Abstract image of a woman sitting on books and studying on a laptop

Website ethical hacking and testing

Download as PPTX, PDF
K
KaranJindal18

The document provides an overview of ethical hacking, including its definition, benefits, and categories such as information gathering and website testing. It explains techniques like Google hacking and SQL injection, as well as tools used for denial of service attacks. The document emphasizes the importance of ethical hacking in securing information systems and preventing data breaches.

Technology
1 of 22
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
WEBSITE ETHICAL HACKING AND TESTING SUMMER TRAINING PROJECT CHANDIGARH UNIVERSITY SUBMITTED BY: NAME: KARAN JINDAL UID: 17BCS3171
A LIST OF DIVISIONS  What is hacking and ethical hacking?  Subdivision of hacking.  Information Gathering.  Google Hacking  Website Testing  Testing Techniques  Proxy
What is hacking? Hacking is an shot to exploit a digital computer or into a private network inside a computer. Simply put it is gaining unauthorised access to take some personal information for some wrongful purpose. What is ethical hacking? Ethical hacking refers to the act of locating weaknesses and vulnerabilities of computer and information systems by duplicating the intent and actions of malicious hackers. Ethical hacking is also known as penetration testing, intrusion testing, or red teaming.
What are benefits of ethical hacking? The primary benefit of ethical hacking is to prevent data from being stolen and misused by malicious attackers, as well as: • Discovering vulnerabilities • Implementing a secure network • Defending national security• Gaining trust of customers and investors
Categories of HACKING
INFORMATION GATHERNING Information Gathering and getting to know the target systems is the first process in ethical hacking. Reconnaissance is a set of processes and techniques ( Foot-printing , Scanning & Enumeration) used to covertly discover and collect information about a target system. There are many ways to know about the target system’s services ,like  Social engineering  “Whois.com”  “Pipl.com”  “archive.org”  “reverseip.domaintools.com”
“Whois.com” This website provides all the details of the target domain like owner e-mail, phone number, server names, registration services etc.
“archive.org” This domain provides all the previous snapshots of the target domain since the website was first updated, these screen shots help hacker to know about the details of the website that were updated. Domain name to gather information About. This shows the changes made on domain.
GOOGLE DORKING Google hacking involves using advanced operators in the Google search engine to locate specific strings of text within search results. The commonly used operators are like :  Intitle:  Inurl:  Site:  url:  Filetype:
Google hacking database (GHDB) is a website which contains all the dorks that are used to know more about google hacking.
GOOGLE DORKING EXAMPLES:
z WEBSITE TESTING Website testing is basically getting into website in a way a hacker can gain access to website database or make changes to website illegally and then closing all the ways to get hacker into it.
z HOW A HACKER CAN GET INTO WEBSITE?
z SQL INJECTION SQL injection is a code injection technique, used to attack data- driven applications, in which malicious SQL statements are inserted into an entry field for execution.
z  SQL Injection Based on 1=1 is Always True  SQL Injection Based on ""="" is Always True
z DISTRIBUTED-DOS ATTACK DDoS is short for Distributed Denial of Service. DDoS is a type of DOS attack where multiple compromised systems, are used to target a single system causing a Denial of Service (DoS) attack.
z
z TOOLS FOR DOS ATTACK  LOIC (Low Orbit Ion Canon)  XOIC  HOIC  JMETER  HP LOADRUNNER
z LOIC
z How to know that website is attacked?  “uptimerobot.com”  “Cloudflare.com”  “Sucuri.net” PREVENTION OF DENIAL OF SERVICE ATTACK • By more bandwidth. • Build redundancy into infrastructure. • Firewall. • Internet service provider(ISP). • Protect your DNS server.
z PROXY
Website ethical hacking and testing

More Related Content

PPTX
Newbytes NullHyd
n|u - The Open Security Community
 
PPTX
Hacking vs cracking
Naren Naren
 
PPTX
DeepPhish: Simulating malicious AI
Alejandro Correa Bahnsen, PhD
 
PPTX
Threat Intelligence Data Collection & Acquisition
EC-Council
 
PPTX
All About Hacking..!!
Mahatma Gandhi Institute of Edu and Research Center
 
PPTX
black hat deephish
Alejandro Correa Bahnsen, PhD
 
PDF
OSINT Basics for Threat Hunters and Practitioners
Megan DeBlois
 
PPTX
ETHICAL HACKING PPT
Sweta Leena Panda
 
Newbytes NullHyd
n|u - The Open Security Community
 
Hacking vs cracking
Naren Naren
 
DeepPhish: Simulating malicious AI
Alejandro Correa Bahnsen, PhD
 
Threat Intelligence Data Collection & Acquisition
EC-Council
 
All About Hacking..!!
Mahatma Gandhi Institute of Edu and Research Center
 
black hat deephish
Alejandro Correa Bahnsen, PhD
 
OSINT Basics for Threat Hunters and Practitioners
Megan DeBlois
 
ETHICAL HACKING PPT
Sweta Leena Panda
 

What's hot (20)

