SlideShare uma empresa Scribd logo
1 de 21
Ethical hacking
What is the meaning of ethical ?
• being in accordance with the rules or standards for right
conduct or practice, especially the standards of a profession :
It was not considered ethical for physicians to advertise.
What is hacking?
• gain unauthorized access to data in a system or computer.
• During the 1990s, the term "hacker" originally denoted a skilled
programmer proficient in machine code and computer operating systems.
In particular, these individuals could always hack on an unsatisfactory
system to solve problems and engage in a little software company
espionage by interpreting a competitor's code.
• Unfortunately, some of these hackers also became experts at accessing
password-protected computers, files, and networks and came to known as
"crackers." Of course, an effective and dangerous "cracker" must be a good
hacker and the terms became intertwined. Hacker won out in popular use
and in the media and today refers to anyone who performs some form of
computer sabotage.
The History Of Hacking
• It all began in the 1960s at MIT, origin of the term “hacker”, where extremely skilled individuals practiced hardcore
programming in FORTRAN and other older languages. Some may ignorantly dub them “nerds” or “geeks” but these
individuals were, by far, the most intelligent, individual, and intellectually advanced people who happen to be the
pioneers and forefathers of the talented individuals that are today the true hackers. The true hackers amongst our
societies have an unquenchable thirst for knowledge. Boredom is never an object of challenge for hackers. They
have an almost anomalous ability to absorb, retain, and exert vast amounts of knowledge with regard to intricate
details. In 1969, Bell Labs employee Ken Thompson invented UNIX and permanently changed the future of the
computer industry. Then in the very early 1970s, Dennis Ritchie invented the computer programming language “C”
which was specifically invented to be used with UNIX. Programmers ceased to use assembler, while developing an
appreciation for the portability of “C.”
• Hackers used to be viewed as people who sat locked in a room all day programming nonstop, hours on end. No
one seemed to mind hackers back in the 1960s when this was the most widely excepted reputation. In fact, most
people had no idea what hacking was. The term hacker was accepted as a positive label slapped onto computer
gurus who could push computer systems beyond the defined limits. Hackers emerged out of the artificial
intelligence labs at MIT in the 1960s. A network known as ARPANET was founded by the Department of Defense
as a means to link government offices. In time, ARPANET evolved into what is today known as the Internet.
Types of hackers :-
Black hat hackers:-
• Black-hat hackers, or simply “black hats,” are the type of hacker
the popular media seems to focus on. Black-hat hackers violate
computer security for personal gain (such as stealing credit card
numbers or harvesting personal data for sale to identity thieves)
or for pure maliciousness (such as creating a botnet and using
that botnet to perform DDOS attacks against websites they don’t
like.)
• Black hats fit the widely-held stereotype that hackers are
criminals performing illegal activities for personal gain and
attacking others. They’re the computer criminals.
• A black-hat hacker who finds a new, “zero-day” security
vulnerability would sell it to criminal organizations on the black
market or use it to compromise computer systems.
• Media portrayals of black-hat hackers may be accompanied by
silly stock photos like the below one, which is intended as a
parody.
White hat hackers :-
• White-hat hackers are the opposite of the black-hat hackers. They’re the
“ethical hackers,” experts in compromising computer security systems
who use their abilities for good, ethical, and legal purposes rather than
bad, unethical, and criminal purposes.
• For example, many white-hat hackers are employed to test an
organizations’ computer security systems. The organization authorizes the
white-hat hacker to attempt to compromise their systems. The white-hat
hacker uses their knowledge of computer security systems to compromise
the organization’s systems, just as a black hat hacker would. However,
instead of using their access to steal from the organization or vandalize its
systems, the white-hat hacker reports back to the organization and
informs them of how they gained access, allowing the organization to
improve their defenses. This is known as “penetration testing,” and it’s
one example of an activity performed by white-hat hackers.
• A white-hat hacker who finds a security vulnerability would disclose it to
the developer, allowing them to patch their product and improve its
security before it’s compromised. Various organizations pay “bounties” or
award prizes for revealing such discovered vulnerabilities, compensating
white-hats for their work.
Grey hat hackers :-
• Very few things in life are clear black-and-white categories. In reality,
there’s often a gray area. A gray-hat hacker falls somewhere between a
black hat and a white hat. A gray hat doesn’t work for their own personal
gain or to cause carnage, but they may technically commit crimes and do
arguably unethical things.
• For example, a black hat hacker would compromise a computer system
without permission, stealing the data inside for their own personal gain or
vandalizing the system. A white-hat hacker would ask for permission
before testing the system’s security and alert the organization after
compromising it. A gray-hat hacker might attempt to compromise a
computer system without permission, informing the organization after the
fact and allowing them to fix the problem. While the gray-hat hacker
didn’t use their access for bad purposes, they compromised a security
