ETHICAL

HACKING

BY NIPUN JAIN
ROLLNUMBER->2018058
QUOTE OF ETHICAL HACKING
“You are a human being before any
label, handicap, disease or disorder. You
are entitled to dignity. This is the human
race’s one religion that unites us, yet it
is our hatred and lack of tolerance that
distorts our faith to a place of
justification. This justification will always
be in the oppressor’s benefit.”
 CONTENTS
What is Ethical Hacking?
Why do hackers hack ?
Types of Ethical Hacking
Hacking Process
How can we protect from hacking?
Advantages & Disadvantages
Conclusion
 What is Ethical
Hacking?
An ethical hacker is an information security expert who
systematically attempts to penetrate a computer system,
network, application or other computing resource on behalf of
its owners and with their permission to find security
vulnerabilities that a malicious hacker could potentially
exploit.
The purpose of ethical hacking is to evaluate the security of
identify vulnerabilities in systems, networks or system
infrastructure. It includes finding and attempting to exploit any
vulnerabilities to determine whether unauthorized access or other
malicious activities are possible.
 Why do people hack?

To make security stronger (Ethical Hacking).

Just for fun.

Show Off.

Hack other systems secretly and Steal information.

 Types of Ethical
Hacking
Black Hat Hacker

White Hat Hacker

Gray Hat Hacker(Black Hat + White Hat)

 BLACK HAT HACKER

A black hat hackers are individuals with

extraordinary computing skills, resorting to
malicious or destructive activites.

That is black hat hackers use their knowledge

and skill for their own personal gains probaby by
hurting others.
 WHITE HAT HACKER

White Hat Hackers are those individuals

professing hacker skills and using them for
defensive purposes.

This means that the white hat hackers use their

knowledge and skill for the good of others and
for the common good.
 GRAY HAT HACKER

These are individuals who work both offensively

and defensively at various times.
We cannot predict their behaviour.
Sometimes they use their skills for the common
good while in some other times he uses them for
their personal gains.
HACKING
PROCESS
 Reconnaissance -> Reconnaissance is the phase where the attacker gathers
information about a target using active or passive means. The tools that are widely
used in this process are NMAP, Hping, Maltego, and Google Dorks.
 Scanning -> In this process, the attacker begins to actively probe a target machine or
network for vulnerabilities that can be exploited. The tools used in this process are
Nessus, Nexpose, and NMAP.
 Gaining Access -> In this process, the vulnerability is located and you attempt to
exploit it in order to enter into the system. The primary tool that is used in this
process is Metasploit.
 Maintaining Process -> It is the process where the hacker has already gained access
into a system. After gaining access, the hacker installs some backdoors in order to
enter into the system when he needs access in this owned system in future.
Metasploit is the preferred tool in this process.
 Clearing Tracks -> This process is actually an unethical activity. It has to do with the
deletion of logs of all the activities that take place during the hacking process.
 Reporting -> Reporting is the last step of finishing the ethical hacking process. Here
the Ethical Hacker compiles a report with his findings and the job that was done such
as the tools used, the success rate, vulnerabilities found, and the exploit processes.
 HOW CAN WE PROTECT FROM
HACKING?
 Use Strong Passwords -> One of the concerns that people often have when it comes to creating complex
passwords is a fear of forgetting them, particularly when there are several to remember. Naturally, a
person should try to think of something that will be easy for them to memorize. One way to do that is to
turn a sentence or phrase into something that is not easily recognized by others. To do this, use the first
letter of every word in the sentence, replacing certain words with numbers or symbols..

 Never click links or open attachments in emails -> Emails are typically used either in phishing schemes or as
delivery devices for malware. For this reason, you should be incredibly wary of any email messages that
seem fishy or suspicious. If you don’t recognize the originating email address, feel that the message is off
in some way, or generally don’t trust the email, err on the side of caution. Don’t click on any links, open
attachments, or respond in any way. Many email providers, like Google, make it easy to spam.

 Install Anti -Virus Software -> Anti-virus software represents another line of defense against malware
and cyberattacks. Reputable anti-virus programs include AVG, Kaspersky*, McAfee, etc . Best of all, many
of these programs are available free of charge, which means you can protect yourself without having to
break the bank. Though an anti-virus software alone may not completely protect you against cyberattacks,
they go a long way towards mitigating your risk and making your personal information more secure.
 ADVANTAGES & DISADVANTAGES
OF ETHICAL HACKING
To provide security to banking and financial establishments.
To prevent website defacements.
To catch a thief you have to think like a thief.
An evolving techniques.
All depends upon the trustworthiness of the ethical hacker.
Hiring professionals is expensive.
More enhanced software’s should be used for optimum
protection.
 T
I nS
D
E pu
R
C Ni
BY n
J ai