and Gaining Access

Escalating Privilege, Covering

Tracks and Creating Backdoors

What is Footprinting?

9

Footprinting = Process of collecting information about an organization, its network, its IP address ranges and the people who use them

Types of Hacking• Website Hacking• Window Hacking• Email Hacking • Network Hacking• Online Banking Hacking

Website Hacking

• Taking control from the website owner to a person who hacks the website. http://website.informer.com/web.informer.com

Tools1.SQL Injection :- commonly used for e-commerce website (Works On Microsoft SQL Server) e.g. Flipkart ,Amazon etc.http://192.168.1.106/dvwa/login.php

Window Password Hacking

A. window login password :- Cracking Tools - kon boot cd.B. syskey password :- Cracking Tools - hiren boot cd.

Email Hacking• E-Mail Tracker :- finding actual ip or not.

email tracker pro MSGTAG PoliteMail zendio

Tools For Hacking :- A. keylogger

•

•

Network Hacking

• gathering information about domain by using tools like Telnet, Ns look UP, Ping, Tracert, Netstat, etc… over the network.

• Tracert – It is used for resolving ip addresses or hostname.

PROXY• A proxy server is essentially a middle

computer that sits between the attacker and the Victim

• To mask your ip under a proxy server to show that you live in a different country and to make yourself untraceable

PROXY

117.119.22.21 111.121.14.65

Normally when you open a website, your PC sends your IP address to the website, so that it may then send the webpage to your computer. With a proxy, your information is being sent to the proxy first, and then the proxy is pulling the website for you, then forwarding it to you. This way, on the websites end, they see the IP address of the proxy you used, and not yours

Why attackers use proxy ?

• To hide the source IP address so that an attacker can hack without any legal corollary.o mask the actual source of the attack by impersonating a fake source address of the proxy.To remotely access intranets and other website resources that are normally off limits.

• Attackers chain multiple proxy server to avoid detection

proxy url for hide my ip address

• https://www.anonymizer.com/• https://hide.me/en/proxy• Proxy tools(Software)• Proxy workbench• Proxy switcher• SocksChain• TOR(The Onion Routing)

Step First For Hide My IP Adds.

After Hide My Ip

How to secure our data1 -> i or l3 -> e4 -> a+ -> t9 -> g0 -> o$ -> s| -> i or l

|\| -> n|\/| -> ms -> zc -> [f -> phph -> fx -> ckck -> x

Advantages of hacking• Can be used to recover lost information where the computer password

has been lost.• Teaches you that no technology is 100% secure.• To test how good security is on your own network. • They call it white hat computer hacking.

Disadvantages of Hacking– Criminals can use it to their advantage.– It can harm someone's privacy– It's Illegal

Famous Hackers in History

Ian Murphy Kevin Mitnick

Johan Helsinguis LinusTorvalds

Mark Abene Robert Morris

Conclusion Keep your password protected. Write your password should be with

combination of characters, digits, special symbols. Do not respond to feck on fishing email. when you are doing any online transection always keep watch on site whether the protocol of site is https & whether there is a lock symbol .

Thank You