Professional Documents
Culture Documents
1. Type of hackers
2. Ethical Hacking
3. Role of ethical hackers
4. Process of hacking
4.1 Virtualization
4.2 Footprinting
4.3 Scanning
4.4 System hacking
4.5 Steganography
4.6 Cryptography
4.7 Virus/Trojan
4.8 Social Engineering
4.9 Wifi Hacking
4.10Mobile Hacking
4.11SQL injection
1. Type Of Hackers
Ethical hacking as the term denotes is used for ethical, legal or good
reasons. Ethical Hackers work similarly to any other black hat hacker
or cracker but their aim is to provide complete security to any system
to prevent other black hat hackers. They find out the loopholes in
any operating systems and apply complete security to it so that other
hackers would not able to attack the system. Black hat hackers are
actually the cyber criminals and ethical hackers are the cyber police.
Both had weapons with them but one is using it protect others and
other one is using it for damage others. Ethical Hackers do have
sound knowledge as what measures that a black hat hacker can take
to damage the systems, therefore they applied the security to the
system accordingly and thus make the system of any organization
completely safe and secure.
3. Role of Ethical Hackers
•There can lots of roles and responsibilities for an ethical hacker, but
to summarize their roles and responsibilities a White hat hacker can
do the following for an organization
•They can find out the vulnerabilities and loopholes in any IT system.
•Ethical Hackers can also suggest the list of steps that should be
taken to prevent the risk on a system and can also provide the
system complete security.
VIRTUALIZATION
FOOTPRINTING
SCANNING
SYSTEM HACKING
STEGANOGRAPHY
CRYPTOGRAPHY
VIRUS / TROJAN
SOCIAL ENGINEERING
WiFi HACKING
MOBILE HACKING
SQL INJECTION
4.1 Virtualization
Features overview
Here’s a brief outline of Virtual Box’s main features:
Identify Vulnerabilities
It allows attacker to identify Vulnerabilities in the target system in
order to select appropriate exploits.
Objectives Of Footprinting
1. Domain Name
2. Internal Domain Name
3. Network Blocks
4. IP Address Of The reachable System
5. Rough website / Private Website
6. TCP & UDP services Running
7. Access Control Mechanisms and ACL’s
8. Networking Protocols
9. VPN Points
10. IDSes Running Analog/Digital Telephone number
11. Authentication Mechanisms
12. System enumeration
Port scanner
Port scanner is an application designed to probe a server or host for
open ports. This is often used by administrators to verify security
policies of their networks and by attackers to identify services
running on a host and exploit vulnerabilities.
Network scanner
Network scanning is a procedure for identifying active hosts on a
network; Scanning procedures, such as ping sweeps and port scan s,
return information about which IP addresses map to live hosts that
are active on the Internet and what services they offer.
Vulnerability Scanning
The automated process of proactively identifying vulnerabilities of
computing systems in a network in order to determine if and where
a system can be exploited or threatened; Vulnerability scanning
typically refers to the scanning of systems that are connected to the
Internet.
Password Hacking:
OFFLINE ATTACK
Offline password attacks are performed from a location other than
the actual computer where the password reside or were used.
Offline attacks requires physical access to the computer which stores
password file, the attacker copies the password file and then tries to
break passwords in his own system. Offline attacks include,
dictionary attacks, hybrid attacks, brute force attack, precomputed
hash attacks, syllable attacks, rule based attacks and rainbow attacks.
TYPES OF STEGANOGRAPHY
1. Text Steganography
2. Image Audio Steganography
3. Video Steganography
4.6 Cryptography
Techniques used for deciphering a message without any knowledge
of enciphering details.
Phishing
Phishing is the attempt to obtain sensitive information such as
usernames, passwords, and credit card details (and sometimes,
indirectly, money), often for malicious reasons, by masquerading as a
trustworthy entity in an electronic communication.