Introduction to

ETHICAL HACKINGBy: Vishal Kumar (CEH | CHFI | CISE | MCP)

1. What is Hacking.2. What is ETHICAL HACKING.3. Types of HACKER.4. Difference between ETHICAL

HACKER and CRACKER.5. What is Security Testing and

Penetration Testing.6. Phases of Hacking.7. Importance and requirements of

ETHICAL HACKER.

Contents:

Hacking is the art of modifying the features of a system or Application, in order to accomplish a goal.

hacking is any technical effort to manipulate the normal behavior of System or any Software and Network connection.

What is the GOALS…???

1. WHAT IS HACKING

A authorized practice of HACKING in order to evaluating the target systems for finding the weaknesses and vulnerabilities and reporting back to the owner or the concern person.

Performing HACKING with the permission of the owner or any superior.

Neither damage the target systems nor steal information.

2. What is ETHICAL HACKING:

1. Black Hat Hackers

2. White Hat Hackers

3. Grey Hat Hackers

4. Script kiddies

3. Types of HACKER

Black Hat hackers are specially known for the doing illegal or unauthorized work. They hack for their personal means like Money, Revenge, Fame etc. They hack into to Bank Websites , credit card websites and stole Money from accounts in bank websites.

Basically they use their knowledge for illegal purposes.

Consider as a computer criminals

3.1 Black Hat Hackers

White hat hackers also called Ethical Hackers . They use their skills for good purposes.

They work for organizations for stop the illegal activities through black hat hackers.

3.2 White Hat Hackers

Grey Hat hackers have both qualities like black hat hackers and white hat hackers .

They use their knowledge for bad purposes and good purposes too.

3.3 Grey Hat Hackers

Script kiddies hacks into computer or websites using the tools available on the internet.

They don’t have knowledge of programming.

They don’t know about the good and bad.

3.4 Script kiddies

Ethical Hacker Employed by companies to perform penetration tests Hack for good.

Crackers Access computer system or network without

authorization Break into systems to steal or destroy data

4. Difference between ETHICAL HACKER and CRACKER

Security Testing:◦ Checking the security mechanism finding the

security flaw’s. In other words it is call Vulnerability Assessment.

Penetration Testing:◦ Penetration testing actually refers as the

exploiting the weaknesses or the vulnerability in order to gain access into the network or the systems.

5. Security Testing and Penetration Testing

Information Gathering.

◦ Footprinting and Reconnaissance.

◦ Scanning.

Gaining Access.

Maintaining Access.

Installing Backdoors.

Covering Tracks.

6. Hacking Phases

Information gathering is collecting the information about the target. It is the most important and time consuming phase of hacking.

The more information you collect, the more easy you can hack the target.

6.1 Information Gathering.

There are vast range of tools are available for information gathering including online application and installer Software.

Some popular tools are:◦ Nslookup◦ Samspade◦ Who.is◦ Robots.txt◦ The Harvester◦ Maltego◦ And Many more…

Tool for Information Gathering

Footprinting also called Reconnaissance is the second step of Hacking. This is the technique used to pursue that target and keep watching the target.

This the method of finding the loopholes or any mistake done by the target which can be used for the exploitation.

Tools are used:◦ Online tools are available.

6.1.1 Footprinting and Reconnaissance.

After footprinting and reconnaissance, scanning is the third phase of information gathering that hackers use to size up a network. Scanning is where they dive deeper into the system to look for valuable data and services in a specific IP address range.

Types of Scanning.◦ Active Scanning◦ Passive Scanning

6.1.2 Scanning.

Active scanning is actually intercepting or interacting with the target.

In active scanning the attacker send the specially crafted request packets to the target system and then observe the response.

It is the method of directly attacking on the target.

The accuracy of result of active scanning is more reliable.

6.1.2.1 Active Scanning.

There are many tools available for the active scanning, some are:

◦ Nmap (ZenMap)◦ Netcat◦ Super Scan

Tools of Active Scanning.

Passive scanning is the indirect method of scanning. It is less sensitive and uninterrupted way of gathering information.

In passive scanning we just keep sitting in the background and watching the behavior, network traffic flow etc.

The accuracy of the result is not much more reliable

6.1.2.2 Passive Scanning.

Passive scanning can be done by the software tools and also available online tools.

Some tools are:◦ Wireshark◦ Pingsweep◦ Traceroute◦ www.Ping.eu◦ etc

Tools of Passive Scanning.

Gaining Access also called “Hacking into the system” is the third steps of hacking and also the main part of hacking.

It is the process exploiting the loopholes and vulnerabilities in order to breaking the system.

6.2 Gaining Access.

Once and attacker Gaines access into the target system, he can choose to use both the system and the resources as a launched pad to scan and exploit other system.

6.3 Maintaining Access.

Hackers are extraordinary clever. They hack into a system and adopt it for long time access of the resources.

To accomplish their goal they install the backdoors (different types of computer viruses) for easiest assess in the future.

6.4 Installing Backdoors.

Covering tracks is the final stage of hacking process – its goal is to erase evidence and digital signs which can be used for tracking the attacker.

The digital sign includes the log files of network and system, IP address, MAC address, geo location, browser details etc.

6.5 Covering Tracks.

Ethical hacking is an emerging tools used by most of the organizations for testing network security. The security risks and vulnerabilities in a network can be recognized with the help of ethical hacking.

Information is the important source for any organizations while executing business operations and it should be confidential and secure.

7. Importance and requirements of ETHICAL HACKER.

For more videos on Hacking Please Subscribe this channel.

For any query and suggestion please contact us on:

theprohackers2017@gmail.com