INTRODUCTION TO

CYBERSECURITY
CYBERSECURITY
 SYLLABUS

1. INTRODUCTION TO CYBER SECURITY.

• WHY DO WE NEED CYBER SECURITY.
• WHAT IS CYBER SECURITY.
• THE CIA TRAID.
• VULNERABILITY, THREAT AND RISK.
 SYLLABUS

2. HISTORY OF CYBER SECURITY.

• STORY OF CYBER SECURITY.
3. COMPONENTS OF CYBERSECURITY.
• PACKET STRUCTURE.
• ADDRESSING.
• NETWORK ARCHITECTURE.
• FIREWALLS
 SYLLABUS

4. CYBER SECURITY FRAMEWORKS.

• TYPES OF CYBERSECURITY FRAMEWORKS.

5. FUNDAMENTALS OF NETWORKING.
• NETWORK ARCHITECTURE
• NETWORKING TOOLS
 SYLLABUS
6. NMAP (NETWORK MAPPER)
• ABOUT NMAP.
• INSTALLATION.
• TYPES OF SCANS USING NMAP.

7. CYBER SECURITY AND ETHICAL HACKING.

• ABOUT ETHICAL HACKING.
• ETHICAL HACKING USING KALI LINUX.
 SYLLABUS
8. INTRODUCTION TO CRYPTOGRAPHY.
• WHAT IS CRYPTOGRAPHY.
• CLASSIFICATION OF CRYPTOGRAPHY.
• WORKING ON CRYPTOGRAPHIC ALGORITHM.

9. SYMMETRIC AND ASYMMETRIC CRYPTOGRAPHY.

 SYLLABUS
10. RSA (RIVEST–SHAMIR–ADLEMAN).
• RSA CRYPTOGRAPHY HANDS ON HASHING AND
ALGORITHM'S

11. INTRODUCTION TO STEGANOGRAPHY.

• WHAT IS STEGANOGRAPHY.
• BASIC STEGANOGRAPHY.
 SYLLABUS
12. LSB (LEAST SIGNIFICANT BIT )
• LSB STEGANOGRAPHY HANDS ON STEGNANOGRAPHY
TOOLS.
13. DDOS
• WHAT IS DOS AND DDOS ATTACK.
• HOW DOES IT WORK.
• TYPES OF DDOS ATTACK.
• DOS ATTACK DEMONSTRATION.
 SYLLABUS
14. PHISHING

• HANDS ON PHISHING.

15. FUTURE AND CARRIER OPPORTUNITIES.

• WHY SHOULD YOU LEARN CYBER SECURITY.
• HOW TO BECOME A CYBER SECURITY ENGINEER.
• INTERVIEW QUESTIONS.
WHY DO WE NEED CYBER
SECURITY
• Cryptography protects the confidentiality of
information
• It ensures the integrity of your data
• It assures that the sender or receiver is the right one
• Both sender and receiver are held accountable through
non-repudiation
• Cryptography also ensures the availability of data
• Uphold information security with powerful
cryptography strategies
WHAT IS CYBER SECURITY

• Cyber security is the practice of protecting

critical systems and sensitive information
from digital attacks. Also known as
information technology (IT) security.
• cyber security measures are designed to
combat threats against networked system and
applications, whether those threats originate
from inside or outside of an organization.  
THE CIA TRAID
• Confidentiality, integrity and availability.
• Confidentiality is roughly equivalent to Confidentiality
measures are designed to prevent sensitive information
from unauthorized access attempts.
• Integrity involves maintaining the consistency, accuracy
and trustworthiness of data over its entire lifecycle.
• Availability means information should be consistently
and readily accessible for authorized parties.
VULNERABILITY, THREAT AND RISK

• Vulnerability refers to a
weakness in your hardware,
software, or procedures. It’s a
gap through which a outsider
can gain access to your assets.
In other words, threats exploit
vulnerabilities.
THREATS

