SlideShare uma empresa Scribd logo

GETTING STARTED WITH THE ETHICAL HACKING.pptx

Transferir como PPTX, PDF
B
BishalRay8

Beginners to ethical hacking

Tecnologia
1 de 15
GETTING STARTED WITH THE ETHICAL HACKING PANKAJ GHIMIRE
INTRODUCTION TO CYBER CRIME Cyber crime refers to criminal activities that are carried out using computers or the internet. These activities can range from hacking and phishing scams to identity theft, fraud, and spreading malware. Cyber crime is a growing problem worldwide as more and more people use computers and the internet for their daily activities. It is important for individuals and organizations to be aware of the potential risks and take steps to protect themselves from cyber criminals. This can include using strong passwords, installing security software, and being 2
SOME GENERIC EXAMPLES OF CYBER- CRIME: 1.Phishing: This is a type of scam where criminals use fake emails or websites to trick people into giving away sensitive information such as login credentials or credit card details. 2.Malware: This is malicious software that is designed to harm or take control of a computer system. It can include viruses, worms, Trojans, and ransomware. 3.Identity theft: This is the theft of someone's personal information such as name, address, social security number, or credit card details, with the intention of using that information for fraudulent purposes. 4.Cyber stalking: This is the use of the internet or other electronic means to harass, intimidate, or threaten someone. 5.Cyber bullying: This is the use of the internet or other electronic means to bully or harass someone. 6.Online scams: This can include a range of fraudulent activities such as online auctions scams, lottery scams, and romance scams. 7.Hacking: This is the unauthorized access to a computer system or network, with the intention of stealing data or causing damage. 3
HACKER: A hacker is someone who uses their computer skills to gain unauthorized access to computer systems, networks, or websites. They may use their skills to steal data, spread viruses, or disrupt computer systems. However, not all hackers are bad. Some hackers use their skills for good by identifying and addressing security vulnerabilities in computer systems and networks, in a practice known as ethical 4
TYPES OF HCKERS 1.Script Kiddies: These are inexperienced hackers who use pre- written tools and scripts to launch attacks without a deep understanding of how they work. 2.White-hat hackers: Also known as ethical hackers, these are professionals who use hacking techniques for good, to identify and address security vulnerabilities in computer systems and networks. 3.Grey-hat hackers: These hackers use their skills to find vulnerabilities in computer systems and networks, but their intentions may not be entirely ethical. They may offer to fix the vulnerability for a fee or use the information for personal gain. 4.Black hat hackers: These hackers use their skills for malicious purposes, such as stealing data, spreading malware, or disrupting computer systems and networks. 5.Suicide Hackers: These are hackers who carry out attacks with the intention of getting caught or even sacrificing themselves to 5
INTRODUCTION Ethical hacking is like playing the role of a good guy hacker who finds and fixes problems in computer systems before bad guys can use them to do harm. Ethical hackers are trained to use the same tools and techniques as bad guys, but they use their skills to help protect computer systems and networks from cyber attacks. Ethical Hacking is important because it helps keep sensitive data safe and prevent businesses and individuals from being harmed by cyber crime. 6
EVOLUTION OF ETHICAL HACKING The practice of ethical hacking has evolved and grown significantly over the past few decades. Initially, it was mostly limited to government agencies and large corporations that had the resources to hire security experts. However, with the increasing importance of digital security and the rise of cyber crime, ethical hacking has become more widespread. Today, ethical hacking is used by organizations of all sizes and industries to protect their computer systems and networks. The growth of cloud computing, mobile devices, and the Internet of Things has created new vulnerabilities that need to be addressed. Ethical hacking techniques have also become more advanced, with a range of tools and technologies available to help identify and address security issues. Certification programs and training courses have also been developed to help people learn the skills needed to become ethical hackers. This has helped to increase the number of professionals in the field and expand the reach of ethical hacking. Overall, the evolution and growth of ethical hacking has been driven by 7
INTRODUCTION TO AN ETHICAL HACKER An ethical hacker is authorized and trained to use their hacking skills for good. They use the same tools and technique as malicious hackers to find and fix vulnerabilities in computer systems, networks and applications.
ETHICAL HACKING AND PENETRATION TESTING Ethical hacking and penetration testing are both techniques used to identify and address potential security vulnerabilities in computer systems, networks, and applications. Ethical hacking is a practice where authorized and trained professionals use the same techniques and tools as malicious hackers to find vulnerabilities and provide recommendations to improve security. The goal of ethical hacking is to prevent cyber attacks by discovering and addressing weaknesses before bad guys can exploit them. Penetration testing is a process that involves simulating a cyber attack on a computer system, network, or application to identify potential vulnerabilities. The process involves attempting to exploit weaknesses in the system to gain unauthorized access and to test the effectiveness of the security measures in place. Ethical hacking and penetration testing are related in that they both involve using hacking techniques to identify security weaknesses, but the main difference is that ethical hacking is a broader practice that includes a range of 9
