SlideShare a Scribd company logo

Information Security & Ethical Hacking Guide

Sahil Rai
Sahil Rai

This document discusses information security, ethical hacking, and cybercrime. It defines information security as protecting information and systems from unauthorized access. It explains that ethical hacking involves legally testing networks for vulnerabilities to evaluate security measures. The document also outlines various types of cybercrimes like phishing, SQL injection, and malware attacks. It notes that demand for information security professionals is growing due to increasing cyber threats facing organizations.

EducationTechnology
1 of 36
Information Security & Ethical Hacking © HaCkHiPp0-TeAm R0oTx:SaHiL_RaI
What is Information Security Information security means protecting information and information systems from unauthorized access. © HaCkHiPp0-TeAm R0oTx:SaHiL_RaI
Why Need to Information Security • Protect information/systems/networks from damage by viruses, spyware, and other malicious code. • Because information is very important for every company, firm or person. If your information disclosed or hacked, Everyone know it is very harm full for him. • So every company needs its information secure from unauthorized access. © HaCkHiPp0-TeAm R0oTx:SaHiL_RaI
Ethical Hacking • To understand the world of hacking learn Hack Simulation Game as : Follow a map, Choose the Server to enter in a system, Crack the password and within a time limit garb the information, send virus, delete/steal files before you are tracked down. • Many security experts encourage organizations to hire ethical hackers to test their networks. Pathfinder aims to grab these for you. • Ethical Hacking Organizations are increasingly, evaluating the success or failure of their current security measures through use of ethical hacking processes and techniques.
Introduction to Cyber crime • Computer Crime, Hi-Tech Crime or Electronic Crime is where a computer or a mobile is the target of crime or is the means adopted to commit a crime. • Cyber criminals are leveraging innovation at a pace which many target organizations and security vendors can not possibly match. • Most of these crimes are not new. Criminals simply revise different ways to undertake standard criminal activities such as fraud, theft, blackmail, and forgery, often involving the Internet. © HaCkHiPp0-TeAm R0oTx:SaHiL_RaI
India Ranks 5 in Reporting Cyber Crime Cases  India ranks fifth among countries reporting the maximum number of cyber crimes, as the latest report released by Internet Crime Complaint Centre of the United States.  Cyber crimes record 50% rise in India.  The United States led the tally of victims complaints, while India remained at fifth by reporting 0.36% of the global complaints received at IC3 which was about 1,000 complaints, the data said.  Majority of the fraudsters on the information highway, this year, resorted to the trick of selling products online but not delivering it to buyers who had already made payments.  It remained the most adopted method to cheat during the year with 33% of internet crimes of this nature being reported, according to the report.
Recent Cyber Cases • Andhra Pradesh Govt websites hacked on Feb 17, 2012, Some Bangladeshi hacking groups are suspected to be behind the incident. • Trinamool Congress website hacked by Bangladeshi hackers on 15 Feb 2012. • Online store of Microsoft India was hacked by Chinese Hackers on 13 Feb 2012. • 5 Million of Android phone infected by virus  The malware is embedded into various apps in the Android Market and once downloaded, launch services that send information from the device, such as MAC Address, SIM Serial, IMEI, and IMSI, back to the malicious host.
 Credit card frauds  Online gambling  Software piracy  Copyright infringement  Trademarks violations  Theft of source code  Email spoofing  Forgery  Phishing  Defamation  Cyber stalking (section 509 IPC)  Cyber terrorism  Sale of illegal articles © HaCkHiPp0-TeAm R0oTx:SaHiL_RaI
© HaCkHiPp0-TeAm R0oTx:SaHiL_RaI
Hacker can recover or crack windows password with any live CD or Pen drive. • Back Track • Oph Crack • Offline Password Cracker • Hiren Multi Boot Disk • Active Password Changer • ERD Commander • Kon Boot • Back Door © HaCkHiPp0-TeAm R0oTx:SaHiL_RaI
Admin Password Cracking Recovering or Cracking Windows User Login Passwords © HaCkHiPp0-TeAm R0oTx:SaHiL_RaI
Windows login password When you create a new user account with password in windows, It will be store in SAM file . SAM (Security Accounts Manager) is the part of Windows NT that manages the database of usernames, passwords and permissions. SAM file located at : C:WindowsSystem32Config When you start the windows, SAM file becomes inaccessible to operating systems. © HaCkHiPp0-TeAm R0oTx:SaHiL_RaI
How Windows NT Save User Password Lets See New user when creating an account on windows Like a user name : (Sheela) password : (barbie.doll) Password convert in to Hashes It will stored on SAM in hashes formats you can not read , rename or delete .
Oph crack his own data base of hashes and their coresponding charactrs Password is stored in form of hashes hsinamgria Windows Password Cracked by Booting the Computer from the Windows Live Disk Matching password with his own database OPH crack example
Backdoor A backdoor in a computer system is a method of bypassing normal authentication , securing remote access to a computer. Use the Commands in the Command Prompt: net user administrator * Or net user hacker /add Windows Hacking Method 2 © HaCkHiPp0-TeAm R0oTx:SaHiL_RaI
Back Track Live CD or USB Windows Hacking Method 3 In This method we are using Linux Advance version live CD And bypass, crack, and change windows Administrator password easily. Backtrack based on Ubuntu © HaCkHiPp0-TeAm R0oTx:SaHiL_RaI
Windows Hacking Method 4 ERD Commander • The Microsoft Diagnostics and Recovery Toolset (DaRT ) also known as ERD Commander . • Which provides utilities and wizards that will help you to perform system diagnostic and repair procedures , such as recovery data , disabling problematic drivers , and removing data, disabling problematic driver, and removing hotfixes. © HaCkHiPp0-TeAm R0oTx:SaHiL_RaI
