2. Points to be discuss in this session
Objectives of this Session
Computer/Network Security
Hacking
Ethical Hacking and Types of Hackers
Cyber Crime
Common Terminology used in the Ethical Hacking
Kali Linux
Virtualization ( Virtual Machine ) Concept
How to install Kali Linux on Virtual Machine
Kali Linux Overview and Basic Commands of Linux
Career in Ethical Hacking
Future Sessions Discussion and Technical talks
3. Objective of this Session
The Objective of this session is to give you awareness of ethical hacking .
Session for beginner
Teach only useful information
Don’t share with you any illegal information about hacking
After attending this session, you should have solid understanding of Ethical
hacking
Specially for those who want to start their career as a ethical hacker
I hope, you will enjoy and love this session
4. Why Computer Security ?
Computer systems are ubiquitous in our daily life
Computers store and process our data and information
Computers access and control our resources
Valuable Data Private Data Dangerous Data
5. The Sony Breach
An Example: The Playstation Network (PSN) Attack
Illegal intrusion into network around April 2011
Severe consequences for users and companies
Financial damage of over 24 billion dollars
6.
7. Hacking
According to cyber.laws.com, “ Computer hacking refers to the
practice of modifying or altering computer software and
hardware to accomplish a goal that is considered to be outside
of the creator’s original objective”. Those individuals who
engage in computer hacking activities are typically referred to
as “hackers.”
8. Ethical Hacking
Ethical hacking is when an expert attempts to hack a computer or network
with the express written permission of the assets owner.
Also called White Hat Hacking
Penetration Testing
It is legal and Permission is obtained from the target
Part of overall Security Program
The ethical hackers are paid to find these vulnerabilities first and make the
company aware of the risks
9. Types of Hackers
Black Hat Hackers : ( Bad Guys )
White Hat Hackers : ( Good Guys )
Gray Hat Hackers : (Combination of Black Hat and
White Hat )
10. Black Hat Hackers : ( Bad Guys )
They hack the system/network/web without owner permission
The intention of black hat hacker is very bad
A black hat hacker may try to steal information such as social security
numbers, credit cards, personal identifiable information, bank account
Information and much more
They do hacking for illegal purpose
The have excellent computing and programming skills
They hack the system for their own benefits
Their main goal is to do damage and to expose or steal data
11. White Hat Hackers : ( Good Guys )
They hack systems with the owner permission
Company hire white hat hackers
They are professional hackers who works in Industry
They are also called ethical hackers
They work for legal purpose
They secure network/web of the company
12. Gray Hat Hackers : (Combination of
Black Hat and White Hat )
The gray hat hacker is a unique type of hacker because they are freelancers
and operate without written consent
They are known to discover systems weaknesses, without permission but
without malicious intent
Their goal is to bring these flaws to the attention of the system owner so
they can be corrected
13. Pre-Requisite
What should we know to enter in the field of Ethical Hacking
You should have basic and solid Understanding of Programming
You should have basic and solid Understanding of Networking
You should have basic and solid Understanding of Linux OS etc.
16. Penetration testing (also called pen testing) is the practice of testing or evaluating
a computer system, network or Web application to find vulnerabilities that an
attacker could exploit.
Vulnerability : Weakness in a System ex. Hardware/Software vulnerabilities
Exploit : A method to intrude/penetrate in a System
Metasploit : Metasploit is one of the most powerful and widely used tools for
penetration testing
SQL Injection : SQL injection is a code injection technique that might destroy
your database. SQL injection is one of the most common web hacking
SQL injection is the placement of malicious code in SQL statements, via web page
input.
Brute force Attack : a simple brute-force attack may have a dictionary of all
words or commonly used passwords and cycle through those words until it gains
access to the account.
Keylogger : A keylogger, sometimes called a keystroke logger or system monitor,
is a type of surveillance technology used to monitor and record each keystroke
typed on a specific computer's keyboard.
17. Phishing attack : Phishing is the attempt to obtain sensitive
information such as usernames, passwords, and credit card details (and,
indirectly, money), often for malicious reasons, by disguising as a
trustworthy entity in an electronic communication.
Bug bounty Program : A bug bounty program is a deal offered by many
websites and software developers by which individuals can receive
recognition and compensation for reporting bugs, especially those
pertaining to exploits and vulnerabilities
Footprinting : It is the process of gathering data about certain target
Or Information gathering
Cyber Crime : Crime relevant to Computer
Cloud Computing : Internet based computing
18. Virtual Machines
A Software Computer
• A Computer within a computer
• Can be used just like any other computer
Why use VMs
• A VM is stored on a physical HDD - thus extremely versatile
• You can transfer a VM just like any other file on your computer
• You can clone/repurpose VMs very easily
Terminology
• Host Computer
• Guest VM
19. A Host Computer can host Several VMs
A Guest VM generally resides on a single host
A Host Computer is generally a very powerful server that is designed to run
multiple Guest VMs
Tips : Keep resources as low as possible and Turn off VMs when you are not using
20. KALI LINUX
It is an Open Source
Linux OS
Specially designed for Hackers
All tools are built in relevant to Hacking
More than 300 penetration testing tools
21. Download and Install Virtual Box and
Kali Linux
Step # 1 : Download Virtual Box
https://www.virtualbox.org/wiki/Downloads
Step # 2 : Install Virtual Box
Step # 3 : Download Kali Linux
https://www.offensive-security.com/kali-linux-vmware-virtualbox-image-
download/
Step # 4 : Follow these steps ( Upcoming Slides )
Default User Name is root and password is toor .
33. Tips ( How to Secure your Network )
Always clear your browsers cookies
Password should be strong
34. Career in Ethical Hacking
Bright Career
Information (Network/Computer/Cyber) Security is one the highest paid and
fastest growing job segment with a huge skill gap. According to
Forbes, there will be a global shortage of two million cyber security
professionals by 2019. Moreover, Info security complements all aspect of
computer science from mobile, networks, cloud, OS to web.
35. My next Sessions
Mobile Application Development
Web Designing and Development
Introduction to Cloud Computing
Artificial Intelligence and more ….
Contact with me on Facebook and Gmail:
waseemrauf7@gmail.com