• Threats have the potential to

steal or damage data, disrupt
business, or create harm in
general.
RISK
• risk is the intersection of
assets, threats, and
vulnerabilities. It’s
the potential for loss, damage,
or destruction of an asset when
a threat takes advantage of a
vulnerability. Put another way: 
• Threats + Vulnerability = Risk
INTRODUCTION TO
CYBERSECURITY
THANK YOU
SCENARIO OF CYBER ATTACK
WELCOME
MEET JOHN
ACTIVITY RESPONSE SYSTEM
CYBER ATTACK
SECURITY INFORMATION AND EVENT
MANAGEMENT
THREAT INTELLIGENT SOFTWARE
PATCHING AND ANALYSING
 WITHOUT CYBER SECURITY

Incident Response Platform:

• Found the source of the attack
• Fixed the vulnerability.
• Notify all affected party.
SCENARIO OF CYBER ATTACK
THANK YOU END
CYBER SECURITY TOOLS
WELCOME
TOOLS OF CYBER SECURITY

• Firewall's.
• Antivirus.
• PKI Service.
• MDR Service.
• Penetration Testing.
• Staff training.
TOOLS OF CYBER SECURITY
• Firewall's:
• firewall is the core of security tools.
•  Its job is to prevent unauthorized access to or from a private
network.
• The firewalls are used to prevent unauthorized internet users from
accessing private networks connected to the Internet.
• All messages are entering or leaving the intranet pass through the
firewall.
• The firewall examines each message and blocks those messages
that do not meet the specified security criteria.
TOOLS OF CYBER SECURITY
• Antivirus Software:
• Antivirus software is a program which is designed
to prevent, detect, and remove viruses and other
malware attacks on the individual computer,
networks, and IT systems.
• It also protects our computers and networks from
the variety of threats and viruses such as Trojan
horses, worms, key loggers, browser hijackers,
rootkits, spyware, botnets, adware, and
ransomware.
TOOLS OF CYBER SECURITY
• PKI Services: / Cryptography
• PKI stands for Public Key Infrastructure. 
•  This tool supports the distribution and identification
of public encryption keys.
• It enables users and computer systems to securely
exchange data over the internet and verify the
identity of the other party.
TOOLS OF CYBER SECURITY
• PKI can also be used to:
• Enable Multi-Factor Authentication and access control
• Create compliant, Trusted Digital Signatures.
• Encrypt email communications and authenticate the
sender's identity.
• Digitally sign and protect the code.
• Build identity and trust into IoT ecosystems.
TOOLS OF CYBER SECURITY
• Managed Detection and Response Service (MDR):
• Today's cybercriminals and hackers used more
advanced techniques and software to breach
organization security So, there is a necessity for every
businesses to be used more powerful forms of
defences of cybersecurity.
• MDR is an advanced security service that provides
threat hunting, threat intelligence, security
monitoring, incident analysis, and incident response.
TOOLS OF CYBER SECURITY
• Penetration Testing:
• Penetration testing, or pen-test, is an important way to
evaluate our business's security systems and security of an
IT infrastructure by safely trying to exploit vulnerabilities.
• These vulnerabilities exist in operating systems, services and
application, improper configurations or risky end-user
behavior. In Penetration testing, cyber security professionals
will use the same techniques and processes utilized by
criminal hackers to check for potential threats and areas of
weakness.
CYBER SECURITY TOOLS
THANK YOU END
HISTORY OF CYBER SECURITY
WELCOME START
EARLY DAYS OF HACKING
THE FIRST COMPUTER WORM
HACKING IN POPULAR CULTURE
WHY DO PEOPLE HACK
WHY DO PEOPLE HACK

• In 1967, IBM invited school kids to try out their new computer. After exploring the
accessible parts of the system, the students worked to probe deeper, learning the
system’s language, and gaining access to other parts of the system. 
• This was a valuable lesson to the company and they acknowledged their gratitude
to “a number of high school students for their compulsion to bomb the system”,
which resulted in the development of defensive measures – and possibly the
defensive mindset that would prove essential to developers from then on. Ethical
hacking is still practiced today.
WHY DO PEOPLE HACK
HISTORY OF CYBER SECURITY
THANK YOU END
TYPES OF HACKER
WELCOME
TYPES OF HACKER
WHITE HAT HACKER

• The Good Guy.

