Name :Sadariya Jevin.

N
Roll no :12202080701091
Class :4IT2
Batch :C
 CONTENT

• INTRODUCTION
• HISTORY OF ETHICAL HACKING
• PURPOSE OF ETHICAL HACKING
• TYPES OF HACKERS
• ETHICAL HACKING PROCESS
• COMMON HACKING TECHNIQUES
• WHAT SHOULD WE DO IF HACKED
• IMPORTANCE OF ETHICAL HACKING
• CONCLUSION
 INTRODUCTION

Ethical hacking, also known as penetration testing or

white-hat hacking, involves authorized and legal
attempts to assess the security of computer systems,
networks, or applications with the goal of identifying
and fixing vulnerabilities.
 HISTORY OF ETHICAL HACKING
 Hacking Did Not Start With Computers

 In 1961 MIT Researchers hacked a toy train set to change its

functionality. This was the start of hacking! It was only later
that they started hacking their very expensive mainframe
computers.
 HISTORY OF ETHICAL HACKING

 In the 1970s, there wasn’t an internet to hack and computers

were used only by large businesses and government
organizations. Hackers targeted telephone systems to get free
phone calls because telephone service was extremely
expensive.
 HISTORY OF ETHICAL HACKING

 In the 1980s computers became more common. The internet

was primarily used for research and defense purposes but as
it expanded, so did cybercrime. Governments began to take
action and laws like the U.S Computer Fraud and Abuse Act.
Laws prohibited unauthorized computer access and made
hacking a serious crime.
 HISTORY OF ETHICAL HACKING

 In the 1990s internet usage became more common. As more

people started to use the internet, criminal activity increased
too. Hackers like Kevin Mitnick and Robert Morris were
arrested for crimes including hacking into computer systems
to steal proprietary code.
 HISTORY OF ETHICAL HACKING

 As the internet expanded further in the 2000s, major e-commerce, search

engine, and social media platforms were attacked. Even the International Space
Station was breached.

 Eventually, organizations became concerned about protecting their systems

from hacking. They started to hire Ethical Hackers to be the good guys fighting
the bad actors.
 PURPOSE OF ETHICAL HACKING
Ethical hacking serves several critical roles in safeguarding information
systems, networks, and applications. Here are the key purposes and importance
of ethical hacking:

1. Identifying Vulnerabilities

2. Assessing Security Controls

 PURPOSE OF ETHICAL HACKING

3. Preventing Unauthorized Access

4. Security Awareness
 TYPES OF HACKERS

1.White Hat Hackers:

• White hat hackers, also known as ethical hackers, are

individuals who use their hacking skills for constructive and
legal purposes. They typically work within organizations or
are hired by them to identify and fix security vulnerabilities.
 TYPES OF HACKERS

2. Black Hat Hackers:

• Black hat hackers engage in hacking activities for malicious

purposes. They exploit vulnerabilities in systems and
networks to steal data, disrupt operations, or cause harm for
personal gain.
 TYPES OF HACKERS

3. Grey Hat Hackers:

• Grey hat hackers exhibit characteristics of both white hat and

black hat hackers. They may engage in hacking activities
without malicious intent but without explicit permission from
the target organization.
 ETHICAL HACKING PROCESS

• The ethical hacking process, also known as penetration

testing, typically consists of several stages aimed at
identifying and mitigating security vulnerabilities
within an organization's systems, networks, and
applications. Below is an overview of each stage:
 ETHICAL HACKING PROCESS

1.Reconnaissance (Information Gathering):

The reconnaissance phase involves gathering information about the

target organization's infrastructure, systems, and potential entry
points. This includes identifying domain names, IP addresses,
network architecture, employee information, and publicly available
data.
 ETHICAL HACKING PROCESS

2. Scanning:

During the scanning phase, the ethical hacker seeks to

identify specific vulnerabilities and potential points of
entry into the target systems and networks.
 ETHICAL HACKING PROCESS

