SlideShare a Scribd company logo

Ethical Hacking

Download as DOCX, PDF
Sanu Subham
Sanu Subham

This document provides an overview of ethical hacking. It begins with an abstract that defines ethical hacking as assessing security vulnerabilities to improve protection. It then covers key topics like categories of hackers (white hat, black hat, grey hat), penetration testing, the methodology of an ethical hacker, and common hacking tools. The document emphasizes that ethical hacking tests systems with authorization to identify weaknesses before criminals can exploit them. It provides definitions and explanations of core concepts in ethical hacking to outline this growing field of security assessment.

1 of 19
Downloaded 57 times
AMITY SCHOOL OF ENGINEERING AND TECHNOLOGY Gwalior, Madhya Pradesh Term Paper On ETHICAL HACKING Submitted To:- Submitted By:- Mrs.Samta Jain Goyal Sanu Subham Head, Dept. of IT B.C.A AUMP, Gwalior Sem-III
INDEX S.N. TOPIC SIGN. REMARKS 1. Abstract 2. Keywords 3. Introduction 4. Categories of hackers 5. Penetration Testing 6. Working of an ethical hacker 7. Ethical hacking methodology 8. Ethical hacking process 9. Hacking tools 10. CEH 11. Ethical hacking: Future impulse 12. Conclusion 13. References
ABSTRACT We live in security era, where we are securing all our belongings beneath different modes of lock however it’s different within the case of system security. We are carelessly leaving our datas and softwares unlocked. The state of security on the web is dangerous and obtaining worse. One reaction to the present state of affairs is termed as Ethical Hacking that attempts to extend security protection by distinguishing and fix identified security vulnerabilities on systems owned by different parties. As public and personal organizations migrate additional of their critical functions to the web, criminals have additional chance and incentive to achieve access to sensitive info through the online application. So, ethical hacking is an assessment to check and test a information technology environment for possible weak links and vulnerabilities. Ethical hacking describes the way of hacking a network in an ethical method, thus with good intentions. This paper describes what ethical hacking is, what it will do, an ethical hacking methodology also as some tools which might be used for an ethical hack.
KEYWORDS  Hacking  Hacker  Ethical Hacking  Vulnerabilities  Hacker  Cracker  Security  Tools  Intrusion
INTRODUCTION The immense growth of internet has brought several treats like electronic commerce, email, easy accessibility to large stores of reference material etc. One among the more practical ways in which of testing network security is penetration testing or ethical hacking. Activities concentrate on the identification and exploitation of security vulnerabilities, and consequent implementation of corrective measures (Using an Ethical Hacking Technique). Organizations are more and more evaluating the success or failure of their current security measures through then use of ethical hacking processes. As, with most technological advances, there's additionally different side: criminal hackers who can secretly steal the organization’s data and transmit it to the open internet. These varieties of hackers are known as black hat hackers. So, to beat from these major problems, another type of hackers came into existence and these hackers are termed as ethical hackers or white hat hackers. So, this paper describes ethical hackers, their skills and the way they're going concerning serving to their customers. Ethical hackers perform the hacks as security tests for his or her systems. This kind of hacking is often legal and trustworthy. In different terms ethical hacking is the testing of resources for the betterment of technology and is focused on securing and protective IP systems. Ethical hacking is a method of doing a security assessment. Like all different assessments an ethical hack may be a random sample and spending an ethical hack doesn’t mean there are not any security problems. What is Ethical Hacking? Ethical hacking provides some way to see the protection of an information technology environment – a minimum of from a technical purpose of view. As the name ethical hacking already tells, the concept has one thing to do with hacking. However what do “hacking” mean? “The word hacking has two definitions. The primary definition refers to the hobby/profession of operating with computers. The second definition refers to breaking into Pc systems. Whereas the primary definition is older and continues to be utilized by several Pc enthusiasts (who discuss with cyber-criminals as "crackers"), the second definition is far more commonly used.” Within the context of “ethical hacking”, hacking refers to the second definition – breaking into pc systems. It is assumed that hacking is illegitimate, as breaking into a house would be. At this time, “ethical” comes into play. Ethical contains a positive bit and describes anything noble that leads us to the subsequent definition of ethical hacking: ethical hacking describes the method of offensive and penetrating Pc systems and networks to find and indicate potential security weaknesses for a consumer that is liable for the attacked information technology environment. An ethical hack’s results may be a elaborate report of the findings in addition as an affidavit that a hacker with sure amount of your time and skills is or isn’t able to successfully attack a system or get access to certain data. Ethical hacking are often categorised as a security assessment, a form of training, a check for the security of an information technology environment. An ethical hack shows the risks an information technology environment is facing and actions are often taken to cut back certain risks or to
just accept them. We will simply say that ethical hacking will absolutely match into the security life cycle shown with the below figure. Fig. 1 Security life cycle An ethical hacker is thus a “good” hacker, someone who uses the methods and tools of the blackhat community to check the security of networks and servers. The goal of an ethical hack is neither to try and do harm nor to transfer any valuable data – it’s more a service for a consumer to check his environment on however it would stand up to a hacker attack. The ultimate output from an ethical hack is usually a detailed report concerning the detected issues and vulnerabilities. Sometimes, the report will even have directions on the way to remove certain vulnerabilities.
CATEGORIES OF HACKERS White Hats Ethical hacker is referred to as White hat hacker, or white hat, they use programming skills to see the vulnerabilities in computer systems. The term "white hat" refers to an ethical computer hacker, or a computer security skilled, who focuses on penetration testing and in different testing methodologies to make sure the security of an organization's information systems. Black Hats Non-ethical hacker or black hat exploits these vulnerabilities for personal gain or different functions. Ethical hacker ruminate the weakness in computer security, points them out and will recommend changes to system to secure the information. Black hat hackers are also named as "crackers" among the security industry and by modern programmers. Grey Hats The term "grey hat" refers to a computer hacker or computer security expert whose ethical standards fall somewhere between strictly unselfish and strictly malicious. Grey Hats hack for various reasons either ethically or unethically depending on the condition and circumstances at hand.
PENETRATION TESTING A penetration test is a software attack on a computer system that appears for security weaknesses, probably gaining access to the computer's features and information. It is also known as intrusion testing and red teaming is the methodology of examining the weakness and vulnerabilities of computer and network security. Penetration testing is used to measure the performance of system security. Needof Penetration Testing The main purpose of penetration testing is to identify the security weakness under controlled circumstances in order that the security flaws are often eliminated before hackers exploit the system. Ethical hackers use their skills and apply penetration testing to find the vulnerability Assessment, provide importance to high sensitive information. Penetration testing is also done from business perspective to safeguard the organization against failure through preventing loss, similarly as operational perspective to identify the danger and vulnerabilities. Types of Penetration Test There are two type of penetration testing 1) Black Box Test 2) White Box Test Penetration testing depends upon the situation of an organization desires to check, whether the scope is to simulate an attack by an insider or external source. The distinction between the two is that the quantity of information provided to the penetration tester concerning the system is tested. In black box penetration testing is closely stimulated to it of an external attacker, giving very little data or no information concerning the systems to be tested. The penetration testers gather the maximum amount as information concerning the target system as possible to perform the test. In white box penetration testing the tester usually supplied with elaborated information concerning the network to be tested embrace the IP address.
WORKING OF AN ETHICAL HACKER The working of an ethical hacker involves the following mentioned steps 1) Obeying the Ethical Hacking Directives: All the Ethical Hacker should follow few basic principles. If he doesn't follow, dangerous things will happen. Most of the time these principles get neglected or forgotten when designing or executing ethical hacking tests. The results are even so dangerous. 2) Working ethically: The word ethical is defined as working with high skilled morals and principles. whether you’re performing ethical hacking tests against your own systems or for somebody who has employed you, everything you are doing as an ethical Hacker should be approved and should support the company’s goals. No hidden agendas are allowed. trustworthiness is the final objective. The misuse of information is completely not allowed. 3) Respecting Privacy: Treat the data you gather with complete respect. All data you acquire throughout your testing from internet application log files to clear-text passwords — should be kept personal. 4) Not crashing your systems: One of the biggest mistakes is when individuals attempt to hack their own systems; they come up with crashing their systems. the reason for this can be poor planning. These testers haven't read the documentation or misunderstand the usage and power of the security tools and techniques. you can simply produce miserable conditions on your systems while testing. Running too several tests too quickly on a system causes several system lockups. several security assessment tools will control how many tests are performed on a system at a constant time. These tools are particularly handy if you need to run the tests on production systems throughout regular business hours. 5) Executing the plan: In Ethical hacking, time and patience are very important. You must be careful when you’re performing your ethical hacking tests.
ETHICAL HACKING METHODOLOGY An ethical hacking methodology is pretty similar to a hacking methodology as there are more or less the similar goals. An ethical hacker doesn’t need to take that much care in hiding his traces and tracks. He can chose a more aggressive way and doesn’t need to bother with slowing down portscans (to avoid detection) or evading intrusion detection systems – at least most of the time unless it is specially desired by the client. Mostly, an ethical hacker just hasn’t the time to be that careful in blurring his traces and tracks unless the customer pays for. Nevertheless, a lot of similarities can be found to a hacking methodology. An ethical hacking methodology overview can be seen in figure 2. A similar setup could be used by a hacker for his attacks. The ethical hacking methodology described is based on eight possible phases where interactions between the phases are possible, even required as hacking is an iterative process; going back to an earlier phase is absolutely possible (and needed). Fig. 2 Ethical hacking methodology