• Enter the White Hat hacker, the good guy who uses his (or her) capabilities to damage your
organization — but only hypothetically. Instead, the real purpose is to uncover security
failings in your system in order to help you safeguard your business from the dangerous
hackers.
• Companies hire White Hats to stress test their information systems. They run deep scans of
networks for malware, attempt to hack information systems using methods Black Hats
would use, and even try to fool staff into clicking on links that lead to malware infestations.
GRAY HAT HACKER

• The Ugly
• Somewhere between white and black lies the ugly — the Gray Hats. Some Gray Hat hackers like to
believe they're doing something good for companies by hacking their websites and invading their
networks without permission, but company owners rarely appreciate unauthorized forays into their
business information infrastructure.
• In most cases, a Gray Hat's real intention is to show off his skills and gain publicity — maybe even
appreciation — for what he considers a contribution to cybersecurity.
• Gray Hats often say they mean no harm with their incursions. Sometimes, they're simply curious
about hacking a high-profile system — without regard to privacy and numerous other laws.
BLACK HAT HACKER

• Black Hat hackers are criminals who break into

computer networks with malicious intent. They may
also release malware that destroys files, holds
computers hostage, or steals passwords, credit card
numbers, and other personal information.
• Distributing malicious software isn't difficult, partly
because hacking today operates like big business.
Organizations boast partners, resellers, vendors, and
associates, and they buy and sell licenses for malware to
other criminal organizations for use in new regions or
markets.
SKILLS NECESSARY
SKILLS NECESSARY
TYPES OF HACKER
END
TYPES OF ATTACK
START
DEFACING
DENIAL OF SERVICE

• A Denial-of-Service (DoS) attack is an attack meant to shut down a machine or

network, making it inaccessible to its intended users.
• An additional type of DoS attack is the Distributed Denial Of Service
Attack(DDOS) A DDoS attack occurs when multiple systems orchestrate a
synchronized DoS attack to a single target. The essential difference is that
instead of being attacked from one location, the target is attacked from many
locations at once. 
• Some common examples of DDoS attacks are UDP flooding, SYN flooding
and DNS amplification.
PENETRATION TESTING
GOALS OF PENETRATION TESTING
TYPES OF ATTACK
END
FOOTPRINTING
WELCOME
WHAT IS FOOTPRING

• Footprinting is the
technique used for
gathering information about
computer systems and the
entities they belong to. To
get this information, a
hacker might use various
tools and technologies.
TYPES OF FOOTPRINTING
• PASSIVE FOOTPRINTING
• ACTIVE FOOTPRINTING
WHAT DO HACKERS GET IN FOOTPRINTING
• NETWORK INFORMATION
• SYSTEM INFORMATION
• ORGNIZATIONAL INFORMATION
THREATS
• SOCIAL ENGINEERING
• SYSTEM AND NETWORK ATTACK
• PRIVACY LOSS
WAYBACK MACHINE / ARCHIVE.ORG
NETCRAFT
INTERNET REGISTRIES

• An Internet registry is primarily responsible for allocating and assigning IP

numbers to devices, websites, information systems, autonomous systems
and more. ... Each region maintains its regional Internet registry (RIR) that
allocates IP numbers and autonomous systems within its region or to the
local Internet registry.
REGIONAL INTERNET REGISTERS
WHAT IS DNS (DOMAIN NAME SERVICE)
• A DNS is like a phone book for the internet. With a phone book, you can
look up your friend’s name and find their phone number instead of having to
remember the number yourself. Similarly, a DNS allows users to reference
simple domain names like  https://www.performanceconnectivity.com when
looking for a particular website instead of difficult to remember IP
Addresses. 
DNS
USING DNS TO GET INFORMATION
FINDING NETWORK RANGES
TCP / IP
HISTORY OF INTERNET
WHAT IS TCP / IP / OSI MODEL

• The Internet protocol suite, commonly known as TCP/IP, is the set of

communications protocols used in the Internet and similar computer
networks. The current foundational protocols in the suite are the
Transmission Control Protocol and the Internet Protocol.
OSI AND TCP /IP MODEL