Session High Jacking In computer science, session hijacking is the exploitation of a valid computer session—sometimes also called a session key—to gain unauthorized access to information or services in a computer system. In particular, it is used to refer to the theft of a magic cookie used to authenticate a user to a remote server. It has particular relevance to web developers, as the HTTP cookies used to maintain a session on many web sites can be easily stolen by an attacker using an intermediary computer or with access to the saved cookies on the victim's computer ( HTTP cookie theft). • Facebook session high jacking • Orkut session high jacking
MS Windows Link File CVE-2010-2568 • This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening. Description • This signature will detect attempts to exploit a remote code execution vulnerability in Microsoft Windows Shortcut 'LNK' Files. • Microsoft Windows is prone to a vulnerability that may allow a file to automatically run because the software fails to handle 'LNK' files properly. Microsoft Windows Attack Method 1
• Specifically, the issue occurs when loading the icon of a shortcut file. A specially crafted 'LNK' file can cause Windows to automatically execute code that is specified by the shortcut file. • NOTE: This issue is being exploited in the wild as malware W32.Temphid. This issue affects Microsoft Windows XP, Windows Vista, Windows 7, Windows Server 2003, and Windows Server 2008. Microsoft Windows Attack Method 1 cont.….
Microsoft Windows Attack Method 2 Meta sploit Attack Microsoft windows shell code execution exploit/windows/browser/ms10_046_shortcut_icon_dllloader Description: This module exploits a vulnerability in the handling of Windows Shortcut files (.LNK) that contain an icon resource pointing to a malicious DLL. This module creates a WebDAV service that can be used to run an arbitrary payload when accessed as a UNC path
Sending Anonymous Mail 1. Sending fake mail: In this technic user can easily send fake mail by other user Email id. 2. Sending modify fake mail as Facebook Administrator, Orkut Administrator , and any other company © HaCkHiPp0-TeAm R0oTx:SaHiL_RaI
VICTIM PC ATTACKER PC Attacker send fake login link to victim As it : http://example.com/gmail.html In phishing attacker manipulate the general parson login with modify fake page, when victim login with fake page his password redirect to hacker . Creating a replica of an existing Web page to fool a user into submitting personal, financial, or password data © HaCkHiPp0-TeAm R0oTx:SaHiL_RaI
When victim login with fake link attacker job done. User: ***** Pass: ***** User: sheela Pass: barbie.doll User password redirect to attacker systems Miss sheela is hacked User name – sheela Pass- barbie.doll © HaCkHiPp0-TeAm R0oTx:SaHiL_RaI
Phishing Method 2 Website Attack Vector Credential Harvester Attack Method The Credential Harvester method will utilize web cloning of a web- site that has a username and password field and harvest all the information posted to the website. © HaCkHiPp0-TeAm R0oTx:SaHiL_RaI
What is SQL SQL is a structure query language It can be store our website data base in websites, user name password table contents and maintains users entry’s ….. © HaCkHiPp0-TeAm R0oTx:SaHiL_RaI
SQL INJECTION ATTACK A simple SQL injection attack: A SQL injection attack exploits vulnerabilities in a web server database that allows the attacker to gain access to the database and read, modify, or delete information. © HaCkHiPp0-TeAm R0oTx:SaHiL_RaI
An example of a SQL injection attack is making the login condition “TRUE” by giving the identical value to a web page. These values can be inserted into a login as follows: • Username: 1′ or ’1′=’1 • Password: 1′ or ’1′=’1 © HaCkHiPp0-TeAm R0oTx:SaHiL_RaI
Try to login with sql injection User name: 1′ or ’1′=’1 Password : 1′ or ’1′=’1 Done to deface administrator panel Easley And stolen , delete , change administrator data. © HaCkHiPp0-TeAm R0oTx:SaHiL_RaI
Steganography Steganography (computer science) The art and science of hiding a message in a medium, such as a digital picture or audio file. is the hiding of a secret message within an ordinary message and the extraction of it at its destination
CDMA Mobile cloning Allowing the (ESN) of the mobile phone to be modified. In mobile cloning hacker copy (ESN) and (MIN) no and write this any other computer chip or devise and easy to clone any cdma mobile numbers ESN (electronic serial number ) MIN ( mobile identification number) Cloned sim card © HaCkHiPp0-TeAm R0oTx:SaHiL_RaI
© HaCkHiPp0-TeAm R0oTx:SaHiL_RaI
Information Security Market Scenario • Information security demand increasing 17.5% per year... • Best way of bright future for technical students. • The demand for information security professionals is grown 20% in 2011. • It is expected to grow 25% in the year 2012. © HaCkHiPp0-TeAm R0oTx:SaHiL_RaI
AAWorld of Opportunities The Asia-Pacific region is anticipated to account for the majority of Information Security solutions market by 2012. In this world of Opportunities you will see almost every sector emphasizing on Information Security • Banking Sector • Corporate Sector • Automobile Sector • Aviation Industry • IT Industry • Educational Institutions • Government Sector • Cyber Crime Investigation Cells • Global Security Agencies • Information System Security Association © HaCkHiPp0-TeAm R0oTx:SaHiL_RaI
Become A Security Expert • Cyber security professional • Information Security Professional • IS Executive • Information System Auditor • Security Advisors • Software developers • IT specialists • IT system executives • IT consultants • Assistant Software Engineer • Software Test Engineer • R&D Executive • Security Consultant • System Engineer • Network Engineer • Network Administrator and many more…sector. The Appin Pathfinder prepares you for numerous career opportunities. If you've ever wondered what you can become, here are some answers. These are the career profiles chosen by students immediately after their schools and are earning huge packages despite of their age and less experience. Thousands of our students have been placed with many top companies in IT and security
© HaCkHiPp0-TeAm R0oTx:SaHiL_RaI Thank You

