Scribd
Upload
32 views9 pages

Pragga Saha. Ca2

Uploaded by

anaysaha042004
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
32 views9 pages

Pragga Saha. Ca2

Uploaded by

anaysaha042004
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 9

INTRODUCTION TO ETHICAL HACKING

NAME: PRAGGA SAHA


COURSE: BBA
SEC: 3A
ROLL NO.: 28941923127
SUBJECT NAME: BASIC
UNDERSTANDING OF
CYBERSECURITY
SUBJECT CODE: SEC381
INTRODUCTION TO ETHICAL HACKING

INTRODUCTION TO ETHICAL HACKING

WHAT IS HACKING?
"Hacking" is the illegal process of gaining access/breaking into a computer
system or network without the owner's permission for personal gain.

ETHICAL HACKING
 We can define Ethical hacking as breaking into a computer
system/network with the permission of the system/network owner with
the sole purpose of identifying weaknesses that might be exploited or
used for malicious intentions.
 The main goal of ethical hacking is to identify potential security threats
and fix them before they can be used for malicious acts. Ethical hacking
also involves "penetration testing" or "pen testing". People who practice
it are known as Ethical Hackers or White hat hackers

ROLE OF ETHICAL HACKERS


 Vulnerability Assessment: Conducting comprehensive assessments of
computer systems, networks, and applications to identify security
vulnerabilities and weaknesses. This involves using various scanning
tools, techniques, and methodologies to identify potential entry points
and vulnerabilities that could be exploited by malicious actors.
INTRODUCTION TO ETHICAL HACKING

 Penetration Testing: Performing controlled and authorized hacking


attempts on systems and networks to simulate real-world attacks.
Ethical hackers attempt to exploit identified vulnerabilities and gain
unauthorized access to assess the security controls in place. This process
helps organizations understand their security gaps and prioritize
remediation efforts.

 Security Auditing: Conducting thorough security audits of systems,


networks, and applications to ensure compliance with industry
standards, best practices, and regulatory requirements. Ethical hackers
review security policies, configurations, access controls, and other
security measures to identify areas of improvement and recommend
security enhancements.

 Reporting and Documentation: Documenting and reporting the findings,


vulnerabilities, and recommendations discovered during the testing
process. Ethical hackers provide detailed reports outlining the
vulnerabilities exploited, potential risks, and suggested mitigation
strategies to assist organizations in improving their security posture.

 Security Awareness and Training: Collaborating with organizations to


educate and raise awareness among employees about the importance of
cybersecurity, common attack vectors, and best practices for secure
computing. Ethical hackers may conduct training sessions, workshops, or
awareness programs to promote a security-conscious culture within the
organization.

 Continuous Learning and Research: Staying updated with the latest


hacking techniques, emerging vulnerabilities, and security trends
through continuous learning and research. Ethical hackers invest time in
staying current with new attack vectors, tools, and technologies to
better understand and counter potential threats.
INTRODUCTION TO ETHICAL HACKING

 Collaboration and Consultation: Working closely with other


cybersecurity professionals, such as network administrators, system
administrators, and software developers, to address vulnerabilities and
recommend security controls. Ethical hackers often provide expert
advice, consultation, and guidance to organizations to enhance their
overall security posture.

COMMON TOOLS AND TECHNIQUES


TOOLS:
1. Nmap: A network scanning tool that discovers hosts and services on a
network, helping to map the network structure.
2. Wireshark: A network protocol analyzer that captures and inspects data
packets in real time to identify potential issues and intrusions.
3. Nessus: A vulnerability scanner that detects known vulnerabilities in systems
and applications, providing detailed reports and recommendations.
4. OpenVAS: An open-source vulnerability assessment tool that performs
comprehensive scanning and reporting on network security.
5. Metasploit: A framework for developing and executing exploit code against
target systems to test for vulnerabilities
INTRODUCTION TO ETHICAL HACKING

6. BeEF: The Browser Exploitation Framework, which focuses on exploiting web


browser vulnerabilities to gain access and control.
7. John the Ripper: A password cracking tool that tests the strength of
passwords by attempting to crack them using various methods.
8. Hashcat: An advanced password recovery tool that uses GPU acceleration to
crack hashed passwords quickly.
9. Social-Engineer Toolkit (SET): A suite of tools that automates social
engineering attacks like phishing to test human vulnerabilities.
10. Maltego: A data mining tool used for gathering and analyzing information
about targets to aid in social engineering and other attacks

TECHNIQUES:
• Reconnaissance: The process of gathering information about a target
using passive methods like WHOIS lookups and active methods like
pinging to build a profile.
• Scanning: Identifying open ports, services, and vulnerabilities through
tools and techniques like port scanning and network mapping.
• Gaining Access: Exploiting identified vulnerabilities and using brute
force attacks to gain unauthorized entry into systems.
• Maintaining Access: Ensuring continued access to a compromised
system by installing backdoors and rootkits that allow persistent control.
• Covering Tracks: Erasing evidence of hacking activities by deleting logs
and using tunneling techniques to avoid detection and maintain
anonymity.
INTRODUCTION TO ETHICAL HACKING

CONCLUSION
As tech continues to evolve so do the cyber threats. This means that
organizations must invest in cybersecurity strategies to help prevent any form
of exploitation. After all, prevention is better than cure. Taking early measures
might come in handy along the way, saving you more than you can imagine.
Given the importance of ethical hacking in ensuring security, we should all take
it very seriously. This involves using secure networks and encrypted networks,
enabling advanced layers of protection like 2FA and MFA, investing in qualified
security personnel, and constantly creating awareness amongst employees and
communities at large
INTRODUCTION TO ETHICAL HACKING
INTRODUCTION TO ETHICAL HACKING
INTRODUCTION TO ETHICAL HACKING

You might also like