SlideShare a Scribd company logo

Introduction to Ethical Hacking

Download as PPTX, PDF
K
Kevin Chakre

This document defines key terms related to hacking and cybersecurity, including hack value, exploits, vulnerabilities, and different types of attacks. It discusses the goals of security in terms of confidentiality, integrity, availability, authenticity, and non-repudiation. The document also categorizes information security threats and human threats, and differentiates between hacking and ethical hacking. It defines different types of hackers like black hat and white hat hackers and their motivations.

Internet
1 of 20
Downloaded 13 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
1 BY KEVIN CHAKRE
1. Hack Value: It is the notion among Hackers that something doing is interesting or worthwhile. 2. Exploit: A piece of software that takes advantage of a bug, glitch or vulnerability that leads to unauthorized access, privilege escalation or denial of service on computer systems and networks. 3. Vulnerability: Existence of software flaws, logic design, implementation errors executing bad or damaging instructions to the system. 2
4. Target of Evaluation: It is the system, product or network that is the subject of security analysis or attacks. 5. Zero Day attacks: A computer threats that tries to exploit computer application vulnerabilities that are undisclosed to others or undisclosed to the software developer. 6. Daisy chaining: Hackers who get away with database thefts usually complete their task and then backtrack to cover their tracks by destroying logs etc. 3
7. Attack: An action or an event that might compromise security. 8. Threat: An environment or a situation that might lead to potential breach of security. 9. Vulnerability Research: It is the process of discovering vulnerabilities and design weakness that lead an operating systems or its application to attacks or misuse. 10. Penetration Testing: It is the method of actively evaluating the security of a system by simulating an attack from malicious source. 4
 Security is a state of well being of information and infrastructure in which the possibility of theft, tampering of disruption of services is kept low or tolerable.  It relies on the five major elements of security: 1. Confidentiality: It is the assurance that the information is easily accessible to only those who are authorized to have access. Confidentiality breaches may occur due to improper data handling or hacking attempt. 2. Integrity: It is the trustworthiness of data and resources in terms of preventing improper and unauthorized changes, the assurance that the information can be relied upon to be sufficiently accurate for its purposes 5
3. Availability: It is the assurance that the systems responsible for storing, delivering and processing information is available to authorized users when required. 4. Authenticity: It refers to the characteristics of any communication or any data that ensures the quality of being genuine or not corrupted from the original. Major roles of authenticity includes that the user is claiming he or she to be. This is done by Biometrics. Smart cards, digital certificates etc 5. Non-repudiation: It ensures that the party to a contract or a communication cannot later deny the authenticity of their signature on a document or sending the message that they originated. It is a way to guarantee that the sender of the message cannot later deny having sent the message and the recipient cannot deny having received the message. 6
 Level of Security in any systems can be defined by the strength of the three components: Functionality(features) Moving the ball towards security means less of other two Security(restrictions) Usability(GUI) 7
 An attack vector is a path or means by which an attacker can gain access to an information system to perform malicious attack.  This attack vector can enable an attacker to take advantage of the vulnerabilities present in the information system to carry out a particular attack.  The following are the possible attack vectors by which an attacker can attack on information system: 8
9
 Information Security Threats are classified into three categories: 1. Natural Threats: such as natural disasters such as flood, earthquakes . 2. Physical Security Threats: such as errors, misconfiguration, sabotage . 3. Human Threats: such as internal threats-disgruntled employees and external threats-malicious hackers 10
 Human Threats are classified into three categories: 1. Network Threats: such as Sniffing, MITM attacks, Information Gathering, Spoofing, ARP Poisoning. 2. Host Threats: such as Unauthorized access, Password Attacks, Privilege Escalations. 3. Application Threats: Cross Site Scripting, Buffer Overflows, SQL Injections. 11
 The Term Information Warfare or Info-War refers to the use of information and communicative technology to take competitive advantage over an opponent. 1. Defensive Information Warfare: refers to all the strategies and actions to defend against attacks on ICT assets. 2. Offensive Information Warfare: refers to the Information warfare that involves attacks against ICT assets of an opponent. 12
 Most people do not understand between hacking and Ethical hacking.  These two terms can be differentiated on the basis of the intentions of the people who are performing hacking activity.  However, understanding the true intentions of hackers can be quite difficult.  Hacking: refers to exploitation and exploration of the computer software and hardware to gain unauthorized access to perform malicious attacks.  Ethical Hacking: refers to exploitation and exploration of the computer software and hardware to make it more secure and ease of use. 13
 A hacker is a person who illegally breaks into computer system or network without any authorization to steal or destroy data or perform malicious activities.  Hackers may be motivated by a multitude of reasons: 1. Intelligent individuals with excellent computer skills with the ability to create and explore into computer software and hardware. 2. For some hackers, hacking is a hobby to see how many systems or network they can compromise. 3. Their intention can either be to gain knowledge or to poke around to do illegal things. 4. Some hack with malicious intent such as stealing business data, credit card information and social security no. 14
1. Black Hat: Individuals with extraordinary computer skills resorting to malicious activities are known as crackers. 2. White Hat: Individuals professing hacker skills and using them for defensive purposes are known as security consultants. 3. Grey hat: Individuals who work both offensively and defensively at various times. 4. Suicide Hackers: Individuals who aim to bring down critical infrastructure for a cause and are not worried about facing thirty years in jail for their actions. 15
5. Spy Hackers 6. State Sponsored Hacker 7. Cyber Terrorist  Technical Level Of Hackers: 1. Neophyte: Newbie in the field of Security 2. Script Kiddies: Person depending on other hackers, skills and scripts. 3. Elite Hackers: Also Known as 1337. Advanced level of hackers. 16
1. Hacktivism is an act of promoting political agenda especially by defacing or disabling websites. 2. It thrives in the environment where information is easily accessible. 3. Aims at sending message through their hacking activities and gaining visibility for a cause. 4. Common targets include governments, multinational corporations or any other entity as perceived as bad or wrong by these groups of individuals. E.g. Anonymous and Lulzsec 17
18
19
Platform Knowledge Network Knowledge Security Knowledge Technical Knowledge Computer Expert Programming Knowledge 20 “HACKERS ARE PEOPLE TOO”