Recommended

Information Security and Ethical Hacking
Information Security and Ethical HackingInformation Security and Ethical Hacking
Information Security and Ethical HackingDivyank Jindal
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hackingMonika Deswal
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hackingarohan6
 
Hacking
HackingHacking
HackingSitwat Rao
 
Social engineering hacking attack
Social engineering hacking attackSocial engineering hacking attack
Social engineering hacking attackPankaj Dubey
 
Social engineering
Social engineeringSocial engineering
Social engineeringankushmohanty
 
Inetsecurity.in Ethical Hacking presentation
Inetsecurity.in Ethical Hacking presentationInetsecurity.in Ethical Hacking presentation
Inetsecurity.in Ethical Hacking presentationJoshua Prince
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical HackingNamrata Raiyani
 

Recommended

Information Security and Ethical Hacking
Information Security and Ethical HackingInformation Security and Ethical Hacking
Information Security and Ethical HackingDivyank Jindal
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hackingMonika Deswal
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hackingarohan6
 
Hacking
HackingHacking
HackingSitwat Rao
 
Social engineering hacking attack
Social engineering hacking attackSocial engineering hacking attack
Social engineering hacking attackPankaj Dubey
 
Social engineering
Social engineeringSocial engineering
Social engineeringankushmohanty
 
Inetsecurity.in Ethical Hacking presentation
Inetsecurity.in Ethical Hacking presentationInetsecurity.in Ethical Hacking presentation
Inetsecurity.in Ethical Hacking presentationJoshua Prince
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical HackingNamrata Raiyani
 
ethical hacking in the modern times
ethical hacking in the modern timesethical hacking in the modern times
ethical hacking in the modern timesjeshin jose
 
Ethical hacking Presentation
Ethical hacking PresentationEthical hacking Presentation
Ethical hacking PresentationAmbikaMalgatti
 
Ethical hacking presentation
Ethical hacking presentationEthical hacking presentation
Ethical hacking presentationSuryansh Srivastava
 
Course on Ehtical Hacking - Introduction
Course on Ehtical Hacking - IntroductionCourse on Ehtical Hacking - Introduction
Course on Ehtical Hacking - IntroductionBharat Thakkar
 
Final report ethical hacking
Final report ethical hackingFinal report ethical hacking
Final report ethical hackingsamprada123
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hackingAlapan Banerjee
 
Presentation of Social Engineering - The Art of Human Hacking
Presentation of Social Engineering - The Art of Human HackingPresentation of Social Engineering - The Art of Human Hacking
Presentation of Social Engineering - The Art of Human Hackingmsaksida
 
Sit presentation - Hacking
Sit presentation - HackingSit presentation - Hacking
Sit presentation - Hackingmsolis0710
 
ETHICAL HACKING
ETHICAL HACKING ETHICAL HACKING
ETHICAL HACKING Sweta Leena Panda
 
Ethical hacking a licence to hack
Ethical hacking a licence to hackEthical hacking a licence to hack
Ethical hacking a licence to hackDharmesh Makwana
 
Ethical Hacking Powerpoint
Ethical Hacking PowerpointEthical Hacking Powerpoint
Ethical Hacking PowerpointRen Tuazon
 
Cyber Security A Challenges For Mankind
Cyber Security A Challenges For MankindCyber Security A Challenges For Mankind
Cyber Security A Challenges For MankindSaurabh Kheni
 
Social Engineering,social engeineering techniques,social engineering protecti...
Social Engineering,social engeineering techniques,social engineering protecti...Social Engineering,social engeineering techniques,social engineering protecti...
Social Engineering,social engeineering techniques,social engineering protecti...ABHAY PATHAK
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical HackingTharindu Kalubowila
 
Full seminar report on ethical hacking
Full seminar report on ethical hackingFull seminar report on ethical hacking
Full seminar report on ethical hackingGeorgekutty Francis
 
WTF is Penetration Testing v.2
WTF is Penetration Testing v.2WTF is Penetration Testing v.2
WTF is Penetration Testing v.2Scott Sutherland
 
HACKING
HACKINGHACKING
HACKINGD's Surti
 
Phishing attack
Phishing attackPhishing attack
Phishing attackRaghav Chhabra
 
Hacking
HackingHacking
HackingRanjan Som
 
Ethical hacking presentation
Ethical hacking presentationEthical hacking presentation
Ethical hacking presentationGeorgekutty Francis
 
Information security & ethical hacking
Information security & ethical hackingInformation security & ethical hacking
Information security & ethical hackingeiti panchkula
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical HackingPushkar Pashupat
 

More Related Content

What's hot

ethical hacking in the modern times
ethical hacking in the modern timesethical hacking in the modern times
ethical hacking in the modern timesjeshin jose
 
Ethical hacking Presentation
Ethical hacking PresentationEthical hacking Presentation
Ethical hacking PresentationAmbikaMalgatti
 
Course on Ehtical Hacking - Introduction
Course on Ehtical Hacking - IntroductionCourse on Ehtical Hacking - Introduction
Course on Ehtical Hacking - IntroductionBharat Thakkar
 
Final report ethical hacking
Final report ethical hackingFinal report ethical hacking
Final report ethical hackingsamprada123
 
Presentation of Social Engineering - The Art of Human Hacking
Presentation of Social Engineering - The Art of Human HackingPresentation of Social Engineering - The Art of Human Hacking
Presentation of Social Engineering - The Art of Human Hackingmsaksida
 
Sit presentation - Hacking
Sit presentation - HackingSit presentation - Hacking
Sit presentation - Hackingmsolis0710
 
Ethical hacking a licence to hack
Ethical hacking a licence to hackEthical hacking a licence to hack
Ethical hacking a licence to hackDharmesh Makwana
 
Ethical Hacking Powerpoint
Ethical Hacking PowerpointEthical Hacking Powerpoint
Ethical Hacking PowerpointRen Tuazon
 
Cyber Security A Challenges For Mankind
Cyber Security A Challenges For MankindCyber Security A Challenges For Mankind
Cyber Security A Challenges For MankindSaurabh Kheni
 
Social Engineering,social engeineering techniques,social engineering protecti...
Social Engineering,social engeineering techniques,social engineering protecti...Social Engineering,social engeineering techniques,social engineering protecti...
Social Engineering,social engeineering techniques,social engineering protecti...ABHAY PATHAK
 
Full seminar report on ethical hacking
Full seminar report on ethical hackingFull seminar report on ethical hacking
Full seminar report on ethical hackingGeorgekutty Francis
 
WTF is Penetration Testing v.2
WTF is Penetration Testing v.2WTF is Penetration Testing v.2
WTF is Penetration Testing v.2Scott Sutherland
 

What's hot (20)

ethical hacking in the modern times
ethical hacking in the modern timesethical hacking in the modern times
ethical hacking in the modern times
 
Ethical hacking Presentation
Ethical hacking PresentationEthical hacking Presentation
Ethical hacking Presentation
 
Ethical hacking presentation
Ethical hacking presentationEthical hacking presentation
Ethical hacking presentation
 
Course on Ehtical Hacking - Introduction
Course on Ehtical Hacking - IntroductionCourse on Ehtical Hacking - Introduction
Course on Ehtical Hacking - Introduction
 
Final report ethical hacking
Final report ethical hackingFinal report ethical hacking
Final report ethical hacking
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
 
Presentation of Social Engineering - The Art of Human Hacking
Presentation of Social Engineering - The Art of Human HackingPresentation of Social Engineering - The Art of Human Hacking
Presentation of Social Engineering - The Art of Human Hacking
 