1.) Reconnaissance: It states to gather as more information as we can about target in prior to perform an attack. It can be further classified into Active and Passive. Former involves information gathering with direct interaction like social engineering and the later without any direct interaction by searching news release or public records. 2.) Scanning: It states to scan for all the open as well as closed ports and even for the known vulnerabilities on the target machine. 3.) Gaining Control: It can be gained at OS level, system level or even network level. From normal access hacker can even proceed with privilege escalation. It often includes password cracking, buffer overflows, DoS attack etc. 4.) Maintaining Access: It is where hacker strives to retain its control over target with backdoors, root kits or Trojans. Compromised machines can even be used as Bots and Zombies for further attacks. 5.) Covering Tracks : It is also known as Daisy Chaining. To avoid being exposed or caught, a good hacker will leave no impressions of his presence. So he attempts to overwrite the system and application logs.
ETHICAL HACKING PROCESS The Ethical hacking process must be planned ahead. All technical, management and strategic problems should be thought-about. planning is very important for any amount of testing – from an easy password test to any or all out penetration test on an internet application. Backup off information must be ensured, otherwise the testing could also be known off unexpectedly if somebody claims they never authorises for the tests. So, a well outlined scope involves the subsequent in formation: 1.) Specific systems to be tested: While choosing systems to test, begin with the most critical systems and processes or those you think to be the most vulnerable. for instance, you'll check computer passwords, an Internet-facing web application, or try social engineering attacks before drilling down into all of your systems. 2.) Risks involved: It pays to own a contingency set up for your ethical hacking process just in case anything goes away. What if you are assessing your firewall or internet application and you are taking it down? This could cause system inaccessibility, which may cut back system performance or employee productivity. Even worse, it might cause loss of information integrity, loss of information itself, and even unhealthy publicity. It will most certainly check someone or two and make you look unhealthy. Handle social engineering and DoS attacks carefully. Determine how they'll have an effect on the systems you are testing and your entire organization. 3.) When the tests will be performed and your overall timeline: Determining while the tests are performed are a few things that you simply must assume long and hard about. Does one perform tests throughout normal business hours? However concerning late at midnight or early within the morning in order that production systems are not affected? Involve others to create certain they approve of your timing. The best approach is an infinite attack, whereby any variety of test is possible at any time of day. The dangerous guys are not breaking into your systems inside a restricted scope, thus why should you? Some exceptions to this approach are performing DoS attacks, social engineering, and physical security tests. 4.) How much information of the systems you've got before you begin testing: You do not need intensive information of the systems you are testing — simply a basic understanding. This basic understanding helps shield you and also the tested systems. 5.) What action will be taken while a serious vulnerability is discovered: Do not stop when you discover one security hole. this may result in a false sense of security. Keep getting to see what else you are able to discover. you do not need to keep hacking till
the end of your time or till you crash all of your systems; just pursue the path you are going down till you cannot hack it any further (pun intended). If you haven't found any vulnerabilities, you haven't looked hard enough. 6.) The specific deliverables: This includes security assessment reports and a higher-level report outlining the general vulnerabilities to be addressed, along with countermeasures that should be implemented.
ETHICAL HACKING TOOLS The specific deliverables: This includes security assessment reports and a higher-level report outlining the general vulnerabilities to be addressed, along with countermeasures that should be implemented. The list and description of several tools used in the ethical hacking process are as follows: Scanning tools: The Scanning tools are quite helpful in the ethical hacking process. In technical detail, a scanner sends a message requesting to open a connection with a computer on a particular port. (A port is an interface where different layers of software exchanges information). Port Scanners:  Nmap  Superscan  Nikto  Autoscan  Angry IP Scanner  Unicornscan Packet Sniffers: They allow you to capture and visualise the traffic that is coming on your website.  Wideshark  Ethercap  Dsniff  TCPdump  Etherape Vulnerability Exploitation: These are the tools you would use in order to gain access to various places.  Sqlmap  Sqlninja  Social Engineer Toolkit  Metasploit  BeEF  Dradis  Netsparker
Vulnerability Scanners: These are designed to access a computer or network’s vulnerability to attacks. The functionality of these tools varies from one to the other, but they all present a detailed analysis of how vulnerable your system is.  Open VAS  Nipper  Nessus  Retina  Nexpose  QualysGuard Hacking Operating System: These are OS that have been designed specifically for hackers.  Backtrack5r3  Kali Linux  SE Linux  Knoppix  Backbox Linux  Pentoo  Helix  DEFT  CAINE  Blackbuntu  NodeZero  Matriux Krypton Intrusion Detection System: These tools are one of the most important part of any security arrangement. They allow you to detect those threats that are potentially dangerous for your system.  NetCap  Snort
CEH Certified Ethical Hacker (CEH) is a professional designation for hackers that perform legitimate service for IT companies and other organisation. A CEH is hired to locate and repair application and system security vulnerabilities to preempt exploitation by black hat hackers and others with potentially illegal intensions. CEH oversight is provided by the International Council of E-Commerce Consultants (EC- Council). To beat a hacker, you need to think like one! a certified ethical Hacker is a skilled professional who understands and is aware of how to look for weaknesses and vulnerabilities in target systems and uses the same information and tools as a malicious hacker, however during a lawful and legitimate manner to assess the security posture of the target system(s). The CEH credential certifies individuals within the specific network security discipline of ethical Hacking from a vendor-neutral perspective. The Certified Ethical Hacker program is the pinnacle of the most desired information security training program any information security professional will ever want to be in. To master the hacking technologies, you will need to become one, but an ethical one! The authorised course provides the advanced hacking tools and techniques used by hackers and information security professionals alike to break into an organization. As we place it, “To beat a hacker, you need to think like a hacker”. This course will immerse you into the Hacker mind-set so you will be able to defend against future attacks. the security mind-set in any organization must not be restricted to the silos of a certain vendor, technologies or pieces of equipment.
ETHICAL HACKING: FUTURE IMPULSE It is always enticed to predict the future when it comes to computer security. Of course it‘s impossible to know for sure but it is possible to make an educated guess. They say we are in the “the golden age of hacking” and we do not agree more. Tools for both Windows and Linux are available and now anyone can actually be a decent hacker using nothing but windows. The best of times for those curious about security and how it can be breached and the worst of times if you are sitting on the net with a vulnerable computer. If we were to split hacking into 3 levels, say low, middle and high. Low is requiring the least amount of technical skill and relies more on social engineering and a few simple things like hardware key loggers. Middle level comprises a good skill with tools available and precompiled buffer overflows, etc... High is someone who can think way outside the box and deepest aspects of TCP/IP and can code accordingly. Our strong feeling is that the middle level as defined it will be the one that will disappear in the future. Buffer overflows will become a thing of the past. Technology is growing strongly towards that direction. Exploiting code will slowly become more and more difficult and tools that focus on that will lose more and more of their effectiveness. Hackers will either focus on things like social engineering or gaining physical access. Join a cleaning crew and place a hardware key logger. Come back the next night and retrieve it and while not very sophisticated it can be very devastating none the less. The high end will be those that understand the very core of IP6 and will understand how to manipulate packet flows in ways no one has ever thought about. Obviously if this scenario is correct, most hackers will focus on the low level and that perhaps is even scarier. Using a combination of hardware and social skills could prove the most difficult to defend against. That‘s the future as I see it happening. Let‘s wait and see!
CONCLUSION Ethical hacking looks to be a new buzz word although the techniques and concepts of testing security by attacking an installation aren’t new at all. But, with the current poor security on the internet, ethical hacking may be the most effective way to plug security holes and stop intrusions. On the opposite hand ethical hacking tools have also been disreputable tools for crackers. So, at this time the tactical objective is to remain one step ahead of the crackers. ethical Hacking is a tool, that if properly used, will prove useful for understanding the weaknesses of a network and the way they could be exploited. After all, ethical hacking can play a certain role in the security assessment offerings and positively has attained its place among alternative security assessments. lastly, it should be said that the ethical hacker is an educator who seeks to enlighten not only the client, but also the protection industry as a whole.
REFERENCES 1.) Gurpreet K. Juneja, “A Technique to Enhance Information Security”, Dec 2013. 2.) International Journal of Computer Applications (0975 – 8887) Volume 1 – No. 10 3.) Regina D. Hartley, Ethical Hacking: Teaching Students to Hack, East Carolina University. 4.) Amitesh Kumar Gupta, Asish Srivastava, Tinesh Kumar Goyal, Piyush Saxena, “ETHICAL HACKING: An Approach towards Penetration Testing “,International Journal of Modern Communication Technologies & Research (IJMCTR) ISSN: 2321- 0850, Volume-2, Issue-5, May 2014 5.) Monika Pangaria1, Vivek Shrivastava2,” Need of Ethical Hacking in Online World”, Volume.2. Issue 4.Apr 2014 6.) Aniruddha P Tekade, Pravin Gurjar, Pankaj R. Ingle, Dr.B.B.Meshram, “Ethical Hacking in Linux Environment”, International Journal of Engineering Research and Applications (IJERA) ISSN: 22489622 , Vol. 3, Issue 1, January -February 2013, pp.1854-1860 7.) Aileen G. Bacudio, 1Xiaohong Yuan, 2Bei-Tseng Bill Chu, 1Monique Jones, “An Overview of Penetration Testing”, Volume3.no.6, Nov 2011 8.) https://www.eccouncil.org/Certification/certified-ethical-hacker 9.) IEEE journals and proceeding papers

