SlideShare uma empresa Scribd logo

What is Ethical hacking

Transferir como PPT, PDF
Sibghatullah Khattak
Sibghatullah Khattak

Ethical hacking refers to the act of locating weaknesses and vulnerabilities of computer and information systems by duplicating the intent and actions of malicious hackers. Ethical hacking is also known as penetration testing, intrusion testing, or red teaming.

Educação
1 de 98
ETHICAL HACKING FOR EDUCATORS PRESENTED BY SMKHATTAK SIBGHATULLAH KHATTAK AUST, PAKISTAN
OVERVIEW • Old School Hackers: History of Hacking • Ec-Council: Certified Ethical Hacker • Learning Competencies • Teaching Resources: Ethical Hacking Textbooks • Hacking Tools • Hacker Challenge Websites • Additional Web Sites • Questions and Answers
OLD SCHOOL HACKERS: HISTORY OF HACKING
PREHISTORY • 1960s: The Dawn of Hacking Original meaning of the word "hack" started at MIT; meant elegant, witty or inspired way of doing almost anything; hacks were programming shortcuts ELDER DAYS (1970-1979) • 1970s: Phone Phreaks and Cap'n Crunch: One phreak, John Draper (aka "Cap'n Crunch"), discovers a toy whistle inside Cap'n Crunch cereal gives 2600-hertz signal, and can access AT&T's long-distance switching system. • Draper builds a "blue box" used with whistle allows phreaks to make free calls. • Steve Wozniak and Steve Jobs, future founders of Apple Computer, make and sell blue boxes. THE GOLDEN AGE (1980-1991) • 1980: Hacker Message Boards and Groups Hacking groups form; such as Legion of Doom (US), Chaos Computer Club (Germany). • 1983: Kids' Games Movie "War Games" introduces public to hacking.
THE GREAT HACKER WAR • Legion of Doom vs Masters of Deception; online warfare; jamming phone lines. • 1984: Hacker 'Zines Hacker magazine 2600 publication; online 'zine Phrack. CRACKDOWN (1986-1994) • 1986: Congress passes Computer Fraud and Abuse Act; crime to break into computer systems. • 1988: The Morris Worm Robert T. Morris, Jr., launches self- replicating worm on ARPAnet.  1989: The Germans ,1989: The Germans , the KGB and Kevinthe KGB and Kevin Mitnick.Mitnick.  German HackersGerman Hackers arrested for breaking intoarrested for breaking into U.S. computers; soldU.S. computers; sold information to Soviet KGB.information to Soviet KGB.  Hacker "The Mentor“Hacker "The Mentor“ arrested; publishesarrested; publishes Hacker's Manifesto.Hacker's Manifesto.  Kevin MitnickKevin Mitnick convicted;convicted; first person convictedfirst person convicted under law against gainingunder law against gaining access to interstateaccess to interstate network for criminalnetwork for criminal purposes.purposes.
• 1993: Why Buy a Car When You Can Hack One? Radio station call-in contest; hacker-fugitive Kevin Poulsen and friends crack phone; they allegedly get two Porsches, $20,000 cash, vacation trips; Poulsen now a freelance journalist covering computer crime. • First Def Con hacking conference in Las Vegas ZERO TOLERANCE (1994-1998) • 1995: The Mitnick Takedown: Arrested again; charged with stealing 20,000 credit card numbers.  1995: Russian Hackers1995: Russian Hackers Siphon $10 million fromSiphon $10 million from Citibank; Vladimir Levin,Citibank; Vladimir Levin, leader.leader.  Oct 1998Oct 1998 teenager hacksteenager hacks into Bell Atlantic phoneinto Bell Atlantic phone system; disabledsystem; disabled communication at airportcommunication at airport disables runway lights.disables runway lights.  19991999 hackers attackhackers attack Pentagon, MIT, FBI webPentagon, MIT, FBI web sites.sites.  1999:1999: E-commerceE-commerce company attacked;company attacked; blackmail threats followedblackmail threats followed by 8 million credit cardby 8 million credit card numbers stolen.numbers stolen. (www.blackhat.info; www.h2k2.net;(www.blackhat.info; www.h2k2.net; www.slais.ubc.ca/; www.sptimes.com;www.slais.ubc.ca/; www.sptimes.com; www.tlc.discovery.com)www.tlc.discovery.com)
EC-COUNCIL: CERTIFIED ETHICAL HACKER
EC-COUNCIL HAS CERTIFIED IT PROFESSIONALS FROM THE FOLLOWING ORGANIZATIONS AS CEH: Novell, Canon, Hewlett Packard, US Air Force Reserve, US Embassy, Verizon, PFIZER, HDFC Bank, University of Memphis, Microsoft Corporation, Worldcom, Trusecure, US Department of Defense, Fedex, Dunlop, British Telecom, Cisco, Supreme Court of the Philippines, United Nations, Ministry of Defense, UK, Nortel Networks, MCI, Check Point Software, KPMG, Fleet International, Cingular Wireless, Columbia Daily Tribune, Johnson & Johnson, Marriott Hotel, Tucson Electric Power Company, Singapore Police Force