Sit presentation - Hacking
Sit presentation - HackingSit presentation - Hacking
Sit presentation - Hacking
 
ETHICAL HACKING
ETHICAL HACKING ETHICAL HACKING
ETHICAL HACKING
 
Ethical hacking a licence to hack
Ethical hacking a licence to hackEthical hacking a licence to hack
Ethical hacking a licence to hack
 
Ethical Hacking Powerpoint
Ethical Hacking PowerpointEthical Hacking Powerpoint
Ethical Hacking Powerpoint
 
Cyber Security A Challenges For Mankind
Cyber Security A Challenges For MankindCyber Security A Challenges For Mankind
Cyber Security A Challenges For Mankind
 
Social Engineering,social engeineering techniques,social engineering protecti...
Social Engineering,social engeineering techniques,social engineering protecti...Social Engineering,social engeineering techniques,social engineering protecti...
Social Engineering,social engeineering techniques,social engineering protecti...
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
 
Full seminar report on ethical hacking
Full seminar report on ethical hackingFull seminar report on ethical hacking
Full seminar report on ethical hacking
 
WTF is Penetration Testing v.2
WTF is Penetration Testing v.2WTF is Penetration Testing v.2
WTF is Penetration Testing v.2
 
HACKING
HACKINGHACKING
HACKING
 
Phishing attack
Phishing attackPhishing attack
Phishing attack
 
Hacking
HackingHacking
Hacking
 
Ethical hacking presentation
Ethical hacking presentationEthical hacking presentation
Ethical hacking presentation
 

Viewers also liked

Information security & ethical hacking
Information security & ethical hackingInformation security & ethical hacking
Information security & ethical hackingeiti panchkula
 
Hacktrikz - Introduction to Information Security & Ethical Hacking
Hacktrikz - Introduction to Information Security & Ethical HackingHacktrikz - Introduction to Information Security & Ethical Hacking
Hacktrikz - Introduction to Information Security & Ethical HackingRavi Sankar
 
Ethical hacking & Information Security
Ethical hacking & Information SecurityEthical hacking & Information Security
Ethical hacking & Information SecurityAjay Dhamija
 
Ethical Hacking Certification Path You Should Follow
Ethical Hacking Certification Path You Should FollowEthical Hacking Certification Path You Should Follow
Ethical Hacking Certification Path You Should FollowMercury Solutions Limited
 
Introduction To Ethical Hacking
Introduction To Ethical HackingIntroduction To Ethical Hacking
Introduction To Ethical HackingNeel Kamal
 
BCS ethical dilemmas
BCS ethical dilemmasBCS ethical dilemmas
BCS ethical dilemmasBonny
 
Ethical hacking Chapter 3 - Network and Computer Attacks - Eric Vanderburg
Ethical hacking Chapter 3 - Network and Computer Attacks - Eric VanderburgEthical hacking Chapter 3 - Network and Computer Attacks - Eric Vanderburg
Ethical hacking Chapter 3 - Network and Computer Attacks - Eric VanderburgEric Vanderburg
 
CNIT 123: Ch 4: Footprinting and Social Engineering
CNIT 123: Ch 4: Footprinting and Social EngineeringCNIT 123: Ch 4: Footprinting and Social Engineering
CNIT 123: Ch 4: Footprinting and Social EngineeringSam Bowne
 
Originales y pre impresi
Originales y pre impresiOriginales y pre impresi
Originales y pre impresianunciarte
 
Cyber Security Experts Forum
Cyber Security Experts ForumCyber Security Experts Forum
Cyber Security Experts ForumMelissa Krasnow
 
Hacking wireless networks
Hacking wireless networksHacking wireless networks
Hacking wireless networksSahil Rai
 

Viewers also liked (17)

Information security & ethical hacking
Information security & ethical hackingInformation security & ethical hacking
Information security & ethical hacking
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
 
Hacktrikz - Introduction to Information Security & Ethical Hacking
Hacktrikz - Introduction to Information Security & Ethical HackingHacktrikz - Introduction to Information Security & Ethical Hacking
Hacktrikz - Introduction to Information Security & Ethical Hacking
 
Ethical hacking & Information Security
Ethical hacking & Information SecurityEthical hacking & Information Security
Ethical hacking & Information Security
 
Ethical Hacking Certification Path You Should Follow
Ethical Hacking Certification Path You Should FollowEthical Hacking Certification Path You Should Follow
Ethical Hacking Certification Path You Should Follow
 
Introduction To Ethical Hacking
Introduction To Ethical HackingIntroduction To Ethical Hacking
Introduction To Ethical Hacking
 
Bcs 053 solved assignment 2014-15
Bcs 053 solved assignment 2014-15Bcs 053 solved assignment 2014-15
Bcs 053 solved assignment 2014-15
 
BCS ethical dilemmas
BCS ethical dilemmasBCS ethical dilemmas
BCS ethical dilemmas
 
Ports and protocols
Ports and protocolsPorts and protocols
Ports and protocols
 
Ethical hacking Chapter 3 - Network and Computer Attacks - Eric Vanderburg
Ethical hacking Chapter 3 - Network and Computer Attacks - Eric VanderburgEthical hacking Chapter 3 - Network and Computer Attacks - Eric Vanderburg
Ethical hacking Chapter 3 - Network and Computer Attacks - Eric Vanderburg
 
MITM : man in the middle attack
MITM : man in the middle attackMITM : man in the middle attack
MITM : man in the middle attack
 
CNIT 123: Ch 4: Footprinting and Social Engineering
CNIT 123: Ch 4: Footprinting and Social EngineeringCNIT 123: Ch 4: Footprinting and Social Engineering
CNIT 123: Ch 4: Footprinting and Social Engineering
 
Originales y pre impresi
Originales y pre impresiOriginales y pre impresi
Originales y pre impresi
 
Cyber Security Experts Forum
Cyber Security Experts ForumCyber Security Experts Forum
Cyber Security Experts Forum
 
Brit India Wiki
Brit India WikiBrit India Wiki
Brit India Wiki
 
Hacking wireless networks
Hacking wireless networksHacking wireless networks
Hacking wireless networks
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
 

Similar to Information Security & Ethical Hacking Guide

Security Threats and Vulnerabilities-2.pptx
Security Threats and Vulnerabilities-2.pptxSecurity Threats and Vulnerabilities-2.pptx
Security Threats and Vulnerabilities-2.pptxAmardeepKumar621436
 