More Related Content

PDF
Cehv6 module 01 introduction to ethical hacking
anonymousrider
 
PPT
Introduction To Ethical Hacking
chakrekevin
 
PDF
Hackers and cyber crimes
Sweta Kumari Barnwal
 
PDF
Unit ii-hackers and cyber crimes
Sweta Kumari Barnwal
 
DOCX
Cryptography summary
Ni
 
PPT
Ethical hacking
Sourabh Badve
 
PPTX
Ethical Hacking
Aditya Vikram Singhania
 
PDF
Module 3-cyber security
Sweta Kumari Barnwal
 
Cehv6 module 01 introduction to ethical hacking
anonymousrider
 
Introduction To Ethical Hacking
chakrekevin
 
Hackers and cyber crimes
Sweta Kumari Barnwal
 
Unit ii-hackers and cyber crimes
Sweta Kumari Barnwal
 
Cryptography summary
Ni
 
Ethical hacking
Sourabh Badve
 
Ethical Hacking
Aditya Vikram Singhania
 
Module 3-cyber security
Sweta Kumari Barnwal
 

What's hot (20)

PPTX
Ethical Hacking
Aryan Saxena
 
PPT
Introduction to Hacking
Rishabha Garg
 
PPTX
Cyper security & Ethical hacking
Cmano Kar
 
PPTX
Ethical hacking
Alapan Banerjee
 
PPTX
Hacking
Arpit Verma
 
PPT
Ethical Hacking
Harshit Upadhyay
 
PPTX
Introduction to ethical hacking
Vikram Khanna
 
PPT
Hacking
LutfulM
 
PPTX
Ethical hacking
Goutham Shetty
 
PPTX
Ethical Hacking - Explained
Gunjan Panara
 
DOCX
Insider Attacks: Theft of Intellectual and Proprietary Data
Lindsey Landolfi
 
PPT
Ethical Hacking
Mukul Agarwal
 
PPTX
Introduction ethical hacking
Vishal Kumar
 
PPTX
Ethical hacking
S Sai Karthik
 
DOCX
Full seminar report on ethical hacking
Georgekutty Francis
 
PPTX
Cse ethical hacking ppt
SHAHID ANSARI
 
PPTX
Computer security
sruthiKrishnaG
 
PPTX
Ethical hacking
AKSHAY KHATRI
 
PDF
Hacking and Ethical Hacking
Masih Karimi
 
PPTX
What is cyber security
AdvAbdulMueedAhmad
 
Ethical Hacking
Aryan Saxena
 
Introduction to Hacking
Rishabha Garg
 
Cyper security & Ethical hacking
Cmano Kar
 
Ethical hacking
Alapan Banerjee
 
Hacking
Arpit Verma
 
Ethical Hacking
Harshit Upadhyay
 
Introduction to ethical hacking
Vikram Khanna
 
Hacking
LutfulM
 
Ethical hacking
Goutham Shetty
 
Ethical Hacking - Explained
Gunjan Panara
 
Insider Attacks: Theft of Intellectual and Proprietary Data
Lindsey Landolfi
 
Ethical Hacking
Mukul Agarwal
 
Introduction ethical hacking
Vishal Kumar
 
Ethical hacking
S Sai Karthik
 
Full seminar report on ethical hacking
Georgekutty Francis
 
Cse ethical hacking ppt
SHAHID ANSARI
 
Computer security
sruthiKrishnaG
 
Ethical hacking
AKSHAY KHATRI
 
Hacking and Ethical Hacking
Masih Karimi
 
What is cyber security
AdvAbdulMueedAhmad
 

Similar to Introduction to Ethical Hacking (20)