PPTX
Ethical hacking
HarishBabuKaveri
 
PPTX
Nmapper theHarvester OSINT Tool explanation
Wangolo Joel
 
PPTX
Presentation1
Abhishek Malhotra
 
PPT
Security and trust. gabriel waller, nokia siemens networks.
Business Finland
 
PDF
Open Source Information Gathering Brucon Edition
Chris Gates
 
PDF
Investigating, Mitigating and Preventing Cyber Attacks with Security Analytics
IBMGovernmentCA
 
PPTX
ETHICAL HACKING BY HRITIK JAGE
Hritik Jage
 
PPTX
Classifying Phishing URLs Using Recurrent Neural Networks
Alejandro Correa Bahnsen, PhD
 
PDF
[CB20] Illicit QQ Communities: What's Being Shared? by Aaron Shraberg
CODE BLUE
 
PDF
Ethical hacking interview questions and answers
ShivamSharma909
 
PPTX
Maltego
penetration Tester
 
PDF
What you need to know about OSINT
Jerod Brennen
 
PDF
Getting Started With Hacking Android & iOS Apps? Tools, Techniques and resources
OWASP Delhi
 
PDF
[CB20] Operation Chimera - APT Operation Targets Semiconductor Vendors by CK ...
CODE BLUE
 
PDF
InfoSec Monthly News Recap: April 2017
Ettore Fantin
 
DOCX
FBI & Secret Service- Business Email Compromise Workshop
Ernest Staats
 
PPTX
PHISHING DETECTION
umme ayesha
 
PPTX
ETHICAL HACKING
karthickB24
 
PPTX
Information gathering
Maulik Kotak
 
PDF
Stop pulling the plug
Kamal Rathaur
 
Ethical hacking
HarishBabuKaveri
 
Nmapper theHarvester OSINT Tool explanation
Wangolo Joel
 
Presentation1
Abhishek Malhotra
 
Security and trust. gabriel waller, nokia siemens networks.
Business Finland
 
Open Source Information Gathering Brucon Edition
Chris Gates
 
Investigating, Mitigating and Preventing Cyber Attacks with Security Analytics
IBMGovernmentCA
 
ETHICAL HACKING BY HRITIK JAGE
Hritik Jage
 
Classifying Phishing URLs Using Recurrent Neural Networks
Alejandro Correa Bahnsen, PhD
 
[CB20] Illicit QQ Communities: What's Being Shared? by Aaron Shraberg
CODE BLUE
 
Ethical hacking interview questions and answers
ShivamSharma909
 
Maltego
penetration Tester
 
What you need to know about OSINT
Jerod Brennen
 
Getting Started With Hacking Android & iOS Apps? Tools, Techniques and resources
OWASP Delhi
 
[CB20] Operation Chimera - APT Operation Targets Semiconductor Vendors by CK ...
CODE BLUE
 
InfoSec Monthly News Recap: April 2017
Ettore Fantin
 
FBI & Secret Service- Business Email Compromise Workshop
Ernest Staats
 
PHISHING DETECTION
umme ayesha
 
ETHICAL HACKING
karthickB24
 
Information gathering
Maulik Kotak
 
Stop pulling the plug
Kamal Rathaur
 

Similar to Website ethical hacking and testing (20)

PPT
Ethical Hacking and Network Security
sumit dimri
 
PPT
C:\Fakepath\Ethical Hacking
sumit dimri
 
PPTX
Presentation on ethical hacking
Sunny Sundeep
 
PPTX
Ethical Hacking justvamshi .pptx
vamshimatangi
 
PPTX
Ethical_Hacking_XP_Overview202583291.pptx
mostafasamythereal
 
PPTX
unit-1.pptx
Srinivas Kanakala
 
PPTX
GEC-LIE Chapter-3.-Lesson-5-Hacking.pptx
AnjieVillarba1
 
PPTX
Ethical hacking : Its methodologies and tools
chrizjohn896
 
PDF
CITEC #CON2-Dirty Attack with Google Hacking
Prathan Phongthiproek
 
PPTX
Engineering report ca2_Kritakbiswas.pptx
prosunghosh7
 
PPTX
Ethical Hacking.pptx
MadhuKumar114889
 
PPTX
Parag presentation on ethical hacking
parag101
 
PDF
What is ethical hacking and complete cyber security presentation on this file
AyushSrivastava673855
 