Domain 5 of the CEH: Web Application Hacking
Domain 5 of the CEH: Web Application HackingDomain 5 of the CEH: Web Application Hacking
Domain 5 of the CEH: Web Application HackingShivamSharma909
 
Hacking and Cyber Security.
Hacking and Cyber Security.Hacking and Cyber Security.
Hacking and Cyber Security.Kalpesh Doru
 
Parag presentation on ethical hacking
Parag presentation on ethical hackingParag presentation on ethical hacking
Parag presentation on ethical hackingparag101
 
Avoiding Application Attacks: A Guide to Preventing the OWASP Top 10 from Hap...
Avoiding Application Attacks: A Guide to Preventing the OWASP Top 10 from Hap...Avoiding Application Attacks: A Guide to Preventing the OWASP Top 10 from Hap...
Avoiding Application Attacks: A Guide to Preventing the OWASP Top 10 from Hap...IBM Security
 
Ethical_Hacking_ppt
Ethical_Hacking_pptEthical_Hacking_ppt
Ethical_Hacking_pptNarayanan
 
Cyper security & Ethical hacking
Cyper security & Ethical hackingCyper security & Ethical hacking
Cyper security & Ethical hackingCmano Kar
 
Advanced Threats In The Enterprise
Advanced Threats In The EnterpriseAdvanced Threats In The Enterprise
Advanced Threats In The EnterprisePriyanka Aash
 
ethical-hacking-18092013112412-ethical-hacking.ppt
ethical-hacking-18092013112412-ethical-hacking.pptethical-hacking-18092013112412-ethical-hacking.ppt
ethical-hacking-18092013112412-ethical-hacking.pptricagip499
 
Introduction To Information Security
Introduction To Information SecurityIntroduction To Information Security
Introduction To Information Securitybelsis
 
Security_Awareness_Primer.pptx
Security_Awareness_Primer.pptxSecurity_Awareness_Primer.pptx
Security_Awareness_Primer.pptxFaith Shimba
 
Ceh v8 labs module 05 system hacking
Ceh v8 labs module 05 system hackingCeh v8 labs module 05 system hacking
Ceh v8 labs module 05 system hackingAsep Sopyan
 
Mitigating Malware Presentation Jkd 11 10 08 Aitp
Mitigating Malware Presentation Jkd 11 10 08 AitpMitigating Malware Presentation Jkd 11 10 08 Aitp
Mitigating Malware Presentation Jkd 11 10 08 AitpJoann Davis
 

Similar to Information Security & Ethical Hacking Guide (20)

Hacking by Pratyush Gupta
Hacking by Pratyush GuptaHacking by Pratyush Gupta
Hacking by Pratyush Gupta
 
Security Threats and Vulnerabilities-2.pptx
Security Threats and Vulnerabilities-2.pptxSecurity Threats and Vulnerabilities-2.pptx
Security Threats and Vulnerabilities-2.pptx
 
CEH Domain 5.pdf
CEH Domain 5.pdfCEH Domain 5.pdf
CEH Domain 5.pdf
 
Domain 5 of the CEH: Web Application Hacking
Domain 5 of the CEH: Web Application HackingDomain 5 of the CEH: Web Application Hacking
Domain 5 of the CEH: Web Application Hacking
 
Hacking and Cyber Security.
Hacking and Cyber Security.Hacking and Cyber Security.
Hacking and Cyber Security.
 
Parag presentation on ethical hacking
Parag presentation on ethical hackingParag presentation on ethical hacking
Parag presentation on ethical hacking
 
Computer hacking
Computer hackingComputer hacking
Computer hacking
 
Avoiding Application Attacks: A Guide to Preventing the OWASP Top 10 from Hap...
Avoiding Application Attacks: A Guide to Preventing the OWASP Top 10 from Hap...Avoiding Application Attacks: A Guide to Preventing the OWASP Top 10 from Hap...
Avoiding Application Attacks: A Guide to Preventing the OWASP Top 10 from Hap...
 
E Commerce security
E Commerce securityE Commerce security
E Commerce security
 
Ethical_Hacking_ppt
Ethical_Hacking_pptEthical_Hacking_ppt
Ethical_Hacking_ppt
 
Cyper security & Ethical hacking
Cyper security & Ethical hackingCyper security & Ethical hacking
Cyper security & Ethical hacking
 
Advanced Threats In The Enterprise
Advanced Threats In The EnterpriseAdvanced Threats In The Enterprise
Advanced Threats In The Enterprise
 
ethical-hacking-18092013112412-ethical-hacking.ppt
ethical-hacking-18092013112412-ethical-hacking.pptethical-hacking-18092013112412-ethical-hacking.ppt
ethical-hacking-18092013112412-ethical-hacking.ppt
 
Cybersecurity Training
Cybersecurity TrainingCybersecurity Training
Cybersecurity Training
 
Introduction To Information Security
Introduction To Information SecurityIntroduction To Information Security
Introduction To Information Security
 
How to hack or what is ethical hacking
How to hack or what is ethical hackingHow to hack or what is ethical hacking
How to hack or what is ethical hacking
 
Security_Awareness_Primer.pptx
Security_Awareness_Primer.pptxSecurity_Awareness_Primer.pptx
Security_Awareness_Primer.pptx
 
Ceh v8 labs module 05 system hacking
Ceh v8 labs module 05 system hackingCeh v8 labs module 05 system hacking
Ceh v8 labs module 05 system hacking
 
EthicalHacking.pptx
EthicalHacking.pptxEthicalHacking.pptx
EthicalHacking.pptx
 
Mitigating Malware Presentation Jkd 11 10 08 Aitp
Mitigating Malware Presentation Jkd 11 10 08 AitpMitigating Malware Presentation Jkd 11 10 08 Aitp
Mitigating Malware Presentation Jkd 11 10 08 Aitp
 

Recently uploaded

What is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERPWhat is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERPCeline George
 
Concurrency Control in Database Management system
Concurrency Control in Database Management systemConcurrency Control in Database Management system
Concurrency Control in Database Management systemChristalin Nelson
 
How to do quick user assign in kanban in Odoo 17 ERP
How to do quick user assign in kanban in Odoo 17 ERPHow to do quick user assign in kanban in Odoo 17 ERP
How to do quick user assign in kanban in Odoo 17 ERPCeline George
 
