SlideShare a Scribd company logo

Ethical hacking11601031 (1)

Download as PPTX, PDF
Mohammad Affan
Mohammad Affan

The document provides an overview of ethical hacking. It defines ethical hacking as testing network security by using the same tools as hackers but for legitimate purposes with the organization's authorization. It discusses the types of hackers (white hats, black hats, gray hats), the phases of an ethical hacking test (reconnaissance, scanning, gaining access, maintaining access, clearing tracks), common attack types, and how to perform a penetration test which involves preparation, conducting the test, and reporting conclusions.

TechnologyNews & Politics
1 of 18
ETHICAL HACKING...
INDEX         Ethical Hacking Terminology. What is Ethical hacking? Who are Ethical hacker? How many types of hackers?  White Hats (Ethical hackers)  Black Hats (Malicious hackers)  Gray Hats (Good or bad hackers) How to Be Ethical ? The Phases of Ethical Hacking.  Reconnaissance  Scanning  Gaining access  Maintaining access  Clearing tracks Types of attacks. Performing a Penetration Test.  Preparation  Conduct Security Evaluation  Conclusion
Ethical Hacking Terminology  Threat: An environment or situation that could lead to a      potential breach of security. Exploit: A piece of software or technology that takes advantage of a bug, glitch, or vulnerability, leading to unauthorized access, privilege escalation, or denial of service on a computer system. Vulnerability: The existence of a software flaw, logic design, or implementation error. Target of Evaluation (TOE): A system, program, or network that is the subject of a security analysis or attack. Attack: An attack occurs when a system is compromised based on a vulnerability. Remote: The exploit is sent over a network without any prior access to the vulnerable system.
What is Ethical hacking?  Ethical hacking is the process of testing network and systems security for vulnerabilities using the some tools that a hacker might use to compromise the network.
Who are Ethical hacker?  Ethical hackers are usually security professionals or network penetration testers.  Ethical hackers use their hacking skills and toolsets for defensive and protective purposes only.
How many types of hackers? Hackers can be divided into three groups:  White Hats (Ethical hackers): i. ii. White hats are the good guys, the ethical hackers who use their hacking skills for defensive purposes. White hats are those who hack with permission from the data owner. It is critical to get permission prior to beginning any hacking activity.
 Black Hats (Malicious hackers): i. ii.  Black hats are the malicious hackers or crackers who use their skills for illegal or malicious purposes. Black-hat hackers having gained unauthorized access such as “destroy vital data”, “deny legitimate users service”, and just cause problems for their targets. Gray Hats (Good or bad hackers): i. Gray hats are hackers who may work offensively or defensively, depending on the situation.
How to Be Ethical  The ethical hacker must follow certain rules: i. Gain authorization from the client and have a signed contract giving the tester permission to perform the test. ii. Maintain and follow a nondisclosure agreement (NDA) with the client in the case of confidential information disclosed during the test. iii. Maintain confidentiality when performing the test. iv. Information gathered may contain sensitive information. No information about the test or company confidential data should ever be disclosed to a third party.
The Phases of Ethical Hacking…  The process of ethical hacking includes five phases that hackers generally follow in hacking a computer system:      Reconnaissance Scanning Gaining access Maintaining access Clearing tracks
Reconnaissance  Passive reconnaissance involves gathering information as possible about the TOE (Target of Evaluation).  Active reconnaissance involves probing the network to discover individual hosts, IP addresses, and services on the network.
Scanning  The goal of scanning is to learn as much technical data about the systems as possible.  Tools that a hacker may employ during the scanning phase include:        Dialers Port scanners Internet Control Message Protocol (ICMP) scanners Ping sweeps Network mappers Simple Network Management Protocol (SNMP) sweepers Vulnerability scanners etc.
Gaining access  Gaining access is the actual hacking phase in which the hacker gains access to the system.  In this step, the hacker will make use of all the information he collected in the pre-attacking phases.
Maintaining access  Once a hacker has gained access to a target system, they want to keep that access for future exploitation and attacks.  Once the hacker owns the system, they can use it as a base to launch additional attacks.
Clearing tracks  Once hackers have been able to gain and maintain access, they cover their tracks to avoid detection by security personnel, to continue to use the owned system, to remove evidence of hacking, or to avoid legal action.  Hackers try to remove all traces of the attack, such as log files or intrusion detection system (IDS) alarms.
Types of attacks.  The techniques and methods used are likely to vary depending on the target and they should be chosen appropriately having assessed the situation fully. The types of attack and vulnerabilities are:         Buffer Overflow attacks. Denial of Service (DoS) attacks. Distributed Denial of Service (DDoS) attacks. Misconfigurations. Abuse of Trust. Brute force attacks. CGI and WWW services. Back doors and Trojans.
Performing a Penetration Test  Many ethical hackers acting in the role of security professionals use their skills to perform security evaluations or penetration tests. These tests and evaluations have three phases: Preparation Conduct Security Evaluation Conclusion
 Preparation  This phase involves a formal agreement between the ethical hacker and the organization. This agreement should include the full scope of the test, the types of attacks (inside or outside) to be used, and the testing types.  Conduct Security Evaluation  During this phase, the tests are conducted, after which the tester prepares a formal report of vulnerabilities and other findings.  Conclusion  The findings are presented to the organization in this phase, along with any recommendations to improve security.
Thank you! For your time and consideration. Presented by: Mohammad Affan www.ithubpage.blogspot.com