system without permission, which is illegal.
• If a gray-hat hacker discovers a security flaw in a piece of software or on a
website, they may disclose the flaw publically instead of privately
disclosing the flaw to the organization and giving them time to fix it. They
wouldn’t take advantage of the flaw for their own personal gain — that
would be black-hat behavior — but the public disclosure could cause
carnage as black-hat hackers tried to take advantage of the flaw before it
was fixed.
Some other types of hackers:-
• Elite hacker
 A social status among hackers, elite is used to describe the most skilled. Newly discovered exploits circulate among these hackers.
Elite groups such as Masters of Deceptionconferred a kind of credibility on their members.
• Script kiddie
 A script kiddie (also known as a skid or skiddie) is an unskilled hacker who breaks into computer systems by using automated tools written
by others (usually by other black hat hackers), hence the term script (i.e. a prearranged plan or set of activities) kiddie (i.e. kid, child—an
individual lacking knowledge and experience, immature),usually with little understanding of the underlying concept.
• Neophyte
 A neophyte ("newbie", or "noob") is someone who is new to hacking or phreaking and has almost no knowledge or experience of the
workings of technology and hacking.
• Blue hat
 A blue hat hacker is someone outside computer security consulting firms who is used to bug-test a system prior to its launch, looking for
exploits so they can be closed. Microsoft also uses the term BlueHat to represent a series of security briefing events.
• Hacktivist
 A hacktivist is a hacker who utilizes technology to publicize a social, ideological, religious or political message.
 Hacktivism can be divided into two main groups:
 Cyberterrorism — Activities involving website defacement or denial-of-service attacks; and,
 Freedom of information — Making information that is not public, or is public in non-machine-readable formats, accessible to the public.
Types of Data stolen from the organization:-
Effects of hacking :-
What does a hacker do?
Phase 1: Reconnaissance
Reconnaissance types
Phase 2: Scanning
Phase 3 :- Gaining Acess
Phase 4:- Maintaining Acess
Phase 5 :- Covering Tracks
Some Types of hacking:-
 Injection attack :- Injection Attacking occurs when there are flaws in your
SQL Database, SQL libraries, or even the operating system itself. Employees open
seemingly credible files with hidden commands, or “injections”, unknowingly.
In doing so, they’ve allowed hackers to gain unauthorized access to private data
such as social security numbers, credit card number or other financial data.
 Cross site scripting attack :-Cross Site Scripting, also known as an XSS
attack, occurs when an application, url “get request”, or file packet is sent to the
web browser window and bypassing the validation process. Once an XSS script is
triggered, it’s deceptive property makes users believe that the compromised page
of a specific website is legitimate.
For example, if www.example.com/abcd.html has XSS script in it, the user might
see a popup window asking for their credit card info and other sensitive info
 click jacking attack :- Click jacking, also called a UI Redress Attack, is when a
hacker uses multiple opaque layers to trick a user into clicking the top layer without them
knowing.
Thus the attacker is “hijacking” clicks that are not meant for the actual page, but for a page
where the attacker wants you to be.
For example, using a carefully crafted combination of style sheets, iframes, and text boxes, a user
can be led to believe they are typing in the password for their bank account, but are actually
typing into an invisible frame controlled by the attacker.
 social engineering attacks :- A social engineering attack is not technically
a “hack”.
It happens when you divulge private information in good faith, such as a credit card
number, through common online interactions such as email, chat, social media sites, or
virtually any website.
The problem, of course, is that you’re not getting into what you think you’re getting into.
A classic example of a social engineering attack is the “Microsoft tech support” scam.
This is when someone from a call center pretends to be a MS tech support member who
says that your computer is slow and/or infected, and can be easily fixed – at a cost, of
course.
Phishing attack :- Phishing is the attempt to acquire sensitive information such as
usernames, passwords, and credit card details (and sometimes, indirectly, money), often for
malicious reasons, by masquerading as a trustworthy entity in an electronic
communication. The word is a neologism created as a homophone of fishing due to the
similarity of using a bait in an attempt to catch a victim. Communications purporting to be from
popular social web sites, auction sites, banks, online payment processors or IT administrators
are commonly used to lure unsuspecting victims. Phishing emails may contain links to websites
that are infected with malware. Phishing is typically carried out by email spoofing or instant
messaging, and it often directs users to enter details at a fake website whose look and feel are
almost identical to the legitimate one. Phishing is an example of social engineering techniques
used to deceive users, and exploits the poor usability of current web security
technologies. Attempts to deal with the growing number of reported phishing incidents
include legislation, user training, public awareness, and technical security measures. Many
websites have now created secondary tools for applications, like maps for games, but they
should be clearly marked as to who wrote them, and users should not use the same passwords
anywhere on the internet.
The great knowledge of memory is not ignorance,it is
the illusion of knowledge……
Thank you

