CYBER SECURITY

AND ETHICAL HACKING USING PYTHON

NAME :: DAIPAYAN DAS

DEPARTMENT :: BCA

COLLEGE :: Calcutta Institute of Engineering

and Management
ARDENT WHATSAPP GROUP NO.:: HACKING B14

PROJECT :: Hack Facebook using

SEToolKit
(Phishing attack)
 CONTENTS
1. What is Hacking.

2. TYPES OF HACKERS

3. What is a Cyber Attack

4. Types of Cyber Attack

5. How to Hack Facebook using SEToolKit

(Phishing attack)
1. What is Hacking ::
A commonly used hacking definition is the act of compromising digital devices
and networks through unauthorized access to an account or computer system.
Hacking is not always a malicious act, but it is most commonly associated with
illegal activity and data theft by cyber criminals.

2. TYPES OF HACKERS ::
1. Black Hat: Criminal Hackers : A black hat hacker is a
cybercriminal who breaks into computer systems with malicious or
criminal intent. Black hat hackers are probably what you think of
when you picture a typical hacker or cybercriminal. Their advanced
technical knowledge and ability to navigate the cybersecurity
landscape is what makes them so skilled in carrying out their
attacks. They go out of their way to find vulnerabilities in computer
systems and software, which they exploit for financial gain or other
malicious purposes.
Motives: To profit from data breaches.

2. White Hat: Authorized Hackers : Similar to black hat

hackers, white hat hackers are cybersecurity experts who use their
skills to find vulnerabilities in organizational networks and
computer systems. The key difference between them, however, is
that white hat hackers are authorized to hack these systems for the
purpose of spotting security vulnerabilities before a criminal hacker
can.
Motives: Help businesses prevent cybersecurity
attacks

3. Grey Hat: “Just for Fun” Hackers:

A grey hat hacker is a cybersecurity expert who finds ways to
hack into computer networks and systems, but without the
malicious intent of a black hat hacker.

Motives: Personal enjoyment

4. Script Kiddies: Ametuer Hackers :

Script kiddies are amateur hackers that don’t possess the
same level of skill or expertise as more advanced hackers in the
field. To make up for this, they turn to existing malware created by
other hackers to carry out their attacks.

Motives: To cause disruption

5. Green Hat: Hackers-in-Training :

A green hat hacker is someone who is new to the hacking
world but is intently focused on increasing their cyberattack skills.
They primarily focus on gaining knowledge on how to perform
cyberattacks on the same level as their black hat counterparts.
Their main intent is to eventually evolve into a full-fledged hacker,
so they spend their time looking for learning opportunities from
more experienced hackers.

Motives:To learn how to become an experienced hacker.

6. Blue Hat: Authorized Software Hackers :

Blue hat hackers are hired by organizations to bug-test a new
software or system network before it’s released. Their role is to find
loopholes or security vulnerabilities in the new software and
remedy them before it launches.

Motives: To identify vulnerabilities in new

organizational software before it’s released.

7. Red Hat: Government-Hired Hackers :

Red hat hackers are hired by government agencies to spot
vulnerabilities in security systems, with a specific focus on finding
and disarming black hat hackers. They’re known to be particularly
ruthless in their hunt for black hat criminals, and typically use any
means possible to take them down.

Motives: To find and destroy black hat hackers

8. State/Nation Sponsored Hackers: International Threat

Prevention :
State/nation sponsored hackers are appointed by a country’s
government to gain access to another nation’s computer systems.
Their cybersecurity skills are used to retrieve confidential
information from other countries in preparation for a potential
upcoming threat or attack, as well as to keep a pulse on sensitive
situations that could pose a threat in the future. These types of
hackers are hired solely by government agencies.

Motives: To monitor and prevent international threats

9. Malicious Insider: Whistleblower Hackers :

Malicious insider hackers are individuals who employ a
cyberattack from within the organization they work for. Also known
as whistleblowers, their motivation for attack can vary from acting
on a personal grudge they have against someone they work for to
finding and exposing illegal activity within the organization.

Motives: To expose or exploit an organization’s

confidential information

10. Hacktivists: Politically Motivated Hackers

A hacktivist is someone who hacks into government networks
and systems to draw attention to a political or social cause—hence
why the name “hacktivist” is a play on the word “activist.” They use
hacking as a form of protest, retrieving sensitive government
information, which is used for political or social purposes.