Recommended

Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
Ravi Rajput
 
Hacking and Ethical Hacking
Hacking and Ethical HackingHacking and Ethical Hacking
Hacking and Ethical Hacking
Masih Karimi
 
Hackers
HackersHackers
Hackers
Reyansh Vishwakarma
 
Ethical hacking introduction to ethical hacking
Ethical hacking introduction to ethical hackingEthical hacking introduction to ethical hacking
Ethical hacking introduction to ethical hacking
MissStevenson1
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
Mohammad Affan
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
Nitheesh Adithyan
 
How to Become an Ethical Hacker? | Ethical Hacking Career | Ethical Hacker Sa...
How to Become an Ethical Hacker? | Ethical Hacking Career | Ethical Hacker Sa...How to Become an Ethical Hacker? | Ethical Hacking Career | Ethical Hacker Sa...
How to Become an Ethical Hacker? | Ethical Hacking Career | Ethical Hacker Sa...
Edureka!
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
Garla Prajwal
 

Recommended

Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
Ravi Rajput
 
Hacking and Ethical Hacking
Hacking and Ethical HackingHacking and Ethical Hacking
Hacking and Ethical Hacking
Masih Karimi
 
Hackers
HackersHackers
Hackers
Reyansh Vishwakarma
 
Ethical hacking introduction to ethical hacking
Ethical hacking introduction to ethical hackingEthical hacking introduction to ethical hacking
Ethical hacking introduction to ethical hacking
MissStevenson1
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
Mohammad Affan
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
Nitheesh Adithyan
 
How to Become an Ethical Hacker? | Ethical Hacking Career | Ethical Hacker Sa...
How to Become an Ethical Hacker? | Ethical Hacking Career | Ethical Hacker Sa...How to Become an Ethical Hacker? | Ethical Hacking Career | Ethical Hacker Sa...
How to Become an Ethical Hacker? | Ethical Hacking Career | Ethical Hacker Sa...
Edureka!
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
Garla Prajwal
 
Ethical hacking-ppt-download4575
Ethical hacking-ppt-download4575Ethical hacking-ppt-download4575
Ethical hacking-ppt-download4575
Gopal Rathod
 
Ethical hacking ppt_presentation_way2project_in
Ethical hacking ppt_presentation_way2project_inEthical hacking ppt_presentation_way2project_in
Ethical hacking ppt_presentation_way2project_in
muhamedwaseem09
 
Virus and hacker (2)mmm
Virus and hacker (2)mmmVirus and hacker (2)mmm
Virus and hacker (2)mmm
andynova
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
Namrata Raiyani
 
Complete Ethical Hacking Course | Ethical Hacking Training for Beginners | Ed...
Complete Ethical Hacking Course | Ethical Hacking Training for Beginners | Ed...Complete Ethical Hacking Course | Ethical Hacking Training for Beginners | Ed...
Complete Ethical Hacking Course | Ethical Hacking Training for Beginners | Ed...
Edureka!
 