PPTX
unit 5 FCS efujhgdkkifevnurdviutfjiutdffgii
nickyy222333
 
PPTX
GETTING STARTED WITH THE ETHICAL HACKING.pptx
BishalRay8
 
PPTX
Lecture1-InforSec-Computer and Internet security.pptx
markhorid1
 
PPTX
GEC-LIE Chapter-3.-Lesson-5-Hacking.pptx
AnjieVillarba1
 
PPTX
Ashar Shaikh A-84 SEMINAR.pptx
asharshaikh8
 
PDF
Top 20 cyber security interview questions and answers in 2023.pdf
AnanthReddy38
 
PDF
1 introit security
richarddxd
 
DOCX
THESIS-2(2)
Elsayed Muhammad
 
PDF
Lab 3 Explore Social Engineering TechniquesIntroductionCybers.pdf
lalitaggarwal627
 
PDF
INFORMATION SECURITY: THREATS AND SOLUTIONS.
Ni
 
PDF
Selected advanced themes in ethical hacking and penetration testing
CSITiaesprime
 
PPTX
Network security
mena kaheel
 
PPTX
455845434-Chapter-2-Cyber-Security-pptx.pptx
DrVPadmavathiAssocia
 
PPTX
module 3 Cyber Risks and Incident Management.pptx
Gautam708801
 
PPTX
Ethical hacking
Ritwick Mukherjee
 
PPTX
Cyberspace and the Law & Cyber Forensics
Srinivas Kanakala
 
PPTX
Module 2_ Cyber offenses & Cybercrimes(Updated).pptx
placementstwc
 
PPTX
Cybersecurity
A. Shamel
 
PDF
IT Security.pdf
ManassahIjudigal
 
PPTX
CYBER LAW & ETHICS (PART OF THE JNTUH SYLLABUS
deepthikamidi
 
unit 5 FCS efujhgdkkifevnurdviutfjiutdffgii
nickyy222333
 
GETTING STARTED WITH THE ETHICAL HACKING.pptx
BishalRay8
 
Lecture1-InforSec-Computer and Internet security.pptx
markhorid1
 
GEC-LIE Chapter-3.-Lesson-5-Hacking.pptx
AnjieVillarba1
 
Ashar Shaikh A-84 SEMINAR.pptx
asharshaikh8
 
Top 20 cyber security interview questions and answers in 2023.pdf
AnanthReddy38
 
1 introit security
richarddxd
 
THESIS-2(2)
Elsayed Muhammad
 
Lab 3 Explore Social Engineering TechniquesIntroductionCybers.pdf
lalitaggarwal627
 
INFORMATION SECURITY: THREATS AND SOLUTIONS.
Ni
 
Selected advanced themes in ethical hacking and penetration testing
CSITiaesprime
 
Network security
mena kaheel
 
455845434-Chapter-2-Cyber-Security-pptx.pptx
DrVPadmavathiAssocia
 
module 3 Cyber Risks and Incident Management.pptx
Gautam708801
 
Ethical hacking
Ritwick Mukherjee
 
Cyberspace and the Law & Cyber Forensics
Srinivas Kanakala
 
Module 2_ Cyber offenses & Cybercrimes(Updated).pptx
placementstwc
 
Cybersecurity
A. Shamel
 
IT Security.pdf
ManassahIjudigal
 
CYBER LAW & ETHICS (PART OF THE JNTUH SYLLABUS
deepthikamidi
 

Recently uploaded (20)

PDF
FINAL CALL-6th International Conference on Networks & IOT (NeTIOT 2025)
IJMIT JOURNAL
 