Motives: To shed light on an alarming social or political

cause (or to make a political or ideological statement)

11. Elite Hackers: The Most Advanced Hackers

Elite hackers are the cream of the crop in the world of
cybercriminals, and are considered to be the highest skilled
hackers in their field. They’re often the first ones to discover
cutting-edge attack methods, and are known to be the experts and
innovators in the hacking world.

Motives: To perform advanced cyberattacks on

organizations and individuals

12. Cryptojackers: Cryptocurrency Mining Hackers:

Cryptojackers are known to exploit network vulnerabilities
and steal computer resources as a way to mine for
cryptocurrencies. They spread malware in a variety of ways, often
by planting infectious viruses across the web.
 Motives: Cryptocurrency mining

13. Gaming Hackers :

A gaming hacker is someone who focuses their hacking efforts
on competitors in the gaming world. With the gaming industry
booming, it’s no surprise that its own specialized category of
gaming hackers have emerged as a result. Professional gamers
might spend thousands of dollars on high-performance hardware
and gaming credits, and hackers typically carry out their attacks in
an attempt to steal competitor’s credit caches or cause distributed
denial-of-service (DDoS) attacks to take them out of the game.

Motives: To compromise gaming competitors.

14. Botnets: Large-Scale Hackers

Botnet hackers are malware coders who create bots to
perform high-volume attacks across as many devices as possible,
typically targeting routers, cameras and other Internet of Things
(IoT) devices. The bots operate by looking for unsecured devices (or
devices who still have their default login credentials intact) to plant
themselves in. Botnets can be used directly by the hacker who
created them, but they’re also frequently available for purchase on
the dark web for other hackers to take advantage of.

Motives: To compromise a high volume of network

systems

3. What is a Cyber Attack ::

A cyber attack is a set of actions performed by threat actors, who try to
gain unauthorized access, steal data or cause damage to computers,
computer networks, or other computing systems. A cyber attack can be
launched from any location.

4. Types of Cyber Attack ::

1. Malware attack:
This is one of the most common types of cyberattacks. “Malware” refers to malicious
software viruses including worms, spyware, ransomware, adware, and trojans. The
trojan virus disguises itself as legitimate software. Ransomware blocks access to the
network's key components, whereas Spyware is software that steals all your
confidential data without your knowledge. Adware is software that displays
advertising content such as banners on a user's screen.

2. Phishing Attack : Phishing attacks are one of the most prominent

widespread types of cyberattacks. It is a type of social engineering attack wherein
an attacker impersonates to be a trusted contact and sends the victim fake mails.

3. Password Attack :It is a form of attack wherein a hacker cracks your

password with various programs and password cracking tools like Aircrack, Cain,
Abel, John the Ripper, Hashcat, etc. There are different types of password attacks
like brute force attacks, dictionary attacks, and keylogger attacks.

4. Man-in-the-Middle Attack: A Man-in-the-Middle Attack (MITM) is also

known as an eavesdropping attack. In this attack, an attacker comes in between a
two-party communication, i.e., the attacker hijacks the session between a client and
host. By doing so, hackers steal and manipulate data.

5. SQL Injection Attack : A Structured Query Language (SQL) injection attack

occurs on a database-driven website when the hacker manipulates a standard SQL
query. It is carried by injecting a malicious code into a vulnerable website search
box, thereby making the server reveal crucial information.

6. Denial-of-Service Attack: A Denial-of-Service Attack is a significant threat to

companies. Here, attackers target systems, servers, or networks and flood them
with traffic to exhaust their resources and bandwidth.

7. Insider Threat : As the name suggests, an insider threat does not involve a
third party but an insider. In such a case; it could be an individual from within the
organization who knows everything about the organization. Insider threats have the
potential to cause tremendous damages.
8. Cryptojacking: The term Cryptojacking is closely related to cryptocurrency.
Cryptojacking takes place when attackers access someone else’s computer for
mining cryptocurrency.

9. Zero-Day Exploit: A Zero-Day Exploit happens after the announcement of a

network vulnerability; there is no solution for the vulnerability in most cases. Hence
the vendor notifies the vulnerability so that the users are aware; however, this news
also reaches the attackers.

10. Rootkits :Rootkits are installed inside legitimate software, where they can
gain remote control and administration-level access over a system. The attacker
then uses the rootkit to steal passwords, keys, credentials, and retrieve critical data.