Mais conteúdo relacionado

Mais procurados

Inetsecurity.in Ethical Hacking presentation
Inetsecurity.in Ethical Hacking presentationInetsecurity.in Ethical Hacking presentation
Inetsecurity.in Ethical Hacking presentationJoshua Prince
 
Ethical hacking a licence to hack
Ethical hacking a licence to hackEthical hacking a licence to hack
Ethical hacking a licence to hackDharmesh Makwana
 
Introduction to Ethical Hacking (Basics)
Introduction to Ethical Hacking (Basics)Introduction to Ethical Hacking (Basics)
Introduction to Ethical Hacking (Basics)Sumit Satam
 
Ethical Hacking & Network Security
Ethical Hacking & Network Security Ethical Hacking & Network Security
Ethical Hacking & Network Security Lokender Yadav
 
Full seminar report on ethical hacking
Full seminar report on ethical hackingFull seminar report on ethical hacking
Full seminar report on ethical hackingGeorgekutty Francis
 
Ethical Hacking and Network Security
Ethical Hacking and Network SecurityEthical Hacking and Network Security
Ethical Hacking and Network Securitysumit dimri
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hackingzing12345
 
Hacking and Hackers
Hacking and HackersHacking and Hackers
Hacking and HackersFarwa Ansari
 
Ethical hacking Presentation
Ethical hacking PresentationEthical hacking Presentation
Ethical hacking PresentationAmbikaMalgatti
 
What is Hacking? AND Types of Hackers
What is Hacking? AND Types of HackersWhat is Hacking? AND Types of Hackers
What is Hacking? AND Types of Hackersinfosavvy
 
Presentation on ethical hacking
Presentation on ethical hackingPresentation on ethical hacking
Presentation on ethical hackingSunny Sundeep
 

Mais procurados (20)

Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
 
Inetsecurity.in Ethical Hacking presentation
Inetsecurity.in Ethical Hacking presentationInetsecurity.in Ethical Hacking presentation
Inetsecurity.in Ethical Hacking presentation
 
Ethical hacking a licence to hack
Ethical hacking a licence to hackEthical hacking a licence to hack
Ethical hacking a licence to hack
 
Introduction to Ethical Hacking (Basics)
Introduction to Ethical Hacking (Basics)Introduction to Ethical Hacking (Basics)
Introduction to Ethical Hacking (Basics)
 
Types of Hacker
 Types of Hacker Types of Hacker
Types of Hacker
 
Ethical Hacking & Network Security
Ethical Hacking & Network Security Ethical Hacking & Network Security
Ethical Hacking & Network Security
 
Ethical hacking presentation
Ethical hacking presentationEthical hacking presentation
Ethical hacking presentation
 
Full seminar report on ethical hacking
Full seminar report on ethical hackingFull seminar report on ethical hacking
Full seminar report on ethical hacking
 
Ethical Hacking and Network Security
Ethical Hacking and Network SecurityEthical Hacking and Network Security
Ethical Hacking and Network Security
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
 
