SlideShare a Scribd company logo

Cyper security & Ethical hacking

Download as PPTX, PDF
C
Cmano Kar

In my college i will created this presentation for seminar with my own interest so this will help you for your career.Please you also create any presentation and upload it,Thank you.

1 of 41
Downloaded 75 times
Cyper Security & Ethical Hacking
 Penetrate Testing  Password Security
Vulnerability is some flaw in our environment that a malicious attacker could use to cause damage in your organization. Vulnerabilities could exist in numerous areas in our environments, including our system design, business operations, installed softwares, and network configurations.
•Input validation errors, such as: • Format string attacks • SQL injection • E-mail injection • Directory traversal • Cross-site scripting in web applications •Race conditions, such as: • Time-of-check-to-time-of-use bugs • Sym link races •Privilege-confusion bugs, such as: • Cross-site request forgery in web applications • Click jacking • FTP bounce attack
 In 1988 a "worm program" written by a college student shut down about 10 percent of computers connected to the Internet. This was the beginning of the era of cyber attacks.  Today we have about 10,000 incidents of cyber attacks which are reported and the number grows. Computer Crime – The Beginning
 In February, Kevin Mitnick is arrested for a second time. He is charged with stealing 20,000 credit card numbers. He eventually spends four years in jail and on his release his parole conditions demand that he avoid contact with computers and mobile phones.  On November 15, Christopher Pile becomes the first person to be jailed for writing and distributing a computer virus. Mr Pile, who called himself the Black Baron, was sentenced to 18 months in jail.  The US General Accounting Office reveals that US Defense Department computers sustained 250,000 attacks in 1995. Computer Crime - 1995
 Some of the sites which have been compromised  U.S. Department of Commerce  NASA  CIA  Greenpeace  Motorola  UNICEF  Church of Christ …  Some sites which have been rendered ineffective  Yahoo  Microsoft  Amazon … Why Security?
Hackers White hat : Black hat Grey hat A white hat hackers breaks security for non-malicious reasons, perhaps to test their own security system or while working for a security company which makes security software. The term "white hat" in Internet slang refers to an ethical hacker. A "black hat" hacker is a hacker who "violates computer security for little reason beyond maliciousness or for personal gain" A grey hat hacker is a combination of a black hat and a white hat hacker.
 Scanning  Gaining Access  Maintaining Access  Covering Tracks  Clearing Logs  Placing Backdoor Hackers Steps
Types of hacking Normal data transfer Interruption Interception Modification Fabrication
How to translate the hackers’ language (2)  Ex)  1 d1d n0t h4ck th1s p4g3, 1t w4s l1k3 th1s wh3n 1 h4ck3d 1n  I did not hack this page, it was like this when I hacked in
Reverse Engineering  Integrated Circuit’s  Binary Software’s  Source Code Reverse engineering, also called back engineering, is the process of extracting knowledge or design information from anything man-made
An exploit (using something to one’s own knowledge) is a piece of software, a chunk of data, or a sequence of commands that takes advantage of a bug, glitch or vulnerability in order to cause unintended or unanticipated behavior to occur on computer software, hardware, or something electronic What is Exploit :
Exploit Writing dSploit is a penetration testing suite developed for the Android operating system
 Password hashed and stored  Salt added to randomize password & stored on system  Password attacks launched to crack encrypted password Password Security Hash Function Hashed Password Salt Compare Password Client Password Server Stored Password Hashed Password Allow/Deny Access
 Spam  Phishing  Virus  Key Loggers(Hardware , Software)  Password
I. Mail.Anonymizer.name II. FakEmailer.net III. FakEmailer.info IV. Deadfake.com Email Servers
Example PHP Coding For Mail Phishing
SQL Injection SQL injection takes advantage of the syntax of SQL to inject commands that can read or modify a database, or compromise the meaning of the original query.
SELECT UserList.Username FROM UserList WHERE UserList.Username = 'Username' AND UserList.Password = 'Password' SELECT UserList.Username FROM UserList WHERE UserList.Username = 'Username' AND UserList.Password = 'Password' AND ‘1’ = ‘1’ Example SQL Code: Injected Code:
Wireless Hacking Wireless hacking is made by the Getting the control the Wireless Networks.Wireless Hacking is made by the Password attacks,Modem dialing via proxy servers
• Wired Equivalent Privacy (WEP) • Wi-Fi Protected Access (WPA/WPA2) Wireless Security Standards
Cyper security & Ethical hacking
• Netstumbler • inSSIDer • Kismet • Wireshark • Analysers of AirMagnet • Airopeek • KisMac Wireless Hacking Softwares
Definition: Attacker spoofs the address of another machine and inserts itself between the attacked machine and the spoofed machine to intercept replies IP Spoofing – Source Routing Replies sent back to 10.10.20.30 Spoofed Address 10.10.20.30 Attacker 10.10.50.50 John 10.10.5.5 From Address: 10.10.20.30 To Address: 10.10.5.5 • The path a packet may change can vary over time • To ensure that he stays in the loop the attacker uses source routing to ensure that the packet passes through certain nodes on the network Attacker intercepts packets as they go to 10.10.20.30 Server Hacking
Definition: Attack through which a person can render a system unusable or significantly slow down the system for legitimate users by overloading the system so that no one else can use it. Types: 1. Crashing the system or network – Send the victim data or packets which will cause system to crash or reboot. 2. Exhausting the resources by flooding the system or network with information – Since all resources are exhausted others are denied access to the resources 3. Distributed DOS attacks are coordinated denial of service attacks involving several people and/or machines to launch attacks Denial of Service (DOS) Attack
Types: 1. Ping of Death 2. SSPing 3. Land 4. Smurf 5. SYN Flood 6. CPU Hog 7. Win Nuke 8. RPC Locator 9. Jolt2 10. Bubonic 11. Microsoft Incomplete TCP/IP Packet Vulnerability 12. HP Openview Node Manager SNMP DOS Vulneability 13. Netscreen Firewall DOS Vulnerability 14. Checkpoint Firewall DOS Vulnerability Denial of Service (DOS) Attack
Threats A threat is an agent that may want to or definitely can result in harm to the target organization. Threats include organized crime, spyware, malware, adware companies, and disgruntled internal employees who start attacking their employer. Worms and viruses also characterize a threat as they could possibly cause harm in your organization even without a human directing them to do so by infecting machines and causing damage automatically. Threats are usually referred to as “attackers” or “bad guys”.
Virus
Cyper security & Ethical hacking
Worms  So big  Autorun.inf  Photos.exe  ILOVEYOU  Bootstrap.com  Windows.exe
•Netbus Advance System Care(by Carl-Fredrik Neikter) •Subseven or Sub7(by Mobman) •Back Orifice (Sir Dystic) •Beast •Zeus •Flashback Trojan (Trojan BackDoor.Flashback) •ZeroAccess •Koobface •Vundo Trojans
• Chat • Email Attachments • Website Downloads • Physical Drives • Network Shares Trojan Attacks
 Attacker can  monitor the session  periodically inject commands into session  launch passive and active attacks from the session Session Hijacking Bob telnets to Server Bob authenticates to Server Bob Attacker Server Die! Hi! I am Bob
Cryptography Bob AliceEncryptionDecryption
Cyper security & Ethical hacking
Cyper security & Ethical hacking
Firewall & Honey bots
Steganography
Cyper security & Ethical hacking
Penetrate Testing