An Introduction to Ethical Hacking
An Introduction to Ethical HackingAn Introduction to Ethical Hacking
An Introduction to Ethical Hacking
Vinny Vessel
 
Introduction ethical hacking
Introduction ethical hackingIntroduction ethical hacking
Introduction ethical hacking
Vishal Kumar
 
Web security chapter#2
Web security chapter#2Web security chapter#2
Web security chapter#2
Ishaq Shinwari
 
CS8792 - Cryptography and Network Security
CS8792 - Cryptography and Network SecurityCS8792 - Cryptography and Network Security
CS8792 - Cryptography and Network Security
vishnukp34
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
Aditya Vikram Singhania
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
Devendra Yadav
 
Ethical hacking & cyber security
Ethical hacking & cyber securityEthical hacking & cyber security
Ethical hacking & cyber security
ankit gandharkar
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
Chetanmalviya8
 
Security and Penetration Testing Overview
Security and Penetration Testing OverviewSecurity and Penetration Testing Overview
Security and Penetration Testing Overview
QA InfoTech
 
Intruders detection
Intruders detectionIntruders detection
Intruders detection
Ehtisham Ali
 
Introduction To Ethical Hacking
Introduction To Ethical HackingIntroduction To Ethical Hacking
Introduction To Ethical Hacking
Raghav Bisht
 
Penetration testing
Penetration testing Penetration testing
Penetration testing
PTC
 
Cyber Security-Ethical Hacking
Cyber Security-Ethical HackingCyber Security-Ethical Hacking
Cyber Security-Ethical Hacking
Viral Parmar
 
Types of Malware (CEH v11)
Types of Malware (CEH v11)Types of Malware (CEH v11)
Types of Malware (CEH v11)
EC-Council
 
EthicalHacking_AakashTakale
EthicalHacking_AakashTakaleEthicalHacking_AakashTakale
EthicalHacking_AakashTakale
Aakash Takale
 
Dss2
Dss2Dss2
Dss2
sujitkumar Sujit.Karande
 
Simulation system charming kitchen
Simulation system charming kitchenSimulation system charming kitchen
Simulation system charming kitchen
Akai_zheng
 

More Related Content

What's hot

Ethical hacking-ppt-download4575
Ethical hacking-ppt-download4575Ethical hacking-ppt-download4575
Ethical hacking-ppt-download4575
Gopal Rathod
 
Virus and hacker (2)mmm
Virus and hacker (2)mmmVirus and hacker (2)mmm
Virus and hacker (2)mmm
andynova
 
Intruders detection
Intruders detectionIntruders detection
Intruders detection
Ehtisham Ali
 
Penetration testing
Penetration testing Penetration testing
Penetration testing
PTC
 
EthicalHacking_AakashTakale
EthicalHacking_AakashTakaleEthicalHacking_AakashTakale
EthicalHacking_AakashTakale
Aakash Takale
 

What's hot (20)

Ethical hacking-ppt-download4575
Ethical hacking-ppt-download4575Ethical hacking-ppt-download4575
Ethical hacking-ppt-download4575
 
Ethical hacking ppt_presentation_way2project_in
Ethical hacking ppt_presentation_way2project_inEthical hacking ppt_presentation_way2project_in
Ethical hacking ppt_presentation_way2project_in
 
Virus and hacker (2)mmm
Virus and hacker (2)mmmVirus and hacker (2)mmm
Virus and hacker (2)mmm
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
 
Complete Ethical Hacking Course | Ethical Hacking Training for Beginners | Ed...
Complete Ethical Hacking Course | Ethical Hacking Training for Beginners | Ed...Complete Ethical Hacking Course | Ethical Hacking Training for Beginners | Ed...
Complete Ethical Hacking Course | Ethical Hacking Training for Beginners | Ed...
 
An Introduction to Ethical Hacking
An Introduction to Ethical HackingAn Introduction to Ethical Hacking
An Introduction to Ethical Hacking
 
Introduction ethical hacking
Introduction ethical hackingIntroduction ethical hacking
Introduction ethical hacking
 
Web security chapter#2
Web security chapter#2Web security chapter#2
Web security chapter#2
 
CS8792 - Cryptography and Network Security
CS8792 - Cryptography and Network SecurityCS8792 - Cryptography and Network Security
CS8792 - Cryptography and Network Security
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
 
Ethical hacking & cyber security
Ethical hacking & cyber securityEthical hacking & cyber security
Ethical hacking & cyber security
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
 