Hacking
HackingHacking
Hacking
 
Hacking and Hackers
Hacking and HackersHacking and Hackers
Hacking and Hackers
 
Ethical hacking Presentation
Ethical hacking PresentationEthical hacking Presentation
Ethical hacking Presentation
 
Hacking
HackingHacking
Hacking
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
 
Hacking Kishor
Hacking KishorHacking Kishor
Hacking Kishor
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
 
What is Hacking? AND Types of Hackers
What is Hacking? AND Types of HackersWhat is Hacking? AND Types of Hackers
What is Hacking? AND Types of Hackers
 
Presentation on ethical hacking
Presentation on ethical hackingPresentation on ethical hacking
Presentation on ethical hacking
 

Destaque

Networking 2016-05-24 - Topic 2 - The "Hack Back" - How Hacking Team Became t...
Networking 2016-05-24 - Topic 2 - The "Hack Back" - How Hacking Team Became t...Networking 2016-05-24 - Topic 2 - The "Hack Back" - How Hacking Team Became t...
Networking 2016-05-24 - Topic 2 - The "Hack Back" - How Hacking Team Became t...North Texas Chapter of the ISSA
 
Cehv8 - Module 02: footprinting and reconnaissance.
Cehv8 - Module 02: footprinting and reconnaissance.Cehv8 - Module 02: footprinting and reconnaissance.
Cehv8 - Module 02: footprinting and reconnaissance.Vuz Dở Hơi
 
Web development using html 5
Web development using html 5Web development using html 5
Web development using html 5Anjan Mahanta
 
Prominence of ethical hacking in cyber crimes
Prominence of ethical hacking in cyber crimesProminence of ethical hacking in cyber crimes
Prominence of ethical hacking in cyber crimesAltacit Global
 
PowerPoint Presentation On Ethical Hacking in Brief (Simple)
PowerPoint Presentation On Ethical Hacking in Brief (Simple)PowerPoint Presentation On Ethical Hacking in Brief (Simple)
PowerPoint Presentation On Ethical Hacking in Brief (Simple)Shivam Sahu
 
Information Security Awareness Training
Information Security Awareness TrainingInformation Security Awareness Training
Information Security Awareness TrainingRandy Bowman
 
CEH - Module 5 : System Hacking
CEH - Module 5 : System HackingCEH - Module 5 : System Hacking
CEH - Module 5 : System HackingAvirot Mitamura
 
Ethical Hacking Certification Path You Should Follow
Ethical Hacking Certification Path You Should FollowEthical Hacking Certification Path You Should Follow
Ethical Hacking Certification Path You Should FollowMercury Solutions Limited
 
Ceh v8 Labs - Module18: Buffer Overflow.
Ceh v8 Labs - Module18: Buffer Overflow.Ceh v8 Labs - Module18: Buffer Overflow.
Ceh v8 Labs - Module18: Buffer Overflow.Vuz Dở Hơi
 
Introduction To Ethical Hacking
Introduction To Ethical HackingIntroduction To Ethical Hacking
Introduction To Ethical HackingNeel Kamal
 
ethical hacking in the modern times
ethical hacking in the modern timesethical hacking in the modern times
ethical hacking in the modern timesjeshin jose
 
The 27 Best Growth Hacking Tools of 2016
The 27 Best Growth Hacking Tools of 2016The 27 Best Growth Hacking Tools of 2016
The 27 Best Growth Hacking Tools of 2016Wishpond
 
Cehv8 module 01 introduction to ethical hacking
Cehv8 module 01 introduction to ethical hackingCehv8 module 01 introduction to ethical hacking
Cehv8 module 01 introduction to ethical hackingpolichen
 

Destaque (20)

ETHICAL HACKING PPT
ETHICAL HACKING PPTETHICAL HACKING PPT
ETHICAL HACKING PPT
 
Ethical hacking presentation
Ethical hacking presentationEthical hacking presentation
Ethical hacking presentation
 
Hack.lu 2016
Hack.lu 2016   Hack.lu 2016
Hack.lu 2016
 
Networking 2016-05-24 - Topic 2 - The "Hack Back" - How Hacking Team Became t...
Networking 2016-05-24 - Topic 2 - The "Hack Back" - How Hacking Team Became t...Networking 2016-05-24 - Topic 2 - The "Hack Back" - How Hacking Team Became t...
Networking 2016-05-24 - Topic 2 - The "Hack Back" - How Hacking Team Became t...
 