Recommended

Dan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hacker
Dan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hackerDan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hacker
Dan Catalin Vasile - Defcamp2013 - Does it pay to be a blackhat hacker
Dan Vasile
 
Introduction ethical hacking
Introduction ethical hackingIntroduction ethical hacking
Introduction ethical hacking
Vishal Kumar
 
Hacking
HackingHacking
Hacking
LutfulM
 
Cyber Security-Ethical Hacking
Cyber Security-Ethical HackingCyber Security-Ethical Hacking
Cyber Security-Ethical Hacking
Viral Parmar
 
Introduction To Ethical Hacking
Introduction To Ethical HackingIntroduction To Ethical Hacking
Introduction To Ethical Hacking
Neel Kamal
 
It
ItIt
It
Volkswagen Thane
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
Aditya Vikram Singhania
 
Cse ethical hacking ppt
Cse ethical hacking pptCse ethical hacking ppt
Cse ethical hacking ppt
SHAHID ANSARI
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
Alapan Banerjee
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
Devendra Yadav
 
Ethical Hacking Powerpoint
Ethical Hacking PowerpointEthical Hacking Powerpoint
Ethical Hacking Powerpoint
Ren Tuazon
 
Ethical hacking basics
Ethical hacking basicsEthical hacking basics
Ethical hacking basics
Meenesh Jain
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
Viraj Kansara
 
Ethical Hacking PPT (CEH)
Ethical Hacking PPT (CEH)Ethical Hacking PPT (CEH)
Ethical Hacking PPT (CEH)
Umesh Mahawar
 
Internet Security
Internet SecurityInternet Security
Internet Security
Mitesh Gupta
 
Types of attacks and threads
Types of attacks and threadsTypes of attacks and threads
Types of attacks and threads
srivijaymanickam
 
Ethical hacking
Ethical hacking Ethical hacking
Ethical hacking
Institute of Information Security (IIS)
 