3. Gaining Access (Exploitation):

In this phase, the ethical hacker attempts to exploit the

vulnerabilities identified during the scanning phase to gain
unauthorized access to the target systems or networks.
 ETHICAL HACKING PROCESS

4. Maintaining Access (Privilege Escalation):

Once access is gained, the ethical hacker aims to maintain

persistence within the target environment, allowing for
continued access and control over the systems.
 ETHICAL HACKING PROCESS

5. Analysis (Covering Tracks and Reporting):

The final phase involves analyzing the results of the

penetration test, documenting findings, and preparing a
comprehensive report for the organization.
 COMMON HACKING TECHNIQUES

Common hacking techniques encompass a wide range of

methods used by attackers to gain unauthorized access to
systems, steal data, disrupt services, or exploit
vulnerabilities. Here are explanations of some prevalent
hacking techniques:
 COMMON HACKING TECHNIQUES

1. Phishing:
• Description: Phishing involves tricking users into divulging sensitive
information such as login credentials, financial data, or personal details by
impersonating legitimate entities via email, phone calls, or other
communication channels.

• Method: Attackers often create deceptive emails or websites that mimic

trusted organizations, enticing users to click on malicious links, download
infected attachments, or provide confidential information.
 COMMON HACKING TECHNIQUES

2. Social Engineering:
Description: Social engineering manipulates individuals into performing
actions or divulging confidential information through psychological
manipulation, deception, or coercion.

Method: Attackers may exploit human psychology and trust to obtain

sensitive information or access to systems, often through tactics such as
pretexting, baiting, tailgating, or impersonation.
 COMMON HACKING TECHNIQUES
3. SQL Injection (SQLi):
• Description: SQL injection is a code injection technique used to attack
databases by inserting malicious SQL queries through vulnerable input fields in
web applications.

• Method: Attackers exploit inadequate input validation or insufficiently

sanitized user inputs to inject malicious SQL commands into database queries,
enabling them to retrieve, modify, or delete data, or even execute arbitrary
commands.
 COMMON HACKING TECHNIQUES

4. Cross-Site Scripting (XSS):

• Description: Cross-Site Scripting is a vulnerability that allows attackers to
inject malicious scripts into web pages viewed by other users.

• Method: Attackers inject malicious scripts (typically JavaScript) into web

pages viewed by unsuspecting users, often via input fields or URLs. When other
users access the compromised pages, the scripts execute within their browsers,
allowing attackers to steal cookies, session tokens, or other sensitive
information.
 COMMON HACKING TECHNIQUES
5. Buffer Overflow:
• Description: Buffer Overflow is a software vulnerability that occurs when a program
attempts to write more data to a buffer (temporary storage) than it can handle,
leading to memory corruption and potential code execution.

• Method: Attackers exploit buffer overflow vulnerabilities by sending input data

containing more characters than the buffer can hold, causing the excess data to
overwrite adjacent memory locations. By carefully crafting malicious input, attackers
can manipulate program execution, escalate privileges, or execute arbitrary code.
•
 WHAT SHOULD WE DO IF HACKED

• Shutdown or turn off the computer.

• Separate the system from network.

• Restore the system with backup or reinstall all

programs.
 IMPORTANCE OF ETHICAL HACKING

Ethical hacking serves as a proactive approach to

cybersecurity, enabling organizations to identify and
address vulnerabilities before malicious hackers can
exploit them. Ethical hackers play a vital role in
enhancing cybersecurity posture and mitigating cyber
threats.
 CONCLUSION

• In the preceding sections we show the methodology of hacking,

why we should aware of hacking and some tools which a hacker may

use.
• Now we can see what we can do against hacking or to protect
ourselves from hacking.
• The first thing we should do is to keep ourselves updated about those
software’s we are using for official and reliable sources.
• Educate the employees and the users against black hat hacking.
THANK YOU