OSI MODEL
1. Physical Layer (Layer 1) :
The lowest layer of the OSI reference model is the physical layer. It is responsible for
the actual physical connection between the devices. The physical layer contains
information in the form of bits. It is responsible for transmitting individual bits from
one node to the next. When receiving data, this layer will get the signal received and
convert it into 0s and 1s and send them to the Data Link layer, which will put the
frame back together. 
2. Data Link Layer (DLL) (Layer 2) :
• The data link layer is responsible for the node-to-node delivery of the message. The
main function of this layer is to make sure data transfer is error-free from one node
to another, over the physical layer. When a packet arrives in a network, it is the
responsibility of DLL to transmit it to the Host using its MAC address. 
Data Link Layer is divided into two sublayers:  
• Logical Link Control (LLC)
• Media Access Control (MAC)
• 3. Network Layer (Layer 3) :
• The network layer works for the transmission of data from one host to the other
located in different networks. It also takes care of packet routing i.e. selection of the
shortest path to transmit the packet, from the number of routes available. The sender
& receiver’s IP addresses are placed in the header by the network layer. 
The functions of the Network layer are :  
• Routing: The network layer protocols determine which route is suitable from source
to destination. This function of the network layer is known as routing.
• Logical Addressing: In order to identify each device on internetwork uniquely, the
network layer defines an addressing scheme. The sender & receiver’s IP addresses
are placed in the header by the network layer. Such an address distinguishes each
device uniquely and universally.
 Transport Layer (Layer 4) :
Transport layer receives the formatted data from the upper layers,
performs Segmentation, and also implements Flow & Error control to ensure proper
data transmission. It also adds Source and Destination port numbers in its header and
forwards the segmented data to the Network Layer. 

* Data in the Transport Layer is called as Segments. 

** Transport layer is operated by the Operating System. It is a part of the OS and
communicates with the Application Layer by making system calls. 
Transport Layer is called as Heart of OSI model. 
•   5. Session Layer (Layer 5) :
• This layer is responsible for the establishment of connection, maintenance of sessions, authentication,
and also ensures security. 
The functions of the session layer are :  
• Session establishment, maintenance, and termination: The layer allows the two processes to
establish, use and terminate a connection.
• Synchronization: This layer allows a process to add checkpoints which are considered
synchronization points into the data. These synchronization points help to identify the error so that
the data is re-synchronized properly, and ends of the messages are not cut prematurely and data loss
is avoided.
• Dialog Controller: The session layer allows two systems to start communication with each other in
half-duplex or full-duplex.
6. Presentation Layer (Layer 6) :
• The presentation layer is also called the Translation layer. The data from the
application layer is extracted here and manipulated as per the required format to
transmit over the network. 
The functions of the presentation layer are : 
• Translation: For example, ASCII to EBCDIC.
• Encryption/ Decryption: Data encryption translates the data into another form or
code. The encrypted data is known as the ciphertext and the decrypted data is known
as plain text. A key value is used for encrypting as well as decrypting data.
• Compression: Reduces the number of bits that need to be transmitted on the
network.
• 7. Application Layer (Layer 7) :
• At the very top of the OSI Reference Model stack of layers, we find the Application
layer which is implemented by the network applications. These applications produce
the data, which has to be transferred over the network. This layer also serves as a
window for the application services to access the network and for displaying the
received information to the user. 
Ex: Application – Browsers, Skype Messenger, etc. 
**Application Layer is also called Desktop Layer. 
OSI AND TCP /IP MODEL