Student Profile Sample - We help schools to connect the data they have, with ...
Student Profile Sample - We help schools to connect the data they have, with ...Student Profile Sample - We help schools to connect the data they have, with ...
Student Profile Sample - We help schools to connect the data they have, with ...Seán Kennedy
 
Global Lehigh Strategic Initiatives (without descriptions)
Global Lehigh Strategic Initiatives (without descriptions)Global Lehigh Strategic Initiatives (without descriptions)
Global Lehigh Strategic Initiatives (without descriptions)cama23
 
Incoming and Outgoing Shipments in 3 STEPS Using Odoo 17
Incoming and Outgoing Shipments in 3 STEPS Using Odoo 17Incoming and Outgoing Shipments in 3 STEPS Using Odoo 17
Incoming and Outgoing Shipments in 3 STEPS Using Odoo 17Celine George
 
4.18.24 Movement Legacies, Reflection, and Review.pptx
4.18.24 Movement Legacies, Reflection, and Review.pptx4.18.24 Movement Legacies, Reflection, and Review.pptx
4.18.24 Movement Legacies, Reflection, and Review.pptxmary850239
 
Influencing policy (training slides from Fast Track Impact)
Influencing policy (training slides from Fast Track Impact)Influencing policy (training slides from Fast Track Impact)
Influencing policy (training slides from Fast Track Impact)Mark Reed
 
GRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTS
GRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTSGRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTS
GRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTSJoshuaGantuangco2
 
ISYU TUNGKOL SA SEKSWLADIDA (ISSUE ABOUT SEXUALITY
ISYU TUNGKOL SA SEKSWLADIDA (ISSUE ABOUT SEXUALITYISYU TUNGKOL SA SEKSWLADIDA (ISSUE ABOUT SEXUALITY
ISYU TUNGKOL SA SEKSWLADIDA (ISSUE ABOUT SEXUALITYKayeClaireEstoconing
 
Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)
Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)
Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)lakshayb543
 
Science 7 Quarter 4 Module 2: Natural Resources.pptx
Science 7 Quarter 4 Module 2: Natural Resources.pptxScience 7 Quarter 4 Module 2: Natural Resources.pptx
Science 7 Quarter 4 Module 2: Natural Resources.pptxMaryGraceBautista27
 
Grade 9 Quarter 4 Dll Grade 9 Quarter 4 DLL.pdf
Grade 9 Quarter 4 Dll Grade 9 Quarter 4 DLL.pdfGrade 9 Quarter 4 Dll Grade 9 Quarter 4 DLL.pdf
Grade 9 Quarter 4 Dll Grade 9 Quarter 4 DLL.pdfJemuel Francisco
 
Keynote by Prof. Wurzer at Nordex about IP-design
Keynote by Prof. Wurzer at Nordex about IP-designKeynote by Prof. Wurzer at Nordex about IP-design
Keynote by Prof. Wurzer at Nordex about IP-designMIPLM
 
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️9953056974 Low Rate Call Girls In Saket, Delhi NCR
 
Virtual-Orientation-on-the-Administration-of-NATG12-NATG6-and-ELLNA.pdf
Virtual-Orientation-on-the-Administration-of-NATG12-NATG6-and-ELLNA.pdfVirtual-Orientation-on-the-Administration-of-NATG12-NATG6-and-ELLNA.pdf
Virtual-Orientation-on-the-Administration-of-NATG12-NATG6-and-ELLNA.pdfErwinPantujan2
 
USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...
USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...
USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...Postal Advocate Inc.
 

Recently uploaded (20)

What is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERPWhat is Model Inheritance in Odoo 17 ERP
What is Model Inheritance in Odoo 17 ERP
 
Concurrency Control in Database Management system
Concurrency Control in Database Management systemConcurrency Control in Database Management system
Concurrency Control in Database Management system
 
How to do quick user assign in kanban in Odoo 17 ERP
How to do quick user assign in kanban in Odoo 17 ERPHow to do quick user assign in kanban in Odoo 17 ERP
How to do quick user assign in kanban in Odoo 17 ERP
 
Student Profile Sample - We help schools to connect the data they have, with ...
Student Profile Sample - We help schools to connect the data they have, with ...Student Profile Sample - We help schools to connect the data they have, with ...
Student Profile Sample - We help schools to connect the data they have, with ...
 
Global Lehigh Strategic Initiatives (without descriptions)
Global Lehigh Strategic Initiatives (without descriptions)Global Lehigh Strategic Initiatives (without descriptions)
Global Lehigh Strategic Initiatives (without descriptions)
 
Incoming and Outgoing Shipments in 3 STEPS Using Odoo 17
Incoming and Outgoing Shipments in 3 STEPS Using Odoo 17Incoming and Outgoing Shipments in 3 STEPS Using Odoo 17
Incoming and Outgoing Shipments in 3 STEPS Using Odoo 17
 
4.18.24 Movement Legacies, Reflection, and Review.pptx
4.18.24 Movement Legacies, Reflection, and Review.pptx4.18.24 Movement Legacies, Reflection, and Review.pptx
4.18.24 Movement Legacies, Reflection, and Review.pptx
 
Influencing policy (training slides from Fast Track Impact)
Influencing policy (training slides from Fast Track Impact)Influencing policy (training slides from Fast Track Impact)
Influencing policy (training slides from Fast Track Impact)
 
GRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTS
GRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTSGRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTS
GRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTS
 
ISYU TUNGKOL SA SEKSWLADIDA (ISSUE ABOUT SEXUALITY
ISYU TUNGKOL SA SEKSWLADIDA (ISSUE ABOUT SEXUALITYISYU TUNGKOL SA SEKSWLADIDA (ISSUE ABOUT SEXUALITY
ISYU TUNGKOL SA SEKSWLADIDA (ISSUE ABOUT SEXUALITY
 
Raw materials used in Herbal Cosmetics.pptx
Raw materials used in Herbal Cosmetics.pptxRaw materials used in Herbal Cosmetics.pptx
Raw materials used in Herbal Cosmetics.pptx
 
Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)
Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)
Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)
 
Science 7 Quarter 4 Module 2: Natural Resources.pptx
Science 7 Quarter 4 Module 2: Natural Resources.pptxScience 7 Quarter 4 Module 2: Natural Resources.pptx
Science 7 Quarter 4 Module 2: Natural Resources.pptx
 