Security and Penetration Testing Overview
Security and Penetration Testing OverviewSecurity and Penetration Testing Overview
Security and Penetration Testing Overview
 
Intruders detection
Intruders detectionIntruders detection
Intruders detection
 
Introduction To Ethical Hacking
Introduction To Ethical HackingIntroduction To Ethical Hacking
Introduction To Ethical Hacking
 
Penetration testing
Penetration testing Penetration testing
Penetration testing
 
Cyber Security-Ethical Hacking
Cyber Security-Ethical HackingCyber Security-Ethical Hacking
Cyber Security-Ethical Hacking
 
Types of Malware (CEH v11)
Types of Malware (CEH v11)Types of Malware (CEH v11)
Types of Malware (CEH v11)
 
EthicalHacking_AakashTakale
EthicalHacking_AakashTakaleEthicalHacking_AakashTakale
EthicalHacking_AakashTakale
 

Viewers also liked

Simulation system charming kitchen
Simulation system charming kitchenSimulation system charming kitchen
Simulation system charming kitchen
Akai_zheng
 
Ethical hacking a licence to hack
Ethical hacking a licence to hackEthical hacking a licence to hack
Ethical hacking a licence to hack
amrutharam
 

Viewers also liked (20)

Dss2
Dss2Dss2
Dss2
 
Simulation system charming kitchen
Simulation system charming kitchenSimulation system charming kitchen
Simulation system charming kitchen
 
Introduccion a la Ingenieria
Introduccion a la IngenieriaIntroduccion a la Ingenieria
Introduccion a la Ingenieria
 
Dss6 7
Dss6 7Dss6 7
Dss6 7
 
Ethical hacking a licence to hack
Ethical hacking a licence to hackEthical hacking a licence to hack
Ethical hacking a licence to hack
 
Entropy and denial of service attacks
Entropy and denial of service attacksEntropy and denial of service attacks
Entropy and denial of service attacks
 
Cse ethical hacking ppt
Cse ethical hacking pptCse ethical hacking ppt
Cse ethical hacking ppt
 
ETHICAL HACKING
ETHICAL HACKING ETHICAL HACKING
ETHICAL HACKING
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
 
Basics of Denial of Service Attacks
Basics of Denial of Service AttacksBasics of Denial of Service Attacks
Basics of Denial of Service Attacks
 
Modeling and analysis
Modeling and analysisModeling and analysis
Modeling and analysis
 
Mission Mode Project (MMP)
Mission Mode Project (MMP)Mission Mode Project (MMP)
Mission Mode Project (MMP)
 
Denial of Service Attacks
Denial of Service AttacksDenial of Service Attacks
Denial of Service Attacks
 
Virtual manufacturing
Virtual manufacturingVirtual manufacturing
Virtual manufacturing
 
Ethical_Hacking_ppt
Ethical_Hacking_pptEthical_Hacking_ppt
Ethical_Hacking_ppt
 
Denial of service attack
Denial of service attackDenial of service attack
Denial of service attack
 
Course on Ehtical Hacking - Introduction
Course on Ehtical Hacking - IntroductionCourse on Ehtical Hacking - Introduction
Course on Ehtical Hacking - Introduction
 
WiFi Secuiry: Attack & Defence
WiFi Secuiry: Attack & DefenceWiFi Secuiry: Attack & Defence
WiFi Secuiry: Attack & Defence
 
Denial of Service Attacks
Denial of Service AttacksDenial of Service Attacks
Denial of Service Attacks
 
Cse ppt
Cse pptCse ppt
Cse ppt
 

Similar to Ethical hacking11601031 (1)

Introduction to Pre-Cybersecurity.pptx
Introduction to Pre-Cybersecurity.pptxIntroduction to Pre-Cybersecurity.pptx
Introduction to Pre-Cybersecurity.pptx
youfanlimboo
 
BASICS OF ETHICAL HACKING
BASICS OF ETHICAL HACKINGBASICS OF ETHICAL HACKING
BASICS OF ETHICAL HACKING
Drm Kapoor
 
Ethical hacking a licence to hack
Ethical hacking a licence to hackEthical hacking a licence to hack
Ethical hacking a licence to hack
Dharmesh Makwana
 

Similar to Ethical hacking11601031 (1) (20)

