Ethical Hacking

Today, computer and network security against cyber threats of increasing

sophistication is more important than it has ever been. Such an endeavor cannot
be accomplished without ethical hacking. Ethical hacking means that authorized
individuals work at exposing a security vulnerability and ultimately eliminate it
before a malefactor can exploit it.
Malicious hacking is an endeavor to exploit vulnerabilities for personal benefits,
while ethical hacking involves authorized individuals exposing and eliminating
the security frailties before they might be exploited by malicious hands. Thus,
ethical hackers, also known as white-hat hackers, carry out controlled and
systematic testing of systems, applications, and networks to identify possible
vulnerabilities.

thical hacking involves the probing and testing of computer systems, networks,
and applications purposely to identify and make amends on security
vulnerabilities, an ethical hacker alias white-hat or pen tester, is mandated with
similar goals to enhance security within an organization. The proactive approach
of ethical hacking ensures the strength of organizational defenses
against cyberattacks, protection of sensitive information, and compliance with
security standards and regulations, this understanding and subsequent simulation
of techniques used by cybercriminals make ethical hackers pivotal in maintaining
a good state of cybersecurity and the protection of digital assets.

Ethical Hacking Scope

Ethical hacking has a broad scope, encompassing various roles and industries. It
involves using hacking techniques legally with permission to identify
vulnerabilities and improve security, ultimately preventing cyberattacks. Ethical
hackers can work as penetration testers, security analysts, security engineers, and
consultants in sectors like finance, e-commerce, and government, among
others. The demand for ethical hackers is increasing globally due to the rise of
cyber threats.

What is a Threat?
A threat is a possible security violation that might exploit the vulnerability of a
system or asset. The origin of the threat may be accidental, environmental
(natural disaster), human negligence, or human failure. Different types of security
threats are interruption, interception, fabrication, and modification.
Types of Threats
 Unstructured Threats: Unstructured threats are typically executed by
inexperienced individuals using easily accessible hacking tools like shell
scripts and password crackers. If executed solely to test a hacker’s skills, they
can cause significant damage to a company.
 Structured Threat: A structured threat involves an organized attempt to
breach a specific network or organization. These threats come from highly
motivated and technically proficient hackers.
 External Threats: External threats might come from individuals or
organizations working outside the company. They have unauthorized access to
the computer systems and network. They typically enter a network via the
Internet or dial-up access servers.
 Internal Threat: Internal dangers occur due to authorized network access,
whether through a server account or physical access.

Emerging Attack Vectors in Cyber Security

Attack vectors are the specific paths or methods that cyber attackers use to gain
unauthorized access to a system, network, or application. These vectors serve as
entry points for attacks, allowing malicious actors to exploit vulnerabilities.
Every ethical hacker has their unique attack vector to check the security of the
target application, this application may be a web application or an android
application. They take advantage of weaknesses or flaws in the system to steal
information, cause damage, or gain control.

Some Common Attack Vectors in Cybersecurity

 Phishing : It is a type of cyber attack in which user or victim is duped to click

on harmful sites which are crafted in a way to feel authentic site. The most
common mode of phishing is by sending spam emails that appear to be
authentic and thus, taking away all credentials from the victim.

 Malware : Malware is short for malicious software and refers to any software
that is designed to cause harm to computer systems, networks,
or users. Malware are designed to gain access to computer systems, generally for
the benefit of some third party, without the user’s permission.
 MITM : In Man-in-the-Middle (MitM) attacks there is an unwanted proxy in
the network intercepting and modifying the requests/responses. This proxy is
called a Man in the middle.

 Denial of Service: Denial-of-Service (DoS) is a cyber-attack on an individual

Computer or Website with the intent to disrupt an organization’s network
operations by denying access to its users. It is done by flooding the targeted
machine or resource with surplus requests in an attempt to overload systems
and prevent some or all legitimate requests from being fulfilled.

 Insider Attacks: Insider Threats or Insider Attack are caused by insiders like
former employees, business partners, contractors, or security admins having
access to the confidential information previously.

 Ransomware: Ransomware is a form of malicious software that prevents

computer users from accessing their data by encrypting it.

 SQL Injection: SQL injection is a code injection technique attackers use to

gain unauthorized access to a database by injecting malicious SQL commands
into web page inputs.

Information Assurance

Information Assurance concerns implementation of methods that focused on

protecting and safeguarding critical information and relevant information systems
by assuring confidentiality, integrity, availability, and non-repudiation. It is
strategic approach focused which focuses more on deployment of policies rather
than building infrastructures.