Internet security powerpoint
Internet security powerpointInternet security powerpoint
Internet security powerpoint
Arifa Ali
 
Cse ethical hacking ppt
Cse ethical hacking pptCse ethical hacking ppt
Cse ethical hacking ppt
shreya_omar
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
Naveen Sihag
 
Ethical hacking a licence to hack
Ethical hacking a licence to hackEthical hacking a licence to hack
Ethical hacking a licence to hack
Dharmesh Makwana
 
Hacking
HackingHacking
Hacking
VipinYadav257
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
Namrata Raiyani
 
Penetration testing
Penetration testing Penetration testing
Penetration testing
PTC
 
Inetsecurity.in Ethical Hacking presentation
Inetsecurity.in Ethical Hacking presentationInetsecurity.in Ethical Hacking presentation
Inetsecurity.in Ethical Hacking presentation
Joshua Prince
 
Protection from hacking attacks
Protection from hacking attacksProtection from hacking attacks
Protection from hacking attacks
Sugirtha Jasmine M
 
Tutorial 09 - Security on the Internet and the Web
Tutorial 09 - Security on the Internet and the WebTutorial 09 - Security on the Internet and the Web
Tutorial 09 - Security on the Internet and the Web
dpd
 
Computer Security
Computer SecurityComputer Security
Computer Security
Vaibhavi Patel
 
Computer Security
Computer SecurityComputer Security
Computer Security
Vaibhavi Patel
 
Chapter 2 konsep dasar keamanan
Chapter 2 konsep dasar keamananChapter 2 konsep dasar keamanan
Chapter 2 konsep dasar keamanan
newbie2019
 

More Related Content

What's hot (19)

Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
Alapan Banerjee
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
Devendra Yadav
 
Ethical Hacking Powerpoint
Ethical Hacking PowerpointEthical Hacking Powerpoint
Ethical Hacking Powerpoint
Ren Tuazon
 
Ethical hacking basics
Ethical hacking basicsEthical hacking basics
Ethical hacking basics
Meenesh Jain
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
Viraj Kansara
 
Ethical Hacking PPT (CEH)
Ethical Hacking PPT (CEH)Ethical Hacking PPT (CEH)
Ethical Hacking PPT (CEH)
Umesh Mahawar
 
Internet Security
Internet SecurityInternet Security
Internet Security
Mitesh Gupta
 
Types of attacks and threads
Types of attacks and threadsTypes of attacks and threads
Types of attacks and threads
srivijaymanickam
 
Ethical hacking
Ethical hacking Ethical hacking
Ethical hacking
Institute of Information Security (IIS)
 
Internet security powerpoint
Internet security powerpointInternet security powerpoint
Internet security powerpoint
Arifa Ali
 
Cse ethical hacking ppt
Cse ethical hacking pptCse ethical hacking ppt
Cse ethical hacking ppt
shreya_omar
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
Naveen Sihag
 
Ethical hacking a licence to hack
Ethical hacking a licence to hackEthical hacking a licence to hack
Ethical hacking a licence to hack
Dharmesh Makwana
 
Hacking
HackingHacking
Hacking
VipinYadav257
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
Namrata Raiyani
 
Penetration testing
Penetration testing Penetration testing
Penetration testing
PTC
 
Inetsecurity.in Ethical Hacking presentation
Inetsecurity.in Ethical Hacking presentationInetsecurity.in Ethical Hacking presentation
Inetsecurity.in Ethical Hacking presentation
Joshua Prince
 
Protection from hacking attacks
Protection from hacking attacksProtection from hacking attacks
Protection from hacking attacks
Sugirtha Jasmine M
 
Tutorial 09 - Security on the Internet and the Web
Tutorial 09 - Security on the Internet and the WebTutorial 09 - Security on the Internet and the Web
Tutorial 09 - Security on the Internet and the Web
dpd
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
Alapan Banerjee
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
Devendra Yadav
 
Ethical Hacking Powerpoint
Ethical Hacking PowerpointEthical Hacking Powerpoint
Ethical Hacking Powerpoint
Ren Tuazon
 
Ethical hacking basics
Ethical hacking basicsEthical hacking basics
Ethical hacking basics
Meenesh Jain
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
Viraj Kansara
 
Ethical Hacking PPT (CEH)
Ethical Hacking PPT (CEH)Ethical Hacking PPT (CEH)
Ethical Hacking PPT (CEH)
Umesh Mahawar
 
Internet Security
Internet SecurityInternet Security
Internet Security
Mitesh Gupta
 
Types of attacks and threads
Types of attacks and threadsTypes of attacks and threads
Types of attacks and threads
srivijaymanickam
 
Ethical hacking
Ethical hacking Ethical hacking
Ethical hacking
Institute of Information Security (IIS)
 