Vulnerability Prevention Using Ethical Hacking.pdf
Vulnerability Prevention Using Ethical Hacking.pdfVulnerability Prevention Using Ethical Hacking.pdf
Vulnerability Prevention Using Ethical Hacking.pdf
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
 
GETTING STARTED WITH THE ETHICAL HACKING.pptx
GETTING STARTED WITH THE ETHICAL HACKING.pptxGETTING STARTED WITH THE ETHICAL HACKING.pptx
GETTING STARTED WITH THE ETHICAL HACKING.pptx
 
Ethical Hacking : Understanding the Basics
Ethical Hacking : Understanding the BasicsEthical Hacking : Understanding the Basics
Ethical Hacking : Understanding the Basics
 
Ethical Hacking: A Comprehensive Cheatsheet
Ethical Hacking: A Comprehensive CheatsheetEthical Hacking: A Comprehensive Cheatsheet
Ethical Hacking: A Comprehensive Cheatsheet
 
Introduction to Pre-Cybersecurity.pptx
Introduction to Pre-Cybersecurity.pptxIntroduction to Pre-Cybersecurity.pptx
Introduction to Pre-Cybersecurity.pptx
 
BASICS OF ETHICAL HACKING
BASICS OF ETHICAL HACKINGBASICS OF ETHICAL HACKING
BASICS OF ETHICAL HACKING
 
Introduction To Ethical Hacking
Introduction To Ethical HackingIntroduction To Ethical Hacking
Introduction To Ethical Hacking
 
Introduction to Hacking
Introduction to HackingIntroduction to Hacking
Introduction to Hacking
 
Ethical hacking introduction to ethical hacking
Ethical hacking introduction to ethical hackingEthical hacking introduction to ethical hacking
Ethical hacking introduction to ethical hacking
 
A Deep Introduction to Ethical Hacking
A Deep Introduction to Ethical HackingA Deep Introduction to Ethical Hacking
A Deep Introduction to Ethical Hacking
 
Ethical hacking a licence to hack
Ethical hacking a licence to hackEthical hacking a licence to hack
Ethical hacking a licence to hack
 
Ethical Hacking and Network Defence 1.pptx
Ethical Hacking and Network Defence 1.pptxEthical Hacking and Network Defence 1.pptx
Ethical Hacking and Network Defence 1.pptx
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
 
Full seminar report on ethical hacking
Full seminar report on ethical hackingFull seminar report on ethical hacking
Full seminar report on ethical hacking
 
Cse ethical hacking ppt
Cse ethical hacking pptCse ethical hacking ppt
Cse ethical hacking ppt
 
Cse ethical hacking ppt
Cse ethical hacking pptCse ethical hacking ppt
Cse ethical hacking ppt
 
Ethical Hacking .pptx
Ethical Hacking .pptxEthical Hacking .pptx
Ethical Hacking .pptx
 
Hacking and Penetration Testing - a beginners guide
Hacking and Penetration Testing - a beginners guideHacking and Penetration Testing - a beginners guide
Hacking and Penetration Testing - a beginners guide
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
 

Recently uploaded

Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...
Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...
Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...
panagenda
 
Syngulon - Selection technology May 2024.pdf
Syngulon - Selection technology May 2024.pdfSyngulon - Selection technology May 2024.pdf
Syngulon - Selection technology May 2024.pdf
Syngulon
 
How we scaled to 80K users by doing nothing!.pdf
How we scaled to 80K users by doing nothing!.pdfHow we scaled to 80K users by doing nothing!.pdf
How we scaled to 80K users by doing nothing!.pdf
Srushith Repakula
 
TopCryptoSupers 12thReport OrionX May2024
TopCryptoSupers 12thReport OrionX May2024TopCryptoSupers 12thReport OrionX May2024
TopCryptoSupers 12thReport OrionX May2024
Stephen Perrenod
 
Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx
Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptxUnpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx
Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx
David Michel
 

Recently uploaded (20)

How Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdf
How Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdfHow Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdf
How Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdf
 
Overview of Hyperledger Foundation
Overview of Hyperledger FoundationOverview of Hyperledger Foundation
Overview of Hyperledger Foundation
 
What's New in Teams Calling, Meetings and Devices April 2024
What's New in Teams Calling, Meetings and Devices April 2024What's New in Teams Calling, Meetings and Devices April 2024
What's New in Teams Calling, Meetings and Devices April 2024
 
Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...
Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...
Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...
 
Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...
Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...
Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...
 
Syngulon - Selection technology May 2024.pdf
Syngulon - Selection technology May 2024.pdfSyngulon - Selection technology May 2024.pdf
Syngulon - Selection technology May 2024.pdf
 
AI revolution and Salesforce, Jiří Karpíšek
AI revolution and Salesforce, Jiří KarpíšekAI revolution and Salesforce, Jiří Karpíšek
AI revolution and Salesforce, Jiří Karpíšek
 
PLAI - Acceleration Program for Generative A.I. Startups
PLAI - Acceleration Program for Generative A.I. StartupsPLAI - Acceleration Program for Generative A.I. Startups
PLAI - Acceleration Program for Generative A.I. Startups
 
Introduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdf
Introduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdfIntroduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdf
Introduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdf
 
Enterprise Knowledge Graphs - Data Summit 2024
Enterprise Knowledge Graphs - Data Summit 2024Enterprise Knowledge Graphs - Data Summit 2024
Enterprise Knowledge Graphs - Data Summit 2024
 
The Value of Certifying Products for FDO _ Paul at FIDO Alliance.pdf
The Value of Certifying Products for FDO _ Paul at FIDO Alliance.pdfThe Value of Certifying Products for FDO _ Paul at FIDO Alliance.pdf
The Value of Certifying Products for FDO _ Paul at FIDO Alliance.pdf
 
AI presentation and introduction - Retrieval Augmented Generation RAG 101
AI presentation and introduction - Retrieval Augmented Generation RAG 101AI presentation and introduction - Retrieval Augmented Generation RAG 101
AI presentation and introduction - Retrieval Augmented Generation RAG 101
 
Salesforce Adoption – Metrics, Methods, and Motivation, Antone Kom
Salesforce Adoption – Metrics, Methods, and Motivation, Antone KomSalesforce Adoption – Metrics, Methods, and Motivation, Antone Kom
Salesforce Adoption – Metrics, Methods, and Motivation, Antone Kom
 
Extensible Python: Robustness through Addition - PyCon 2024
Extensible Python: Robustness through Addition - PyCon 2024Extensible Python: Robustness through Addition - PyCon 2024
Extensible Python: Robustness through Addition - PyCon 2024
 
How we scaled to 80K users by doing nothing!.pdf
How we scaled to 80K users by doing nothing!.pdfHow we scaled to 80K users by doing nothing!.pdf
How we scaled to 80K users by doing nothing!.pdf
 
TopCryptoSupers 12thReport OrionX May2024
TopCryptoSupers 12thReport OrionX May2024TopCryptoSupers 12thReport OrionX May2024
TopCryptoSupers 12thReport OrionX May2024
 
Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx
Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptxUnpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx
Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx
 
1111 ChatGPT Prompts PDF Free Download - Prompts for ChatGPT
1111 ChatGPT Prompts PDF Free Download - Prompts for ChatGPT1111 ChatGPT Prompts PDF Free Download - Prompts for ChatGPT
1111 ChatGPT Prompts PDF Free Download - Prompts for ChatGPT
 
Simplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdf
Simplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdfSimplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdf
Simplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdf
 
WebAssembly is Key to Better LLM Performance
WebAssembly is Key to Better LLM PerformanceWebAssembly is Key to Better LLM Performance
WebAssembly is Key to Better LLM Performance
 

Ethical hacking11601031 (1)