Recommended

Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
Mohammad Affan
 
Ethical Hacking Powerpoint
Ethical Hacking PowerpointEthical Hacking Powerpoint
Ethical Hacking Powerpoint
Ren Tuazon
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
Namrata Raiyani
 
Final report ethical hacking
Final report ethical hackingFinal report ethical hacking
Final report ethical hacking
samprada123
 
Ethical hacking : Its methodologies and tools
Ethical hacking : Its methodologies and toolsEthical hacking : Its methodologies and tools
Ethical hacking : Its methodologies and tools
chrizjohn896
 
Ethical hacking
Ethical hacking Ethical hacking
Ethical hacking
Institute of Information Security (IIS)
 
Inetsecurity.in Ethical Hacking presentation
Inetsecurity.in Ethical Hacking presentationInetsecurity.in Ethical Hacking presentation
Inetsecurity.in Ethical Hacking presentation
Joshua Prince
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
arohan6
 
Ethical hacking presentation
Ethical hacking presentationEthical hacking presentation
Ethical hacking presentation
Suryansh Srivastava
 
Introduction To Ethical Hacking
Introduction To Ethical HackingIntroduction To Ethical Hacking
Introduction To Ethical Hacking
Raghav Bisht
 
Hacking,History Of Hacking,Types of Hacking,Types Of Hackers,Cyber Laws for ...
Hacking,History Of Hacking,Types of Hacking,Types Of Hackers,Cyber Laws for ...Hacking,History Of Hacking,Types of Hacking,Types Of Hackers,Cyber Laws for ...
Hacking,History Of Hacking,Types of Hacking,Types Of Hackers,Cyber Laws for ...
Qazi Anwar
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
Goutham Shetty
 
Information Security and Ethical Hacking
Information Security and Ethical HackingInformation Security and Ethical Hacking
Information Security and Ethical Hacking
Divyank Jindal
 
hacking
hackinghacking
hacking
mayank1293
 
Introduction ethical hacking
Introduction ethical hackingIntroduction ethical hacking
Introduction ethical hacking
Vishal Kumar
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
Aditya Vikram Singhania
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
VipinYadav257
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
Tharindu Kalubowila
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
Alapan Banerjee
 
Full seminar report on ethical hacking
Full seminar report on ethical hackingFull seminar report on ethical hacking
Full seminar report on ethical hacking
Georgekutty Francis
 
Types of Hacker
Types of Hacker Types of Hacker
Types of Hacker
Mukund Kumar Bharti
 
Ethical hacking a licence to hack
Ethical hacking a licence to hackEthical hacking a licence to hack
Ethical hacking a licence to hack
Dharmesh Makwana
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
Monika Deswal
 
Cybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your OrganizationCybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your Organization
TriCorps Technologies
 
Hacking
HackingHacking
Hacking
Asma Khan
 
Ethical hacking presentation
Ethical hacking presentationEthical hacking presentation
Ethical hacking presentation
Georgekutty Francis
 
Presentation on ethical hacking
Presentation on ethical hackingPresentation on ethical hacking
Presentation on ethical hacking
Sunny Sundeep
 
Hacking
HackingHacking
Hacking
Sharique Masood
 
BASICS OF ETHICAL HACKING
BASICS OF ETHICAL HACKINGBASICS OF ETHICAL HACKING
BASICS OF ETHICAL HACKING
Drm Kapoor
 
GETTING STARTED WITH THE ETHICAL HACKING.pptx
GETTING STARTED WITH THE ETHICAL HACKING.pptxGETTING STARTED WITH THE ETHICAL HACKING.pptx
GETTING STARTED WITH THE ETHICAL HACKING.pptx
BishalRay8
 

More Related Content

What's hot (20)

Ethical hacking presentation
Ethical hacking presentationEthical hacking presentation
Ethical hacking presentation
Suryansh Srivastava
 
Introduction To Ethical Hacking
Introduction To Ethical HackingIntroduction To Ethical Hacking
Introduction To Ethical Hacking
Raghav Bisht
 
Hacking,History Of Hacking,Types of Hacking,Types Of Hackers,Cyber Laws for ...
Hacking,History Of Hacking,Types of Hacking,Types Of Hackers,Cyber Laws for ...Hacking,History Of Hacking,Types of Hacking,Types Of Hackers,Cyber Laws for ...
Hacking,History Of Hacking,Types of Hacking,Types Of Hackers,Cyber Laws for ...
Qazi Anwar
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
Goutham Shetty
 
Information Security and Ethical Hacking
Information Security and Ethical HackingInformation Security and Ethical Hacking
Information Security and Ethical Hacking
Divyank Jindal
 
hacking
hackinghacking
hacking
mayank1293
 
Introduction ethical hacking
Introduction ethical hackingIntroduction ethical hacking
Introduction ethical hacking
Vishal Kumar
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
Aditya Vikram Singhania
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
VipinYadav257
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
Tharindu Kalubowila
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
Alapan Banerjee
 