Cehv8 - Module 02: footprinting and reconnaissance.
Cehv8 - Module 02: footprinting and reconnaissance.Cehv8 - Module 02: footprinting and reconnaissance.
Cehv8 - Module 02: footprinting and reconnaissance.
 
Web development using html 5
Web development using html 5Web development using html 5
Web development using html 5
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
 
Prominence of ethical hacking in cyber crimes
Prominence of ethical hacking in cyber crimesProminence of ethical hacking in cyber crimes
Prominence of ethical hacking in cyber crimes
 
PowerPoint Presentation On Ethical Hacking in Brief (Simple)
PowerPoint Presentation On Ethical Hacking in Brief (Simple)PowerPoint Presentation On Ethical Hacking in Brief (Simple)
PowerPoint Presentation On Ethical Hacking in Brief (Simple)
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
 
Information Security Awareness Training
Information Security Awareness TrainingInformation Security Awareness Training
Information Security Awareness Training
 
CEH - Module 5 : System Hacking
CEH - Module 5 : System HackingCEH - Module 5 : System Hacking
CEH - Module 5 : System Hacking
 
Ethical Hacking Certification Path You Should Follow
Ethical Hacking Certification Path You Should FollowEthical Hacking Certification Path You Should Follow
Ethical Hacking Certification Path You Should Follow
 
Ceh v8 Labs - Module18: Buffer Overflow.
Ceh v8 Labs - Module18: Buffer Overflow.Ceh v8 Labs - Module18: Buffer Overflow.
Ceh v8 Labs - Module18: Buffer Overflow.
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
 
Introduction To Ethical Hacking
Introduction To Ethical HackingIntroduction To Ethical Hacking
Introduction To Ethical Hacking
 
ethical hacking in the modern times
ethical hacking in the modern timesethical hacking in the modern times
ethical hacking in the modern times
 
The 27 Best Growth Hacking Tools of 2016
The 27 Best Growth Hacking Tools of 2016The 27 Best Growth Hacking Tools of 2016
The 27 Best Growth Hacking Tools of 2016
 
Cehv8 module 01 introduction to ethical hacking
Cehv8 module 01 introduction to ethical hackingCehv8 module 01 introduction to ethical hacking
Cehv8 module 01 introduction to ethical hacking
 

Semelhante a Ethical hacking 2016

Semelhante a Ethical hacking 2016 (20)

Kinds of hackers
Kinds of hackersKinds of hackers
Kinds of hackers
 
Dhams hacking
Dhams hackingDhams hacking
Dhams hacking
 
hacking basics
hacking basicshacking basics
hacking basics
 
Introduction of Cyber Security
Introduction of Cyber SecurityIntroduction of Cyber Security
Introduction of Cyber Security
 
Intro
IntroIntro
Intro
 
Hacking ppt
Hacking pptHacking ppt
Hacking ppt
 
Hacking
HackingHacking
Hacking
 
module 3 Cyber Risks and Incident Management.pptx
module 3 Cyber Risks and Incident Management.pptxmodule 3 Cyber Risks and Incident Management.pptx
module 3 Cyber Risks and Incident Management.pptx
 
Course on Ehtical Hacking - Introduction
Course on Ehtical Hacking - IntroductionCourse on Ehtical Hacking - Introduction
Course on Ehtical Hacking - Introduction
 
Application of computer to legal practice (hacking)
Application of computer to legal practice (hacking)Application of computer to legal practice (hacking)
Application of computer to legal practice (hacking)
 
What is a Hacker (part 1): Types, tools and techniques
What is a Hacker (part 1): Types, tools and techniquesWhat is a Hacker (part 1): Types, tools and techniques
What is a Hacker (part 1): Types, tools and techniques
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
 
Hacking-Basics
Hacking-BasicsHacking-Basics
Hacking-Basics
 
Hackers final
Hackers finalHackers final
Hackers final
 
Hackers final
Hackers finalHackers final
Hackers final
 
Hacking (cs192 report )
Hacking (cs192 report )Hacking (cs192 report )
Hacking (cs192 report )
 
