Anúncio
Anúncio

Mais conteúdo relacionado

Anúncio

Hacking.pptx

  1. Submitted by: Yogesh Chauhan Bsc IT 6th Sem 2028006 Submitted to: Dr. Gopal Krishna Sharma Assistant Professor(Computer Science Department) Presentation On Emerging Technologies and Innovation in IT Topic :- Type of Hacking and System Hacking Techniques
  2. Introduction Welcome to the presentation on Types of Hacking Hacking refers to unauthorized access to computer systems or networks for malicious purposes There are various types of hacking that can be classified based on the motive, technique, target, etc.
  3. Type of hacking Black hat hacking White hat hacking Grey hat hacking Ethical hacking
  4. Black hat hacking  Black hat hackers are malicious hackers, sometimes called crackers. Black hats lack ethics, sometimes violate laws, and break into computer systems with malicious intent, and they may violate the confidentiality, integrity, or availability of an organization's systems and data. One of the most famous black hat hackers is Kevin Mitnick, who, at one point, was the most wanted cybercriminal in the world. As a black hat hacker, he hacked into over 40 major corporations, including IBM and Motorola, and even the US National Defense warning system. Black hat hacker break into secure network to destroy data or make the network unusable for those who are authorized to use the network. Black-hat hackers use various techniques such as phishing, social engineering, malware, etc. to gain access to sensitive data or cause damage to the system
  5. White hat Hacking White hat hacking, also known as ethical hacking , is the practice of using hacking skills and techniques for ethical and legal purposes. White hat hackers are experts in computer security and use their skills to identify vulnerabilities in computer systems or networks. White Hat Hackers are also known as ethical hackers or penetration testers, and they use their skills and knowledge to help organizations protect their systems from malicious attacks. White Hat Hacking involves a variety of techniques such as vulnerability scanning, penetration testing, and social engineering testing. White Hat Hacking is an important part of cybersecurity and is used by businesses, governments, and other organizations to improve their security and protect their sensitive data.
  6. Grey-Hat Hacking Grey-hat hacking is a combination of ethical and black-hat hacking Grey-hat hackers usually hack into a system without the owner's permission but don't intend to cause damage or steal sensitive data Grey-hat hackers often notify the owner about the vulnerabilities they found and ask for payment in return for fixing them
  7. Blue hat hacking Blue hat hacking is a type of computer security testing that is performed by individuals who are not part of the organization that owns the system or network being tested. No desire for learning, just hack for revenge. Unlike white hat hackers, who are authorized by the organization to perform security testing, and black hat hackers, who are unauthorized and carry out malicious activities, blue hat hackers are invited to test the security of a system or network by the organization that owns it. Overall, blue hat hacking can help organizations improve their cybersecurity defenses and prevent potential security breaches by identifying vulnerabilities and weaknesses in their systems and networks.
  8. Ethical Hacking Ethical hacking, also known as white-hat hacking, is a legal and authorized process of identifying vulnerabilities in computer systems or networks Ethical hackers use the same techniques and tools as malicious hackers but with the owner's permission The goal of ethical hacking is to improve the security of the system by finding and fixing vulnerabilities Ethical hacking involves an authorized attempt to gain unauthorized access to a computer system, application, or data. Carrying out an ethical hack involves duplicating strategies and actions of malicious attackers. Ethical hacking should always be done with the intention of improving the security of the system or network being tested. It should never be done with malicious intent or with the goal of causing harm or damage to the target.
  9. System Hacking Technique System hacking is the process of exploiting vulnerabilities in computer systems to gain unauthorized access or control over them. It is a malicious activity that is often carried out by cybercriminals or hackers with the intention of stealing sensitive data, spreading malware, or causing damage to the system. To prevent system hacking, it is important to follow best practices for computer and network security. This includes regularly updating software and operating systems with the latest security patches, using strong and unique passwords, implementing multi-factor authentication, and limiting access to sensitive data.