TCP/IP Model
1. Network Access Layer –
This layer corresponds to the combination of Data Link Layer and Physical Layer of
the OSI model. It looks out for hardware addressing and the protocols present in this
layer allows for the physical transmission of data.
We just talked about ARP being a protocol of Internet layer, but there is a conflict
about declaring it as a protocol of Internet Layer or Network access layer. It is
described as residing in layer 3, being encapsulated by layer 2 protocols.
• 2. Internet Layer –
• This layer parallels the functions of OSI’s Network layer. It defines the protocols which are
responsible for logical transmission of data over the entire network. The main protocols
residing at this layer are :
• IP – stands for Internet Protocol and it is responsible for delivering packets from the source host
to the destination host by looking at the IP addresses in the packet headers. IP has 2 versions:
IPv4 and IPv6. IPv4 is the one that most of the websites are using currently. But IPv6 is
growing as the number of IPv4 addresses are limited in number when compared to the number
of users.
• ICMP – stands for Internet Control Message Protocol. It is encapsulated within IP datagrams
and is responsible for providing hosts with information about network problems.
• ARP – stands for Address Resolution Protocol. Its job is to find the hardware address of a host
from a known IP address. ARP has several types: Reverse ARP, Proxy ARP, Gratuitous ARP
and Inverse ARP.
3. Host-to-Host Layer –
• This layer is analogous to the transport layer of the OSI model. It is responsible for
end-to-end communication and error-free delivery of data. It shields the upper-layer
applications from the complexities of data. The two main protocols present in this
layer are :
• Transmission Control Protocol (TCP) 
• User Datagram Protocol (UDP) –
4.  Application Layer –
• This layer performs the functions of top three layers of the OSI model: Application,
Presentation and Session Layer. It is responsible for node-to-node communication
and controls user-interface specifications. Some of the protocols present in this layer
are: HTTP, HTTPS, FTP, TFTP, Telnet, SSH, SMTP, SNMP, NTP, DNS, DHCP,
NFS, X Window, LPD. Have a look at Protocols in application layer for some
information about these protocols. Protocols other than those present in the linked
article are :
• HTTP and HTTPS
• SSH
• NTP 
ADDRESSING - UNICAST
ADDRESSING - BROADCAST
ADDRESSING - MULTICAST
WHAT IS WIRESHARK
WHAT IS DHCP

• Dynamic Host Configuration Protocol(DHCP)  is an application layer

protocol which is used to provide:
• Subnet Mask (Option 1 – e.g., 255.255.255.0)
• Router Address (Option 3 – e.g., 192.168.1.1)
• DNS Address (Option 6 – e.g., 8.8.8.8)
• Vendor Class Identifier (Option 43 – e.g., ‘unifi’ = 192.168.1.9 ##where unifi
= controller)
• DHCP is based on a client-server model and based on discovery, offer, request, and ACK.
• In DHCP Client And Server Excahange Mainly 4 DHCP Messages in order to make a
connection, also called DORA.
• But there are 8 DHCP messages in the process:
1. DHCP discover message 
2. DHCP offer message 
3. DHCP request message
4. DHCP acknowledgement message
5. DHCP negative acknowledgement message
6. DHCP decline
7. DHCP release
8. DHCP inform
 WHY USE DHCP
• A DHCP server is a network server that automatically assigns IP addresses,
default gateways and other network parameters to client devices. It is based on the
Dynamic Host Configuration Protocol (DHCP) to respond to broadcast queries by
clients.
• To connect to an IP network, a host needs an IP address. To communicate with
other networks it needs to know the default gateway address and the subnet mask
for the local network. To perform name resolution, a host needs to know the name
of a DNS server in advance. DHCP provides all of this information dynamically.
For IP based networks, there are three ways to get an IP address: configure it
manually, retreive it via BootP, or retreive it and other values via DHCP.
CYBER SECURITY COMPONENTS
AGENDA

1. Packet Structure.
2. Addressing.
3. Network Architecture.
4. Firewalls.
NETWORK PART – DOWNLOADING A FILE
PACKET OF WHAT
IPV4 PACKET
VISITING GOOGLE
TCP/IP – THREE WAY HAND SHAKE
TCP/IP – THREE WAY HAND SHAKE
TCP/IP – THREE WAY HAND SHAKE
TCP/IP – THREE WAY HAND SHAKE
CONNECTED
WHAT’S MY COMPUTER ADDRESS
UNIQUE MAC
ADDRESS RESOLUTION PROTOCOL
ADDRESS RESOLUTION PROTOCOL
LIARS….
MAN IN THE MIDDLE
CYBER SECURITY FRAMEWORKS
WHAT IS FRAMEWORK
WHY CYBER SECURITY FRAME WORK
TYPES OF CYBER SECURITY FRAMEWORKS
OBJECTIVES
FRAMEWORK PROFILE
IMPLEMENT FRAMEWORK