Hacking version 2
Hacking version 2Hacking version 2
Hacking version 2
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
 
Hackers
HackersHackers
Hackers
 

Último

20230202 - Introduction to tis-py
20230202 - Introduction to tis-py20230202 - Introduction to tis-py
20230202 - Introduction to tis-pyJamie (Taka) Wang
 
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdfIaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdfDaniel Santiago Silva Capera
 
Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024D Cloud Solutions
 
Empowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership BlueprintEmpowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership BlueprintMahmoud Rabie
 
Designing A Time bound resource download URL
Designing A Time bound resource download URLDesigning A Time bound resource download URL
Designing A Time bound resource download URLRuncy Oommen
 
UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8DianaGray10
 
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...UbiTrack UK
 
COMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a WebsiteCOMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a Websitedgelyza
 
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online CollaborationCOMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online Collaborationbruanjhuli
 
UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1DianaGray10
 
AI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just MinutesAI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just MinutesMd Hossain Ali
 
Cybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptxCybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptxGDSC PJATK
 
Building AI-Driven Apps Using Semantic Kernel.pptx
Building AI-Driven Apps Using Semantic Kernel.pptxBuilding AI-Driven Apps Using Semantic Kernel.pptx
Building AI-Driven Apps Using Semantic Kernel.pptxUdaiappa Ramachandran
 
Introduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptxIntroduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptxMatsuo Lab
 
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCostKubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCostMatt Ray
 
Building Your Own AI Instance (TBLC AI )
Building Your Own AI Instance (TBLC AI )Building Your Own AI Instance (TBLC AI )
Building Your Own AI Instance (TBLC AI )Brian Pichman
 
Bird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystemBird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystemAsko Soukka
 
Machine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdfMachine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdfAijun Zhang
 

Último (20)

20230202 - Introduction to tis-py
20230202 - Introduction to tis-py20230202 - Introduction to tis-py
20230202 - Introduction to tis-py
 
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdfIaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
 
Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024
 
Empowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership BlueprintEmpowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership Blueprint
 
Designing A Time bound resource download URL
Designing A Time bound resource download URLDesigning A Time bound resource download URL
Designing A Time bound resource download URL
 
UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8
 
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
 
COMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a WebsiteCOMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a Website
 
20150722 - AGV
20150722 - AGV20150722 - AGV
20150722 - AGV
 
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online CollaborationCOMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
 
UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1
 
AI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just MinutesAI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just Minutes
 
20230104 - machine vision
20230104 - machine vision20230104 - machine vision
20230104 - machine vision
 
Cybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptxCybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptx
 
Building AI-Driven Apps Using Semantic Kernel.pptx
Building AI-Driven Apps Using Semantic Kernel.pptxBuilding AI-Driven Apps Using Semantic Kernel.pptx
Building AI-Driven Apps Using Semantic Kernel.pptx
 
Introduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptxIntroduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptx
 
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCostKubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
 
Building Your Own AI Instance (TBLC AI )
Building Your Own AI Instance (TBLC AI )Building Your Own AI Instance (TBLC AI )
Building Your Own AI Instance (TBLC AI )
 
Bird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystemBird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystem
 
Machine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdfMachine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdf
 