Internet security powerpoint
Internet security powerpointInternet security powerpoint
Internet security powerpoint
Arifa Ali
 
Cse ethical hacking ppt
Cse ethical hacking pptCse ethical hacking ppt
Cse ethical hacking ppt
shreya_omar
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
Naveen Sihag
 
Ethical hacking a licence to hack
Ethical hacking a licence to hackEthical hacking a licence to hack
Ethical hacking a licence to hack
Dharmesh Makwana
 
Hacking
HackingHacking
Hacking
VipinYadav257
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
Namrata Raiyani
 
Penetration testing
Penetration testing Penetration testing
Penetration testing
PTC
 
Inetsecurity.in Ethical Hacking presentation
Inetsecurity.in Ethical Hacking presentationInetsecurity.in Ethical Hacking presentation
Inetsecurity.in Ethical Hacking presentation
Joshua Prince
 
Protection from hacking attacks
Protection from hacking attacksProtection from hacking attacks
Protection from hacking attacks
Sugirtha Jasmine M
 
Tutorial 09 - Security on the Internet and the Web
Tutorial 09 - Security on the Internet and the WebTutorial 09 - Security on the Internet and the Web
Tutorial 09 - Security on the Internet and the Web
dpd
 

Similar to Cyper security & Ethical hacking (20)

Computer Security
Computer SecurityComputer Security
Computer Security
Vaibhavi Patel
 
Computer Security
Computer SecurityComputer Security
Computer Security
Vaibhavi Patel
 
Chapter 2 konsep dasar keamanan
Chapter 2 konsep dasar keamananChapter 2 konsep dasar keamanan
Chapter 2 konsep dasar keamanan
newbie2019
 
Chapter 2 konsep dasar keamanan
Chapter 2 konsep dasar keamananChapter 2 konsep dasar keamanan
Chapter 2 konsep dasar keamanan
newbie2019
 
Introduction of hacking and cracking
Introduction of hacking and crackingIntroduction of hacking and cracking
Introduction of hacking and cracking
Harshil Barot
 
Information Security Fundamentals - New Horizons Bulgaria
Information Security Fundamentals - New Horizons BulgariaInformation Security Fundamentals - New Horizons Bulgaria
Information Security Fundamentals - New Horizons Bulgaria
New Horizons Bulgaria
 
Ehical Hacking: Unit no. 1 Information and Network Security
Ehical Hacking: Unit no. 1 Information and Network SecurityEhical Hacking: Unit no. 1 Information and Network Security
Ehical Hacking: Unit no. 1 Information and Network Security
prachi67
 
Hacking and its Defence
Hacking and its DefenceHacking and its Defence
Hacking and its Defence
Greater Noida Institute Of Technology
 
A Taken on Cyber Attacks - The Cyber Physical System.pptx
A Taken on Cyber Attacks - The Cyber Physical System.pptxA Taken on Cyber Attacks - The Cyber Physical System.pptx
A Taken on Cyber Attacks - The Cyber Physical System.pptx
animeshdabral007
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
aashish2cool4u
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
Keith Brooks
 
E Commerce security
E Commerce securityE Commerce security
E Commerce security
Mayank Kashyap
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
Prabhat kumar Suman
 
Hacking by Pratyush Gupta
Hacking by Pratyush GuptaHacking by Pratyush Gupta
Hacking by Pratyush Gupta
Tenet Systems Pvt Ltd
 
DEVSECOPS_the_beginning.ppt
DEVSECOPS_the_beginning.pptDEVSECOPS_the_beginning.ppt
DEVSECOPS_the_beginning.ppt
schwarz10
 
Parag presentation on ethical hacking
Parag presentation on ethical hackingParag presentation on ethical hacking
Parag presentation on ethical hacking
parag101
 
Cyber security
Cyber securityCyber security
Cyber security
vishakha bhagwat
 
Introduction to Software Security and Best Practices
Introduction to Software Security and Best PracticesIntroduction to Software Security and Best Practices
Introduction to Software Security and Best Practices
Maxime ALAY-EDDINE
 
Hacking- Ethical/ Non-ethical, Cyber Security.
Hacking- Ethical/ Non-ethical, Cyber Security.Hacking- Ethical/ Non-ethical, Cyber Security.
Hacking- Ethical/ Non-ethical, Cyber Security.
JasminJaman1
 
Computer security system Unit1.pptx
Computer security system Unit1.pptxComputer security system Unit1.pptx
Computer security system Unit1.pptx
VIRAJDEY1
 
Computer Security
Computer SecurityComputer Security
Computer Security
Vaibhavi Patel
 
Computer Security
Computer SecurityComputer Security
Computer Security
Vaibhavi Patel
 
