Introduction to Ethical

Hacking
BY
VICTOR AKOR
 Ethical Hacking
Ethical hacking, also known as penetration testing or white-hat
hacking, involves the practice of legally breaking into computers and
devices to test an organization's defenses.
This process helps identify vulnerabilities that malicious hackers
could exploit.
Ethical hackers use the same techniques and tools as cybercriminals,
but with the permission of the system owner and with the goal of
improving security.
 key concepts in ethical hacking
•Legality and Permission: Ethical hacking is always conducted with the explicit consent of the owner of the
system or network being tested. This ensures the activity is legal and avoids any potential legal repercussions.
•Process: Ethical hackers follow a structured approach, typically involving:
◦ Reconnaissance: Gathering information about the target system, such as its operating system, software versions, and
network configuration.
◦ Scanning and Enumeration: Identifying vulnerabilities in the system using automated tools and manual techniques.
◦ Gaining Access: Exploiting identified vulnerabilities to gain unauthorized access to the system, mimicking how real
attackers might operate.
◦ Maintaining Access: Establishing persistence mechanisms to maintain access to the system for further exploration or
exploitation.
◦ Post-Exploitation: Performing actions within the compromised system, such as stealing data or installing malware (in a
controlled environment to understand the attacker's potential impact).
◦ Reporting and Remediation: Documenting the findings in detail, outlining the identified vulnerabilities and their severity,
and working with the owner to remediate the vulnerabilities and improve security.
 Importance of Ethical Hacking
Proactive Defense: Identifying and fixing vulnerabilities before they can be exploited.
Regulatory Compliance: Many industries require regular security assessments to meet
compliance standards.
Preventing Data Breaches: By identifying weaknesses, organizations can prevent potential data
breaches that could lead to financial loss and reputational damage.
Enhancing Security Posture: Continuous testing and improvement of security measures help
maintain a robust defense against evolving threats.
 Key Terminology
Vulnerability: A weakness in a system that can be exploited to gain unauthorized
access.
Exploit: A method used by hackers to take advantage of a vulnerability.
Penetration Testing: The process of testing a computer system, network, or web
application to find vulnerabilities that an attacker could exploit.
Threat: Any potential danger that can exploit a vulnerability.
Risk: The potential for loss or damage when a threat exploits a vulnerability.
 Types of Ethical Hacking
1.Web Application Hacking: Testing the security of web applications.
2.Network Hacking: Identifying vulnerabilities in network infrastructure.
3.System Hacking: Gaining access to individual systems to identify and fix
vulnerabilities.
4.Social Engineering: Manipulating individuals into divulging confidential
information.
5.Wireless Network Hacking: Testing the security of wireless networks
 Methodology
Reconnaissance: Gathering information about the target before launching an attack.
◦ Passive Reconnaissance: Collecting information without direct interaction with the target.
◦ Active Reconnaissance: Directly interacting with the target to gather information.
Scanning: Identifying open ports, services, and potential vulnerabilities.
◦ Network Scanning: Discovering live hosts and open ports.
◦ Vulnerability Scanning: Detecting known vulnerabilities in systems and applications.
Gaining Access: Exploiting vulnerabilities to gain access to the target system.
◦ Exploitation Tools: Using tools like Metasploit to exploit identified vulnerabilities.
Maintaining Access: Ensuring continued access to the target system.
◦ Backdoors and Rootkits: Installing backdoors and rootkits to maintain access.
Covering Tracks: Hiding evidence of the hacking activity to avoid detection.
◦ Log Cleaning: Removing or altering log entries to hide traces of the attack
 Tools Used in Ethical Hacking
Nmap: Network scanning tool for discovering hosts and services on a computer
network.
Wireshark: Network protocol analyzer for capturing and analyzing network traffic.
Metasploit: Framework for developing and executing exploit code against a remote
target.
Burp Suite: Integrated platform for performing security testing of web applications.
John the Ripper: Password cracking tool.
Kali Linux: Linux distribution with a wide range of security tools pre-installed.
 Legal and Ethical Considerations