Full seminar report on ethical hacking
Full seminar report on ethical hackingFull seminar report on ethical hacking
Full seminar report on ethical hacking
Georgekutty Francis
 
Types of Hacker
Types of Hacker Types of Hacker
Types of Hacker
Mukund Kumar Bharti
 
Ethical hacking a licence to hack
Ethical hacking a licence to hackEthical hacking a licence to hack
Ethical hacking a licence to hack
Dharmesh Makwana
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
Monika Deswal
 
Cybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your OrganizationCybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your Organization
TriCorps Technologies
 
Hacking
HackingHacking
Hacking
Asma Khan
 
Ethical hacking presentation
Ethical hacking presentationEthical hacking presentation
Ethical hacking presentation
Georgekutty Francis
 
Presentation on ethical hacking
Presentation on ethical hackingPresentation on ethical hacking
Presentation on ethical hacking
Sunny Sundeep
 
Hacking
HackingHacking
Hacking
Sharique Masood
 
Ethical hacking presentation
Ethical hacking presentationEthical hacking presentation
Ethical hacking presentation
Suryansh Srivastava
 
Introduction To Ethical Hacking
Introduction To Ethical HackingIntroduction To Ethical Hacking
Introduction To Ethical Hacking
Raghav Bisht
 
Hacking,History Of Hacking,Types of Hacking,Types Of Hackers,Cyber Laws for ...
Hacking,History Of Hacking,Types of Hacking,Types Of Hackers,Cyber Laws for ...Hacking,History Of Hacking,Types of Hacking,Types Of Hackers,Cyber Laws for ...
Hacking,History Of Hacking,Types of Hacking,Types Of Hackers,Cyber Laws for ...
Qazi Anwar
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
Goutham Shetty
 
Information Security and Ethical Hacking
Information Security and Ethical HackingInformation Security and Ethical Hacking
Information Security and Ethical Hacking
Divyank Jindal
 
hacking
hackinghacking
hacking
mayank1293
 
Introduction ethical hacking
Introduction ethical hackingIntroduction ethical hacking
Introduction ethical hacking
Vishal Kumar
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
Aditya Vikram Singhania
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
VipinYadav257
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
Tharindu Kalubowila
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
Alapan Banerjee
 
Full seminar report on ethical hacking
Full seminar report on ethical hackingFull seminar report on ethical hacking
Full seminar report on ethical hacking
Georgekutty Francis
 
Types of Hacker
Types of Hacker Types of Hacker
Types of Hacker
Mukund Kumar Bharti
 
Ethical hacking a licence to hack
Ethical hacking a licence to hackEthical hacking a licence to hack
Ethical hacking a licence to hack
Dharmesh Makwana
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
Monika Deswal
 
Cybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your OrganizationCybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your Organization
TriCorps Technologies
 
Hacking
HackingHacking
Hacking
Asma Khan
 
Ethical hacking presentation
Ethical hacking presentationEthical hacking presentation
Ethical hacking presentation
Georgekutty Francis
 
Presentation on ethical hacking
Presentation on ethical hackingPresentation on ethical hacking
Presentation on ethical hacking
Sunny Sundeep
 
Hacking
HackingHacking
Hacking
Sharique Masood
 

Similar to Ethical Hacking (20)

BASICS OF ETHICAL HACKING
BASICS OF ETHICAL HACKINGBASICS OF ETHICAL HACKING
BASICS OF ETHICAL HACKING
Drm Kapoor
 
GETTING STARTED WITH THE ETHICAL HACKING.pptx
GETTING STARTED WITH THE ETHICAL HACKING.pptxGETTING STARTED WITH THE ETHICAL HACKING.pptx
GETTING STARTED WITH THE ETHICAL HACKING.pptx
BishalRay8
 
What is Ethical Hacking-defination, examples and techniques.pdf
What is Ethical Hacking-defination, examples and techniques.pdfWhat is Ethical Hacking-defination, examples and techniques.pdf
What is Ethical Hacking-defination, examples and techniques.pdf
JawaidAbdulHameed
 
Selected advanced themes in ethical hacking and penetration testing
Selected advanced themes in ethical hacking and penetration testingSelected advanced themes in ethical hacking and penetration testing
Selected advanced themes in ethical hacking and penetration testing
CSITiaesprime
 
Cyber Security PPT
Cyber Security PPTCyber Security PPT
Cyber Security PPT
ashish kumar
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
Nitheesh Adithyan
 
61370436 main-case-study
61370436 main-case-study61370436 main-case-study
61370436 main-case-study
homeworkping4
 
A Beginner’s Guide to Ethical Hacking.pdf
A Beginner’s Guide to Ethical Hacking.pdfA Beginner’s Guide to Ethical Hacking.pdf
A Beginner’s Guide to Ethical Hacking.pdf
uzair
 
Breaking the Code The Art of Ethical Hacking.pdf
Breaking the Code The Art of Ethical Hacking.pdfBreaking the Code The Art of Ethical Hacking.pdf
Breaking the Code The Art of Ethical Hacking.pdf
Cetpa Infotech
 
IRJET- Impact of Ethical Hacking on Business and Governments
IRJET- Impact of Ethical Hacking on Business and GovernmentsIRJET- Impact of Ethical Hacking on Business and Governments
IRJET- Impact of Ethical Hacking on Business and Governments
IRJET Journal
 
Ethical-Hacking-Course-After-12th.pptx
Ethical-Hacking-Course-After-12th.pptxEthical-Hacking-Course-After-12th.pptx
Ethical-Hacking-Course-After-12th.pptx
NarangYadav
 
Ethical Hacking.pptx
Ethical Hacking.pptxEthical Hacking.pptx
Ethical Hacking.pptx
StrongboxAcademy
 
What is Ethical Hacking?.pptx
What is Ethical Hacking?.pptxWhat is Ethical Hacking?.pptx
What is Ethical Hacking?.pptx
StrongboxAcademy
 
Hackers
HackersHackers
Hackers
Reyansh Vishwakarma
 
Dr.J.Jegan - Ethical Hacking - 06.12.2024.pptx
Dr.J.Jegan - Ethical Hacking - 06.12.2024.pptxDr.J.Jegan - Ethical Hacking - 06.12.2024.pptx
Dr.J.Jegan - Ethical Hacking - 06.12.2024.pptx
FerozaMirajkar1
 
Ashar Shaikh A-84 SEMINAR.pptx
Ashar Shaikh A-84 SEMINAR.pptxAshar Shaikh A-84 SEMINAR.pptx
Ashar Shaikh A-84 SEMINAR.pptx
asharshaikh8
 
Ethical Hacking .pptx
Ethical Hacking .pptxEthical Hacking .pptx
Ethical Hacking .pptx
johnnymaaza
 
Vulnerability Prevention Using Ethical Hacking.pdf
Vulnerability Prevention Using Ethical Hacking.pdfVulnerability Prevention Using Ethical Hacking.pdf
Vulnerability Prevention Using Ethical Hacking.pdf
MithunJV
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
Vishesh Singhal
 
ethical hacking report
ethical hacking report ethical hacking report
ethical hacking report
Akhilesh Patel
 
BASICS OF ETHICAL HACKING
BASICS OF ETHICAL HACKINGBASICS OF ETHICAL HACKING
BASICS OF ETHICAL HACKING
Drm Kapoor
 
GETTING STARTED WITH THE ETHICAL HACKING.pptx
GETTING STARTED WITH THE ETHICAL HACKING.pptxGETTING STARTED WITH THE ETHICAL HACKING.pptx
GETTING STARTED WITH THE ETHICAL HACKING.pptx
BishalRay8
 
What is Ethical Hacking-defination, examples and techniques.pdf
What is Ethical Hacking-defination, examples and techniques.pdfWhat is Ethical Hacking-defination, examples and techniques.pdf
What is Ethical Hacking-defination, examples and techniques.pdf
JawaidAbdulHameed
 
