Ethical Hacking

Presentation by:
SLT Saloni Mishra
SLT Mukul Mishra
Concept of Ethical Hacking

Identifying and exploiting weakness in a system, Penetration Testing,

Fixing of vulnerabilities, Ethical Hacke
Today, computer and network security against cyber threats of
increasing sophistication is more important than it has ever been.
Such an endeavour cannot be accomplished without ethical hacking.
Ethical hacking means that authorized individuals work at exposing a
security vulnerability and ultimately eliminate it before a malefactor
can exploit it.

Malicious hacking is an endeavour to exploit vulnerabilities for

personal benefits, while ethical hacking involves authorized
individuals exposing and eliminating the security frailties before they
might be exploited by malicious hands. Thus, ethical hackers, also
known as white-hat hackers, carry out controlled and systematic
testing of systems, applications, and networks to identify possible
vulnerabilities.
What is Ethical Hacking?
• Ethical hacking involves the probing and testing of computer
systems, networks, and applications purposely to identify and
make amends on security vulnerabilities, an ethical hacker
alias white-hat or pen tester, is mandated with similar goals to
enhance security within an organization. The proactive
approach of ethical hacking ensures the strength of
organizational defense against cyberattacks, protection of
sensitive information, and compliance with security standards
and regulations, this understanding and subsequent simulation
of techniques used by cybercriminals make ethical hackers
pivotal in maintaining a good state of cybersecurity and the
protection of digital assets.
Types of Ethical Hackers:

White Hat Hackers: Here, we look for bugs and ethically report them to the organization. We are authorized as a user to
test for bugs in a website or network and report it to them. White hat hackers generally get all the needed information
about the application or network to test for, from the organization itself. They use their skills to test it before the website
goes live or attacked by malicious hackers. To become a white hat hacker, you can earn a bachelor’s degree in computer
science, information technology, or cybersecurity. In addition, certifications such as Certified Ethical Hacker (CEH) and
Certified Information Systems Security Professional (CISSP) are highly recommended.

Black Hat Hackers: Here, the organization doesn’t allow the user to test it. They unethically enter inside the website
and steal data from the admin panel or manipulate the data. They only focus on themselves and the advantages they will
get from the personal data for personal financial gain. They can cause major damage to the company by altering the
functions which lead to the loss of the company at a much higher extent. This can even lead you to extreme
consequences.

Grey Hat Hackers: They sometimes access to the data and violates the law. But never have the same intention as Black
hat hackers, they often operate for the common good. The main difference is that they exploit vulnerability publicly
whereas white hat hackers do it privately for the company.One criticism of Grey Hat hackers is that their actions can still
cause harm. Even if they do not steal or damage data, their unauthorized access to computer systems can still disrupt
operations and cause financial losses for companies. Additionally, there is always the risk that a Grey Hat hacker will
accidentally cause damage while attempting to identify vulnerabilities.

Blue Hat hackers: They are much like the script kiddies, are beginners in the field of hacking. If anyone makes angry a
script kiddie and he/she may take revenge, then they are considered as the blue hat hackers. Blue Hat hackers payback
to those who have challenged them or angry them. Like the Script Kiddies, Blue hat hackers also have no desire to learn.

Green Hat hackers : They are also amateurs in the world of hacking but they are bit different from script kiddies. They
care about hacking and strive to become full-blown hackers. They are inspired by the hackers and ask them few
questions about. While hackers are answering their question they will listen to its novelty.

Red Hat Hackers: They are also known as the eagle-eyed hackers. Like white hat hackers, red hat hackers also aims to
halt the black hat hackers. There is a major difference in the way they operate. They become ruthless while dealing with
malware actions of the black hat hackers. Red hat hacker will keep on attacking the hacker aggressively that the hacker
may know it as well have to replace the whole system.
Using Kali Linux
• Download and Installing Kali
• Basic Commands and Operations
• Types of users in Kali Linux
• Penetration Testing Tools in Kali
 Basic Commands and Operations
•Navigating the File System :
•ls: List directory contents.
•cd: Change directory.
•pwd: Print working directory.