1.Permission: Always obtain explicit permission before conducting any

hacking activities.
2.Non-Disclosure Agreements (NDAs): Ensure confidentiality of
sensitive information discovered during testing.
3.Reporting: Provide detailed reports of findings and recommended
mitigations.
4.Responsibility: Ethical hackers must act responsibly, respecting
privacy and data integrity.
Conclusion

Ethical hacking is an essential practice for organizations to defend

against cyber threats. By proactively identifying and addressing
vulnerabilities, ethical hackers help ensure the security and integrity
of systems and data. This discipline requires not only technical skills
but also a strong sense of ethics and responsibility.
 Information security
•Definition: Protecting information and information systems
from unauthorized access, use, disclosure, disruption,
modification, or destruction.
•Goals:
• Confidentiality: Ensuring information is accessible only
to those authorized.
• Integrity: Safeguarding the accuracy and completeness
of information.
• Availability: Ensuring authorized users have access to
information and resources when needed.
Key Concepts in Information Security
Authentication: Verifying the identity of a
user or device.
Authorization: Granting or denying
permissions to resources.
Non-repudiation: Ensuring that a party
cannot deny the authenticity of their
signature on a document or a sent
message.
Risk Management: Identifying, assessing,
and prioritizing risks followed by
coordinated efforts to minimize or control
their impact.
 Common Security Threats
Malware: Malicious software like viruses, worms,
and trojans.
Phishing: Deceptive attempts to obtain sensitive
information by pretending to be a trustworthy
entity.
Ransomware: Malware that encrypts data and
demands payment for the decryption key.
DDoS Attacks: Distributed Denial of Service attacks
overload a network or server to disrupt service.
Insider Threats: Threats originating from within the
organization, such as disgruntled employees.
Attack Vectors

•Email: Phishing, malware delivery.

•Web Applications: SQL injection, Cross-Site Scripting
(XSS).
•Network: Man-in-the-Middle attacks, packet sniffing.
•Endpoints: Unsecured devices, outdated software.
•Social Engineering: Manipulating people to divulge
confidential information.
 Introduction to Foot printing and
Reconnaissance
•Definition: Foot printing and reconnaissance are the
first steps in the penetration testing process.
•They involve gathering information about a target
system to find ways to infiltrate it.
•Purpose: To collect as much data as possible about
the target to identify potential vulnerabilities.
Footprinting Techniques

1.Passive Footprinting:
1. Search Engines: Using Google, Bing, etc., to find information.
2. Social Media: Gathering data from LinkedIn, Facebook, Twitter.
3. Public Databases: Whois databases, DNS records, etc.
4. Website Analysis: Examining the target's website for information.

2.Active Footprinting:
1. Ping Sweeps: Checking the reachability of IP addresses.
2. Port Scanning: Identifying open ports and services running.
3. Traceroute: Mapping the route packets take to reach the target.
Reconnaissance Techniques
1.Network Reconnaissance:
1. Network Scanning: Discovering live hosts, IP addresses.
2. OS Fingerprinting: Determining the operating system of a target.
3. Service Discovery: Identifying services running on open ports.