Selected advanced themes in ethical hacking and penetration testing
Selected advanced themes in ethical hacking and penetration testingSelected advanced themes in ethical hacking and penetration testing
Selected advanced themes in ethical hacking and penetration testing
CSITiaesprime
 
Cyber Security PPT
Cyber Security PPTCyber Security PPT
Cyber Security PPT
ashish kumar
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
Nitheesh Adithyan
 
61370436 main-case-study
61370436 main-case-study61370436 main-case-study
61370436 main-case-study
homeworkping4
 
A Beginner’s Guide to Ethical Hacking.pdf
A Beginner’s Guide to Ethical Hacking.pdfA Beginner’s Guide to Ethical Hacking.pdf
A Beginner’s Guide to Ethical Hacking.pdf
uzair
 
Breaking the Code The Art of Ethical Hacking.pdf
Breaking the Code The Art of Ethical Hacking.pdfBreaking the Code The Art of Ethical Hacking.pdf
Breaking the Code The Art of Ethical Hacking.pdf
Cetpa Infotech
 
IRJET- Impact of Ethical Hacking on Business and Governments
IRJET- Impact of Ethical Hacking on Business and GovernmentsIRJET- Impact of Ethical Hacking on Business and Governments
IRJET- Impact of Ethical Hacking on Business and Governments
IRJET Journal
 
Ethical-Hacking-Course-After-12th.pptx
Ethical-Hacking-Course-After-12th.pptxEthical-Hacking-Course-After-12th.pptx
Ethical-Hacking-Course-After-12th.pptx
NarangYadav
 
Ethical Hacking.pptx
Ethical Hacking.pptxEthical Hacking.pptx
Ethical Hacking.pptx
StrongboxAcademy
 
What is Ethical Hacking?.pptx
What is Ethical Hacking?.pptxWhat is Ethical Hacking?.pptx
What is Ethical Hacking?.pptx
StrongboxAcademy
 
Hackers
HackersHackers
Hackers
Reyansh Vishwakarma
 
Dr.J.Jegan - Ethical Hacking - 06.12.2024.pptx
Dr.J.Jegan - Ethical Hacking - 06.12.2024.pptxDr.J.Jegan - Ethical Hacking - 06.12.2024.pptx
Dr.J.Jegan - Ethical Hacking - 06.12.2024.pptx
FerozaMirajkar1
 
Ashar Shaikh A-84 SEMINAR.pptx
Ashar Shaikh A-84 SEMINAR.pptxAshar Shaikh A-84 SEMINAR.pptx
Ashar Shaikh A-84 SEMINAR.pptx
asharshaikh8
 
Ethical Hacking .pptx
Ethical Hacking .pptxEthical Hacking .pptx
Ethical Hacking .pptx
johnnymaaza
 
Vulnerability Prevention Using Ethical Hacking.pdf
Vulnerability Prevention Using Ethical Hacking.pdfVulnerability Prevention Using Ethical Hacking.pdf
Vulnerability Prevention Using Ethical Hacking.pdf
MithunJV
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
Vishesh Singhal
 
ethical hacking report
ethical hacking report ethical hacking report
ethical hacking report
Akhilesh Patel
 

Recently uploaded (19)

DNS Resolvers and Nameservers (in New Zealand)
DNS Resolvers and Nameservers (in New Zealand)DNS Resolvers and Nameservers (in New Zealand)
DNS Resolvers and Nameservers (in New Zealand)
APNIC
 
IT Services Workflow From Request to Resolution
IT Services Workflow From Request to ResolutionIT Services Workflow From Request to Resolution
IT Services Workflow From Request to Resolution
mzmziiskd
 
APNIC -Policy Development Process, presented at Local APIGA Taiwan 2025
APNIC -Policy Development Process, presented at Local APIGA Taiwan 2025APNIC -Policy Development Process, presented at Local APIGA Taiwan 2025
APNIC -Policy Development Process, presented at Local APIGA Taiwan 2025
APNIC
 
(Hosting PHising Sites) for Cryptography and network security
(Hosting PHising Sites) for Cryptography and network security(Hosting PHising Sites) for Cryptography and network security
(Hosting PHising Sites) for Cryptography and network security
aluacharya169
 
Mobile database for your company telemarketing or sms marketing campaigns. Fr...
Mobile database for your company telemarketing or sms marketing campaigns. Fr...Mobile database for your company telemarketing or sms marketing campaigns. Fr...
Mobile database for your company telemarketing or sms marketing campaigns. Fr...
DataProvider1
 
Best web hosting Vancouver 2025 for you business
Best web hosting Vancouver 2025 for you businessBest web hosting Vancouver 2025 for you business
Best web hosting Vancouver 2025 for you business
steve198109
 
project_based_laaaaaaaaaaearning,kelompok 10.pptx
project_based_laaaaaaaaaaearning,kelompok 10.pptxproject_based_laaaaaaaaaaearning,kelompok 10.pptx
project_based_laaaaaaaaaaearning,kelompok 10.pptx
redzuriel13
 
White and Red Clean Car Business Pitch Presentation.pptx
White and Red Clean Car Business Pitch Presentation.pptxWhite and Red Clean Car Business Pitch Presentation.pptx
White and Red Clean Car Business Pitch Presentation.pptx
canumatown
 
Understanding the Tor Network and Exploring the Deep Web
Understanding the Tor Network and Exploring the Deep WebUnderstanding the Tor Network and Exploring the Deep Web
Understanding the Tor Network and Exploring the Deep Web
nabilajabin35
 
Computers Networks Computers Networks Computers Networks
Computers Networks Computers Networks Computers NetworksComputers Networks Computers Networks Computers Networks
Computers Networks Computers Networks Computers Networks
Tito208863
 
Perguntas dos animais - Slides ilustrados de múltipla escolha
Perguntas dos animais - Slides ilustrados de múltipla escolhaPerguntas dos animais - Slides ilustrados de múltipla escolha
Perguntas dos animais - Slides ilustrados de múltipla escolha
socaslev
 
Reliable Vancouver Web Hosting with Local Servers & 24/7 Support
Reliable Vancouver Web Hosting with Local Servers & 24/7 SupportReliable Vancouver Web Hosting with Local Servers & 24/7 Support
Reliable Vancouver Web Hosting with Local Servers & 24/7 Support
steve198109
 
APNIC Update, presented at NZNOG 2025 by Terry Sweetser
APNIC Update, presented at NZNOG 2025 by Terry SweetserAPNIC Update, presented at NZNOG 2025 by Terry Sweetser
APNIC Update, presented at NZNOG 2025 by Terry Sweetser
APNIC
 
Top Vancouver Green Business Ideas for 2025 Powered by 4GoodHosting
Top Vancouver Green Business Ideas for 2025 Powered by 4GoodHostingTop Vancouver Green Business Ideas for 2025 Powered by 4GoodHosting
Top Vancouver Green Business Ideas for 2025 Powered by 4GoodHosting
steve198109
 
5-Proses-proses Akuisisi Citra Digital.pptx
5-Proses-proses Akuisisi Citra Digital.pptx5-Proses-proses Akuisisi Citra Digital.pptx
5-Proses-proses Akuisisi Citra Digital.pptx
andani26
 
highend-srxseries-services-gateways-customer-presentation.pptx
highend-srxseries-services-gateways-customer-presentation.pptxhighend-srxseries-services-gateways-customer-presentation.pptx
highend-srxseries-services-gateways-customer-presentation.pptx
elhadjcheikhdiop
 
Smart Mobile App Pitch Deck丨AI Travel App Presentation Template
Smart Mobile App Pitch Deck丨AI Travel App Presentation TemplateSmart Mobile App Pitch Deck丨AI Travel App Presentation Template
Smart Mobile App Pitch Deck丨AI Travel App Presentation Template
yojeari421237
 
OSI TCP IP Protocol Layers description f
OSI TCP IP Protocol Layers description fOSI TCP IP Protocol Layers description f
OSI TCP IP Protocol Layers description f
cbr49917
 