  10.  Password cracking -: Hackers use various methods to crack passwords, such as brute- force attacks, dictionary attacks, and social engineering attacks to guess or steal passwords.  Network scanning -: This technique involves scanning a network to identify potential vulnerabilities that can be exploited, such as open ports or outdated software.  Exploiting software vulnerabilities-: Hackers can exploit known or unknown vulnerabilities in software to gain unauthorized access or control of a system.  Backdoor entry-: Hackers can create backdoors, such as hidden accounts or software vulnerabilities, to gain unauthorized access to a system.  Man-in-the-middle (MitM) attacks-: Hackers can intercept and modify communication between two parties, such as a user and a server, to steal information or carry out malicious activities.
  11. DDoS hacking DDoS, or Distributed Denial of Service, hacking is a type of cyber attack in which multiple compromised computer systems are used to target a single system or network with a flood of traffic or requests, overwhelming the targeted system and rendering it unusable. DDoS attacks can be carried out using a variety of methods, including botnets, amplification attacks, and application-layer attacks. Botnets are networks of computers infected with malware that can be controlled remotely by a hacker, while amplification attacks use third-party servers to amplify traffic directed towards the target. DDoS attacks can be financially motivated, politically motivated, or simply carried out as a form of malicious vandalism. They can cause serious damage to businesses and organizations, resulting in downtime, lost revenue, and damage to reputation.
  12. DNS spoofing DNS spoofing, also known as DNS cache poisoning, is a type of cyber attack in which a hacker sends false information to a Domain Name System (DNS) resolver, redirecting users to a fraudulent website instead of the intended website. DNS spoofing is often carried out by manipulating DNS caches or exploiting vulnerabilities in DNS software. Once a DNS resolver has been compromised, it can return false information to users who request the IP address of a particular website. It is also important to keep DNS software and systems up to date with the latest security patches to prevent known vulnerabilities from being exploited.
  13. Phishing Phishing is a technique used by hackers to obtain sensitive information such as login credentials, credit card details, etc. Hackers send fake emails or messages that appear to be from a legitimate source, asking the recipient to provide their personal information Phishing is one of the most common techniques used by black-hat hackers to gain access to a system or network
  14. Hacktivism Online version of activist. To raise voice for a political or social cause. Hacktivism is a type of hacking where the hacker has a political or social agenda. Hacktivists usually target government or corporate websites to protest against their actions or policies. The goal of hacktivism is to create awareness about a particular issue or to cause disruption to the target's operations. Ex – Anonymous group .
  15. SQL injection hacking SQL injection is a type of cyber attack that targets databases and web applications that use SQL (Structured Query Language) to interact with the database. SQL injection attacks can be used to steal sensitive data, modify or delete data, and gain unauthorized access to applications or systems. Attackers can use SQL injection to bypass authentication measures and gain administrative access to web applications. The attacker injects malicious SQL statements into the application's input fields, allowing them to execute unauthorized commands on the database. SQL injection attacks can be carried out using a variety of techniques, including manipulating input fields, modifying URL parameters, and exploiting vulnerabilities in web application code.
  16. Social engineering The remit of a social engineering attack is to get someone to do something that benefits a cybercriminal. For example, trick a person into revealing financial details that are then used to carry out fraud. Social engineering is the tactic of manipulating, influencing, or deceiving a victim in order to gain control over a computer system, or to steal personal and financial information. It uses psychological manipulation to trick users into making security mistakes or giving away sensitive information.
  17. Ransomware Ransomware is a type of malware that encrypts files and demands payment in exchange for the decryption key. Common types of ransomware include file-encrypting, lockscreen, and MBR ransomware. Ransomware can spread through phishing emails, malicious downloads, and software vulnerabilities. Ransomware attacks can have severe consequences, including financial loss and reputational damage. Example - One example of a Ransomware attack is the Wanna Cry Ransomware attack that occurred in May 2017. It affected more than 200,000 computers across 150 countries, including healthcare systems, government agencies, and businesses.
  18. Cross-site-scripting(xss) Definition of XSS: Begin by defining what cross-site scripting is and it is a type of web application vulnerability that allows attackers to inject malicious code into a website and potentially compromise the data of users who visit the site.
  19. Thank You
Anúncio