SOME KEY WORDS WITH DEFINITIONS 1.Hack value: The perceived level of prestige, challenge, or thrill associated with a particular hacking activity. 2.Target of Evolution (TOE): The system, application, or network that is the focus of an attack or evolution by hackers. 3.Attack: An intentional effort to compromise or exploit a computer system, network, or application to gain unauthorized access or to disrupt normal operations. 4.Exploit: A technique or software tool that takes advantage of a security vulnerability in a computer system or network to gain unauthorized access or to cause damage. 5.Zero day: A security vulnerability that is not yet known to the vendor or public, and therefore has not yet been addressed with a patch or update. 6.Security: The state of being protected from unauthorized access, theft, damage, or other security risks. 7.Threat: Any circumstance or event that has the potential to cause harm to a computer system, network, or application. 8.Vulnerability: A weakness or flaw in a computer system, network, or application that can be exploited by an attacker to gain unauthorized access or cause damage. 10
PENETRATION TESTING AND ITS BASIC METHODS Penetration testing, also known as pen testing, is a process of testing a computer system, network, or application for potential security vulnerabilities by simulating an attack from a malicious hacker. The goal of pen testing is to identify weaknesses in security before they can be exploited by an attacker. The process of a pen test typically involves the following steps: 1.Planning: The first step is to define the scope of the test and establish objectives. This includes identifying the systems and networks to be tested, as well as the type of test to be conducted. 2.Scanning: In this step, the pen tester uses automated tools to scan the target system or network for vulnerabilities. This includes identifying open ports, running services, and potentially vulnerable software. 3.Enumeration: This involves gathering information about the target system or network, including user accounts, passwords, and network topology. 4.Exploitation: Once vulnerabilities have been identified, the pen tester attempts to exploit them to gain access to the target system or network. 5.Post-Exploitation: If the pen tester is successful in gaining access, they will then attempt to maintain that access and escalate privileges to gain deeper access to the system or network. 6.Reporting: The final step involves documenting the findings and presenting them to the client. This includes identifying vulnerabilities, providing recommendations for improving security, and outlining any steps taken during the testing process. Overall, the pen testing process is a crucial tool for identifying potential security vulnerabilities and improving the overall security of a computer system, network, or 11
BLACK BOX, GREY BOX AND WHITE BOX TESTING When it comes to penetration testing, there are three different approaches: black box, grey box, and white box testing. Black box testing involves simulating an attack by an external hacker who has no prior knowledge of the target system. The pen tester is given no information about the target system, and their goal is to identify vulnerabilities and gain access to the system through trial and error. This approach can be useful for identifying vulnerabilities that an attacker with no prior knowledge might exploit. Grey box testing involves simulating an attack by a hacker who has some knowledge of the target system. The pen tester is given partial information about the target system, such as login credentials or network topology. This approach can be useful for identifying vulnerabilities that an attacker with some knowledge might exploit. White box testing involves simulating an attack by an insider who has full knowledge of the target system. The pen tester is given complete access to the target system and all relevant information about it. This approach can be useful for identifying vulnerabilities that might be exploited by an insider with full knowledge of the system. Each of these approaches has its own strengths and weaknesses, and the choice of approach will depend on the specific goals of the pen test 12
ABOUT CIA TRIAD 13 The CIA triad is a model that represents the three fundamental principles of information security: confidentiality, integrity, and availability. These principles form the basis of information security, and they are essential for protecting the confidentiality, integrity, and availability of sensitive information. Confidentiality refers to the protection of information from unauthorized disclosure or access. This means that sensitive information should be accessible only to authorized individuals who have a need to know. Integrity refers to the protection of information from unauthorized modification, deletion, or corruption. This means that sensitive information should be accurate and complete, and any unauthorized changes to the information should be prevented or detected. Availability refers to the protection of information from unauthorized denial of service. This means that sensitive information should be accessible to authorized individuals who have a need to access it, and any unauthorized attempts to deny access to the information should be prevented. The CIA triad is an important framework for information security because it provides a comprehensive approach for protecting sensitive information. By focusing on confidentiality, integrity, and availability, organizations can implement effective security measures to protect their information assets.
ETHICS INVOLVED IN ETHICAL HACKING 14 Ethics are a critical aspect of ethical hacking, and ethical hackers are expected to follow a strict code of ethics to ensure that their activities are legal, responsible, and ethical. Some key ethics involved in ethical hacking include: 1.Legality: Ethical hackers must ensure that all of their activities are legal, and they should only access systems and networks that they have been authorized to test. 2.Confidentiality: Ethical hackers must maintain the confidentiality of any information they obtain during their testing activities and must not share this information with unauthorized individuals. 3.Responsibility: Ethical hackers must take responsibility for their actions and ensure that their activities do not cause harm to others or damage to systems and networks. 4.Professionalism: Ethical hackers must conduct themselves in a professional manner and adhere to ethical standards in all of their interactions with clients and colleagues. 5.Integrity: Ethical hackers must act with integrity and honesty, and they should not engage in any activities that could compromise their integrity or the integrity of their profession. In summary, ethical hacking is guided by a set of ethical principles that promote legal, responsible, and ethical behavior. Ethical hackers must adhere to these principles to ensure that their activities are conducted in a
THANK YOU Pankaj Ghimire Karan.ghimire3107@gmail.com