Determining Glass is mechanical textile
Determining Glass is mechanical textileDetermining Glass is mechanical textile
Determining Glass is mechanical textile
Azizul Hakim
 
DNS Resolvers and Nameservers (in New Zealand)
DNS Resolvers and Nameservers (in New Zealand)DNS Resolvers and Nameservers (in New Zealand)
DNS Resolvers and Nameservers (in New Zealand)
APNIC
 
IT Services Workflow From Request to Resolution
IT Services Workflow From Request to ResolutionIT Services Workflow From Request to Resolution
IT Services Workflow From Request to Resolution
mzmziiskd
 
APNIC -Policy Development Process, presented at Local APIGA Taiwan 2025
APNIC -Policy Development Process, presented at Local APIGA Taiwan 2025APNIC -Policy Development Process, presented at Local APIGA Taiwan 2025
APNIC -Policy Development Process, presented at Local APIGA Taiwan 2025
APNIC
 
(Hosting PHising Sites) for Cryptography and network security
(Hosting PHising Sites) for Cryptography and network security(Hosting PHising Sites) for Cryptography and network security
(Hosting PHising Sites) for Cryptography and network security
aluacharya169
 
Mobile database for your company telemarketing or sms marketing campaigns. Fr...
Mobile database for your company telemarketing or sms marketing campaigns. Fr...Mobile database for your company telemarketing or sms marketing campaigns. Fr...
Mobile database for your company telemarketing or sms marketing campaigns. Fr...
DataProvider1
 
Best web hosting Vancouver 2025 for you business
Best web hosting Vancouver 2025 for you businessBest web hosting Vancouver 2025 for you business
Best web hosting Vancouver 2025 for you business
steve198109
 
project_based_laaaaaaaaaaearning,kelompok 10.pptx
project_based_laaaaaaaaaaearning,kelompok 10.pptxproject_based_laaaaaaaaaaearning,kelompok 10.pptx
project_based_laaaaaaaaaaearning,kelompok 10.pptx
redzuriel13
 
White and Red Clean Car Business Pitch Presentation.pptx
White and Red Clean Car Business Pitch Presentation.pptxWhite and Red Clean Car Business Pitch Presentation.pptx
White and Red Clean Car Business Pitch Presentation.pptx
canumatown
 
Understanding the Tor Network and Exploring the Deep Web
Understanding the Tor Network and Exploring the Deep WebUnderstanding the Tor Network and Exploring the Deep Web
Understanding the Tor Network and Exploring the Deep Web
nabilajabin35
 
Computers Networks Computers Networks Computers Networks
Computers Networks Computers Networks Computers NetworksComputers Networks Computers Networks Computers Networks
Computers Networks Computers Networks Computers Networks
Tito208863
 
Perguntas dos animais - Slides ilustrados de múltipla escolha
Perguntas dos animais - Slides ilustrados de múltipla escolhaPerguntas dos animais - Slides ilustrados de múltipla escolha
Perguntas dos animais - Slides ilustrados de múltipla escolha
socaslev
 
Reliable Vancouver Web Hosting with Local Servers & 24/7 Support
Reliable Vancouver Web Hosting with Local Servers & 24/7 SupportReliable Vancouver Web Hosting with Local Servers & 24/7 Support
Reliable Vancouver Web Hosting with Local Servers & 24/7 Support
steve198109
 
APNIC Update, presented at NZNOG 2025 by Terry Sweetser
APNIC Update, presented at NZNOG 2025 by Terry SweetserAPNIC Update, presented at NZNOG 2025 by Terry Sweetser
APNIC Update, presented at NZNOG 2025 by Terry Sweetser
APNIC
 
Top Vancouver Green Business Ideas for 2025 Powered by 4GoodHosting
Top Vancouver Green Business Ideas for 2025 Powered by 4GoodHostingTop Vancouver Green Business Ideas for 2025 Powered by 4GoodHosting
Top Vancouver Green Business Ideas for 2025 Powered by 4GoodHosting
steve198109
 
5-Proses-proses Akuisisi Citra Digital.pptx
5-Proses-proses Akuisisi Citra Digital.pptx5-Proses-proses Akuisisi Citra Digital.pptx
5-Proses-proses Akuisisi Citra Digital.pptx
andani26
 
highend-srxseries-services-gateways-customer-presentation.pptx
highend-srxseries-services-gateways-customer-presentation.pptxhighend-srxseries-services-gateways-customer-presentation.pptx
highend-srxseries-services-gateways-customer-presentation.pptx
elhadjcheikhdiop
 
Smart Mobile App Pitch Deck丨AI Travel App Presentation Template
Smart Mobile App Pitch Deck丨AI Travel App Presentation TemplateSmart Mobile App Pitch Deck丨AI Travel App Presentation Template
Smart Mobile App Pitch Deck丨AI Travel App Presentation Template
yojeari421237
 
OSI TCP IP Protocol Layers description f
OSI TCP IP Protocol Layers description fOSI TCP IP Protocol Layers description f
OSI TCP IP Protocol Layers description f
cbr49917
 
Determining Glass is mechanical textile
Determining Glass is mechanical textileDetermining Glass is mechanical textile
Determining Glass is mechanical textile
Azizul Hakim
 

