Debre Tabor University

Gafat Institution of Technology

Department of Information Technology

Ethical Hacking and Pentration Testing

Presented by: Group 3

 Contents

 Overview
 Methodology
 Protocols Targeted
 Advantages vs Disadvantages
 Areas of Applications
overview of Ethical Hacking and Penetration Testing

What is Ethical hacking and Penetration Testing?

 Ethical hacking and penetration testing are cybersecurity practices aimed at identifying
and mitigating vulnerabilities in systems, networks, and applications.
 Ethical hacking involves authorized attempts to exploit system weaknesses, simulating
the tactics of malicious hackers to strengthen security.
 Penetration testing, a subset of ethical hacking, is a structured process to assess the
security of an organization’s infrastructure by attempting to breach it.
 These practices are critical in today’s digital landscape, where cyber threats like data
breaches and ransomware are rampant.
 Ethical hacking ensures systems are resilient against unauthorized access, protecting
sensitive data and maintaining trust.
cont...
Ethical hacking vs Penetration Testing
 Ethical hacking: refers to the authorized practice of probing computer systems, networks,
or applications to uncover security weaknesses.
 often called white-hat hackers, use the same tools and techniques as malicious hackers
but with one critical difference: they have explicit permission from the system owner.
 Their goal is to improve security by identifying vulnerabilities and reporting them, rather
than exploiting them for personal gain.
 Ethical hacking covers a broad range of activities, including: 
 Vulnerability assessments (scanning for weaknesses in systems). 
 Social engineering tests (e.g., phishing simulations to test employee awareness). 
 Penetration testing.
 Penetration Testing (Pen Testing): This is a specific, methodical type of ethical hacking
focused on actively simulating an attack against a system, network, or application to identify
exploitable vulnerabilities.
 It's a goal-oriented assessment designed to measure the effectiveness of existing security
controls and determine the potential impact of a successful attack.
Development History
 1960s: Early hackers explored systems without malicious intent

 1970s: U.S. Air Force conducted first formal penetration tests (Multics)

 1990s: ”Ethical hacking” term gained traction

 Key Contributors:
 Government agencies (NSA, GCHQ)
 Academic researchers and hacker community
 Security professionals (e.g., Dan Farmer, Wietse Venema - SATAN tool)
 Kevin Mitnick: Former black-hat turned ethical hacker

 Standards: Open Web Application Security Project, NIST, CERT/CC

Why is Ethical Hacking and Penetration Testing necessary?
 Ethical hacking and penetration are necessary because it allows the countering of attacks from
malicious hackers by anticipating methods they can use to break into systems:
 To prevent hackers from gaining access to information breaches
 To fight against terrorism and national security breaches
 To build a system that avoids hackers from penetrating
 To test if an organizations security settings are in fact secure
Methodology
Phases of Ethical Hacking
 Iterative process with five key phases:
1. Reconnaissance: Gather info (active/passive foot printing)
2. Scanning: Map network (port, network, vulnerability scanning)
3. Gaining Access: Exploit vulnerabilities (e.g., password cracking)
4. Maintaining Access: Ensure persistent access (e.g., Trojans)
5. Clearing Tracks: Erase evidence of presence
cont...
 Phase 1: Reconnaissance/ Foot printing
 is First step of Hacking.
 It is also called as Foot printing and information gathering Phase.
 This is the preparatory phase where we collect as much information as possible about the
target.
 Collect information through:
 Network
 Host
 People involved
 Two types of Foot printing:
 Active: information is gained by directly interacting with the computer system.
 Passive: No direct contact (e.g., social media, public websites).
 Phase 2: Scanning
 is the second phase in the hacking methodology in which
 the hacker tries to make a blue print of the target network.
 It is similar to a thief going through your neighborhood and checking every door and
window on each house to see which ones are open and which ones are locked.
 The blue print includes the addresses of the target network which are live, the
serviceswhich are running on those systems and so on.
cont...
 Scanning can be done in three ways:
 Port Scanning: is the process of identifying open and available TCP/IP port on a system.
• Scanning tools enable a hacker to learn about the services available on a given system.
 Network Scanning: Find active hosts and IP addresses
• is a procedure for identifying active host on the network, either to attack them or as a
network security assessment.
• Network-scanning tools attempt to identify all the live or responding hosts on the
network and their corresponding IP addresses
 Vulnerability Scanning: Detect system weaknesses
• is the procedure for identifying the vulnerabilities of computer systems on a network.
• Generally, a vulnerability scanner first identifies the operating system on a network,
include service packs that may be installed. Then the scanner identifies weakness or
vulnerabilities in the operating system.
 Phase 3: Gaining Access
 Target OS, system, or network level
 Techniques: Password cracking, buffer overflows,denial of service attacks
 Privilege escalation to gain higher access
cont...
 Phase 4: Maintaining Access
 Upload tools: Trojans, sniffers, keyloggers
 Create backdoors for future access
 Phase 5: Clearing Tracks
 Final phase to avoid detection
 Erase logs, remove uploaded files, and disable audit trails
 Tools: Auditpol.exe (Windows), log cleaners
 Goal: Ensure no evidence of hacking activity remains
 Importance: Distinguishes ”great hackers” from ”good hackers”
cont...
Ethical Hacking Tools
 Common tools used in ethical hacking:
 Nmap: Network mapping and port scanning
 Metasploit: Exploit development and penetration testing
 Burp Suite: Web application testing
 Wireshark: Network protocol analysis
 Aircrack-ng: Wireless protocol cracking
 Protocols Targeted
 Key protocols frequently targeted or analyzed include:
 Network Layer:
 IP(Internet Protocol): For addressing and routing (e.g., IP spoofing).
 ICMP(Internet Control Message Protocol): Used for diagnostics (e.g., ping sweeps,
network mapping).
 Transport Layer:
 TCP(Transmission Control Protocol): Connection-oriented communication (e.g., port
scanning - SYN scans, session hijacking).
 UDP (User Datagram Protocol): Connectionless communication (e.g., UDP scanning,
DNS amplification attacks).
 Application Layer:
 HTTP/HTTPS: SQL injection, XSS
 DNS: Name resolution
 Wireless: Wired Equivalent Privacy/Wi-Fi Protected Access cracking, rogue access points
Advantages vs Disadvantages
 Advantages
 following are some situations where Hacking is Beneficial:
 To improve lost information, specifically in case if you lost your password. 
 To implement penetration testing to fortify computer and network security. 
 To put satisfactory preventative methods in place to prevent security breaches. 
 To have a computer system that avoids malicious hackers from gaining access.

 Disadvantages
 If Hacking is done with the destructive intent, then it could be dangerous. It can affect:
 Enormous security fissure.
 Unauthorized system access on the private/secretive information. 
 Privacy destruction. 
 Fettering system operation. 
 Denial of service attacks. 
 Malicious attack on the system/network
 Areas of Applications
 Ethical hacking and penetration testing are applied across various sectors to secure digital
assets:
 Finance: Securing online banking systems and transaction gateways.
 Healthcare: Protecting patient data and IoT medical devices.
 Government: Safeguarding critical infrastructure and classified data.
 E-Commerce: Ensuring secure payment processing.
 Education: Defending against ransomware attacks on academic networks.
 Network Infrastructure: Testing routers, switches, firewalls, IDS/IPS systems, VPNs,
and overall network segmentation.
Thank You!!