Ethical hacking 2016

  • 2. What is the meaning of ethical ? • being in accordance with the rules or standards for right conduct or practice, especially the standards of a profession : It was not considered ethical for physicians to advertise.
  • 3. What is hacking? • gain unauthorized access to data in a system or computer. • During the 1990s, the term "hacker" originally denoted a skilled programmer proficient in machine code and computer operating systems. In particular, these individuals could always hack on an unsatisfactory system to solve problems and engage in a little software company espionage by interpreting a competitor's code. • Unfortunately, some of these hackers also became experts at accessing password-protected computers, files, and networks and came to known as "crackers." Of course, an effective and dangerous "cracker" must be a good hacker and the terms became intertwined. Hacker won out in popular use and in the media and today refers to anyone who performs some form of computer sabotage.
  • 4. The History Of Hacking • It all began in the 1960s at MIT, origin of the term “hacker”, where extremely skilled individuals practiced hardcore programming in FORTRAN and other older languages. Some may ignorantly dub them “nerds” or “geeks” but these individuals were, by far, the most intelligent, individual, and intellectually advanced people who happen to be the pioneers and forefathers of the talented individuals that are today the true hackers. The true hackers amongst our societies have an unquenchable thirst for knowledge. Boredom is never an object of challenge for hackers. They have an almost anomalous ability to absorb, retain, and exert vast amounts of knowledge with regard to intricate details. In 1969, Bell Labs employee Ken Thompson invented UNIX and permanently changed the future of the computer industry. Then in the very early 1970s, Dennis Ritchie invented the computer programming language “C” which was specifically invented to be used with UNIX. Programmers ceased to use assembler, while developing an appreciation for the portability of “C.” • Hackers used to be viewed as people who sat locked in a room all day programming nonstop, hours on end. No one seemed to mind hackers back in the 1960s when this was the most widely excepted reputation. In fact, most people had no idea what hacking was. The term hacker was accepted as a positive label slapped onto computer gurus who could push computer systems beyond the defined limits. Hackers emerged out of the artificial intelligence labs at MIT in the 1960s. A network known as ARPANET was founded by the Department of Defense as a means to link government offices. In time, ARPANET evolved into what is today known as the Internet.
  • 5. Types of hackers :- Black hat hackers:- • Black-hat hackers, or simply “black hats,” are the type of hacker the popular media seems to focus on. Black-hat hackers violate computer security for personal gain (such as stealing credit card numbers or harvesting personal data for sale to identity thieves) or for pure maliciousness (such as creating a botnet and using that botnet to perform DDOS attacks against websites they don’t like.) • Black hats fit the widely-held stereotype that hackers are criminals performing illegal activities for personal gain and attacking others. They’re the computer criminals. • A black-hat hacker who finds a new, “zero-day” security vulnerability would sell it to criminal organizations on the black market or use it to compromise computer systems. • Media portrayals of black-hat hackers may be accompanied by silly stock photos like the below one, which is intended as a parody.
  • 6. White hat hackers :- • White-hat hackers are the opposite of the black-hat hackers. They’re the “ethical hackers,” experts in compromising computer security systems who use their abilities for good, ethical, and legal purposes rather than bad, unethical, and criminal purposes. • For example, many white-hat hackers are employed to test an organizations’ computer security systems. The organization authorizes the white-hat hacker to attempt to compromise their systems. The white-hat hacker uses their knowledge of computer security systems to compromise the organization’s systems, just as a black hat hacker would. However, instead of using their access to steal from the organization or vandalize its systems, the white-hat hacker reports back to the organization and informs them of how they gained access, allowing the organization to improve their defenses. This is known as “penetration testing,” and it’s one example of an activity performed by white-hat hackers. • A white-hat hacker who finds a security vulnerability would disclose it to the developer, allowing them to patch their product and improve its security before it’s compromised. Various organizations pay “bounties” or award prizes for revealing such discovered vulnerabilities, compensating white-hats for their work.
  • 7. Grey hat hackers :- • Very few things in life are clear black-and-white categories. In reality, there’s often a gray area. A gray-hat hacker falls somewhere between a black hat and a white hat. A gray hat doesn’t work for their own personal gain or to cause carnage, but they may technically commit crimes and do arguably unethical things. • For example, a black hat hacker would compromise a computer system without permission, stealing the data inside for their own personal gain or vandalizing the system. A white-hat hacker would ask for permission before testing the system’s security and alert the organization after compromising it. A gray-hat hacker might attempt to compromise a computer system without permission, informing the organization after the fact and allowing them to fix the problem. While the gray-hat hacker didn’t use their access for bad purposes, they compromised a security system without permission, which is illegal. • If a gray-hat hacker discovers a security flaw in a piece of software or on a website, they may disclose the flaw publically instead of privately disclosing the flaw to the organization and giving them time to fix it. They wouldn’t take advantage of the flaw for their own personal gain — that would be black-hat behavior — but the public disclosure could cause carnage as black-hat hackers tried to take advantage of the flaw before it was fixed.