PriceWaterhouseCoopers, SAP, Coca-ColaPriceWaterhouseCoopers, SAP, Coca-Cola Corporation, Quantum Research, US Military, IBMCorporation, Quantum Research, US Military, IBM Global Services, UPS, American Express, FBI,Global Services, UPS, American Express, FBI, Citibank Corporation, Boehringer Ingelheim, Wipro,Citibank Corporation, Boehringer Ingelheim, Wipro, New York City Dept Of IT & Telecom – DoITT, UnitedNew York City Dept Of IT & Telecom – DoITT, United States Marine Corps, Reserve Bank of India, US AirStates Marine Corps, Reserve Bank of India, US Air Force, EDS, Bell Canada, SONY, Kodak, OntarioForce, EDS, Bell Canada, SONY, Kodak, Ontario Provincial Police, Harris Corporation, Xerox, PhilipsProvincial Police, Harris Corporation, Xerox, Philips Electronics, U.S. Army, Schering, Accenture, BankElectronics, U.S. Army, Schering, Accenture, Bank One, SAIC, Fujitsu, Deutsche BankOne, SAIC, Fujitsu, Deutsche Bank (CONT.)
HACKERS ARE HERE. WHERE ARE YOU? • The explosive growth of the Internet has brought many good things…As with most technological advances, there is also a dark side: criminal hackers. • The term “hacker” has a dual usage in the computer industry today. Originally, the term was defined as: • HACKER noun. 1. A person who enjoys learning the details of computer systems and how to stretch their capabilities…. 2. One who programs enthusiastically or who enjoys programming rather than just theorizing about programming.
WHAT IS A HACKER? • Old School Hackers: 1960s style Stanford or MIT hackers. Do not have malicious intent, but do have lack of concern for privacy and proprietary information. They believe the Internet was designed to be an open system. • Script Kiddies or Cyber-Punks: Between 12-30; predominantly white and male; bored in school; get caught due to bragging online; intent is to vandalize or disrupt systems. • Professional Criminals or Crackers: Make a living by breaking into systems and selling the information. • Coders and Virus Writers: See themselves as an elite; programming background and write code but won’t use it themselves; have their own networks called “zoos”; leave it to others to release their code into “The Wild” or Internet. (www.tlc.discovery.com)
WHAT IS ETHICAL HACKING? • Ethical hacking – defined “methodology adopted by ethical hackers to discover the vulnerabilities existing in information systems’ operating environments.” • With the growth of the Internet, computer security has become a major concern for businesses and governments. • In their search for a way to approach the problem, organizations came to realize that one of the best ways to evaluate the intruder threat to their interests would be to have independent computer security professionals attempt to break into their computer systems.
WHO ARE ETHICAL HACKERS?• “One of the best ways to evaluate the intruder threat is to have an independent computer security professionals attempt to break their computer systems” • Successful ethical hackers possess a variety of skills. First and foremost, they must be completely trustworthy. • Ethical hackers typically have very strong programming and computer networking skills. • They are also adept at installing and maintaining systems that use the more popular operating systems (e.g., Linux or Windows 2000) used on target systems. • These base skills are augmented with detailed knowledge of the hardware and software provided by the more popular computer and networking hardware vendors.
WHAT DO ETHICAL HACKERS DO? • An ethical hacker’s evaluation of a system’s security seeks answers to these basic questions: • What can an intruder see on the target systems? • What can an intruder do with that information? • Does anyone at the target notice the intruder’s at tempts or successes? • What are you trying to protect? • What are you trying to protect against? • How much time, effort, and money are you willing to expend to obtain adequate protection?
HOW MUCH DO ETHICAL HACKERS GET PAID? • Globally, the hiring of ethical hackers is on the rise with most of them working with top consulting firms. • In the United States, an ethical hacker can make upwards of $120,000 per annum. • Freelance ethical hackers can expect to make $10,000 per assignment. • Some ranges from $15,000 to $45,000 for a standalone ethical hack.
CERTIFIED ETHICAL HACKER (C|EH) TRAINING • InfoSec Academy • http://www.infosecacademy.com • Five-day Certified Ethical Hacker (C|EH) Training Camp Certification Training Program • (C|EH) examination • C|EH Certified Ethical Hacker Training Camp (5-Day Package)$3,595 ($2,580 training only) (Source: www.eccouncil.org)
LEARNING COMPETENCIES
REQUIRED SKILLS OF AN ETHICAL HACKER• Routers: knowledge of routers, routing protocols, and access control lists • Microsoft: skills in operation, configuration and management. • Linux: knowledge of Linux/Unix; security setting, configuration, and services. • Firewalls: configurations, and operation of intrusion detection systems. • Mainframes • Network Protocols: TCP/IP; how they function and can be manipulated. • Project Management: knowledge of leading, planning, organizing, and controlling a penetration testing team. (Source: http://www.examcram.com)