Recomendados

Ethical Hacking
Ethical HackingEthical Hacking
Ethical HackingSanu Subham
 
Selected advanced themes in ethical hacking and penetration testing
Selected advanced themes in ethical hacking and penetration testingSelected advanced themes in ethical hacking and penetration testing
Selected advanced themes in ethical hacking and penetration testingCSITiaesprime
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hackingNitheesh Adithyan
 
What is Ethical Hacking-defination, examples and techniques.pdf
What is Ethical Hacking-defination, examples and techniques.pdfWhat is Ethical Hacking-defination, examples and techniques.pdf
What is Ethical Hacking-defination, examples and techniques.pdfJawaidAbdulHameed
 
BASICS OF ETHICAL HACKING
BASICS OF ETHICAL HACKINGBASICS OF ETHICAL HACKING
BASICS OF ETHICAL HACKINGDrm Kapoor
 
Ashar Shaikh A-84 SEMINAR.pptx
Ashar Shaikh A-84 SEMINAR.pptxAshar Shaikh A-84 SEMINAR.pptx
Ashar Shaikh A-84 SEMINAR.pptxasharshaikh8
 
Vulnerability Prevention Using Ethical Hacking.pdf
Vulnerability Prevention Using Ethical Hacking.pdfVulnerability Prevention Using Ethical Hacking.pdf
Vulnerability Prevention Using Ethical Hacking.pdfMithunJV
 
IRJET- Study of Hacking and Ethical Hacking
IRJET- Study of Hacking and Ethical HackingIRJET- Study of Hacking and Ethical Hacking
IRJET- Study of Hacking and Ethical HackingIRJET Journal
 

Recomendados

Ethical Hacking
Ethical HackingEthical Hacking
Ethical HackingSanu Subham
 
Selected advanced themes in ethical hacking and penetration testing
Selected advanced themes in ethical hacking and penetration testingSelected advanced themes in ethical hacking and penetration testing
Selected advanced themes in ethical hacking and penetration testingCSITiaesprime
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hackingNitheesh Adithyan
 
What is Ethical Hacking-defination, examples and techniques.pdf
What is Ethical Hacking-defination, examples and techniques.pdfWhat is Ethical Hacking-defination, examples and techniques.pdf
What is Ethical Hacking-defination, examples and techniques.pdfJawaidAbdulHameed
 
BASICS OF ETHICAL HACKING
BASICS OF ETHICAL HACKINGBASICS OF ETHICAL HACKING
BASICS OF ETHICAL HACKINGDrm Kapoor
 
Ashar Shaikh A-84 SEMINAR.pptx
Ashar Shaikh A-84 SEMINAR.pptxAshar Shaikh A-84 SEMINAR.pptx
Ashar Shaikh A-84 SEMINAR.pptxasharshaikh8
 
Vulnerability Prevention Using Ethical Hacking.pdf
Vulnerability Prevention Using Ethical Hacking.pdfVulnerability Prevention Using Ethical Hacking.pdf
Vulnerability Prevention Using Ethical Hacking.pdfMithunJV
 