  • 2. INDEX         Ethical Hacking Terminology. What is Ethical hacking? Who are Ethical hacker? How many types of hackers?  White Hats (Ethical hackers)  Black Hats (Malicious hackers)  Gray Hats (Good or bad hackers) How to Be Ethical ? The Phases of Ethical Hacking.  Reconnaissance  Scanning  Gaining access  Maintaining access  Clearing tracks Types of attacks. Performing a Penetration Test.  Preparation  Conduct Security Evaluation  Conclusion
  • 3. Ethical Hacking Terminology  Threat: An environment or situation that could lead to a      potential breach of security. Exploit: A piece of software or technology that takes advantage of a bug, glitch, or vulnerability, leading to unauthorized access, privilege escalation, or denial of service on a computer system. Vulnerability: The existence of a software flaw, logic design, or implementation error. Target of Evaluation (TOE): A system, program, or network that is the subject of a security analysis or attack. Attack: An attack occurs when a system is compromised based on a vulnerability. Remote: The exploit is sent over a network without any prior access to the vulnerable system.
  • 4. What is Ethical hacking?  Ethical hacking is the process of testing network and systems security for vulnerabilities using the some tools that a hacker might use to compromise the network.
  • 5. Who are Ethical hacker?  Ethical hackers are usually security professionals or network penetration testers.  Ethical hackers use their hacking skills and toolsets for defensive and protective purposes only.
  • 6. How many types of hackers? Hackers can be divided into three groups:  White Hats (Ethical hackers): i. ii. White hats are the good guys, the ethical hackers who use their hacking skills for defensive purposes. White hats are those who hack with permission from the data owner. It is critical to get permission prior to beginning any hacking activity.
  • 7.  Black Hats (Malicious hackers): i. ii.  Black hats are the malicious hackers or crackers who use their skills for illegal or malicious purposes. Black-hat hackers having gained unauthorized access such as “destroy vital data”, “deny legitimate users service”, and just cause problems for their targets. Gray Hats (Good or bad hackers): i. Gray hats are hackers who may work offensively or defensively, depending on the situation.
  • 8. How to Be Ethical  The ethical hacker must follow certain rules: i. Gain authorization from the client and have a signed contract giving the tester permission to perform the test. ii. Maintain and follow a nondisclosure agreement (NDA) with the client in the case of confidential information disclosed during the test. iii. Maintain confidentiality when performing the test. iv. Information gathered may contain sensitive information. No information about the test or company confidential data should ever be disclosed to a third party.
  • 9. The Phases of Ethical Hacking…  The process of ethical hacking includes five phases that hackers generally follow in hacking a computer system:      Reconnaissance Scanning Gaining access Maintaining access Clearing tracks
  • 10. Reconnaissance  Passive reconnaissance involves gathering information as possible about the TOE (Target of Evaluation).  Active reconnaissance involves probing the network to discover individual hosts, IP addresses, and services on the network.
  • 11. Scanning  The goal of scanning is to learn as much technical data about the systems as possible.  Tools that a hacker may employ during the scanning phase include:        Dialers Port scanners Internet Control Message Protocol (ICMP) scanners Ping sweeps Network mappers Simple Network Management Protocol (SNMP) sweepers Vulnerability scanners etc.
  • 12. Gaining access  Gaining access is the actual hacking phase in which the hacker gains access to the system.  In this step, the hacker will make use of all the information he collected in the pre-attacking phases.
  • 13. Maintaining access  Once a hacker has gained access to a target system, they want to keep that access for future exploitation and attacks.  Once the hacker owns the system, they can use it as a base to launch additional attacks.
  • 14. Clearing tracks  Once hackers have been able to gain and maintain access, they cover their tracks to avoid detection by security personnel, to continue to use the owned system, to remove evidence of hacking, or to avoid legal action.  Hackers try to remove all traces of the attack, such as log files or intrusion detection system (IDS) alarms.
  • 15. Types of attacks.  The techniques and methods used are likely to vary depending on the target and they should be chosen appropriately having assessed the situation fully. The types of attack and vulnerabilities are:         Buffer Overflow attacks. Denial of Service (DoS) attacks. Distributed Denial of Service (DDoS) attacks. Misconfigurations. Abuse of Trust. Brute force attacks. CGI and WWW services. Back doors and Trojans.
  • 16. Performing a Penetration Test  Many ethical hackers acting in the role of security professionals use their skills to perform security evaluations or penetration tests. These tests and evaluations have three phases: Preparation Conduct Security Evaluation Conclusion
  • 17.  Preparation  This phase involves a formal agreement between the ethical hacker and the organization. This agreement should include the full scope of the test, the types of attacks (inside or outside) to be used, and the testing types.  Conduct Security Evaluation  During this phase, the tests are conducted, after which the tester prepares a formal report of vulnerabilities and other findings.  Conclusion  The findings are presented to the organization in this phase, along with any recommendations to improve security.
  • 18. Thank you! For your time and consideration. Presented by: Mohammad Affan www.ithubpage.blogspot.com