Fundamental of ethical hacking
Download as PPTX, PDF2 likes216 views
The document outlines a session on ethical hacking, covering topics such as computer security, types of hackers, and the basics of Kali Linux. It aims to provide beginners with a solid understanding of ethical hacking and prepare them for a career in the field. The session emphasizes legal hacking practices and includes a discussion on common terminology and tools used in ethical hacking.
Fundamental of ethical hacking
- 1. Fundamental of Ethical Hacking by Waseem Rauf
- 2. Points to be discuss in this session Objectives of this Session Computer/Network Security Hacking Ethical Hacking and Types of Hackers Cyber Crime Common Terminology used in the Ethical Hacking Kali Linux Virtualization ( Virtual Machine ) Concept How to install Kali Linux on Virtual Machine Kali Linux Overview and Basic Commands of Linux Career in Ethical Hacking Future Sessions Discussion and Technical talks
- 3. Objective of this Session The Objective of this session is to give you awareness of ethical hacking . Session for beginner Teach only useful information Don’t share with you any illegal information about hacking After attending this session, you should have solid understanding of Ethical hacking Specially for those who want to start their career as a ethical hacker I hope, you will enjoy and love this session
- 4. Why Computer Security ? Computer systems are ubiquitous in our daily life Computers store and process our data and information Computers access and control our resources Valuable Data Private Data Dangerous Data
- 5. The Sony Breach An Example: The Playstation Network (PSN) Attack Illegal intrusion into network around April 2011 Severe consequences for users and companies Financial damage of over 24 billion dollars
- 7. Hacking According to cyber.laws.com, “ Computer hacking refers to the practice of modifying or altering computer software and hardware to accomplish a goal that is considered to be outside of the creator’s original objective”. Those individuals who engage in computer hacking activities are typically referred to as “hackers.”
- 8. Ethical Hacking Ethical hacking is when an expert attempts to hack a computer or network with the express written permission of the assets owner. Also called White Hat Hacking Penetration Testing It is legal and Permission is obtained from the target Part of overall Security Program The ethical hackers are paid to find these vulnerabilities first and make the company aware of the risks
- 9. Types of Hackers Black Hat Hackers : ( Bad Guys ) White Hat Hackers : ( Good Guys ) Gray Hat Hackers : (Combination of Black Hat and White Hat )
- 10. Black Hat Hackers : ( Bad Guys ) They hack the system/network/web without owner permission The intention of black hat hacker is very bad A black hat hacker may try to steal information such as social security numbers, credit cards, personal identifiable information, bank account Information and much more They do hacking for illegal purpose The have excellent computing and programming skills They hack the system for their own benefits Their main goal is to do damage and to expose or steal data
- 11. White Hat Hackers : ( Good Guys ) They hack systems with the owner permission Company hire white hat hackers They are professional hackers who works in Industry They are also called ethical hackers They work for legal purpose They secure network/web of the company
- 12. Gray Hat Hackers : (Combination of Black Hat and White Hat ) The gray hat hacker is a unique type of hacker because they are freelancers and operate without written consent They are known to discover systems weaknesses, without permission but without malicious intent Their goal is to bring these flaws to the attention of the system owner so they can be corrected
- 13. Pre-Requisite What should we know to enter in the field of Ethical Hacking You should have basic and solid Understanding of Programming You should have basic and solid Understanding of Networking You should have basic and solid Understanding of Linux OS etc.
- 15. Cryptography : Art and Science of keeping information secure
- 16. Penetration testing (also called pen testing) is the practice of testing or evaluating a computer system, network or Web application to find vulnerabilities that an attacker could exploit. Vulnerability : Weakness in a System ex. Hardware/Software vulnerabilities Exploit : A method to intrude/penetrate in a System Metasploit : Metasploit is one of the most powerful and widely used tools for penetration testing SQL Injection : SQL injection is a code injection technique that might destroy your database. SQL injection is one of the most common web hacking SQL injection is the placement of malicious code in SQL statements, via web page input. Brute force Attack : a simple brute-force attack may have a dictionary of all words or commonly used passwords and cycle through those words until it gains access to the account. Keylogger : A keylogger, sometimes called a keystroke logger or system monitor, is a type of surveillance technology used to monitor and record each keystroke typed on a specific computer's keyboard.
- 17. Phishing attack : Phishing is the attempt to obtain sensitive information such as usernames, passwords, and credit card details (and, indirectly, money), often for malicious reasons, by disguising as a trustworthy entity in an electronic communication. Bug bounty Program : A bug bounty program is a deal offered by many websites and software developers by which individuals can receive recognition and compensation for reporting bugs, especially those pertaining to exploits and vulnerabilities Footprinting : It is the process of gathering data about certain target Or Information gathering Cyber Crime : Crime relevant to Computer Cloud Computing : Internet based computing
- 18. Virtual Machines A Software Computer • A Computer within a computer • Can be used just like any other computer Why use VMs • A VM is stored on a physical HDD - thus extremely versatile • You can transfer a VM just like any other file on your computer • You can clone/repurpose VMs very easily Terminology • Host Computer • Guest VM
- 19. A Host Computer can host Several VMs A Guest VM generally resides on a single host A Host Computer is generally a very powerful server that is designed to run multiple Guest VMs Tips : Keep resources as low as possible and Turn off VMs when you are not using
- 20. KALI LINUX It is an Open Source Linux OS Specially designed for Hackers All tools are built in relevant to Hacking More than 300 penetration testing tools
- 21. Download and Install Virtual Box and Kali Linux Step # 1 : Download Virtual Box https://www.virtualbox.org/wiki/Downloads Step # 2 : Install Virtual Box Step # 3 : Download Kali Linux https://www.offensive-security.com/kali-linux-vmware-virtualbox-image- download/ Step # 4 : Follow these steps ( Upcoming Slides ) Default User Name is root and password is toor .
- 32. Let’s Explore Kali Linux
- 33. Tips ( How to Secure your Network ) Always clear your browsers cookies Password should be strong
- 34. Career in Ethical Hacking Bright Career Information (Network/Computer/Cyber) Security is one the highest paid and fastest growing job segment with a huge skill gap. According to Forbes, there will be a global shortage of two million cyber security professionals by 2019. Moreover, Info security complements all aspect of computer science from mobile, networks, cloud, OS to web.
- 35. My next Sessions Mobile Application Development Web Designing and Development Introduction to Cloud Computing Artificial Intelligence and more …. Contact with me on Facebook and Gmail: waseemrauf7@gmail.com
- 36. THANK YOU Please Subscribe my YouTube Channel for further upcoming updates