IRJET- Study of Hacking and Ethical Hacking
IRJET- Study of Hacking and Ethical HackingIRJET- Study of Hacking and Ethical Hacking
IRJET- Study of Hacking and Ethical HackingIRJET Journal
 
Full seminar report on ethical hacking
Full seminar report on ethical hackingFull seminar report on ethical hacking
Full seminar report on ethical hackingGeorgekutty Francis
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hackingMohammad Affan
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical HackingChetanmalviya8
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical HackingNitheesh Adithyan
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hackingAnumadil1
 
Cyber Security PPT
Cyber Security PPTCyber Security PPT
Cyber Security PPTashish kumar
 
Final report ethical hacking
Final report ethical hackingFinal report ethical hacking
Final report ethical hackingsamprada123
 
Ethical hacking and social engineering
Ethical hacking and social engineeringEthical hacking and social engineering
Ethical hacking and social engineeringSweta Kumari Barnwal
 
Module 3-cyber security
Module 3-cyber securityModule 3-cyber security
Module 3-cyber securitySweta Kumari Barnwal
 
Introduction ethical hacking
Introduction ethical hackingIntroduction ethical hacking
Introduction ethical hackingVishal Kumar
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical HackingDivyadharshini S U
 
Ethical Hacking.pptx
Ethical Hacking.pptxEthical Hacking.pptx
Ethical Hacking.pptxStrongboxAcademy
 
What is Ethical Hacking?.pptx
What is Ethical Hacking?.pptxWhat is Ethical Hacking?.pptx
What is Ethical Hacking?.pptxStrongboxAcademy
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hackingRitwick Mukherjee
 
Introduction to Ethical Hacking
Introduction to Ethical HackingIntroduction to Ethical Hacking
Introduction to Ethical HackingKevin Chakre
 
Ethical Hacking And Hacking Attacks
Ethical Hacking And Hacking AttacksEthical Hacking And Hacking Attacks
Ethical Hacking And Hacking AttacksAman Gupta
 
A Beginner’s Guide to Ethical Hacking.pdf
A Beginner’s Guide to Ethical Hacking.pdfA Beginner’s Guide to Ethical Hacking.pdf
A Beginner’s Guide to Ethical Hacking.pdfuzair
 
introduction of ethical hacking. (ppt)
introduction of ethical hacking. (ppt)introduction of ethical hacking. (ppt)
introduction of ethical hacking. (ppt)Scode Network Institute
 
introduction of ethical hacking. ppt
introduction of ethical hacking. pptintroduction of ethical hacking. ppt
introduction of ethical hacking. pptScode Network Institute
 
A REVIEW PAPER ON ETHICAL HACKING
A REVIEW PAPER ON ETHICAL HACKINGA REVIEW PAPER ON ETHICAL HACKING
A REVIEW PAPER ON ETHICAL HACKINGNathan Mathis
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MIND CTI
 

Mais conteúdo relacionado

Semelhante a GETTING STARTED WITH THE ETHICAL HACKING.pptx

Full seminar report on ethical hacking
Full seminar report on ethical hackingFull seminar report on ethical hacking
Full seminar report on ethical hackingGeorgekutty Francis
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hackingAnumadil1
 
Cyber Security PPT
Cyber Security PPTCyber Security PPT
Cyber Security PPTashish kumar
 
Final report ethical hacking
Final report ethical hackingFinal report ethical hacking
Final report ethical hackingsamprada123
 
Ethical hacking and social engineering
Ethical hacking and social engineeringEthical hacking and social engineering
Ethical hacking and social engineeringSweta Kumari Barnwal
 
Introduction ethical hacking
Introduction ethical hackingIntroduction ethical hacking
Introduction ethical hackingVishal Kumar
 
What is Ethical Hacking?.pptx
What is Ethical Hacking?.pptxWhat is Ethical Hacking?.pptx
What is Ethical Hacking?.pptxStrongboxAcademy
 
Introduction to Ethical Hacking
Introduction to Ethical HackingIntroduction to Ethical Hacking
Introduction to Ethical HackingKevin Chakre
 
Ethical Hacking And Hacking Attacks
Ethical Hacking And Hacking AttacksEthical Hacking And Hacking Attacks
Ethical Hacking And Hacking AttacksAman Gupta
 