MODES OF ETHICAL HACKING • Insider attack • Outsider attack • Stolen equipment attack • Physical entry • Bypassed authentication attack (wireless access points) • Social engineering attack (Source: http://www.examcram.com)
ANATOMY OF AN ATTACK: • Reconnaissance – attacker gathers information; can include social engineering. • Scanning – searches for open ports (port scan) probes target for vulnerabilities. • Gaining access – attacker exploits vulnerabilities to get inside system; used for spoofing IP. • Maintaining access – creates backdoor through use of Trojans; once attacker gains access makes sure he/she can get back in. • Covering tracks – deletes files, hides files, and erases log files. So that attacker cannot be detected or penalized. (Source: www.eccouncil.org)
• Hacker classes • Black hats – highly skilled, malicious, destructive “crackers” • White hats – skills used for defensive security analysts • Gray hats – offensively and defensively; will hack for different reasons, depends on situation. • Hactivism – hacking for social and political cause. • Ethical hackers – determine what attackers can gain access to, what they will do with the information, and can they be detected. (Source: www.eccouncil.org)
TEACHING RESOURCES: ETHICAL HACKING TEXTBOOKS
EC-COUNCIL Certified Ethical Hacker www.eccouncil.org ISBN 0-9729362-1-1
EC-COUNCIL TOPICS COVERED • Introduction to Ethical Hacking • Footprinting • Scanning • Enumeration • System Hacking • Trojans and Backdoors • Sniffers • Denial of Service • Social Engineering • Session Hijacking • Hacking Web Servers
EC-COUNCIL (CONT.) • Web Application Vulnerabilities • Web Based Password Cracking Techniques • SQL Injection • Hacking Wireless Networks • Viruses • Novell Hacking • Linux Hacking • Evading IDS, Firewalls and Honeypots • Buffer Overflows • Cryptography
CERTIFIED ETHICAL HACKER EXAM PREP http://www.examcram.com ISBN 0-7897-3531-8
CERTIFIED ETHICAL HACKER EXAM PREP• The Business Aspects of Penetration Testing • The Technical Foundations of Hacking • Footprinting and Scanning • Enumeration and System Hacking • Linux and automated Security Assessment Tools • Trojans and Backdoors • Sniffers, Session Hyjacking, and Denial of Service
CERTIFIED ETHICAL HACKER EXAM PREP (CONT.) • Web Server Hacking, Web Applications, and Database Attacks • Wireless Technologies, Security, and Attacks • IDS, Firewalls, and Honeypots • Buffer Overflows, Viruses, and Worms • Cryptographic Attacks and Defenses • Physical Security and Social Engineering
HANDS-ON INFORMATION SECURITY LAB MANUAL, SECOND EDITION http://www.course.com/ ISBN 0-619-21631-X 1. Footprinting 2. Scanning and Enumeration 3. Operating System Vulnerabilities and Resolutions 4. Network Security Tools and Technologies 5. Security Maintenance 6. Information Security Management 7. File System Security and Cryptography 8. Computer Forensics
HACKING TOOLS: FOOTPRINTING AND RECONNAISSANCE
WHOIS
WHOIS (CONT.) http://www.allwhois.com/
WHOIS (CONT.)
SAM SPADE
SAM SPADE (CONT.)
NSLOOKUP
NSLOOKUP OPTIONS
TRACEROUTE
PING
PING OPTIONS
HACKING TOOLS: SCANNING AND ENUMERATION
NMAP
NMAPWIN
SUPERSCAN
SUPERSCAN (CONT.)
IP SCANNER
HYENA
RETINA
LANGUARD
HACKING TOOLS: SYSTEM HACKING
TELNET
SNADBOY
PASSWORD CRACKING WITH LOPHTCRACK
KEYLOGGER
HACKING TOOLS: TROJANS AND BACKDOORS
NETBUS
GAME CREATES BACKDOOR FOR NETBUS
SUBSEVEN
HACKING TOOLS: SNIFFERS
SPOOFING A MAC ADDRESS ORIGINAL CONFIGURATION
SPOOFED MAC
ETHEREAL
IRIS
SNORT
HACKING TOOLS: WEB BASED PASSWORD CRACKING
CAIN AND ABEL
CAIN AND ABEL (CONT.)
CAIN AND ABEL (CONT.)
LEGION
BRUTUS
HACKING TOOLS: COVERING TRACKS
IMAGEHIDE
CLEARLOGS
CLEARLOGS (CONT.)
HACKING TOOLS: GOOGLE HACKING AND SQL INJECTION
GOOGLE HACKING
GOOGLE CHEAT SHEET
SQL INJECTION • Allows a remote attacker to execute arbitrary database commands • Relies on poorly formed database queries and insufficient input validation • Often facilitated, but does not rely on unhandled exceptions and ODBC error messages • Impact: MASSIVE. This is one of the most dangerous vulnerabilities on the web.
COMMON DATABASE QUERY
PROBLEM: UNVALIDATED INPUT
PIGGYBACKING QUERIES WITH UNION
HACKER CHALLENGE WEBSITES
http://www.hackr.org/mainpage.php
HACKTHISSITE.ORG http://www.hackthissite.org
ANSWERS REVEALED IN CODE
HACKITS http://www.hackits.de/challenge/
ADDITIONAL WEB SITES
LEGION OF ETHICAL HACKING
LEGION OF ETHICAL HACKING (CONT.)
HACKER HIGHSCHOOL http://www.hackerhighschool.org/
HACKER HIGHSCHOOL
JOHNNY.IHACKSTUFF.COM/
HAPPYHACKER.ORG
FOUNDSTONE
INSECURE.ORG
SANS INSTITUTE
QUESTIONS & ANSWERS