Chapter 2 konsep dasar keamanan
Chapter 2 konsep dasar keamananChapter 2 konsep dasar keamanan
Chapter 2 konsep dasar keamanan
newbie2019
 
Chapter 2 konsep dasar keamanan
Chapter 2 konsep dasar keamananChapter 2 konsep dasar keamanan
Chapter 2 konsep dasar keamanan
newbie2019
 
Introduction of hacking and cracking
Introduction of hacking and crackingIntroduction of hacking and cracking
Introduction of hacking and cracking
Harshil Barot
 
Information Security Fundamentals - New Horizons Bulgaria
Information Security Fundamentals - New Horizons BulgariaInformation Security Fundamentals - New Horizons Bulgaria
Information Security Fundamentals - New Horizons Bulgaria
New Horizons Bulgaria
 
Ehical Hacking: Unit no. 1 Information and Network Security
Ehical Hacking: Unit no. 1 Information and Network SecurityEhical Hacking: Unit no. 1 Information and Network Security
Ehical Hacking: Unit no. 1 Information and Network Security
prachi67
 
Hacking and its Defence
Hacking and its DefenceHacking and its Defence
Hacking and its Defence
Greater Noida Institute Of Technology
 
A Taken on Cyber Attacks - The Cyber Physical System.pptx
A Taken on Cyber Attacks - The Cyber Physical System.pptxA Taken on Cyber Attacks - The Cyber Physical System.pptx
A Taken on Cyber Attacks - The Cyber Physical System.pptx
animeshdabral007
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
aashish2cool4u
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
Keith Brooks
 
E Commerce security
E Commerce securityE Commerce security
E Commerce security
Mayank Kashyap
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
Prabhat kumar Suman
 
Hacking by Pratyush Gupta
Hacking by Pratyush GuptaHacking by Pratyush Gupta
Hacking by Pratyush Gupta
Tenet Systems Pvt Ltd
 
DEVSECOPS_the_beginning.ppt
DEVSECOPS_the_beginning.pptDEVSECOPS_the_beginning.ppt
DEVSECOPS_the_beginning.ppt
schwarz10
 
Parag presentation on ethical hacking
Parag presentation on ethical hackingParag presentation on ethical hacking
Parag presentation on ethical hacking
parag101
 
Cyber security
Cyber securityCyber security
Cyber security
vishakha bhagwat
 
Introduction to Software Security and Best Practices
Introduction to Software Security and Best PracticesIntroduction to Software Security and Best Practices
Introduction to Software Security and Best Practices
Maxime ALAY-EDDINE
 
Hacking- Ethical/ Non-ethical, Cyber Security.
Hacking- Ethical/ Non-ethical, Cyber Security.Hacking- Ethical/ Non-ethical, Cyber Security.
Hacking- Ethical/ Non-ethical, Cyber Security.
JasminJaman1
 
Computer security system Unit1.pptx
Computer security system Unit1.pptxComputer security system Unit1.pptx
Computer security system Unit1.pptx
VIRAJDEY1
 

Recently uploaded (16)

Breaching The Perimeter - Our Most Impactful Bug Bounty Findings.pdf
Breaching The Perimeter - Our Most Impactful Bug Bounty Findings.pdfBreaching The Perimeter - Our Most Impactful Bug Bounty Findings.pdf
Breaching The Perimeter - Our Most Impactful Bug Bounty Findings.pdf
Nirmalthapa24
 
Seminar.MAJor presentation for final project viva
Seminar.MAJor presentation for final project vivaSeminar.MAJor presentation for final project viva
Seminar.MAJor presentation for final project viva
daditya2501
 
Organizing_Data_Grade4 how to organize.pptx
Organizing_Data_Grade4 how to organize.pptxOrganizing_Data_Grade4 how to organize.pptx
Organizing_Data_Grade4 how to organize.pptx
AllanGuevarra1
 
highend-srxseries-services-gateways-customer-presentation.pptx
highend-srxseries-services-gateways-customer-presentation.pptxhighend-srxseries-services-gateways-customer-presentation.pptx
highend-srxseries-services-gateways-customer-presentation.pptx
elhadjcheikhdiop
 
AI Days 2025_GM1 : Interface in theage of AI
AI Days 2025_GM1 : Interface in theage of AIAI Days 2025_GM1 : Interface in theage of AI
AI Days 2025_GM1 : Interface in theage of AI
Prashant Singh
 
cxbcxfzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzz7.pdf
cxbcxfzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzz7.pdfcxbcxfzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzz7.pdf
cxbcxfzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzz7.pdf
ssuser060b2e1
 