A Beginner’s Guide to Ethical Hacking.pdf
A Beginner’s Guide to Ethical Hacking.pdfA Beginner’s Guide to Ethical Hacking.pdf
A Beginner’s Guide to Ethical Hacking.pdfuzair
 
A REVIEW PAPER ON ETHICAL HACKING
A REVIEW PAPER ON ETHICAL HACKINGA REVIEW PAPER ON ETHICAL HACKING
A REVIEW PAPER ON ETHICAL HACKINGNathan Mathis
 

Semelhante a GETTING STARTED WITH THE ETHICAL HACKING.pptx (20)

Full seminar report on ethical hacking
Full seminar report on ethical hackingFull seminar report on ethical hacking
Full seminar report on ethical hacking
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
 
Cyber Security PPT
Cyber Security PPTCyber Security PPT
Cyber Security PPT
 
Final report ethical hacking
Final report ethical hackingFinal report ethical hacking
Final report ethical hacking
 
Ethical hacking and social engineering
Ethical hacking and social engineeringEthical hacking and social engineering
Ethical hacking and social engineering
 
Module 3-cyber security
Module 3-cyber securityModule 3-cyber security
Module 3-cyber security
 
Introduction ethical hacking
Introduction ethical hackingIntroduction ethical hacking
Introduction ethical hacking
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
 
Ethical Hacking.pptx
Ethical Hacking.pptxEthical Hacking.pptx
Ethical Hacking.pptx
 
What is Ethical Hacking?.pptx
What is Ethical Hacking?.pptxWhat is Ethical Hacking?.pptx
What is Ethical Hacking?.pptx
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
 
Introduction to Ethical Hacking
Introduction to Ethical HackingIntroduction to Ethical Hacking
Introduction to Ethical Hacking
 
Ethical Hacking And Hacking Attacks
Ethical Hacking And Hacking AttacksEthical Hacking And Hacking Attacks
Ethical Hacking And Hacking Attacks
 
A Beginner’s Guide to Ethical Hacking.pdf
A Beginner’s Guide to Ethical Hacking.pdfA Beginner’s Guide to Ethical Hacking.pdf
A Beginner’s Guide to Ethical Hacking.pdf
 
introduction of ethical hacking. (ppt)
introduction of ethical hacking. (ppt)introduction of ethical hacking. (ppt)
introduction of ethical hacking. (ppt)
 
introduction of ethical hacking. ppt
introduction of ethical hacking. pptintroduction of ethical hacking. ppt
introduction of ethical hacking. ppt
 
A REVIEW PAPER ON ETHICAL HACKING
A REVIEW PAPER ON ETHICAL HACKINGA REVIEW PAPER ON ETHICAL HACKING
A REVIEW PAPER ON ETHICAL HACKING
 

Último

Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MIND CTI
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAndrey Devyatkin
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...apidays
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdflior mazor
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesrafiqahmad00786416
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingEdi Saputra
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDropbox
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProduct Anonymous
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024The Digital Insurer
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Zilliz
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...Zilliz
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodJuan lago vázquez
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu SubbuApidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbuapidays
 

Último (20)

Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu SubbuApidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
 

