introduction to hacking
DESCRIPTION
TRANSCRIPT
Introduction to Ethical Hacking
By Nitish Mehta (Illuminative works)
Illuminative works2
What we do ?
Illuminative Works
Illuminative works3
Services we Provide
ILLUMINAITVE WORKS
SERVICES
PHP and Framework
s
Ruby On Rails SEO
APPILCATION DEVELOPME
NT
Illuminative works4
Php and It’s Frameworks
ILLUMINAITVE WORKS
services
PHP and Frameworks
Wordpress
Magento
Joomla Zend
ILLUMINAITVE WORKS
SERVICES
PHP and Framewor
ks
Ruby On Rails SEO
APPILCATION DEVELOPME
NT
TRAINING
ONLINE OFFLINE
Illuminative works6
Types of training
TRAINING
Courses ONLINE
Webinars Blogs Webca
st
Workshops
Illuminative works7
Workshop and training on
Application development
•Mobile Application development•Facebook application development •Twitter application development
Ethical Hacking
•Ethical Hacking level -1•Hack the Hacker (method to trackback to hacker)•HACKERS ON CHARITY (Coming soon )
Website development
•Php •Wordpress •Joomla
Electronics and communication
•Electric Circuit and PCB designing.•Advanced 8051 Architecture, Programming & Interfacing
Illuminative works8
How can you learn from us?
Series of Webinars.
Watch webcast.
Blogs
Workshop
Hack with hackers
Illuminative works9
What we will discuss today ?
1. Understanding hacker objectives
2. Outlining the differences between ethical
hackers and malicious hackers/crackers
3. Examining the ethical hacking processes.
4. Starting the ethical hacking process
Illuminative works10
Who are Hackers ? Recently, hacker has taken on a new meaning
— who maliciously breaks into systems for personal
gain.
Technically, these criminals are crackers They modify, delete, and steal critical information,
often making other people miserable The good-guy (white-hat) hackers don’t like
being in the same category as the bad-guy (black-hat) hackers.
Illuminative works11
Types of Hacker People Categorize Hacker into many different
ways But everyone agrees that there is 3 basic
type of hacker
Black Hat• Individual with
extraordinary computing skills
• Does destructive work always
White Hat• Individual
Professional Hacker
• Used for Defensive Purpose
Grey Hat• They work for
defensive and offensive at their own will
Illuminative works12
Types of Ethical Hacker
Former Black Hats
•Reformed crackers•First Hand Experienced •Less credibility
White Hats
•Independent security Consultants (can be group too)•Claim to be knowledgeable about black hat activities
Consulting Firms
•Part of ICT firms.•Certified professionals. •Good credibility.
Illuminative works13
Steps of Hacking
Information Gathering
&Scanning
System Hacking
Plant Rootkits and Backdoors
Covering Tracks
Illuminative works14
Information Gathering Is used to gather information as much as hacker
can for the target
It is also know as ratting the door knob.
By information that a hacker has gathered he/she can know what type of attack to use.
This is basic and important step in hacking
More knowledge in this step will make other upcoming step easy.
Illuminative works15
Scanning Scanning refers to pre attack phase where a
hacker scan the network to find / gather information about network
Scanning includes Network scan Port scan Venerability scan , ect
A Hacker can get some high venerability which can give access easily.
Illuminative works16
System Hacking Also know as gaining access The venerability that has been found during
Information Gathering and scanning is been exploited here
There can be many exploits with different level of threats
Some of the threats that we are going to discuss are Sql Injection XXS cross site scripting LFI , RFI
Illuminative works17
Backdoor and rootkits It is also called as maintaining access. This is done so a hacker can have all type of
access for next time without bypassing or breaking the security
For this many stuffs are used Trojans Backdoors ,rootkits Shells , ect
Illuminative works18
Covering Tracks This is smallest and most important part in
Hacking If this is not done then a Hacker can easily get
track back. This is step were hacker removes all his/her identity
or tracks History files :
sh : .sh_history csh : .history ksh : .sh_history bash: .bash_history zsh : .history
Backup Files : dead.letter, *.bak, *~
Illuminative works19
What does Ethical Hacker do ? They basically ask themselves following
question What does a hacker/ cracker sees in the target ?
Information gathering Scanning
What can he do with that vulnerability ? Gaining Access Maintaining it System hacking
Has anyone already noticed the vulnerability ? Maintaining Access Footprinting
Illuminative works20
What is vulnerability Research ? Discovering and designing vulnerability in any
system is called vulnerability. It can be classified in two ways
Threat Level Low Medium High
Exploit Range Local Remote
Illuminative works21
Why a Ethical hacker need to have vulnerability ?
To identify correct network vulnerability
Protect network form being attack
To get information that helps to prevent
security problems
To gather information about virus/ worms/
Trojan
To find weakness in n/w and inform it to admin
To know how to recover from such attacks
Illuminative works22
From were you can research ? There are several websites from where you
can stay up dated and can research
Mine favourite are Packet storm : www.packetstormsecurity.com Security focus: www.securityfocus.com SANS internet storm : http://isc.sans.edu Security magazine : www.securitymagazine.com Exploit-db: www.exploit-db.com
Illuminative works23
How can you conduct Ethical Hacking ?Talk to your client on the needs of testing
Prepare NDA document and ask them to sign them
Prepare a team of Ethical Hacker and create a schedule for testing
Conduct the test
Analyze the result and prepare the report
Deliver the report to the client
Illuminative works24
Process of Ethical Hacking
Illuminative works25
How many times we should do ? Make sure your systems are secure. New hacker exploits and security
vulnerabilities are regularly uncovered At any time , everything can change
Software upgrades Adding computer systems Applying patches.
Thus regularly testing should be done.
Illuminative works26
Future webinar dates 2-2-12 •Information Gathering & Scanning Methodologies- NitishMehta
16-12-12 •Google Hacking – Nitish Mehta
6-1-13 •SQL injection attacks -Nitish Mehta / Naveen Badoni
20-1-13 •Facebook and Email Hacking- Arif Ali Khan
2-2-13 •Social Engineering-Arif Ali Khan / Nitish Mehta
Illuminative works27
Q/A Round
Thank YouNitish Mehta
(Illuminative works –CEO and Founder)[email protected]
Facebook.com/illuminativeworks