Cyber Safety: security measure about navegating on internet.
Cyber Safety: security measure about navegating on internet.Cyber Safety: security measure about navegating on internet.
Cyber Safety: security measure about navegating on internet.
manugodinhogentil
 
Determining Glass is mechanical textile
Determining Glass is mechanical textileDetermining Glass is mechanical textile
Determining Glass is mechanical textile
Azizul Hakim
 
OSI TCP IP Protocol Layers description f
OSI TCP IP Protocol Layers description fOSI TCP IP Protocol Layers description f
OSI TCP IP Protocol Layers description f
cbr49917
 
(Hosting PHising Sites) for Cryptography and network security
(Hosting PHising Sites) for Cryptography and network security(Hosting PHising Sites) for Cryptography and network security
(Hosting PHising Sites) for Cryptography and network security
aluacharya169
 
5-Ways-To-Future-Proof-Your-SIEM-Securonix[1].pdf
5-Ways-To-Future-Proof-Your-SIEM-Securonix[1].pdf5-Ways-To-Future-Proof-Your-SIEM-Securonix[1].pdf
5-Ways-To-Future-Proof-Your-SIEM-Securonix[1].pdf
AndrHenrique77
 
Top Vancouver Green Business Ideas for 2025 Powered by 4GoodHosting
Top Vancouver Green Business Ideas for 2025 Powered by 4GoodHostingTop Vancouver Green Business Ideas for 2025 Powered by 4GoodHosting
Top Vancouver Green Business Ideas for 2025 Powered by 4GoodHosting
steve198109
 
Best web hosting Vancouver 2025 for you business
Best web hosting Vancouver 2025 for you businessBest web hosting Vancouver 2025 for you business
Best web hosting Vancouver 2025 for you business
steve198109
 
Reliable Vancouver Web Hosting with Local Servers & 24/7 Support
Reliable Vancouver Web Hosting with Local Servers & 24/7 SupportReliable Vancouver Web Hosting with Local Servers & 24/7 Support
Reliable Vancouver Web Hosting with Local Servers & 24/7 Support
steve198109
 
Grade 7 Google_Sites_Lesson creating website.pptx
Grade 7 Google_Sites_Lesson creating website.pptxGrade 7 Google_Sites_Lesson creating website.pptx
Grade 7 Google_Sites_Lesson creating website.pptx
AllanGuevarra1
 
project_based_laaaaaaaaaaearning,kelompok 10.pptx
project_based_laaaaaaaaaaearning,kelompok 10.pptxproject_based_laaaaaaaaaaearning,kelompok 10.pptx
project_based_laaaaaaaaaaearning,kelompok 10.pptx
redzuriel13
 
Breaching The Perimeter - Our Most Impactful Bug Bounty Findings.pdf
Breaching The Perimeter - Our Most Impactful Bug Bounty Findings.pdfBreaching The Perimeter - Our Most Impactful Bug Bounty Findings.pdf
Breaching The Perimeter - Our Most Impactful Bug Bounty Findings.pdf
Nirmalthapa24
 
Seminar.MAJor presentation for final project viva
Seminar.MAJor presentation for final project vivaSeminar.MAJor presentation for final project viva
Seminar.MAJor presentation for final project viva
daditya2501
 
Organizing_Data_Grade4 how to organize.pptx
Organizing_Data_Grade4 how to organize.pptxOrganizing_Data_Grade4 how to organize.pptx
Organizing_Data_Grade4 how to organize.pptx
AllanGuevarra1
 
highend-srxseries-services-gateways-customer-presentation.pptx
highend-srxseries-services-gateways-customer-presentation.pptxhighend-srxseries-services-gateways-customer-presentation.pptx
highend-srxseries-services-gateways-customer-presentation.pptx
elhadjcheikhdiop
 
AI Days 2025_GM1 : Interface in theage of AI
AI Days 2025_GM1 : Interface in theage of AIAI Days 2025_GM1 : Interface in theage of AI
AI Days 2025_GM1 : Interface in theage of AI
Prashant Singh
 
cxbcxfzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzz7.pdf
cxbcxfzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzz7.pdfcxbcxfzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzz7.pdf
cxbcxfzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzz7.pdf
ssuser060b2e1
 
Cyber Safety: security measure about navegating on internet.
Cyber Safety: security measure about navegating on internet.Cyber Safety: security measure about navegating on internet.
Cyber Safety: security measure about navegating on internet.
manugodinhogentil
 
Determining Glass is mechanical textile
Determining Glass is mechanical textileDetermining Glass is mechanical textile
Determining Glass is mechanical textile
Azizul Hakim
 
OSI TCP IP Protocol Layers description f
OSI TCP IP Protocol Layers description fOSI TCP IP Protocol Layers description f
OSI TCP IP Protocol Layers description f
cbr49917
 