Recomendados

Ethical Hacking Overview
Ethical Hacking OverviewEthical Hacking Overview
Ethical Hacking OverviewSubhoneel Datta
 
Ethical Hacking Certification Path You Should Follow
Ethical Hacking Certification Path You Should FollowEthical Hacking Certification Path You Should Follow
Ethical Hacking Certification Path You Should FollowMercury Solutions Limited
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hackingvishakha bhagwat
 
ethical hacking
ethical hackingethical hacking
ethical hackingNeelima Bawa
 
Hacking
HackingHacking
HackingHaider Akbar
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hackingRamchandraRegmi
 
Computer hacking – Is it Ethical PPT
Computer hacking – Is it Ethical PPTComputer hacking – Is it Ethical PPT
Computer hacking – Is it Ethical PPTVivekanandan M
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hackingDamisetty Bala Naga Rama Sesha Sai
 

Recomendados

Ethical Hacking Overview
Ethical Hacking OverviewEthical Hacking Overview
Ethical Hacking OverviewSubhoneel Datta
 
Ethical Hacking Certification Path You Should Follow
Ethical Hacking Certification Path You Should FollowEthical Hacking Certification Path You Should Follow
Ethical Hacking Certification Path You Should FollowMercury Solutions Limited
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hackingvishakha bhagwat
 
ethical hacking
ethical hackingethical hacking
ethical hackingNeelima Bawa
 
Hacking
HackingHacking
HackingHaider Akbar
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hackingRamchandraRegmi
 
Computer hacking – Is it Ethical PPT
Computer hacking – Is it Ethical PPTComputer hacking – Is it Ethical PPT
Computer hacking – Is it Ethical PPTVivekanandan M
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hackingDamisetty Bala Naga Rama Sesha Sai
 
It security &_ethical_hacking
It security &_ethical_hackingIt security &_ethical_hacking
It security &_ethical_hackingsatish kumar
 
Ethical hacking presentation
Ethical hacking presentationEthical hacking presentation
Ethical hacking presentationGeorgekutty Francis
 
Top 10 most famous hackers of all time
Top 10 most famous hackers of all timeTop 10 most famous hackers of all time
Top 10 most famous hackers of all timePRESENTATIONSFORESL
 
Ethicalhacking
Ethicalhacking Ethicalhacking
Ethicalhacking Irvin Costa
 
Ethicalhacking 130906120356-
Ethicalhacking 130906120356-Ethicalhacking 130906120356-
Ethicalhacking 130906120356-RAKESH SHARMA
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical HackingDEEPIKA WALIA
 
Windows Hacking
Windows HackingWindows Hacking
Windows HackingMayur Sutariya
 
Ethical hacking-presentation-updated(1by )Rasheed
Ethical hacking-presentation-updated(1by )RasheedEthical hacking-presentation-updated(1by )Rasheed
Ethical hacking-presentation-updated(1by )RasheedRasheed Ur Rehman
 
Ethical hacking presentation
Ethical hacking presentationEthical hacking presentation
Ethical hacking presentationSuryansh Srivastava
 
Ethical hacking by chandra prakash upadhyay
Ethical hacking by chandra prakash upadhyayEthical hacking by chandra prakash upadhyay
Ethical hacking by chandra prakash upadhyayChandra Prakash
 
the best hacking ppt
the best hacking pptthe best hacking ppt
the best hacking pptfuckubitches
 
Hacking and Hackers
Hacking and HackersHacking and Hackers
Hacking and HackersFarwa Ansari
 
Ethical hacking
Ethical hacking Ethical hacking
Ethical hacking Institute of Information Security (IIS)
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hackingGanesh Vadulekar
 
"Hacking"
"Hacking""Hacking"
"Hacking"Ameesha Indusarani
 
Ethicalhacking
Ethicalhacking Ethicalhacking
Ethicalhacking pavankumarmangena
 
Course on Ehtical Hacking - Introduction
Course on Ehtical Hacking - IntroductionCourse on Ehtical Hacking - Introduction
Course on Ehtical Hacking - IntroductionBharat Thakkar
 
All about Hacking
All about HackingAll about Hacking
All about HackingMadhusudhan G
 
Hacking (cs192 report )
Hacking (cs192 report )Hacking (cs192 report )
Hacking (cs192 report )Elipeta Sotabento
 
Hacking
Hacking Hacking
Hacking Farkhanda Kiran
 
Ethical hacking presentation_october_2006
Ethical hacking presentation_october_2006Ethical hacking presentation_october_2006
Ethical hacking presentation_october_2006Umang Patel
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hackingANKITA VISHWAKARMA
 

Mais conteúdo relacionado

Mais procurados

It security &_ethical_hacking
It security &_ethical_hackingIt security &_ethical_hacking
It security &_ethical_hackingsatish kumar
 
Top 10 most famous hackers of all time
Top 10 most famous hackers of all timeTop 10 most famous hackers of all time
Top 10 most famous hackers of all timePRESENTATIONSFORESL
 
Ethicalhacking 130906120356-
Ethicalhacking 130906120356-Ethicalhacking 130906120356-
Ethicalhacking 130906120356-RAKESH SHARMA
 
Ethical hacking-presentation-updated(1by )Rasheed
Ethical hacking-presentation-updated(1by )RasheedEthical hacking-presentation-updated(1by )Rasheed
Ethical hacking-presentation-updated(1by )RasheedRasheed Ur Rehman
 
Ethical hacking by chandra prakash upadhyay
Ethical hacking by chandra prakash upadhyayEthical hacking by chandra prakash upadhyay
Ethical hacking by chandra prakash upadhyayChandra Prakash
 
the best hacking ppt
the best hacking pptthe best hacking ppt
the best hacking pptfuckubitches
 
Hacking and Hackers
Hacking and HackersHacking and Hackers
Hacking and HackersFarwa Ansari
 
Course on Ehtical Hacking - Introduction
Course on Ehtical Hacking - IntroductionCourse on Ehtical Hacking - Introduction
Course on Ehtical Hacking - IntroductionBharat Thakkar
 

Mais procurados (20)

It security &_ethical_hacking
It security &_ethical_hackingIt security &_ethical_hacking
It security &_ethical_hacking
 
Ethical hacking presentation
Ethical hacking presentationEthical hacking presentation
Ethical hacking presentation
 
Top 10 most famous hackers of all time
Top 10 most famous hackers of all timeTop 10 most famous hackers of all time
Top 10 most famous hackers of all time
 
Ethicalhacking
Ethicalhacking Ethicalhacking
Ethicalhacking
 
Ethicalhacking 130906120356-
Ethicalhacking 130906120356-Ethicalhacking 130906120356-
Ethicalhacking 130906120356-
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
 