Set Your target Goals

Create a Detailed profile
Assess Your Current Position.
Gap Analysis And Action Plan.
Implement Your Action Plan.
FUNDAMENTALS OF NETWORKING
 INTRODUCTION TO KALI LINUX

Kali Linux is a Debian-derived Linux distribution designed for digital forensics and penetration testing.
It is maintained and funded by Offensive Security.
Eg: Parrot Os, BackBox, Black Art etc…

Why Choose kali Linux When You have Other numerous Option.
1. It has More than 600 penetration testing tools.
2. Customizable.
3. Secure Platform.
4. Multi languages.
5. Cost Free..
6. Different Installation Option..
 INTRODUCTION TO KALI LINUX
Installing kali Linux..
1. Kali Bootable USB Drive.
2. Kali Linux using hardisk.
3. Dual Boot kali with Windows or mac
4. Using Virtualization software
NMAP
 WHAT IS NMAP

1. Nmap is a network scanner created by Gordon Lyon.

2. Nmap is used to discover hosts and services on a computer network
by sending packets and analyzing the responses.
3. Nmap provides a number of features for probing computer
networks, including host discovery and service and operating
system detection.
 WHAT IS NMAP

1. Nmap is a network scanner created by Gordon Lyon.

2. Nmap is used to discover hosts and services on a computer network
by sending packets and analyzing the responses.
3. Nmap provides a number of features for probing computer
networks, including host discovery and service and operating
system detection.
PENETRATION TESTING
PENETRATION TESTING PHASES
PENETRATION TESTING TYPES
PENETRATION TESTING TYPES
PENETRATION TESTING TOOLS
CYBER SECURITY AND ETHICAL HACKING
CYBER SECURITY AND ETHICAL HACKING

1. What is Cyber Security.

Computer security, cyber security, or
information technology security is the
protection of computer systems and
networks from information disclosure,
theft of or damage to their hardware,
software, or electronic data, as well as
from the disruption or misdirection of
the services they provide.
CYBER SECURITY AND ETHICAL HACKING

1. What is Ethical hacking

Ethical hacking involves an
authorized attempt to gain
unauthorized access to a computer
system, application, or data.
Carrying out an ethical hack involves
duplicating strategies and actions of
malicious attackers.
KALI LINUX
WHY USE KALI LINUX
PROXY CHAINS

Proxy Chains are basically

chain of proxy’s.

1. Where Do you use proxy.

Where You Want To Be
Anonymous Yourself into wire
or network
WHAT DOES PROXY CHAINS DO.

• Proxy Chains is a tool that forces any TCP connection made by any given
application to go through proxies like TOR or any other SOCKS4,
SOCKS5 or HTTP proxies. ... Essentially, you can use Proxy Chains to run
any program through a proxy server.
MACCHANGER
WHY SHOULD MAC BE UNIQUE
INTRODUCTION TO CRYPTOGRAPHY
INTRODUCTION TO CRYPTOGRAPHY
WHAT IS CRYPTOGRAPHY

Cryptography is a method of
protecting information and
communications through the
use of codes, so that only those
for whom the information is
intended can read and process
it.
WHAT IS CRYPTOGRAPHY
WHAT IS CRYPTOGRAPHY
WHAT IS CRYPTOGRAPHY
WHAT IS CRYPTOGRAPHY
WHAT IS CRYPTOGRAPHY
CLASSIFICATION OF CRYPTOGRAPHY
SYMMETRIC KEY CRYPTOGRAPHY
TRANSPOSITION CIPHER
SUBSTITUTION CIPHER
Hiding some data is known as encryption. When plain text is encrypted it becomes unreadable and is known as
cipher text.
In a Substitution cipher, any character of plain text from the given fixed set of characters is substituted by some
other character from the same set depending on a key.
ROT13
STREAM CIPHERS
• A Symmetric Or Secret Key Encryption Algorithm that encrypts a single bit
at a time. With Stream Cipher The Same Plaint Text Bit or Bytes Will
Encrypt to a Different bit Or Byte Every time it is Encrypted
BLOCK CIPHER
PUBLIC KEY CRYPTOGRAPHY