(Hosting PHising Sites) for Cryptography and network security
(Hosting PHising Sites) for Cryptography and network security(Hosting PHising Sites) for Cryptography and network security
(Hosting PHising Sites) for Cryptography and network security
aluacharya169
 
5-Ways-To-Future-Proof-Your-SIEM-Securonix[1].pdf
5-Ways-To-Future-Proof-Your-SIEM-Securonix[1].pdf5-Ways-To-Future-Proof-Your-SIEM-Securonix[1].pdf
5-Ways-To-Future-Proof-Your-SIEM-Securonix[1].pdf
AndrHenrique77
 
Top Vancouver Green Business Ideas for 2025 Powered by 4GoodHosting
Top Vancouver Green Business Ideas for 2025 Powered by 4GoodHostingTop Vancouver Green Business Ideas for 2025 Powered by 4GoodHosting
Top Vancouver Green Business Ideas for 2025 Powered by 4GoodHosting
steve198109
 
Best web hosting Vancouver 2025 for you business
Best web hosting Vancouver 2025 for you businessBest web hosting Vancouver 2025 for you business
Best web hosting Vancouver 2025 for you business
steve198109
 
Reliable Vancouver Web Hosting with Local Servers & 24/7 Support
Reliable Vancouver Web Hosting with Local Servers & 24/7 SupportReliable Vancouver Web Hosting with Local Servers & 24/7 Support
Reliable Vancouver Web Hosting with Local Servers & 24/7 Support
steve198109
 
Grade 7 Google_Sites_Lesson creating website.pptx
Grade 7 Google_Sites_Lesson creating website.pptxGrade 7 Google_Sites_Lesson creating website.pptx
Grade 7 Google_Sites_Lesson creating website.pptx
AllanGuevarra1
 
project_based_laaaaaaaaaaearning,kelompok 10.pptx
project_based_laaaaaaaaaaearning,kelompok 10.pptxproject_based_laaaaaaaaaaearning,kelompok 10.pptx
project_based_laaaaaaaaaaearning,kelompok 10.pptx
redzuriel13
 