Windows Hacking
Windows HackingWindows Hacking
Windows Hacking
 
Ethical hacking-presentation-updated(1by )Rasheed
Ethical hacking-presentation-updated(1by )RasheedEthical hacking-presentation-updated(1by )Rasheed
Ethical hacking-presentation-updated(1by )Rasheed
 
Ethical hacking presentation
Ethical hacking presentationEthical hacking presentation
Ethical hacking presentation
 
Ethical hacking by chandra prakash upadhyay
Ethical hacking by chandra prakash upadhyayEthical hacking by chandra prakash upadhyay
Ethical hacking by chandra prakash upadhyay
 
the best hacking ppt
the best hacking pptthe best hacking ppt
the best hacking ppt
 
Hacking and Hackers
Hacking and HackersHacking and Hackers
Hacking and Hackers
 
Ethical hacking
Ethical hacking Ethical hacking
Ethical hacking
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
 
"Hacking"
"Hacking""Hacking"
"Hacking"
 
Ethicalhacking
Ethicalhacking Ethicalhacking
Ethicalhacking
 
Course on Ehtical Hacking - Introduction
Course on Ehtical Hacking - IntroductionCourse on Ehtical Hacking - Introduction
Course on Ehtical Hacking - Introduction
 
All about Hacking
All about HackingAll about Hacking
All about Hacking
 
Hacking (cs192 report )
Hacking (cs192 report )Hacking (cs192 report )
Hacking (cs192 report )
 
Hacking
Hacking Hacking
Hacking
 

Semelhante a What is Ethical hacking

Ethical hacking presentation_october_2006
Ethical hacking presentation_october_2006Ethical hacking presentation_october_2006
Ethical hacking presentation_october_2006Umang Patel
 
Bar Camp 11 Oct09 Hacking
Bar Camp 11 Oct09 HackingBar Camp 11 Oct09 Hacking
Bar Camp 11 Oct09 HackingBarcamp Kerala
 
C|EH Introduction
C|EH IntroductionC|EH Introduction
C|EH Introductionsunnysmith
 
Computer crime hacking
Computer crime hackingComputer crime hacking
Computer crime hackingtangytangling
 
Computer crime hacking
Computer crime hackingComputer crime hacking
Computer crime hackingtangytangling
 
Cyber security talks 2019 by theko moima
Cyber security talks 2019 by theko moimaCyber security talks 2019 by theko moima
Cyber security talks 2019 by theko moimaTheko Moima
 
Hackers are innocent
Hackers are innocentHackers are innocent
Hackers are innocentdanish3
 

Semelhante a What is Ethical hacking (20)

Ethical hacking presentation_october_2006
Ethical hacking presentation_october_2006Ethical hacking presentation_october_2006
Ethical hacking presentation_october_2006
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
 
Hacking
HackingHacking
Hacking
 
Cyber crime &_info_security
Cyber crime &_info_securityCyber crime &_info_security
Cyber crime &_info_security
 
hacking
hackinghacking
hacking
 
Hacking (1)
Hacking (1)Hacking (1)
Hacking (1)
 
Hacking
HackingHacking
Hacking
 
Hacking (1)
Hacking (1)Hacking (1)
Hacking (1)
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
 
Bar Camp 11 Oct09 Hacking
Bar Camp 11 Oct09 HackingBar Camp 11 Oct09 Hacking
Bar Camp 11 Oct09 Hacking
 
C|EH Introduction
C|EH IntroductionC|EH Introduction
C|EH Introduction
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
 
Report on Hacking
Report on HackingReport on Hacking
Report on Hacking
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
 
Computer crime hacking
Computer crime hackingComputer crime hacking
Computer crime hacking
 
Computer crime hacking
Computer crime hackingComputer crime hacking
Computer crime hacking
 
Cyber security talks 2019 by theko moima
Cyber security talks 2019 by theko moimaCyber security talks 2019 by theko moima
Cyber security talks 2019 by theko moima
 
Hackers are innocent
Hackers are innocentHackers are innocent
Hackers are innocent
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
 
Is hacking good or bad
Is hacking good or badIs hacking good or bad
Is hacking good or bad
 

Último

Z Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphZ Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphThiyagu K
 
Unit-V; Pricing (Pharma Marketing Management).pptx
Unit-V; Pricing (Pharma Marketing Management).pptxUnit-V; Pricing (Pharma Marketing Management).pptx
Unit-V; Pricing (Pharma Marketing Management).pptxVishalSingh1417
 
Holdier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfHoldier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfagholdier
 
1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdfQucHHunhnh
 
This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.christianmathematics
 
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in DelhiRussian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhikauryashika82
 
Measures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SDMeasures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SDThiyagu K
 
An Overview of Mutual Funds Bcom Project.pdf
An Overview of Mutual Funds Bcom Project.pdfAn Overview of Mutual Funds Bcom Project.pdf
An Overview of Mutual Funds Bcom Project.pdfSanaAli374401
 
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptxBasic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptxDenish Jangid
 
Gardella_PRCampaignConclusion Pitch Letter
Gardella_PRCampaignConclusion Pitch LetterGardella_PRCampaignConclusion Pitch Letter
Gardella_PRCampaignConclusion Pitch LetterMateoGardella
 
Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingGrant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingTechSoup
 
SECOND SEMESTER TOPIC COVERAGE SY 2023-2024 Trends, Networks, and Critical Th...
SECOND SEMESTER TOPIC COVERAGE SY 2023-2024 Trends, Networks, and Critical Th...SECOND SEMESTER TOPIC COVERAGE SY 2023-2024 Trends, Networks, and Critical Th...
SECOND SEMESTER TOPIC COVERAGE SY 2023-2024 Trends, Networks, and Critical Th...KokoStevan
 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxiammrhaywood
 