•File Operations
•Cp: Copy Files
•Mv: Move or Rename files and directories
•Rm: Remove files and directories
•Mkdir: Make Directory
• Users and Permissions
• Sud0: Execute a command as another user
• Chmod: Change file mod bits
• Chown: Change file owner and group

• Security Tools
• Nmap
• Metasploit
• Wireshark
• Burpsuite
• Hydra
Nmap
• Nmap is a powerful network scanning tool used for discovering hosts and
services on a network.
• Basics Commands:
• Scan a single ip using : nmap 192.168.1.1
• Scan a range of Ips: nmap 192.168.1.1-255
• Scan with service and version detection : nmap –sV 192.168.1.1
• Scan for Open Ports: nmap –p 1-65535 192.168.1.1
• Perform an aggressive scan: nma –A 192.168.1.1

Used for identifying live hosts on a network, Discovering the open ports and
services and Mapping the network topology.
Hydra
• Hydra is used for password cracking via Brute Force attacks on various protocols.
• Basic Commands:
• Brute Force SSH Login: hrdra –l admin –P passwords.text ssh://192.168.1.1
• Hydra
• -l<usename> - Specifies a single username
• -L <user_list> - Uses a list of usernames
• -P< password_list> - Uses a list of passwords
• -v –Verbose mode
• Advanced Hydra Options: -t4 Sets number of parallel connections
• -f Stops after the first valid credential is found
• -o output.txt – Saves results to a file.
• hydra -L users.txt -P passwords.txt ssh://192.168.1.1 -t 4 -V -o results.txt
Burpsuite
• Burpsuite is a powerful tool for testing web applications for vulnerabilities.
• Key Features include
• Proxy: Intercept and modify web traffic
• Spider: Automatically map out application content
• Intruder: Automate attacks on web forms
• Scanner(Pro Version): Identify security vulnerabilities like SQL Injection and XSS
• Basic Usage:
• Start Burpsuite using command: burpsuite
• Configure browser proxy settings to 127.0.0.1:8080 to intercept traffic.
• Use Proxy to capture and modify requests
• Utilize Intruder to automate attacks on web forms.
Metasploit
• It is a powerful framework for developing and executing exploit code against a target
system. It is widely used by security proffesionals for Penetration Testing.
• Basic Commands:
• Msfconsole: To start Metasploit
• Search exploit windows: Search for exploits
• Set RHOSTS 192.168.1.100: Set Target Host
• Set payload: set playload
• Start Exploit: exploit

• Use Case:
• Exploting vulnerabilities in software, Gaining Access to remote systems and Post
Exploitation Tasks like privilege escalation.
Wireshark
• It is a network protocol analyzer that captures and inspects packets in real time.
• Basic Wireshark Usage:
• Start Wireshark: wireshark
• Capture network traffic: Select a network interface and start capturing packets.
• Filter Packets: Show only HTTP traffic- http
• Show only traffic specific to IP: ip.addr== 192.168.1.1
• Show only TCP packets: tcp
• Analyze Packets: Look for passwords, cookies, or any sensitive data in Follow TCP Stream.
Denial of Service Attack
A denial-of-service (DoS) attack is a type of cyber attack in which a malicious actor aims to render a computer or other
device unavailable to its intended users by interrupting the device's normal functioning. DoS attacks typically function by
overwhelming or flooding a targeted machine with requests until normal traffic is unable to be processed, resulting in denial-
of-service to addition users. A DoS attack is characterized by using a single computer to launch the attack.

A distributed denial-of-service (DDoS) attack is a type of DoS attack that comes from many distributed sources, such as a
botnet DDoS attack.

How does a DoS attack work?

The primary focus of a DoS attack is to oversaturate the capacity of a targeted machine, resulting in denial-of-service to
additional requests. The multiple attack vectors of DoS attacks can be grouped by their similarities.

DoS attacks typically fall in 2 categories:

Buffer overflow attacks

An attack type in which a memory buffer overflow can cause a machine to consume all available hard disk space, memory,
or CPU time. This form of exploit often results in sluggish behavior, system crashes, or other deleterious server behaviors,
resulting in denial-of-service.

Flood attacks
By saturating a targeted server with an overwhelming amount of packets, a malicious actor is able to oversaturate server
capacity, resulting in denial-of-service. In order for most DoS flood attacks to be successful, the malicious actor must have
more available bandwidth than the target.
Vulnerability Scanning:
• Vulnerability scanning is a crucial process within any comprehensive
cybersecurity program. It involves the automated detection of security
weaknesses in software, systems, and networks, allowing organizations to
identify and address potential threats before attackers can exploit them.
Vulnerability scanning is vital in managing cyber risks, helping businesses
safeguard sensitive data and maintaining regulatory compliance.
Thank You