 Asymmetric is a form of
Cryptosystem in which encryption
and decryption are performed using
different keys-Public key (known to
everyone) and Private key (Secret
key). This is known as Public Key
Encryption.
HANDS ON ENCRYPTION AND DECRYPTION
USING OPENSSL
PHISHING ATTACK
WHAT IS PHISHING ATTACK

Phishing is a type of social

engineering where an attacker sends
a fraudulent message designed to
trick a human victim into revealing
sensitive information ...
WHAT IS PHISHING ATTACK

Phishing is a type of social

engineering where an attacker sends
a fraudulent message designed to
trick a human victim into revealing
sensitive information ...
HOW IT WORKS
HOW TO USE PHISHING
HANDS ON PHISHING ATTACK
HOW TO BE SAFE FROM PHISHING ATTACK
HANDS ON KEY LOGGER
Key logger is a malicious computer program that records everything you type on the
keyboard and learns the keystroke pattern including words, characters, symbols and
sends all the recorded details to the malicious hackers.
PACKET SNIFFING AND ANALYSIS
WHAT IS PACKET SNIFFING

• When any data has to be transmitted over the computer network, it is broken
down into smaller units at the sender’s node called data packets and
reassembled at receiver’s node in original format. It is the smallest unit of
communication over a computer network. It is also called a block, a segment, a
datagram or a cell. The act of capturing data packet across the computer
network is called packet sniffing. It is similar to as wire tapping to a telephone
network. It is mostly used by crackers and hackers to collect information
illegally about network. It is also used by ISPs, advertisers and governments.
SQL INJECTION

• SQL injection is a code injection technique that might destroy your database.
• SQL injection is one of the most common web hacking techniques.
• SQL injection is the placement of malicious code in SQL statements, via web
page input.
• SQL injection usually occurs when you ask a user for input, like their
username/userid, and instead of a name/id, the user gives you an SQL
statement that you will unknowingly run on your database.
SQL INJECTION ATTACK
SQL INJECTION ATTACK – NON TECHNICAL
EXPLANATION
SQL INJECTION ATTACK – NON TECHNICAL
EXPLANATION
SQL INJECTION ATTACK – NON TECHNICAL
EXPLANATION
SQL INJECTION ATTACK – NON TECHNICAL
EXPLANATION
STEGANOGRAPHY

• What is Steganography?
• Steganography is the art and science of embedding secret messages in a
cover message in such a way that no one, apart from the sender and intended
recipient, suspects the existence of the message
HOW IS STEGANOGRAPHY DIFFERENT FROM
CRYPTOGRAPHY?

• Cryptography changes the information to ciphertext which cannot be

understood without a decryption key. So, if someone were to intercept this
encrypted message, they could easily see that some form of encryption had
been applied. On the other hand, steganography does not change the format
of the information but it conceals the existence of the message. 
• So, in other words, steganography is more discreet than cryptography when
we want to send confidential information. The downside being, the hidden
message is easier to extract if the presence of secret is discovered.
STEGANOGRAPHY TECHNIQUES

• Text Steganography
• Image Steganography
• Video Steganography
• Audio Steganography
• Network Steganography
CONCEPT OF LSB BASED DATA
EMBEDDING: 

• LSB stands for Least Significant Bit. The idea behind LSB embedding is that
if we change the last bit value of a pixel, there won’t be much visible change
in the color. For example, 0 is black. Changing the value to 1 won’t make
much of a difference since it is still black, just a lighter shade. 
A Denial-of-Service (DoS)
attack is an attack meant
to shut down a machine
or network, making it
inaccessible to its
intended users. ... There
are two general methods
of DoS attacks: flooding
services or crashing
services.
TYPES OF ATTACK
TYPES OF ATTACK
DEMONSTRATION ON DOS ATTACK
POPULAR LINUX DISTRIBUTIONS