Seal of Good Local Governance (SGLG) 2024Final.pptx
Seal of Good Local Governance (SGLG) 2024Final.pptxSeal of Good Local Governance (SGLG) 2024Final.pptx
Seal of Good Local Governance (SGLG) 2024Final.pptxnegromaestrong
 
PROCESS RECORDING FORMAT.docx
PROCESS RECORDING FORMAT.docxPROCESS RECORDING FORMAT.docx
PROCESS RECORDING FORMAT.docxPoojaSen20
 
Class 11th Physics NEET formula sheet pdf
Class 11th Physics NEET formula sheet pdfClass 11th Physics NEET formula sheet pdf
Class 11th Physics NEET formula sheet pdfAyushMahapatra5
 
Key note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdfKey note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdfAdmir Softic
 

Último (20)

Z Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphZ Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot Graph
 
Unit-V; Pricing (Pharma Marketing Management).pptx
Unit-V; Pricing (Pharma Marketing Management).pptxUnit-V; Pricing (Pharma Marketing Management).pptx
Unit-V; Pricing (Pharma Marketing Management).pptx
 
Holdier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfHoldier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdf
 
Mehran University Newsletter Vol-X, Issue-I, 2024
Mehran University Newsletter Vol-X, Issue-I, 2024Mehran University Newsletter Vol-X, Issue-I, 2024
Mehran University Newsletter Vol-X, Issue-I, 2024
 
1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf
 
This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.
 
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in DelhiRussian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
 
Measures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SDMeasures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SD
 
An Overview of Mutual Funds Bcom Project.pdf
An Overview of Mutual Funds Bcom Project.pdfAn Overview of Mutual Funds Bcom Project.pdf
An Overview of Mutual Funds Bcom Project.pdf
 
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptxBasic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
 
Advance Mobile Application Development class 07
Advance Mobile Application Development class 07Advance Mobile Application Development class 07
Advance Mobile Application Development class 07
 
Gardella_PRCampaignConclusion Pitch Letter
Gardella_PRCampaignConclusion Pitch LetterGardella_PRCampaignConclusion Pitch Letter
Gardella_PRCampaignConclusion Pitch Letter
 
Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingGrant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy Consulting
 
SECOND SEMESTER TOPIC COVERAGE SY 2023-2024 Trends, Networks, and Critical Th...
SECOND SEMESTER TOPIC COVERAGE SY 2023-2024 Trends, Networks, and Critical Th...SECOND SEMESTER TOPIC COVERAGE SY 2023-2024 Trends, Networks, and Critical Th...
SECOND SEMESTER TOPIC COVERAGE SY 2023-2024 Trends, Networks, and Critical Th...
 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
 
Seal of Good Local Governance (SGLG) 2024Final.pptx
Seal of Good Local Governance (SGLG) 2024Final.pptxSeal of Good Local Governance (SGLG) 2024Final.pptx
Seal of Good Local Governance (SGLG) 2024Final.pptx
 
PROCESS RECORDING FORMAT.docx
PROCESS RECORDING FORMAT.docxPROCESS RECORDING FORMAT.docx
PROCESS RECORDING FORMAT.docx
 
Class 11th Physics NEET formula sheet pdf
Class 11th Physics NEET formula sheet pdfClass 11th Physics NEET formula sheet pdf
Class 11th Physics NEET formula sheet pdf
 
Key note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdfKey note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdf
 
Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1
 

What is Ethical hacking

  • 1. ETHICAL HACKING FOR EDUCATORS PRESENTED BY SMKHATTAK SIBGHATULLAH KHATTAK AUST, PAKISTAN
  • 2. OVERVIEW • Old School Hackers: History of Hacking • Ec-Council: Certified Ethical Hacker • Learning Competencies • Teaching Resources: Ethical Hacking Textbooks • Hacking Tools • Hacker Challenge Websites • Additional Web Sites • Questions and Answers
  • 4. PREHISTORY • 1960s: The Dawn of Hacking Original meaning of the word "hack" started at MIT; meant elegant, witty or inspired way of doing almost anything; hacks were programming shortcuts ELDER DAYS (1970-1979) • 1970s: Phone Phreaks and Cap'n Crunch: One phreak, John Draper (aka "Cap'n Crunch"), discovers a toy whistle inside Cap'n Crunch cereal gives 2600-hertz signal, and can access AT&T's long-distance switching system. • Draper builds a "blue box" used with whistle allows phreaks to make free calls. • Steve Wozniak and Steve Jobs, future founders of Apple Computer, make and sell blue boxes. THE GOLDEN AGE (1980-1991) • 1980: Hacker Message Boards and Groups Hacking groups form; such as Legion of Doom (US), Chaos Computer Club (Germany). • 1983: Kids' Games Movie "War Games" introduces public to hacking.
  • 5. THE GREAT HACKER WAR • Legion of Doom vs Masters of Deception; online warfare; jamming phone lines. • 1984: Hacker 'Zines Hacker magazine 2600 publication; online 'zine Phrack. CRACKDOWN (1986-1994) • 1986: Congress passes Computer Fraud and Abuse Act; crime to break into computer systems. • 1988: The Morris Worm Robert T. Morris, Jr., launches self- replicating worm on ARPAnet.  1989: The Germans ,1989: The Germans , the KGB and Kevinthe KGB and Kevin Mitnick.Mitnick.  German HackersGerman Hackers arrested for breaking intoarrested for breaking into U.S. computers; soldU.S. computers; sold information to Soviet KGB.information to Soviet KGB.  Hacker "The Mentor“Hacker "The Mentor“ arrested; publishesarrested; publishes Hacker's Manifesto.Hacker's Manifesto.  Kevin MitnickKevin Mitnick convicted;convicted; first person convictedfirst person convicted under law against gainingunder law against gaining access to interstateaccess to interstate network for criminalnetwork for criminal purposes.purposes.
  • 6. • 1993: Why Buy a Car When You Can Hack One? Radio station call-in contest; hacker-fugitive Kevin Poulsen and friends crack phone; they allegedly get two Porsches, $20,000 cash, vacation trips; Poulsen now a freelance journalist covering computer crime. • First Def Con hacking conference in Las Vegas ZERO TOLERANCE (1994-1998) • 1995: The Mitnick Takedown: Arrested again; charged with stealing 20,000 credit card numbers.  1995: Russian Hackers1995: Russian Hackers Siphon $10 million fromSiphon $10 million from Citibank; Vladimir Levin,Citibank; Vladimir Levin, leader.leader.  Oct 1998Oct 1998 teenager hacksteenager hacks into Bell Atlantic phoneinto Bell Atlantic phone system; disabledsystem; disabled communication at airportcommunication at airport disables runway lights.disables runway lights.  19991999 hackers attackhackers attack Pentagon, MIT, FBI webPentagon, MIT, FBI web sites.sites.  1999:1999: E-commerceE-commerce company attacked;company attacked; blackmail threats followedblackmail threats followed by 8 million credit cardby 8 million credit card numbers stolen.numbers stolen. (www.blackhat.info; www.h2k2.net;(www.blackhat.info; www.h2k2.net; www.slais.ubc.ca/; www.sptimes.com;www.slais.ubc.ca/; www.sptimes.com; www.tlc.discovery.com)www.tlc.discovery.com)
  • 8. EC-COUNCIL HAS CERTIFIED IT PROFESSIONALS FROM THE FOLLOWING ORGANIZATIONS AS CEH: Novell, Canon, Hewlett Packard, US Air Force Reserve, US Embassy, Verizon, PFIZER, HDFC Bank, University of Memphis, Microsoft Corporation, Worldcom, Trusecure, US Department of Defense, Fedex, Dunlop, British Telecom, Cisco, Supreme Court of the Philippines, United Nations, Ministry of Defense, UK, Nortel Networks, MCI, Check Point Software, KPMG, Fleet International, Cingular Wireless, Columbia Daily Tribune, Johnson & Johnson, Marriott Hotel, Tucson Electric Power Company, Singapore Police Force
  • 9. PriceWaterhouseCoopers, SAP, Coca-ColaPriceWaterhouseCoopers, SAP, Coca-Cola Corporation, Quantum Research, US Military, IBMCorporation, Quantum Research, US Military, IBM Global Services, UPS, American Express, FBI,Global Services, UPS, American Express, FBI, Citibank Corporation, Boehringer Ingelheim, Wipro,Citibank Corporation, Boehringer Ingelheim, Wipro, New York City Dept Of IT & Telecom – DoITT, UnitedNew York City Dept Of IT & Telecom – DoITT, United States Marine Corps, Reserve Bank of India, US AirStates Marine Corps, Reserve Bank of India, US Air Force, EDS, Bell Canada, SONY, Kodak, OntarioForce, EDS, Bell Canada, SONY, Kodak, Ontario Provincial Police, Harris Corporation, Xerox, PhilipsProvincial Police, Harris Corporation, Xerox, Philips Electronics, U.S. Army, Schering, Accenture, BankElectronics, U.S. Army, Schering, Accenture, Bank One, SAIC, Fujitsu, Deutsche BankOne, SAIC, Fujitsu, Deutsche Bank (CONT.)
  • 10. HACKERS ARE HERE. WHERE ARE YOU? • The explosive growth of the Internet has brought many good things…As with most technological advances, there is also a dark side: criminal hackers. • The term “hacker” has a dual usage in the computer industry today. Originally, the term was defined as: • HACKER noun. 1. A person who enjoys learning the details of computer systems and how to stretch their capabilities…. 2. One who programs enthusiastically or who enjoys programming rather than just theorizing about programming.
  • 11. WHAT IS A HACKER? • Old School Hackers: 1960s style Stanford or MIT hackers. Do not have malicious intent, but do have lack of concern for privacy and proprietary information. They believe the Internet was designed to be an open system. • Script Kiddies or Cyber-Punks: Between 12-30; predominantly white and male; bored in school; get caught due to bragging online; intent is to vandalize or disrupt systems. • Professional Criminals or Crackers: Make a living by breaking into systems and selling the information. • Coders and Virus Writers: See themselves as an elite; programming background and write code but won’t use it themselves; have their own networks called “zoos”; leave it to others to release their code into “The Wild” or Internet. (www.tlc.discovery.com)