GETTING STARTED WITH THE ETHICAL HACKING.pptx

  • 2. INTRODUCTION TO CYBER CRIME Cyber crime refers to criminal activities that are carried out using computers or the internet. These activities can range from hacking and phishing scams to identity theft, fraud, and spreading malware. Cyber crime is a growing problem worldwide as more and more people use computers and the internet for their daily activities. It is important for individuals and organizations to be aware of the potential risks and take steps to protect themselves from cyber criminals. This can include using strong passwords, installing security software, and being 2
  • 3. SOME GENERIC EXAMPLES OF CYBER- CRIME: 1.Phishing: This is a type of scam where criminals use fake emails or websites to trick people into giving away sensitive information such as login credentials or credit card details. 2.Malware: This is malicious software that is designed to harm or take control of a computer system. It can include viruses, worms, Trojans, and ransomware. 3.Identity theft: This is the theft of someone's personal information such as name, address, social security number, or credit card details, with the intention of using that information for fraudulent purposes. 4.Cyber stalking: This is the use of the internet or other electronic means to harass, intimidate, or threaten someone. 5.Cyber bullying: This is the use of the internet or other electronic means to bully or harass someone. 6.Online scams: This can include a range of fraudulent activities such as online auctions scams, lottery scams, and romance scams. 7.Hacking: This is the unauthorized access to a computer system or network, with the intention of stealing data or causing damage. 3
  • 4. HACKER: A hacker is someone who uses their computer skills to gain unauthorized access to computer systems, networks, or websites. They may use their skills to steal data, spread viruses, or disrupt computer systems. However, not all hackers are bad. Some hackers use their skills for good by identifying and addressing security vulnerabilities in computer systems and networks, in a practice known as ethical 4
  • 5. TYPES OF HCKERS 1.Script Kiddies: These are inexperienced hackers who use pre- written tools and scripts to launch attacks without a deep understanding of how they work. 2.White-hat hackers: Also known as ethical hackers, these are professionals who use hacking techniques for good, to identify and address security vulnerabilities in computer systems and networks. 3.Grey-hat hackers: These hackers use their skills to find vulnerabilities in computer systems and networks, but their intentions may not be entirely ethical. They may offer to fix the vulnerability for a fee or use the information for personal gain. 4.Black hat hackers: These hackers use their skills for malicious purposes, such as stealing data, spreading malware, or disrupting computer systems and networks. 5.Suicide Hackers: These are hackers who carry out attacks with the intention of getting caught or even sacrificing themselves to 5
  • 6. INTRODUCTION Ethical hacking is like playing the role of a good guy hacker who finds and fixes problems in computer systems before bad guys can use them to do harm. Ethical hackers are trained to use the same tools and techniques as bad guys, but they use their skills to help protect computer systems and networks from cyber attacks. Ethical Hacking is important because it helps keep sensitive data safe and prevent businesses and individuals from being harmed by cyber crime. 6
  • 7. EVOLUTION OF ETHICAL HACKING The practice of ethical hacking has evolved and grown significantly over the past few decades. Initially, it was mostly limited to government agencies and large corporations that had the resources to hire security experts. However, with the increasing importance of digital security and the rise of cyber crime, ethical hacking has become more widespread. Today, ethical hacking is used by organizations of all sizes and industries to protect their computer systems and networks. The growth of cloud computing, mobile devices, and the Internet of Things has created new vulnerabilities that need to be addressed. Ethical hacking techniques have also become more advanced, with a range of tools and technologies available to help identify and address security issues. Certification programs and training courses have also been developed to help people learn the skills needed to become ethical hackers. This has helped to increase the number of professionals in the field and expand the reach of ethical hacking. Overall, the evolution and growth of ethical hacking has been driven by 7
  • 8. INTRODUCTION TO AN ETHICAL HACKER An ethical hacker is authorized and trained to use their hacking skills for good. They use the same tools and technique as malicious hackers to find and fix vulnerabilities in computer systems, networks and applications.
  • 9. ETHICAL HACKING AND PENETRATION TESTING Ethical hacking and penetration testing are both techniques used to identify and address potential security vulnerabilities in computer systems, networks, and applications. Ethical hacking is a practice where authorized and trained professionals use the same techniques and tools as malicious hackers to find vulnerabilities and provide recommendations to improve security. The goal of ethical hacking is to prevent cyber attacks by discovering and addressing weaknesses before bad guys can exploit them. Penetration testing is a process that involves simulating a cyber attack on a computer system, network, or application to identify potential vulnerabilities. The process involves attempting to exploit weaknesses in the system to gain unauthorized access and to test the effectiveness of the security measures in place. Ethical hacking and penetration testing are related in that they both involve using hacking techniques to identify security weaknesses, but the main difference is that ethical hacking is a broader practice that includes a range of 9