Ethical Hacking

  • 1. AMITY SCHOOL OF ENGINEERING AND TECHNOLOGY Gwalior, Madhya Pradesh Term Paper On ETHICAL HACKING Submitted To:- Submitted By:- Mrs.Samta Jain Goyal Sanu Subham Head, Dept. of IT B.C.A AUMP, Gwalior Sem-III
  • 2. INDEX S.N. TOPIC SIGN. REMARKS 1. Abstract 2. Keywords 3. Introduction 4. Categories of hackers 5. Penetration Testing 6. Working of an ethical hacker 7. Ethical hacking methodology 8. Ethical hacking process 9. Hacking tools 10. CEH 11. Ethical hacking: Future impulse 12. Conclusion 13. References
  • 3. ABSTRACT We live in security era, where we are securing all our belongings beneath different modes of lock however it’s different within the case of system security. We are carelessly leaving our datas and softwares unlocked. The state of security on the web is dangerous and obtaining worse. One reaction to the present state of affairs is termed as Ethical Hacking that attempts to extend security protection by distinguishing and fix identified security vulnerabilities on systems owned by different parties. As public and personal organizations migrate additional of their critical functions to the web, criminals have additional chance and incentive to achieve access to sensitive info through the online application. So, ethical hacking is an assessment to check and test a information technology environment for possible weak links and vulnerabilities. Ethical hacking describes the way of hacking a network in an ethical method, thus with good intentions. This paper describes what ethical hacking is, what it will do, an ethical hacking methodology also as some tools which might be used for an ethical hack.
  • 4. KEYWORDS  Hacking  Hacker  Ethical Hacking  Vulnerabilities  Hacker  Cracker  Security  Tools  Intrusion
  • 5. INTRODUCTION The immense growth of internet has brought several treats like electronic commerce, email, easy accessibility to large stores of reference material etc. One among the more practical ways in which of testing network security is penetration testing or ethical hacking. Activities concentrate on the identification and exploitation of security vulnerabilities, and consequent implementation of corrective measures (Using an Ethical Hacking Technique). Organizations are more and more evaluating the success or failure of their current security measures through then use of ethical hacking processes. As, with most technological advances, there's additionally different side: criminal hackers who can secretly steal the organization’s data and transmit it to the open internet. These varieties of hackers are known as black hat hackers. So, to beat from these major problems, another type of hackers came into existence and these hackers are termed as ethical hackers or white hat hackers. So, this paper describes ethical hackers, their skills and the way they're going concerning serving to their customers. Ethical hackers perform the hacks as security tests for his or her systems. This kind of hacking is often legal and trustworthy. In different terms ethical hacking is the testing of resources for the betterment of technology and is focused on securing and protective IP systems. Ethical hacking is a method of doing a security assessment. Like all different assessments an ethical hack may be a random sample and spending an ethical hack doesn’t mean there are not any security problems. What is Ethical Hacking? Ethical hacking provides some way to see the protection of an information technology environment – a minimum of from a technical purpose of view. As the name ethical hacking already tells, the concept has one thing to do with hacking. However what do “hacking” mean? “The word hacking has two definitions. The primary definition refers to the hobby/profession of operating with computers. The second definition refers to breaking into Pc systems. Whereas the primary definition is older and continues to be utilized by several Pc enthusiasts (who discuss with cyber-criminals as "crackers"), the second definition is far more commonly used.” Within the context of “ethical hacking”, hacking refers to the second definition – breaking into pc systems. It is assumed that hacking is illegitimate, as breaking into a house would be. At this time, “ethical” comes into play. Ethical contains a positive bit and describes anything noble that leads us to the subsequent definition of ethical hacking: ethical hacking describes the method of offensive and penetrating Pc systems and networks to find and indicate potential security weaknesses for a consumer that is liable for the attacked information technology environment. An ethical hack’s results may be a elaborate report of the findings in addition as an affidavit that a hacker with sure amount of your time and skills is or isn’t able to successfully attack a system or get access to certain data. Ethical hacking are often categorised as a security assessment, a form of training, a check for the security of an information technology environment. An ethical hack shows the risks an information technology environment is facing and actions are often taken to cut back certain risks or to
  • 6. just accept them. We will simply say that ethical hacking will absolutely match into the security life cycle shown with the below figure. Fig. 1 Security life cycle An ethical hacker is thus a “good” hacker, someone who uses the methods and tools of the blackhat community to check the security of networks and servers. The goal of an ethical hack is neither to try and do harm nor to transfer any valuable data – it’s more a service for a consumer to check his environment on however it would stand up to a hacker attack. The ultimate output from an ethical hack is usually a detailed report concerning the detected issues and vulnerabilities. Sometimes, the report will even have directions on the way to remove certain vulnerabilities.
  • 7. CATEGORIES OF HACKERS White Hats Ethical hacker is referred to as White hat hacker, or white hat, they use programming skills to see the vulnerabilities in computer systems. The term "white hat" refers to an ethical computer hacker, or a computer security skilled, who focuses on penetration testing and in different testing methodologies to make sure the security of an organization's information systems. Black Hats Non-ethical hacker or black hat exploits these vulnerabilities for personal gain or different functions. Ethical hacker ruminate the weakness in computer security, points them out and will recommend changes to system to secure the information. Black hat hackers are also named as "crackers" among the security industry and by modern programmers. Grey Hats The term "grey hat" refers to a computer hacker or computer security expert whose ethical standards fall somewhere between strictly unselfish and strictly malicious. Grey Hats hack for various reasons either ethically or unethically depending on the condition and circumstances at hand.
  • 8. PENETRATION TESTING A penetration test is a software attack on a computer system that appears for security weaknesses, probably gaining access to the computer's features and information. It is also known as intrusion testing and red teaming is the methodology of examining the weakness and vulnerabilities of computer and network security. Penetration testing is used to measure the performance of system security. Needof Penetration Testing The main purpose of penetration testing is to identify the security weakness under controlled circumstances in order that the security flaws are often eliminated before hackers exploit the system. Ethical hackers use their skills and apply penetration testing to find the vulnerability Assessment, provide importance to high sensitive information. Penetration testing is also done from business perspective to safeguard the organization against failure through preventing loss, similarly as operational perspective to identify the danger and vulnerabilities. Types of Penetration Test There are two type of penetration testing 1) Black Box Test 2) White Box Test Penetration testing depends upon the situation of an organization desires to check, whether the scope is to simulate an attack by an insider or external source. The distinction between the two is that the quantity of information provided to the penetration tester concerning the system is tested. In black box penetration testing is closely stimulated to it of an external attacker, giving very little data or no information concerning the systems to be tested. The penetration testers gather the maximum amount as information concerning the target system as possible to perform the test. In white box penetration testing the tester usually supplied with elaborated information concerning the network to be tested embrace the IP address.
  • 9. WORKING OF AN ETHICAL HACKER The working of an ethical hacker involves the following mentioned steps 1) Obeying the Ethical Hacking Directives: All the Ethical Hacker should follow few basic principles. If he doesn't follow, dangerous things will happen. Most of the time these principles get neglected or forgotten when designing or executing ethical hacking tests. The results are even so dangerous. 2) Working ethically: The word ethical is defined as working with high skilled morals and principles. whether you’re performing ethical hacking tests against your own systems or for somebody who has employed you, everything you are doing as an ethical Hacker should be approved and should support the company’s goals. No hidden agendas are allowed. trustworthiness is the final objective. The misuse of information is completely not allowed. 3) Respecting Privacy: Treat the data you gather with complete respect. All data you acquire throughout your testing from internet application log files to clear-text passwords — should be kept personal. 4) Not crashing your systems: One of the biggest mistakes is when individuals attempt to hack their own systems; they come up with crashing their systems. the reason for this can be poor planning. These testers haven't read the documentation or misunderstand the usage and power of the security tools and techniques. you can simply produce miserable conditions on your systems while testing. Running too several tests too quickly on a system causes several system lockups. several security assessment tools will control how many tests are performed on a system at a constant time. These tools are particularly handy if you need to run the tests on production systems throughout regular business hours. 5) Executing the plan: In Ethical hacking, time and patience are very important. You must be careful when you’re performing your ethical hacking tests.
  • 10. ETHICAL HACKING METHODOLOGY An ethical hacking methodology is pretty similar to a hacking methodology as there are more or less the similar goals. An ethical hacker doesn’t need to take that much care in hiding his traces and tracks. He can chose a more aggressive way and doesn’t need to bother with slowing down portscans (to avoid detection) or evading intrusion detection systems – at least most of the time unless it is specially desired by the client. Mostly, an ethical hacker just hasn’t the time to be that careful in blurring his traces and tracks unless the customer pays for. Nevertheless, a lot of similarities can be found to a hacking methodology. An ethical hacking methodology overview can be seen in figure 2. A similar setup could be used by a hacker for his attacks. The ethical hacking methodology described is based on eight possible phases where interactions between the phases are possible, even required as hacking is an iterative process; going back to an earlier phase is absolutely possible (and needed). Fig. 2 Ethical hacking methodology