Cyper security & Ethical hacking

  • 2.  Penetrate Testing  Password Security
  • 3. Vulnerability is some flaw in our environment that a malicious attacker could use to cause damage in your organization. Vulnerabilities could exist in numerous areas in our environments, including our system design, business operations, installed softwares, and network configurations.
  • 4. •Input validation errors, such as: • Format string attacks • SQL injection • E-mail injection • Directory traversal • Cross-site scripting in web applications •Race conditions, such as: • Time-of-check-to-time-of-use bugs • Sym link races •Privilege-confusion bugs, such as: • Cross-site request forgery in web applications • Click jacking • FTP bounce attack
  • 5.  In 1988 a "worm program" written by a college student shut down about 10 percent of computers connected to the Internet. This was the beginning of the era of cyber attacks.  Today we have about 10,000 incidents of cyber attacks which are reported and the number grows. Computer Crime – The Beginning
  • 6.  In February, Kevin Mitnick is arrested for a second time. He is charged with stealing 20,000 credit card numbers. He eventually spends four years in jail and on his release his parole conditions demand that he avoid contact with computers and mobile phones.  On November 15, Christopher Pile becomes the first person to be jailed for writing and distributing a computer virus. Mr Pile, who called himself the Black Baron, was sentenced to 18 months in jail.  The US General Accounting Office reveals that US Defense Department computers sustained 250,000 attacks in 1995. Computer Crime - 1995
  • 7.  Some of the sites which have been compromised  U.S. Department of Commerce  NASA  CIA  Greenpeace  Motorola  UNICEF  Church of Christ …  Some sites which have been rendered ineffective  Yahoo  Microsoft  Amazon … Why Security?
  • 8. Hackers White hat : Black hat Grey hat A white hat hackers breaks security for non-malicious reasons, perhaps to test their own security system or while working for a security company which makes security software. The term "white hat" in Internet slang refers to an ethical hacker. A "black hat" hacker is a hacker who "violates computer security for little reason beyond maliciousness or for personal gain" A grey hat hacker is a combination of a black hat and a white hat hacker.
  • 9.  Scanning  Gaining Access  Maintaining Access  Covering Tracks  Clearing Logs  Placing Backdoor Hackers Steps
  • 10. Types of hacking Normal data transfer Interruption Interception Modification Fabrication
  • 11. How to translate the hackers’ language (2)  Ex)  1 d1d n0t h4ck th1s p4g3, 1t w4s l1k3 th1s wh3n 1 h4ck3d 1n  I did not hack this page, it was like this when I hacked in
  • 12. Reverse Engineering  Integrated Circuit’s  Binary Software’s  Source Code Reverse engineering, also called back engineering, is the process of extracting knowledge or design information from anything man-made
  • 13. An exploit (using something to one’s own knowledge) is a piece of software, a chunk of data, or a sequence of commands that takes advantage of a bug, glitch or vulnerability in order to cause unintended or unanticipated behavior to occur on computer software, hardware, or something electronic What is Exploit :
  • 14. Exploit Writing dSploit is a penetration testing suite developed for the Android operating system
  • 15.  Password hashed and stored  Salt added to randomize password & stored on system  Password attacks launched to crack encrypted password Password Security Hash Function Hashed Password Salt Compare Password Client Password Server Stored Password Hashed Password Allow/Deny Access
  • 16.  Spam  Phishing  Virus  Key Loggers(Hardware , Software)  Password
  • 17. I. Mail.Anonymizer.name II. FakEmailer.net III. FakEmailer.info IV. Deadfake.com Email Servers
  • 18. Example PHP Coding For Mail Phishing
  • 19. SQL Injection SQL injection takes advantage of the syntax of SQL to inject commands that can read or modify a database, or compromise the meaning of the original query.
  • 20. SELECT UserList.Username FROM UserList WHERE UserList.Username = 'Username' AND UserList.Password = 'Password' SELECT UserList.Username FROM UserList WHERE UserList.Username = 'Username' AND UserList.Password = 'Password' AND ‘1’ = ‘1’ Example SQL Code: Injected Code:
  • 21. Wireless Hacking Wireless hacking is made by the Getting the control the Wireless Networks.Wireless Hacking is made by the Password attacks,Modem dialing via proxy servers
  • 22. • Wired Equivalent Privacy (WEP) • Wi-Fi Protected Access (WPA/WPA2) Wireless Security Standards
  • 24. • Netstumbler • inSSIDer • Kismet • Wireshark • Analysers of AirMagnet • Airopeek • KisMac Wireless Hacking Softwares
  • 25. Definition: Attacker spoofs the address of another machine and inserts itself between the attacked machine and the spoofed machine to intercept replies IP Spoofing – Source Routing Replies sent back to 10.10.20.30 Spoofed Address 10.10.20.30 Attacker 10.10.50.50 John 10.10.5.5 From Address: 10.10.20.30 To Address: 10.10.5.5 • The path a packet may change can vary over time • To ensure that he stays in the loop the attacker uses source routing to ensure that the packet passes through certain nodes on the network Attacker intercepts packets as they go to 10.10.20.30 Server Hacking
  • 26. Definition: Attack through which a person can render a system unusable or significantly slow down the system for legitimate users by overloading the system so that no one else can use it. Types: 1. Crashing the system or network – Send the victim data or packets which will cause system to crash or reboot. 2. Exhausting the resources by flooding the system or network with information – Since all resources are exhausted others are denied access to the resources 3. Distributed DOS attacks are coordinated denial of service attacks involving several people and/or machines to launch attacks Denial of Service (DOS) Attack
  • 27. Types: 1. Ping of Death 2. SSPing 3. Land 4. Smurf 5. SYN Flood 6. CPU Hog 7. Win Nuke 8. RPC Locator 9. Jolt2 10. Bubonic 11. Microsoft Incomplete TCP/IP Packet Vulnerability 12. HP Openview Node Manager SNMP DOS Vulneability 13. Netscreen Firewall DOS Vulnerability 14. Checkpoint Firewall DOS Vulnerability Denial of Service (DOS) Attack
  • 28. Threats A threat is an agent that may want to or definitely can result in harm to the target organization. Threats include organized crime, spyware, malware, adware companies, and disgruntled internal employees who start attacking their employer. Worms and viruses also characterize a threat as they could possibly cause harm in your organization even without a human directing them to do so by infecting machines and causing damage automatically. Threats are usually referred to as “attackers” or “bad guys”.
  • 29. Virus
  • 31. Worms  So big  Autorun.inf  Photos.exe  ILOVEYOU  Bootstrap.com  Windows.exe
  • 32. •Netbus Advance System Care(by Carl-Fredrik Neikter) •Subseven or Sub7(by Mobman) •Back Orifice (Sir Dystic) •Beast •Zeus •Flashback Trojan (Trojan BackDoor.Flashback) •ZeroAccess •Koobface •Vundo Trojans
  • 33. • Chat • Email Attachments • Website Downloads • Physical Drives • Network Shares Trojan Attacks
  • 34.  Attacker can  monitor the session  periodically inject commands into session  launch passive and active attacks from the session Session Hijacking Bob telnets to Server Bob authenticates to Server Bob Attacker Server Die! Hi! I am Bob