PPTX
presentation_pfe-universite-molay-seltan.pptx
yahyamohibme
 
PPTX
E -tech empowerment technologies PowerPoint
kylebalatero12
 
PDF
APNIC Update, presented at PHNOG 2025 by Shane Hermoso
APNIC
 
PDF
WebRTC in SignalWire - troubleshooting media negotiation
Giacomo Vacca
 
PPTX
Introuction about ICD -10 and ICD-11 PPT.pptx
naveenithkrishnan
 
PPTX
SAP Ariba Sourcing PPT for learning material
NKKumar16
 
PPT
isotopes_sddsadsaadasdasdasdasdsa1213.ppt
Kenneth James Alamillo
 
PPTX
Introuction about WHO-FIC in ICD-10.pptx
naveenithkrishnan
 
PPTX
Job_Card_System_Styled_lorem_ipsum_.pptx
Jeffkigen
 
PDF
How to Ensure Data Integrity During Shopify Migration_ Best Practices for Sec...
CartCoders
 
PPTX
Slides PPTX World Game (s) Eco Economic Epochs.pptx
Steven McGee
 
PDF
Introduction to the IoT system, how the IoT system works
TinBinh
 
PDF
Best Practices for Testing and Debugging Shopify Third-Party API Integrations...
CartCoders
 
PDF
The New Creative Director: How AI Tools for Social Media Content Creation Are...
SageTitans
 
PDF
Sims 4 Historia para lo sims 4 para jugar
lolpopy34
 
PPTX
INTERNET------BASICS-------UPDATED PPT PRESENTATION
poonam62133
 
PPTX
artificial intelligence overview of it and more
yafotin445
 
PDF
Unit-1 introduction to cyber security discuss about how to secure a system
shivangisharma636228
 
PDF
The Internet -By the Numbers, Sri Lanka Edition
APNIC
 
FINAL CALL-6th International Conference on Networks & IOT (NeTIOT 2025)
IJMIT JOURNAL
 
presentation_pfe-universite-molay-seltan.pptx
yahyamohibme
 
E -tech empowerment technologies PowerPoint
kylebalatero12
 
APNIC Update, presented at PHNOG 2025 by Shane Hermoso
APNIC
 
WebRTC in SignalWire - troubleshooting media negotiation
Giacomo Vacca
 
Introuction about ICD -10 and ICD-11 PPT.pptx
naveenithkrishnan
 
SAP Ariba Sourcing PPT for learning material
NKKumar16
 
isotopes_sddsadsaadasdasdasdasdsa1213.ppt
Kenneth James Alamillo
 
Introuction about WHO-FIC in ICD-10.pptx
naveenithkrishnan
 
Job_Card_System_Styled_lorem_ipsum_.pptx
Jeffkigen
 
How to Ensure Data Integrity During Shopify Migration_ Best Practices for Sec...
CartCoders
 
Slides PPTX World Game (s) Eco Economic Epochs.pptx
Steven McGee
 
Introduction to the IoT system, how the IoT system works
TinBinh
 
Best Practices for Testing and Debugging Shopify Third-Party API Integrations...
CartCoders
 
The New Creative Director: How AI Tools for Social Media Content Creation Are...
SageTitans
 
Sims 4 Historia para lo sims 4 para jugar
lolpopy34
 
INTERNET------BASICS-------UPDATED PPT PRESENTATION
poonam62133
 
artificial intelligence overview of it and more
yafotin445
 
Unit-1 introduction to cyber security discuss about how to secure a system
shivangisharma636228
 