  • 12. WHAT IS ETHICAL HACKING? • Ethical hacking – defined “methodology adopted by ethical hackers to discover the vulnerabilities existing in information systems’ operating environments.” • With the growth of the Internet, computer security has become a major concern for businesses and governments. • In their search for a way to approach the problem, organizations came to realize that one of the best ways to evaluate the intruder threat to their interests would be to have independent computer security professionals attempt to break into their computer systems.
  • 13. WHO ARE ETHICAL HACKERS?• “One of the best ways to evaluate the intruder threat is to have an independent computer security professionals attempt to break their computer systems” • Successful ethical hackers possess a variety of skills. First and foremost, they must be completely trustworthy. • Ethical hackers typically have very strong programming and computer networking skills. • They are also adept at installing and maintaining systems that use the more popular operating systems (e.g., Linux or Windows 2000) used on target systems. • These base skills are augmented with detailed knowledge of the hardware and software provided by the more popular computer and networking hardware vendors.
  • 14. WHAT DO ETHICAL HACKERS DO? • An ethical hacker’s evaluation of a system’s security seeks answers to these basic questions: • What can an intruder see on the target systems? • What can an intruder do with that information? • Does anyone at the target notice the intruder’s at tempts or successes? • What are you trying to protect? • What are you trying to protect against? • How much time, effort, and money are you willing to expend to obtain adequate protection?
  • 15. HOW MUCH DO ETHICAL HACKERS GET PAID? • Globally, the hiring of ethical hackers is on the rise with most of them working with top consulting firms. • In the United States, an ethical hacker can make upwards of $120,000 per annum. • Freelance ethical hackers can expect to make $10,000 per assignment. • Some ranges from $15,000 to $45,000 for a standalone ethical hack.
  • 16. CERTIFIED ETHICAL HACKER (C|EH) TRAINING • InfoSec Academy • http://www.infosecacademy.com • Five-day Certified Ethical Hacker (C|EH) Training Camp Certification Training Program • (C|EH) examination • C|EH Certified Ethical Hacker Training Camp (5-Day Package)$3,595 ($2,580 training only) (Source: www.eccouncil.org)
  • 18. REQUIRED SKILLS OF AN ETHICAL HACKER• Routers: knowledge of routers, routing protocols, and access control lists • Microsoft: skills in operation, configuration and management. • Linux: knowledge of Linux/Unix; security setting, configuration, and services. • Firewalls: configurations, and operation of intrusion detection systems. • Mainframes • Network Protocols: TCP/IP; how they function and can be manipulated. • Project Management: knowledge of leading, planning, organizing, and controlling a penetration testing team. (Source: http://www.examcram.com)
  • 19. MODES OF ETHICAL HACKING • Insider attack • Outsider attack • Stolen equipment attack • Physical entry • Bypassed authentication attack (wireless access points) • Social engineering attack (Source: http://www.examcram.com)
  • 20. ANATOMY OF AN ATTACK: • Reconnaissance – attacker gathers information; can include social engineering. • Scanning – searches for open ports (port scan) probes target for vulnerabilities. • Gaining access – attacker exploits vulnerabilities to get inside system; used for spoofing IP. • Maintaining access – creates backdoor through use of Trojans; once attacker gains access makes sure he/she can get back in. • Covering tracks – deletes files, hides files, and erases log files. So that attacker cannot be detected or penalized. (Source: www.eccouncil.org)
  • 21. • Hacker classes • Black hats – highly skilled, malicious, destructive “crackers” • White hats – skills used for defensive security analysts • Gray hats – offensively and defensively; will hack for different reasons, depends on situation. • Hactivism – hacking for social and political cause. • Ethical hackers – determine what attackers can gain access to, what they will do with the information, and can they be detected. (Source: www.eccouncil.org)
  • 24. EC-COUNCIL TOPICS COVERED • Introduction to Ethical Hacking • Footprinting • Scanning • Enumeration • System Hacking • Trojans and Backdoors • Sniffers • Denial of Service • Social Engineering • Session Hijacking • Hacking Web Servers
  • 25. EC-COUNCIL (CONT.) • Web Application Vulnerabilities • Web Based Password Cracking Techniques • SQL Injection • Hacking Wireless Networks • Viruses • Novell Hacking • Linux Hacking • Evading IDS, Firewalls and Honeypots • Buffer Overflows • Cryptography
  • 26. CERTIFIED ETHICAL HACKER EXAM PREP http://www.examcram.com ISBN 0-7897-3531-8
  • 27. CERTIFIED ETHICAL HACKER EXAM PREP• The Business Aspects of Penetration Testing • The Technical Foundations of Hacking • Footprinting and Scanning • Enumeration and System Hacking • Linux and automated Security Assessment Tools • Trojans and Backdoors • Sniffers, Session Hyjacking, and Denial of Service
  • 28. CERTIFIED ETHICAL HACKER EXAM PREP (CONT.) • Web Server Hacking, Web Applications, and Database Attacks • Wireless Technologies, Security, and Attacks • IDS, Firewalls, and Honeypots • Buffer Overflows, Viruses, and Worms • Cryptographic Attacks and Defenses • Physical Security and Social Engineering
  • 29. HANDS-ON INFORMATION SECURITY LAB MANUAL, SECOND EDITION http://www.course.com/ ISBN 0-619-21631-X 1. Footprinting 2. Scanning and Enumeration 3. Operating System Vulnerabilities and Resolutions 4. Network Security Tools and Technologies 5. Security Maintenance 6. Information Security Management 7. File System Security and Cryptography 8. Computer Forensics
  • 31. WHOIS
  • 39. PING
  • 41. HACKING TOOLS: SCANNING AND ENUMERATION
  • 42. NMAP
  • 47. HYENA
  • 55. HACKING TOOLS: TROJANS AND BACKDOORS
  • 60. SPOOFING A MAC ADDRESS ORIGINAL CONFIGURATION
  • 63. IRIS
  • 64. SNORT
  • 65. HACKING TOOLS: WEB BASED PASSWORD CRACKING
  • 67. CAIN AND ABEL (CONT.)
  • 68. CAIN AND ABEL (CONT.)
  • 75. HACKING TOOLS: GOOGLE HACKING AND SQL INJECTION
  • 78. SQL INJECTION • Allows a remote attacker to execute arbitrary database commands • Relies on poorly formed database queries and insufficient input validation • Often facilitated, but does not rely on unhandled exceptions and ODBC error messages • Impact: MASSIVE. This is one of the most dangerous vulnerabilities on the web.
  • 84.
  • 89. LEGION OF ETHICAL HACKING