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
 
Grade 9 Quarter 4 Dll Grade 9 Quarter 4 DLL.pdf
Grade 9 Quarter 4 Dll Grade 9 Quarter 4 DLL.pdfGrade 9 Quarter 4 Dll Grade 9 Quarter 4 DLL.pdf
Grade 9 Quarter 4 Dll Grade 9 Quarter 4 DLL.pdf
 
YOUVE_GOT_EMAIL_PRELIMS_EL_DORADO_2024.pptx
YOUVE_GOT_EMAIL_PRELIMS_EL_DORADO_2024.pptxYOUVE_GOT_EMAIL_PRELIMS_EL_DORADO_2024.pptx
YOUVE_GOT_EMAIL_PRELIMS_EL_DORADO_2024.pptx
 
Keynote by Prof. Wurzer at Nordex about IP-design
Keynote by Prof. Wurzer at Nordex about IP-designKeynote by Prof. Wurzer at Nordex about IP-design
Keynote by Prof. Wurzer at Nordex about IP-design
 
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
 
Virtual-Orientation-on-the-Administration-of-NATG12-NATG6-and-ELLNA.pdf
Virtual-Orientation-on-the-Administration-of-NATG12-NATG6-and-ELLNA.pdfVirtual-Orientation-on-the-Administration-of-NATG12-NATG6-and-ELLNA.pdf
Virtual-Orientation-on-the-Administration-of-NATG12-NATG6-and-ELLNA.pdf
 
USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...
USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...
USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...
 