The Internet -By the Numbers, Sri Lanka Edition
APNIC
 

Introduction to Ethical Hacking

  • 1. 1 BY KEVIN CHAKRE
  • 2. 1. Hack Value: It is the notion among Hackers that something doing is interesting or worthwhile. 2. Exploit: A piece of software that takes advantage of a bug, glitch or vulnerability that leads to unauthorized access, privilege escalation or denial of service on computer systems and networks. 3. Vulnerability: Existence of software flaws, logic design, implementation errors executing bad or damaging instructions to the system. 2
  • 3. 4. Target of Evaluation: It is the system, product or network that is the subject of security analysis or attacks. 5. Zero Day attacks: A computer threats that tries to exploit computer application vulnerabilities that are undisclosed to others or undisclosed to the software developer. 6. Daisy chaining: Hackers who get away with database thefts usually complete their task and then backtrack to cover their tracks by destroying logs etc. 3
  • 4. 7. Attack: An action or an event that might compromise security. 8. Threat: An environment or a situation that might lead to potential breach of security. 9. Vulnerability Research: It is the process of discovering vulnerabilities and design weakness that lead an operating systems or its application to attacks or misuse. 10. Penetration Testing: It is the method of actively evaluating the security of a system by simulating an attack from malicious source. 4
  • 5.  Security is a state of well being of information and infrastructure in which the possibility of theft, tampering of disruption of services is kept low or tolerable.  It relies on the five major elements of security: 1. Confidentiality: It is the assurance that the information is easily accessible to only those who are authorized to have access. Confidentiality breaches may occur due to improper data handling or hacking attempt. 2. Integrity: It is the trustworthiness of data and resources in terms of preventing improper and unauthorized changes, the assurance that the information can be relied upon to be sufficiently accurate for its purposes 5
  • 6. 3. Availability: It is the assurance that the systems responsible for storing, delivering and processing information is available to authorized users when required. 4. Authenticity: It refers to the characteristics of any communication or any data that ensures the quality of being genuine or not corrupted from the original. Major roles of authenticity includes that the user is claiming he or she to be. This is done by Biometrics. Smart cards, digital certificates etc 5. Non-repudiation: It ensures that the party to a contract or a communication cannot later deny the authenticity of their signature on a document or sending the message that they originated. It is a way to guarantee that the sender of the message cannot later deny having sent the message and the recipient cannot deny having received the message. 6
  • 7.  Level of Security in any systems can be defined by the strength of the three components: Functionality(features) Moving the ball towards security means less of other two Security(restrictions) Usability(GUI) 7
  • 8.  An attack vector is a path or means by which an attacker can gain access to an information system to perform malicious attack.  This attack vector can enable an attacker to take advantage of the vulnerabilities present in the information system to carry out a particular attack.  The following are the possible attack vectors by which an attacker can attack on information system: 8
  • 9. 9
  • 10.  Information Security Threats are classified into three categories: 1. Natural Threats: such as natural disasters such as flood, earthquakes . 2. Physical Security Threats: such as errors, misconfiguration, sabotage . 3. Human Threats: such as internal threats-disgruntled employees and external threats-malicious hackers 10
  • 11.  Human Threats are classified into three categories: 1. Network Threats: such as Sniffing, MITM attacks, Information Gathering, Spoofing, ARP Poisoning. 2. Host Threats: such as Unauthorized access, Password Attacks, Privilege Escalations. 3. Application Threats: Cross Site Scripting, Buffer Overflows, SQL Injections. 11
  • 12.  The Term Information Warfare or Info-War refers to the use of information and communicative technology to take competitive advantage over an opponent. 1. Defensive Information Warfare: refers to all the strategies and actions to defend against attacks on ICT assets. 2. Offensive Information Warfare: refers to the Information warfare that involves attacks against ICT assets of an opponent. 12
  • 13.  Most people do not understand between hacking and Ethical hacking.  These two terms can be differentiated on the basis of the intentions of the people who are performing hacking activity.  However, understanding the true intentions of hackers can be quite difficult.  Hacking: refers to exploitation and exploration of the computer software and hardware to gain unauthorized access to perform malicious attacks.  Ethical Hacking: refers to exploitation and exploration of the computer software and hardware to make it more secure and ease of use. 13
  • 14.  A hacker is a person who illegally breaks into computer system or network without any authorization to steal or destroy data or perform malicious activities.  Hackers may be motivated by a multitude of reasons: 1. Intelligent individuals with excellent computer skills with the ability to create and explore into computer software and hardware. 2. For some hackers, hacking is a hobby to see how many systems or network they can compromise. 3. Their intention can either be to gain knowledge or to poke around to do illegal things. 4. Some hack with malicious intent such as stealing business data, credit card information and social security no. 14
  • 15. 1. Black Hat: Individuals with extraordinary computer skills resorting to malicious activities are known as crackers. 2. White Hat: Individuals professing hacker skills and using them for defensive purposes are known as security consultants. 3. Grey hat: Individuals who work both offensively and defensively at various times. 4. Suicide Hackers: Individuals who aim to bring down critical infrastructure for a cause and are not worried about facing thirty years in jail for their actions. 15
  • 16. 5. Spy Hackers 6. State Sponsored Hacker 7. Cyber Terrorist  Technical Level Of Hackers: 1. Neophyte: Newbie in the field of Security 2. Script Kiddies: Person depending on other hackers, skills and scripts. 3. Elite Hackers: Also Known as 1337. Advanced level of hackers. 16
  • 17. 1. Hacktivism is an act of promoting political agenda especially by defacing or disabling websites. 2. It thrives in the environment where information is easily accessible. 3. Aims at sending message through their hacking activities and gaining visibility for a cause. 4. Common targets include governments, multinational corporations or any other entity as perceived as bad or wrong by these groups of individuals. E.g. Anonymous and Lulzsec 17
  • 18. 18
  • 19. 19
  • 20. Platform Knowledge Network Knowledge Security Knowledge Technical Knowledge Computer Expert Programming Knowledge 20 “HACKERS ARE PEOPLE TOO”