PPTX
building foundation for ethical hacking.ppt
ShivaniSingha1
 
PPT
Ethical Hacking
aashish2cool4u
 
PPTX
Ethical hacking
Alapan Banerjee
 
PPTX
Ethical hacking
Anumadil1
 
PPT
Ethical hacking Book Review
Tirtha Mal
 
PPTX
How to hack or what is ethical hacking
baabtra.com - No. 1 supplier of quality freshers
 
PDF
Lord of the bing b-sides atl
Security B-Sides
 
Ethical Hacking and Network Security
sumit dimri
 
C:\Fakepath\Ethical Hacking
sumit dimri
 
Presentation on ethical hacking
Sunny Sundeep
 
Ethical Hacking justvamshi .pptx
vamshimatangi
 
Ethical_Hacking_XP_Overview202583291.pptx
mostafasamythereal
 
unit-1.pptx
Srinivas Kanakala
 
GEC-LIE Chapter-3.-Lesson-5-Hacking.pptx
AnjieVillarba1
 
Ethical hacking : Its methodologies and tools
chrizjohn896
 
CITEC #CON2-Dirty Attack with Google Hacking
Prathan Phongthiproek
 
Engineering report ca2_Kritakbiswas.pptx
prosunghosh7
 
Ethical Hacking.pptx
MadhuKumar114889
 
Parag presentation on ethical hacking
parag101
 
What is ethical hacking and complete cyber security presentation on this file
AyushSrivastava673855
 
building foundation for ethical hacking.ppt
ShivaniSingha1
 
Ethical Hacking
aashish2cool4u
 
Ethical hacking
Alapan Banerjee
 
Ethical hacking
Anumadil1
 
Ethical hacking Book Review
Tirtha Mal
 
How to hack or what is ethical hacking
baabtra.com - No. 1 supplier of quality freshers
 
Lord of the bing b-sides atl
Security B-Sides
 

Recently uploaded (20)

PDF
Hindi spoken digit analysis for native and non-native speakers
IAESIJAI
 
PPT
Module 1.ppt Iot fundamentals and Architecture
nanditha7766
 
PDF
Produktkatalog für HOBO Datenlogger, Wetterstationen, Sensoren, Software und ...
Metrics GmbH
 
PPT
Galois Field Theory of Risk: A Perspective, Protocol, and Mathematical Backgr...
Melanie Swan
 
PDF
Getting started with AI Agents and Multi-Agent Systems
Maxim Salnikov
 
PDF
Abstractive summarization using multilingual text-to-text transfer transforme...
IAESIJAI
 
PPTX
Custom Battery Pack Design Considerations for Performance and Safety
Epec Engineered Technologies
 
PDF
A review of recent deep learning applications in wood surface defect identifi...
IAESIJAI
 
PDF
Credit Without Borders: AI and Financial Inclusion in Bangladesh
Ehsan Tanim
 
PDF
ENT215_Completing-a-large-scale-migration-and-modernization-with-AWS.pdf
ssuser28425f
 
PPTX
Chapter 5: Probability Theory and Statistics
RandyFin
 
PDF
STKI Israel Market Study 2025 version august
Dr. Jimmy Schwarzkopf
 
PPTX
AI IN MARKETING- PRESENTED BY ANWAR KABIR 1st June 2025.pptx
HiraJay1
 
PPTX
The various Industrial Revolutions .pptx
bandileshozi3
 
DOCX
search engine optimization ppt fir known well about this
StandardCodeLearning
 
PPTX
Configure Apache Mutual Authentication
Antonino Piraino
 
PPTX
Benefits of Physical activity for teenagers.pptx
Nokwanda Thabethe
 
PDF
Developing a website for English-speaking practice to English as a foreign la...
IAESIJAI
 
PDF
Consumable AI The What, Why & How for Small Teams.pdf
Vivek Sai
 
PDF
sbt 2.0: go big (Scala Days 2025 edition)
Eugene Yokota
 
Hindi spoken digit analysis for native and non-native speakers
IAESIJAI
 
Module 1.ppt Iot fundamentals and Architecture
nanditha7766
 
Produktkatalog für HOBO Datenlogger, Wetterstationen, Sensoren, Software und ...
Metrics GmbH
 
Galois Field Theory of Risk: A Perspective, Protocol, and Mathematical Backgr...
Melanie Swan
 
Getting started with AI Agents and Multi-Agent Systems
Maxim Salnikov
 
Abstractive summarization using multilingual text-to-text transfer transforme...
IAESIJAI
 