Information Security & Ethical Hacking Guide

  • 1. Information Security & Ethical Hacking © HaCkHiPp0-TeAm R0oTx:SaHiL_RaI
  • 2. What is Information Security Information security means protecting information and information systems from unauthorized access. © HaCkHiPp0-TeAm R0oTx:SaHiL_RaI
  • 3. Why Need to Information Security • Protect information/systems/networks from damage by viruses, spyware, and other malicious code. • Because information is very important for every company, firm or person. If your information disclosed or hacked, Everyone know it is very harm full for him. • So every company needs its information secure from unauthorized access. © HaCkHiPp0-TeAm R0oTx:SaHiL_RaI
  • 4. Ethical Hacking • To understand the world of hacking learn Hack Simulation Game as : Follow a map, Choose the Server to enter in a system, Crack the password and within a time limit garb the information, send virus, delete/steal files before you are tracked down. • Many security experts encourage organizations to hire ethical hackers to test their networks. Pathfinder aims to grab these for you. • Ethical Hacking Organizations are increasingly, evaluating the success or failure of their current security measures through use of ethical hacking processes and techniques.
  • 5. Introduction to Cyber crime • Computer Crime, Hi-Tech Crime or Electronic Crime is where a computer or a mobile is the target of crime or is the means adopted to commit a crime. • Cyber criminals are leveraging innovation at a pace which many target organizations and security vendors can not possibly match. • Most of these crimes are not new. Criminals simply revise different ways to undertake standard criminal activities such as fraud, theft, blackmail, and forgery, often involving the Internet. © HaCkHiPp0-TeAm R0oTx:SaHiL_RaI
  • 6. India Ranks 5 in Reporting Cyber Crime Cases  India ranks fifth among countries reporting the maximum number of cyber crimes, as the latest report released by Internet Crime Complaint Centre of the United States.  Cyber crimes record 50% rise in India.  The United States led the tally of victims complaints, while India remained at fifth by reporting 0.36% of the global complaints received at IC3 which was about 1,000 complaints, the data said.  Majority of the fraudsters on the information highway, this year, resorted to the trick of selling products online but not delivering it to buyers who had already made payments.  It remained the most adopted method to cheat during the year with 33% of internet crimes of this nature being reported, according to the report.
  • 7. Recent Cyber Cases • Andhra Pradesh Govt websites hacked on Feb 17, 2012, Some Bangladeshi hacking groups are suspected to be behind the incident. • Trinamool Congress website hacked by Bangladeshi hackers on 15 Feb 2012. • Online store of Microsoft India was hacked by Chinese Hackers on 13 Feb 2012. • 5 Million of Android phone infected by virus  The malware is embedded into various apps in the Android Market and once downloaded, launch services that send information from the device, such as MAC Address, SIM Serial, IMEI, and IMSI, back to the malicious host.
  • 8.  Credit card frauds  Online gambling  Software piracy  Copyright infringement  Trademarks violations  Theft of source code  Email spoofing  Forgery  Phishing  Defamation  Cyber stalking (section 509 IPC)  Cyber terrorism  Sale of illegal articles © HaCkHiPp0-TeAm R0oTx:SaHiL_RaI
  • 10. Hacker can recover or crack windows password with any live CD or Pen drive. • Back Track • Oph Crack • Offline Password Cracker • Hiren Multi Boot Disk • Active Password Changer • ERD Commander • Kon Boot • Back Door © HaCkHiPp0-TeAm R0oTx:SaHiL_RaI
  • 11. Admin Password Cracking Recovering or Cracking Windows User Login Passwords © HaCkHiPp0-TeAm R0oTx:SaHiL_RaI
  • 12. Windows login password When you create a new user account with password in windows, It will be store in SAM file . SAM (Security Accounts Manager) is the part of Windows NT that manages the database of usernames, passwords and permissions. SAM file located at : C:WindowsSystem32Config When you start the windows, SAM file becomes inaccessible to operating systems. © HaCkHiPp0-TeAm R0oTx:SaHiL_RaI
  • 13. How Windows NT Save User Password Lets See New user when creating an account on windows Like a user name : (Sheela) password : (barbie.doll) Password convert in to Hashes It will stored on SAM in hashes formats you can not read , rename or delete .
  • 14. Oph crack his own data base of hashes and their coresponding charactrs Password is stored in form of hashes hsinamgria Windows Password Cracked by Booting the Computer from the Windows Live Disk Matching password with his own database OPH crack example
  • 15. Backdoor A backdoor in a computer system is a method of bypassing normal authentication , securing remote access to a computer. Use the Commands in the Command Prompt: net user administrator * Or net user hacker /add Windows Hacking Method 2 © HaCkHiPp0-TeAm R0oTx:SaHiL_RaI
  • 16. Back Track Live CD or USB Windows Hacking Method 3 In This method we are using Linux Advance version live CD And bypass, crack, and change windows Administrator password easily. Backtrack based on Ubuntu © HaCkHiPp0-TeAm R0oTx:SaHiL_RaI
  • 17. Windows Hacking Method 4 ERD Commander • The Microsoft Diagnostics and Recovery Toolset (DaRT ) also known as ERD Commander . • Which provides utilities and wizards that will help you to perform system diagnostic and repair procedures , such as recovery data , disabling problematic drivers , and removing data, disabling problematic driver, and removing hotfixes. © HaCkHiPp0-TeAm R0oTx:SaHiL_RaI
  • 18. Session High Jacking In computer science, session hijacking is the exploitation of a valid computer session—sometimes also called a session key—to gain unauthorized access to information or services in a computer system. In particular, it is used to refer to the theft of a magic cookie used to authenticate a user to a remote server. It has particular relevance to web developers, as the HTTP cookies used to maintain a session on many web sites can be easily stolen by an attacker using an intermediary computer or with access to the saved cookies on the victim's computer ( HTTP cookie theft). • Facebook session high jacking • Orkut session high jacking
  • 19. MS Windows Link File CVE-2010-2568 • This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening. Description • This signature will detect attempts to exploit a remote code execution vulnerability in Microsoft Windows Shortcut 'LNK' Files. • Microsoft Windows is prone to a vulnerability that may allow a file to automatically run because the software fails to handle 'LNK' files properly. Microsoft Windows Attack Method 1
  • 20. • Specifically, the issue occurs when loading the icon of a shortcut file. A specially crafted 'LNK' file can cause Windows to automatically execute code that is specified by the shortcut file. • NOTE: This issue is being exploited in the wild as malware W32.Temphid. This issue affects Microsoft Windows XP, Windows Vista, Windows 7, Windows Server 2003, and Windows Server 2008. Microsoft Windows Attack Method 1 cont.….
  • 21. Microsoft Windows Attack Method 2 Meta sploit Attack Microsoft windows shell code execution exploit/windows/browser/ms10_046_shortcut_icon_dllloader Description: This module exploits a vulnerability in the handling of Windows Shortcut files (.LNK) that contain an icon resource pointing to a malicious DLL. This module creates a WebDAV service that can be used to run an arbitrary payload when accessed as a UNC path
  • 22. Sending Anonymous Mail 1. Sending fake mail: In this technic user can easily send fake mail by other user Email id. 2. Sending modify fake mail as Facebook Administrator, Orkut Administrator , and any other company © HaCkHiPp0-TeAm R0oTx:SaHiL_RaI
  • 23. VICTIM PC ATTACKER PC Attacker send fake login link to victim As it : http://example.com/gmail.html In phishing attacker manipulate the general parson login with modify fake page, when victim login with fake page his password redirect to hacker . Creating a replica of an existing Web page to fool a user into submitting personal, financial, or password data © HaCkHiPp0-TeAm R0oTx:SaHiL_RaI
  • 24. When victim login with fake link attacker job done. User: ***** Pass: ***** User: sheela Pass: barbie.doll User password redirect to attacker systems Miss sheela is hacked User name – sheela Pass- barbie.doll © HaCkHiPp0-TeAm R0oTx:SaHiL_RaI
  • 25. Phishing Method 2 Website Attack Vector Credential Harvester Attack Method The Credential Harvester method will utilize web cloning of a web- site that has a username and password field and harvest all the information posted to the website. © HaCkHiPp0-TeAm R0oTx:SaHiL_RaI
  • 26. What is SQL SQL is a structure query language It can be store our website data base in websites, user name password table contents and maintains users entry’s ….. © HaCkHiPp0-TeAm R0oTx:SaHiL_RaI
  • 27. SQL INJECTION ATTACK A simple SQL injection attack: A SQL injection attack exploits vulnerabilities in a web server database that allows the attacker to gain access to the database and read, modify, or delete information. © HaCkHiPp0-TeAm R0oTx:SaHiL_RaI
  • 28. An example of a SQL injection attack is making the login condition “TRUE” by giving the identical value to a web page. These values can be inserted into a login as follows: • Username: 1′ or ’1′=’1 • Password: 1′ or ’1′=’1 © HaCkHiPp0-TeAm R0oTx:SaHiL_RaI
  • 29. Try to login with sql injection User name: 1′ or ’1′=’1 Password : 1′ or ’1′=’1 Done to deface administrator panel Easley And stolen , delete , change administrator data. © HaCkHiPp0-TeAm R0oTx:SaHiL_RaI
  • 30. Steganography Steganography (computer science) The art and science of hiding a message in a medium, such as a digital picture or audio file. is the hiding of a secret message within an ordinary message and the extraction of it at its destination
  • 31. CDMA Mobile cloning Allowing the (ESN) of the mobile phone to be modified. In mobile cloning hacker copy (ESN) and (MIN) no and write this any other computer chip or devise and easy to clone any cdma mobile numbers ESN (electronic serial number ) MIN ( mobile identification number) Cloned sim card © HaCkHiPp0-TeAm R0oTx:SaHiL_RaI
  • 33. Information Security Market Scenario • Information security demand increasing 17.5% per year... • Best way of bright future for technical students. • The demand for information security professionals is grown 20% in 2011. • It is expected to grow 25% in the year 2012. © HaCkHiPp0-TeAm R0oTx:SaHiL_RaI
  • 34. AAWorld of Opportunities The Asia-Pacific region is anticipated to account for the majority of Information Security solutions market by 2012. In this world of Opportunities you will see almost every sector emphasizing on Information Security • Banking Sector • Corporate Sector • Automobile Sector • Aviation Industry • IT Industry • Educational Institutions • Government Sector • Cyber Crime Investigation Cells • Global Security Agencies • Information System Security Association © HaCkHiPp0-TeAm R0oTx:SaHiL_RaI
  • 35. Become A Security Expert • Cyber security professional • Information Security Professional • IS Executive • Information System Auditor • Security Advisors • Software developers • IT specialists • IT system executives • IT consultants • Assistant Software Engineer • Software Test Engineer • R&D Executive • Security Consultant • System Engineer • Network Engineer • Network Administrator and many more…sector. The Appin Pathfinder prepares you for numerous career opportunities. If you've ever wondered what you can become, here are some answers. These are the career profiles chosen by students immediately after their schools and are earning huge packages despite of their age and less experience. Thousands of our students have been placed with many top companies in IT and security

Editor's Notes

  1. MAC- Media Access Control, SIM – Subscriber Identity Module, IMEI – International Mobile Equipment Identity.