Information Assurance concerns implementation of methods that focused on

protecting and safeguarding critical information and relevant information systems
by assuring confidentiality, integrity, availability, and non-repudiation. It is
strategic approach focused which focuses more on deployment of policies rather
than building infrastructures.

Threat Modelling
With the advancement in technology, it becomes easier day by day for hackers to
gain access to sensitive data, disable applications, etc. Thus, Application Security
has become a major concern. One method used to implement application security
in the design process is through THREAT MODELLING.
Threats can be anything that can take advantage of a vulnerability to breach
security and negatively alter, erase, or harm objects or objects of interest. Threat
Modelling can be done at any stage of development but if done at the beginning it
will help in the early determination of threats that can be dealt with properly.

Purpose of Threat Modeling

The purpose of Threat modeling is to identify, communicate, and understand

threats and mitigation to the organization’s stakeholders as early as possible.
Documentation from this process provides system analysts and defenders with a
complete analysis of probable attackers’ profiles, the most likely attack vectors,
and the assets most desired by the attacker.

Enterprise Information Security Architecture

Enterprise Security Architecture (ESA) is a comprehensive framework for

ensuring the security of an organization's IT infrastructure. It integrates security
principles into the overall enterprise architecture to protect data, systems, and
networks from threats and vulnerabilities. ESA aligns with business objectives,
ensuring that security measures support and enhance organizational goals.

Enterprise Security Architecture aims to:

1. Identify Risks: Assess and understand potential threats and vulnerabilities

that could affect the organization's assets and operations.

2. Define Security Controls: Establish policies, procedures, and technologies to

protect against identified risks and maintain compliance with security
standards.
3. Implement Security Solutions: Deploy appropriate security measures such
as firewalls, encryption, access controls, and monitoring systems to safeguard
data and systems.

4. Monitor and Respond: Continuously monitor for security incidents, detect

breaches or anomalies, and respond swiftly to mitigate impacts and prevent
future occurrences.
Vulnerability Assessment

A vulnerability assessment is a procedure that is employed in an information

system to determine and rate potential risks. It seeks to identify vulnerabilities
that can be leveraged by an attacker to compromise the system and to employ
tools and techniques that ensure that data confidentiality, integrity, and
availability are achieved. This systematic review assists organizations in
identifying security issues like cross-site scripting (XSS) and SQL
injection before they can be leveraged.

Importance of Vulnerability Assessments

Vulnerability assessments are very important in the protection of information

systems and data. They help by:

 Preventing Data Breaches: Directing single and exclusive attention to every

risk in line with time and noticing the recurrent threats so as to treat them
before they bring about expensive security invasions.

 Ensuring Regulatory Compliance: Conformity to the laws and evasion of

the law.

 Managing Risks: Risk priority and risk control to improve the general
shareholder’s risk evaluation.

 Enhancing Security Posture: Periodic evaluations enhance security by

making provisions of security to cater for emerging threats.
 Cost-Effective Security: This solution lowers the expensive costs associated
with security incidents that occur when the vulnerabilities are not tended to as
soon as they are identified.

Penetration Testing

Penetration testing, or pen testing, is like a practice cyber attack conducted on

your computer systems to find and fix any weak spots before real attackers can
exploit them. It focuses on web application security, where testers try to
 breach parts like APIs and servers to uncover vulnerabilities such as code
injection risks from unfiltered inputs. The results help adjust web application
firewall (WAF) settings and fix any weaknesses found to boost overall
security.

Advantages of the Penetration test

 The penetration test can be done to find the vulnerability which may serve as a
weakness for the system.
 It is also done to identify the risks from the vulnerabilities.
 It can help determine the impact of an attack and the likelihood of it
happening.
 It can help assess the effectiveness of security controls.
 It can help prioritize remediation efforts.
 It can ensure that the system is secure.
 It can be used to test the security of any system, no matter how large or small.
 It can be used to find vulnerabilities in systems that have not yet been
exploited.
 It can be used to assess the effectiveness of security controls in place.
 It can be used to educate employees about security risks.

Disadvantages of the Penetration test

 The penetration test which is not done properly can expose data that might be
sensitive and more.
 The penetration tester has to be trusted, otherwise, the security measures taken
can backfire.
 It is difficult to find a qualified penetration tester.
 Penetration testing is expensive.
 It can be disruptive to business operations.
 It may not identify all security vulnerabilities.
 It may give false positives (incorrectly identifying a vulnerability).
 It may give false negatives (failing to identify a vulnerability).
 It may require specialized skills and knowledge.
 The results may be difficult to interpret.
 After the penetration test is completed, the system is vulnerable to attack.
Attack vector