Custom Battery Pack Design Considerations for Performance and Safety
Epec Engineered Technologies
 
A review of recent deep learning applications in wood surface defect identifi...
IAESIJAI
 
Credit Without Borders: AI and Financial Inclusion in Bangladesh
Ehsan Tanim
 
ENT215_Completing-a-large-scale-migration-and-modernization-with-AWS.pdf
ssuser28425f
 
Chapter 5: Probability Theory and Statistics
RandyFin
 
STKI Israel Market Study 2025 version august
Dr. Jimmy Schwarzkopf
 
AI IN MARKETING- PRESENTED BY ANWAR KABIR 1st June 2025.pptx
HiraJay1
 
The various Industrial Revolutions .pptx
bandileshozi3
 
search engine optimization ppt fir known well about this
StandardCodeLearning
 
Configure Apache Mutual Authentication
Antonino Piraino
 
Benefits of Physical activity for teenagers.pptx
Nokwanda Thabethe
 
Developing a website for English-speaking practice to English as a foreign la...
IAESIJAI
 
Consumable AI The What, Why & How for Small Teams.pdf
Vivek Sai
 
sbt 2.0: go big (Scala Days 2025 edition)
Eugene Yokota
 

Website ethical hacking and testing

  • 1. WEBSITE ETHICAL HACKING AND TESTING SUMMER TRAINING PROJECT CHANDIGARH UNIVERSITY SUBMITTED BY: NAME: KARAN JINDAL UID: 17BCS3171
  • 2. A LIST OF DIVISIONS  What is hacking and ethical hacking?  Subdivision of hacking.  Information Gathering.  Google Hacking  Website Testing  Testing Techniques  Proxy
  • 3. What is hacking? Hacking is an shot to exploit a digital computer or into a private network inside a computer. Simply put it is gaining unauthorised access to take some personal information for some wrongful purpose. What is ethical hacking? Ethical hacking refers to the act of locating weaknesses and vulnerabilities of computer and information systems by duplicating the intent and actions of malicious hackers. Ethical hacking is also known as penetration testing, intrusion testing, or red teaming.
  • 4. What are benefits of ethical hacking? The primary benefit of ethical hacking is to prevent data from being stolen and misused by malicious attackers, as well as: • Discovering vulnerabilities • Implementing a secure network • Defending national security• Gaining trust of customers and investors
  • 6. INFORMATION GATHERNING Information Gathering and getting to know the target systems is the first process in ethical hacking. Reconnaissance is a set of processes and techniques ( Foot-printing , Scanning & Enumeration) used to covertly discover and collect information about a target system. There are many ways to know about the target system’s services ,like  Social engineering  “Whois.com”  “Pipl.com”  “archive.org”  “reverseip.domaintools.com”
  • 7. “Whois.com” This website provides all the details of the target domain like owner e-mail, phone number, server names, registration services etc.
  • 8. “archive.org” This domain provides all the previous snapshots of the target domain since the website was first updated, these screen shots help hacker to know about the details of the website that were updated. Domain name to gather information About. This shows the changes made on domain.
  • 9. GOOGLE DORKING Google hacking involves using advanced operators in the Google search engine to locate specific strings of text within search results. The commonly used operators are like :  Intitle:  Inurl:  Site:  url:  Filetype:
  • 10. Google hacking database (GHDB) is a website which contains all the dorks that are used to know more about google hacking.
  • 12. z WEBSITE TESTING Website testing is basically getting into website in a way a hacker can gain access to website database or make changes to website illegally and then closing all the ways to get hacker into it.
  • 13. z HOW A HACKER CAN GET INTO WEBSITE?
  • 14. z SQL INJECTION SQL injection is a code injection technique, used to attack data- driven applications, in which malicious SQL statements are inserted into an entry field for execution.
  • 15. z  SQL Injection Based on 1=1 is Always True  SQL Injection Based on ""="" is Always True
  • 16. z DISTRIBUTED-DOS ATTACK DDoS is short for Distributed Denial of Service. DDoS is a type of DOS attack where multiple compromised systems, are used to target a single system causing a Denial of Service (DoS) attack.
  • 17. z
  • 18. z TOOLS FOR DOS ATTACK  LOIC (Low Orbit Ion Canon)  XOIC  HOIC  JMETER  HP LOADRUNNER
  • 20. z How to know that website is attacked?  “uptimerobot.com”  “Cloudflare.com”  “Sucuri.net” PREVENTION OF DENIAL OF SERVICE ATTACK • By more bandwidth. • Build redundancy into infrastructure. • Firewall. • Internet service provider(ISP). • Protect your DNS server.