2.Social Engineering:
1. Phishing: Deceptive attempts to obtain sensitive information.
2. Pretexting: Creating a fabricated scenario to steal information.
3. Dumpster Diving: Retrieving information from discarded items.
 Tools for Footprinting and
Reconnaissance
Nmap: Network scanner for discovering hosts and services.
Wireshark: Network protocol analyzer for traffic capture and
analysis.
Maltego: Tool for gathering and analyzing open-source
intelligence.
Recon-ng: Web reconnaissance framework.
theHarvester: Email, subdomain, and names information
gathering tool.
Shodan: Search engine for Internet-connected devices.
 Importance of Footprinting and
Reconnaissance
•Identifying Weaknesses: Discovering vulnerabilities in the
target system.
•Reducing Attack Surface: Helping organizations understand
their exposure.
•Planning Attacks: Providing critical information for executing
further penetration testing phases.
•Defensive Measures: Allowing organizations to bolster their
security posture by understanding potential threats.
Penetration Testing Concepts
Definition: A simulated cyber attack against your computer system to check for exploitable
vulnerabilities.
Phases of Penetration Testing:
1.Planning and Reconnaissance: Define the scope and goals, gather intelligence.
2.Scanning: Understand how the target application responds to intrusion attempts.
3.Gaining Access: Exploit vulnerabilities to understand potential damage.
4.Maintaining Access: Ensure persistent presence in the exploited system.
5.Analysis: Compile results into a report detailing vulnerabilities, sensitive data accessed, and
undetected presence duration.
 Nigerian Information and Cybersecurity
Laws
Overview: Nigeria has established several laws and regulations to protect information and
cybersecurity.
•Major Laws and Regulations:
• Cybercrimes (Prohibition, Prevention, etc.) Act, 2015: Comprehensive legislation addressing cybercrime,
establishing offenses and penalties.
• National Information Technology Development Agency (NITDA) Act, 2007: Provides guidelines for the
development of information technology.
• Nigerian Data Protection Regulation (NDPR), 2019: Regulates data protection and privacy.
• Digital Rights and Freedom Bill: Protects digital rights and online freedom.
•Regulatory Bodies:
• National Information Technology Development Agency (NITDA): Oversees information technology
development and regulations.
• Nigerian Communications Commission (NCC): Regulates the telecommunications sector.
• Economic and Financial Crimes Commission (EFCC): Enforces cybercrime laws.
 Key Provisions of Cybercrimes (Prohibition,
Prevention, etc.) Act, 2015
•Cybercrimes: Defines various cybercrimes, including
hacking, identity theft, cyberstalking, and child
pornography.
•Penalties: Establishes penalties for cybercrimes, including
fines and imprisonment.
•Jurisdiction: Provides the legal framework for prosecuting
cybercrimes within Nigeria.
•National Cybersecurity Fund: Establishes a fund to support
cybersecurity efforts and initiatives.
 Key Provisions of Nigerian Data
Protection Regulation (NDPR), 2019
•Data Protection Principles: Fairness, lawfulness, transparency, purpose
limitation, data minimization, accuracy, storage limitation, integrity, and
confidentiality.
•Data Subject Rights: Right to information, access, rectification, erasure,
restriction of processing, and data portability.
•Compliance Requirements: Organizations must implement measures to
protect data, conduct data protection impact assessments, and appoint
Data Protection Officers (DPOs).
 Role of NITDA
•Guidelines and Regulations: Develops guidelines and regulations for IT development and data
protection.
•Compliance and Enforcement: Ensures compliance with IT and data protection regulations.
•Capacity Building: Promotes IT education, training, and awareness programs.
•Innovation and Development: Encourages innovation and development in the IT sector.
Information Security Controls
- Definition:
- Measures put in place to protect information and information systems.
- Types of Controls:
- Administrative Controls: Policies, procedures, organizational guidelines.
- Technical Controls: Hardware and software mechanisms.
- Physical Controls: Measures to protect the physical infrastructure.
 Types of Information Security Controls
1. Preventive Controls: 4. Deterrent Controls:
- Examples: Firewalls, encryption, access
controls. - Examples: Security policies, warning signs.
- Purpose: Prevent security incidents.
2. Detective Controls: - Purpose: Deter potential attackers.
- Examples: Intrusion detection systems (IDS),
log monitoring. 5. Compensating Controls:
- Purpose: Detect and alert on security
incidents.
- Examples: Security awareness training, additional
3. Corrective Controls: monitoring.
- Examples: Backup and recovery, patch
management.
- Purpose: Provide alternative measures when
- Purpose: Correct and restore after security primary controls are not feasible.
incidents.
 Legal and Ethical Considerations in
Penetration Testing
•Permission: Always obtain explicit permission before testing.
•Non-Disclosure Agreements (NDAs): Ensure confidentiality of findings.
•Reporting: Provide detailed reports of findings and recommendations.
•Responsibility: Respect privacy and data integrity.
Conclusion
•Summary: Recap of information security, footprinting and reconnaissance, penetration testing
concepts, Nigerian information and cybersecurity laws, and information security controls.
•Importance: Emphasis on proactive security measures and ethical responsibility.