  • 8. Some other types of hackers:- • Elite hacker  A social status among hackers, elite is used to describe the most skilled. Newly discovered exploits circulate among these hackers. Elite groups such as Masters of Deceptionconferred a kind of credibility on their members. • Script kiddie  A script kiddie (also known as a skid or skiddie) is an unskilled hacker who breaks into computer systems by using automated tools written by others (usually by other black hat hackers), hence the term script (i.e. a prearranged plan or set of activities) kiddie (i.e. kid, child—an individual lacking knowledge and experience, immature),usually with little understanding of the underlying concept. • Neophyte  A neophyte ("newbie", or "noob") is someone who is new to hacking or phreaking and has almost no knowledge or experience of the workings of technology and hacking. • Blue hat  A blue hat hacker is someone outside computer security consulting firms who is used to bug-test a system prior to its launch, looking for exploits so they can be closed. Microsoft also uses the term BlueHat to represent a series of security briefing events. • Hacktivist  A hacktivist is a hacker who utilizes technology to publicize a social, ideological, religious or political message.  Hacktivism can be divided into two main groups:  Cyberterrorism — Activities involving website defacement or denial-of-service attacks; and,  Freedom of information — Making information that is not public, or is public in non-machine-readable formats, accessible to the public.
  • 9. Types of Data stolen from the organization:-
  • 11. What does a hacker do?
  • 15. Phase 3 :- Gaining Acess
  • 17. Phase 5 :- Covering Tracks
  • 18. Some Types of hacking:-  Injection attack :- Injection Attacking occurs when there are flaws in your SQL Database, SQL libraries, or even the operating system itself. Employees open seemingly credible files with hidden commands, or “injections”, unknowingly. In doing so, they’ve allowed hackers to gain unauthorized access to private data such as social security numbers, credit card number or other financial data.  Cross site scripting attack :-Cross Site Scripting, also known as an XSS attack, occurs when an application, url “get request”, or file packet is sent to the web browser window and bypassing the validation process. Once an XSS script is triggered, it’s deceptive property makes users believe that the compromised page of a specific website is legitimate. For example, if www.example.com/abcd.html has XSS script in it, the user might see a popup window asking for their credit card info and other sensitive info
  • 19.  click jacking attack :- Click jacking, also called a UI Redress Attack, is when a hacker uses multiple opaque layers to trick a user into clicking the top layer without them knowing. Thus the attacker is “hijacking” clicks that are not meant for the actual page, but for a page where the attacker wants you to be. For example, using a carefully crafted combination of style sheets, iframes, and text boxes, a user can be led to believe they are typing in the password for their bank account, but are actually typing into an invisible frame controlled by the attacker.  social engineering attacks :- A social engineering attack is not technically a “hack”. It happens when you divulge private information in good faith, such as a credit card number, through common online interactions such as email, chat, social media sites, or virtually any website. The problem, of course, is that you’re not getting into what you think you’re getting into. A classic example of a social engineering attack is the “Microsoft tech support” scam. This is when someone from a call center pretends to be a MS tech support member who says that your computer is slow and/or infected, and can be easily fixed – at a cost, of course.
  • 20. Phishing attack :- Phishing is the attempt to acquire sensitive information such as usernames, passwords, and credit card details (and sometimes, indirectly, money), often for malicious reasons, by masquerading as a trustworthy entity in an electronic communication. The word is a neologism created as a homophone of fishing due to the similarity of using a bait in an attempt to catch a victim. Communications purporting to be from popular social web sites, auction sites, banks, online payment processors or IT administrators are commonly used to lure unsuspecting victims. Phishing emails may contain links to websites that are infected with malware. Phishing is typically carried out by email spoofing or instant messaging, and it often directs users to enter details at a fake website whose look and feel are almost identical to the legitimate one. Phishing is an example of social engineering techniques used to deceive users, and exploits the poor usability of current web security technologies. Attempts to deal with the growing number of reported phishing incidents include legislation, user training, public awareness, and technical security measures. Many websites have now created secondary tools for applications, like maps for games, but they should be clearly marked as to who wrote them, and users should not use the same passwords anywhere on the internet.
  • 21. The great knowledge of memory is not ignorance,it is the illusion of knowledge…… Thank you