  • 11. 1.) Reconnaissance: It states to gather as more information as we can about target in prior to perform an attack. It can be further classified into Active and Passive. Former involves information gathering with direct interaction like social engineering and the later without any direct interaction by searching news release or public records. 2.) Scanning: It states to scan for all the open as well as closed ports and even for the known vulnerabilities on the target machine. 3.) Gaining Control: It can be gained at OS level, system level or even network level. From normal access hacker can even proceed with privilege escalation. It often includes password cracking, buffer overflows, DoS attack etc. 4.) Maintaining Access: It is where hacker strives to retain its control over target with backdoors, root kits or Trojans. Compromised machines can even be used as Bots and Zombies for further attacks. 5.) Covering Tracks : It is also known as Daisy Chaining. To avoid being exposed or caught, a good hacker will leave no impressions of his presence. So he attempts to overwrite the system and application logs.
  • 12. ETHICAL HACKING PROCESS The Ethical hacking process must be planned ahead. All technical, management and strategic problems should be thought-about. planning is very important for any amount of testing – from an easy password test to any or all out penetration test on an internet application. Backup off information must be ensured, otherwise the testing could also be known off unexpectedly if somebody claims they never authorises for the tests. So, a well outlined scope involves the subsequent in formation: 1.) Specific systems to be tested: While choosing systems to test, begin with the most critical systems and processes or those you think to be the most vulnerable. for instance, you'll check computer passwords, an Internet-facing web application, or try social engineering attacks before drilling down into all of your systems. 2.) Risks involved: It pays to own a contingency set up for your ethical hacking process just in case anything goes away. What if you are assessing your firewall or internet application and you are taking it down? This could cause system inaccessibility, which may cut back system performance or employee productivity. Even worse, it might cause loss of information integrity, loss of information itself, and even unhealthy publicity. It will most certainly check someone or two and make you look unhealthy. Handle social engineering and DoS attacks carefully. Determine how they'll have an effect on the systems you are testing and your entire organization. 3.) When the tests will be performed and your overall timeline: Determining while the tests are performed are a few things that you simply must assume long and hard about. Does one perform tests throughout normal business hours? However concerning late at midnight or early within the morning in order that production systems are not affected? Involve others to create certain they approve of your timing. The best approach is an infinite attack, whereby any variety of test is possible at any time of day. The dangerous guys are not breaking into your systems inside a restricted scope, thus why should you? Some exceptions to this approach are performing DoS attacks, social engineering, and physical security tests. 4.) How much information of the systems you've got before you begin testing: You do not need intensive information of the systems you are testing — simply a basic understanding. This basic understanding helps shield you and also the tested systems. 5.) What action will be taken while a serious vulnerability is discovered: Do not stop when you discover one security hole. this may result in a false sense of security. Keep getting to see what else you are able to discover. you do not need to keep hacking till
  • 13. the end of your time or till you crash all of your systems; just pursue the path you are going down till you cannot hack it any further (pun intended). If you haven't found any vulnerabilities, you haven't looked hard enough. 6.) The specific deliverables: This includes security assessment reports and a higher-level report outlining the general vulnerabilities to be addressed, along with countermeasures that should be implemented.
  • 14. ETHICAL HACKING TOOLS The specific deliverables: This includes security assessment reports and a higher-level report outlining the general vulnerabilities to be addressed, along with countermeasures that should be implemented. The list and description of several tools used in the ethical hacking process are as follows: Scanning tools: The Scanning tools are quite helpful in the ethical hacking process. In technical detail, a scanner sends a message requesting to open a connection with a computer on a particular port. (A port is an interface where different layers of software exchanges information). Port Scanners:  Nmap  Superscan  Nikto  Autoscan  Angry IP Scanner  Unicornscan Packet Sniffers: They allow you to capture and visualise the traffic that is coming on your website.  Wideshark  Ethercap  Dsniff  TCPdump  Etherape Vulnerability Exploitation: These are the tools you would use in order to gain access to various places.  Sqlmap  Sqlninja  Social Engineer Toolkit  Metasploit  BeEF  Dradis  Netsparker
  • 15. Vulnerability Scanners: These are designed to access a computer or network’s vulnerability to attacks. The functionality of these tools varies from one to the other, but they all present a detailed analysis of how vulnerable your system is.  Open VAS  Nipper  Nessus  Retina  Nexpose  QualysGuard Hacking Operating System: These are OS that have been designed specifically for hackers.  Backtrack5r3  Kali Linux  SE Linux  Knoppix  Backbox Linux  Pentoo  Helix  DEFT  CAINE  Blackbuntu  NodeZero  Matriux Krypton Intrusion Detection System: These tools are one of the most important part of any security arrangement. They allow you to detect those threats that are potentially dangerous for your system.  NetCap  Snort
  • 16. CEH Certified Ethical Hacker (CEH) is a professional designation for hackers that perform legitimate service for IT companies and other organisation. A CEH is hired to locate and repair application and system security vulnerabilities to preempt exploitation by black hat hackers and others with potentially illegal intensions. CEH oversight is provided by the International Council of E-Commerce Consultants (EC- Council). To beat a hacker, you need to think like one! a certified ethical Hacker is a skilled professional who understands and is aware of how to look for weaknesses and vulnerabilities in target systems and uses the same information and tools as a malicious hacker, however during a lawful and legitimate manner to assess the security posture of the target system(s). The CEH credential certifies individuals within the specific network security discipline of ethical Hacking from a vendor-neutral perspective. The Certified Ethical Hacker program is the pinnacle of the most desired information security training program any information security professional will ever want to be in. To master the hacking technologies, you will need to become one, but an ethical one! The authorised course provides the advanced hacking tools and techniques used by hackers and information security professionals alike to break into an organization. As we place it, “To beat a hacker, you need to think like a hacker”. This course will immerse you into the Hacker mind-set so you will be able to defend against future attacks. the security mind-set in any organization must not be restricted to the silos of a certain vendor, technologies or pieces of equipment.
  • 17. ETHICAL HACKING: FUTURE IMPULSE It is always enticed to predict the future when it comes to computer security. Of course it‘s impossible to know for sure but it is possible to make an educated guess. They say we are in the “the golden age of hacking” and we do not agree more. Tools for both Windows and Linux are available and now anyone can actually be a decent hacker using nothing but windows. The best of times for those curious about security and how it can be breached and the worst of times if you are sitting on the net with a vulnerable computer. If we were to split hacking into 3 levels, say low, middle and high. Low is requiring the least amount of technical skill and relies more on social engineering and a few simple things like hardware key loggers. Middle level comprises a good skill with tools available and precompiled buffer overflows, etc... High is someone who can think way outside the box and deepest aspects of TCP/IP and can code accordingly. Our strong feeling is that the middle level as defined it will be the one that will disappear in the future. Buffer overflows will become a thing of the past. Technology is growing strongly towards that direction. Exploiting code will slowly become more and more difficult and tools that focus on that will lose more and more of their effectiveness. Hackers will either focus on things like social engineering or gaining physical access. Join a cleaning crew and place a hardware key logger. Come back the next night and retrieve it and while not very sophisticated it can be very devastating none the less. The high end will be those that understand the very core of IP6 and will understand how to manipulate packet flows in ways no one has ever thought about. Obviously if this scenario is correct, most hackers will focus on the low level and that perhaps is even scarier. Using a combination of hardware and social skills could prove the most difficult to defend against. That‘s the future as I see it happening. Let‘s wait and see!
  • 18. CONCLUSION Ethical hacking looks to be a new buzz word although the techniques and concepts of testing security by attacking an installation aren’t new at all. But, with the current poor security on the internet, ethical hacking may be the most effective way to plug security holes and stop intrusions. On the opposite hand ethical hacking tools have also been disreputable tools for crackers. So, at this time the tactical objective is to remain one step ahead of the crackers. ethical Hacking is a tool, that if properly used, will prove useful for understanding the weaknesses of a network and the way they could be exploited. After all, ethical hacking can play a certain role in the security assessment offerings and positively has attained its place among alternative security assessments. lastly, it should be said that the ethical hacker is an educator who seeks to enlighten not only the client, but also the protection industry as a whole.
  • 19. REFERENCES 1.) Gurpreet K. Juneja, “A Technique to Enhance Information Security”, Dec 2013. 2.) International Journal of Computer Applications (0975 – 8887) Volume 1 – No. 10 3.) Regina D. Hartley, Ethical Hacking: Teaching Students to Hack, East Carolina University. 4.) Amitesh Kumar Gupta, Asish Srivastava, Tinesh Kumar Goyal, Piyush Saxena, “ETHICAL HACKING: An Approach towards Penetration Testing “,International Journal of Modern Communication Technologies & Research (IJMCTR) ISSN: 2321- 0850, Volume-2, Issue-5, May 2014 5.) Monika Pangaria1, Vivek Shrivastava2,” Need of Ethical Hacking in Online World”, Volume.2. Issue 4.Apr 2014 6.) Aniruddha P Tekade, Pravin Gurjar, Pankaj R. Ingle, Dr.B.B.Meshram, “Ethical Hacking in Linux Environment”, International Journal of Engineering Research and Applications (IJERA) ISSN: 22489622 , Vol. 3, Issue 1, January -February 2013, pp.1854-1860 7.) Aileen G. Bacudio, 1Xiaohong Yuan, 2Bei-Tseng Bill Chu, 1Monique Jones, “An Overview of Penetration Testing”, Volume3.no.6, Nov 2011 8.) https://www.eccouncil.org/Certification/certified-ethical-hacker 9.) IEEE journals and proceeding papers