  • 10. SOME KEY WORDS WITH DEFINITIONS 1.Hack value: The perceived level of prestige, challenge, or thrill associated with a particular hacking activity. 2.Target of Evolution (TOE): The system, application, or network that is the focus of an attack or evolution by hackers. 3.Attack: An intentional effort to compromise or exploit a computer system, network, or application to gain unauthorized access or to disrupt normal operations. 4.Exploit: A technique or software tool that takes advantage of a security vulnerability in a computer system or network to gain unauthorized access or to cause damage. 5.Zero day: A security vulnerability that is not yet known to the vendor or public, and therefore has not yet been addressed with a patch or update. 6.Security: The state of being protected from unauthorized access, theft, damage, or other security risks. 7.Threat: Any circumstance or event that has the potential to cause harm to a computer system, network, or application. 8.Vulnerability: A weakness or flaw in a computer system, network, or application that can be exploited by an attacker to gain unauthorized access or cause damage. 10
  • 11. PENETRATION TESTING AND ITS BASIC METHODS Penetration testing, also known as pen testing, is a process of testing a computer system, network, or application for potential security vulnerabilities by simulating an attack from a malicious hacker. The goal of pen testing is to identify weaknesses in security before they can be exploited by an attacker. The process of a pen test typically involves the following steps: 1.Planning: The first step is to define the scope of the test and establish objectives. This includes identifying the systems and networks to be tested, as well as the type of test to be conducted. 2.Scanning: In this step, the pen tester uses automated tools to scan the target system or network for vulnerabilities. This includes identifying open ports, running services, and potentially vulnerable software. 3.Enumeration: This involves gathering information about the target system or network, including user accounts, passwords, and network topology. 4.Exploitation: Once vulnerabilities have been identified, the pen tester attempts to exploit them to gain access to the target system or network. 5.Post-Exploitation: If the pen tester is successful in gaining access, they will then attempt to maintain that access and escalate privileges to gain deeper access to the system or network. 6.Reporting: The final step involves documenting the findings and presenting them to the client. This includes identifying vulnerabilities, providing recommendations for improving security, and outlining any steps taken during the testing process. Overall, the pen testing process is a crucial tool for identifying potential security vulnerabilities and improving the overall security of a computer system, network, or 11
  • 12. BLACK BOX, GREY BOX AND WHITE BOX TESTING When it comes to penetration testing, there are three different approaches: black box, grey box, and white box testing. Black box testing involves simulating an attack by an external hacker who has no prior knowledge of the target system. The pen tester is given no information about the target system, and their goal is to identify vulnerabilities and gain access to the system through trial and error. This approach can be useful for identifying vulnerabilities that an attacker with no prior knowledge might exploit. Grey box testing involves simulating an attack by a hacker who has some knowledge of the target system. The pen tester is given partial information about the target system, such as login credentials or network topology. This approach can be useful for identifying vulnerabilities that an attacker with some knowledge might exploit. White box testing involves simulating an attack by an insider who has full knowledge of the target system. The pen tester is given complete access to the target system and all relevant information about it. This approach can be useful for identifying vulnerabilities that might be exploited by an insider with full knowledge of the system. Each of these approaches has its own strengths and weaknesses, and the choice of approach will depend on the specific goals of the pen test 12
  • 13. ABOUT CIA TRIAD 13 The CIA triad is a model that represents the three fundamental principles of information security: confidentiality, integrity, and availability. These principles form the basis of information security, and they are essential for protecting the confidentiality, integrity, and availability of sensitive information. Confidentiality refers to the protection of information from unauthorized disclosure or access. This means that sensitive information should be accessible only to authorized individuals who have a need to know. Integrity refers to the protection of information from unauthorized modification, deletion, or corruption. This means that sensitive information should be accurate and complete, and any unauthorized changes to the information should be prevented or detected. Availability refers to the protection of information from unauthorized denial of service. This means that sensitive information should be accessible to authorized individuals who have a need to access it, and any unauthorized attempts to deny access to the information should be prevented. The CIA triad is an important framework for information security because it provides a comprehensive approach for protecting sensitive information. By focusing on confidentiality, integrity, and availability, organizations can implement effective security measures to protect their information assets.
  • 14. ETHICS INVOLVED IN ETHICAL HACKING 14 Ethics are a critical aspect of ethical hacking, and ethical hackers are expected to follow a strict code of ethics to ensure that their activities are legal, responsible, and ethical. Some key ethics involved in ethical hacking include: 1.Legality: Ethical hackers must ensure that all of their activities are legal, and they should only access systems and networks that they have been authorized to test. 2.Confidentiality: Ethical hackers must maintain the confidentiality of any information they obtain during their testing activities and must not share this information with unauthorized individuals. 3.Responsibility: Ethical hackers must take responsibility for their actions and ensure that their activities do not cause harm to others or damage to systems and networks. 4.Professionalism: Ethical hackers must conduct themselves in a professional manner and adhere to ethical standards in all of their interactions with clients and colleagues. 5.Integrity: Ethical hackers must act with integrity and honesty, and they should not engage in any activities that could compromise their integrity or the integrity of their profession. In summary, ethical hacking is guided by a set of ethical principles that promote legal, responsible, and ethical behavior. Ethical hackers must adhere to these principles to ensure that their activities are conducted in a