The document discusses ethical hacking, including its history, types of hackers, hacking process phases, required skills, and advantages/disadvantages. Ethical hacking involves legally testing a system's security vulnerabilities to improve defenses, unlike black hat hacking which involves illegal access. The document also provides examples of hacking tools, common attack types organizations face, and discusses the Certified Ethical Hacker certification.

1. BY:-
ALAPAN RANJAN BANERJEE

2. CONTENTS
 INTRODUCTION
 ETHICAL HACKING
 HISTORY OF ETHICAL HACKING
 HACKERS
 TYPES OF HACKERS
 PHASES OF HACKING PROCESS
 WHY WE NEED ETHICAL HACKING
 REQURIED SKILLS
 WHAT TO DO AFTER ETHICAL HACKING
 CASE STUDY
 ADVANTAGE
 DISADVANTAGE
 CEH
 FUTURE SCOPE AND CONCLUTION

3. INTRODUCTION
 What is HACKING?
 Why we need this?
 The main purpose of this study is to
reveal the brief idea of the ethical
hacking and its affairs with the
corporate security.
 What to do after hacking?

4. ETHICAL HACKING
 Hacking is usually done to gain
unauthorized access to a computer
system or computer network.
 Ethical hacking is legal.
 Different from unethical hacking

5. HISTORY OF ETHICAL HACKING
 The phrase “ethical
hacking” was first
used in 1995 by IBM
Vice president John
Patrick.
 Origin of hacker
 Phreaking and tiger
team
 Rise of black hat
hacker
 The renaissance of
the ethical hackers

6. TYPES OF HACKER
Black Hat Hacker
White Hat Hacker
Grey Hat Hacker

7.  Use their knowledge and skill
for their own personal gains
probably by hurting others.

8.  They work sometimes for
common good, sometime for
personal gains.

9.  Use their knowledge and skills
for good of others and for the
common good.

10. SOME TOOLS OF HACKING
 1. Metasploit
 2. Acunetix WVS
 3. Nmap
 4. Wireshark
 5. oclHashcat
 6. Nessus Vulnerability Scanner
 7. Maltego
 8. Social-Engineer Toolkit
 9. Netsparker
 10. w3af

11. PHASES OF HACKING PROCESS

12. Foot printing or Reconnaissance
 It is a technique used for gathering
information about the computer
system
 what kind of framework is used and
the entities they belong to.

13. Scanning
 Port scanning
 Network scanning
 Figure printing
 Fire walking

14. Gaining access
Password attacks
Using viruses

15. Maintaining access
 Hackers have to maintain the access
because if they lost the access it is
very difficult to gain the access again.
 they make their own vulnerabilities to
gain the access again.

16. Clearing tracks
 At last they clear the tracks so that
no one can follow his/her tracks to
gain access.

18. ORGANIZATIONAL
ATTACKS
Organization
faces a variety
of cyber
threats, so it
can be hard to
know what
defenses to
priorities.

19. PERSONAL DATA
BREACHES
 It means a
breach of
security leading
to accidental or
unlawful
destruction

20. SOCIAL ENGINEERING
 Hackers is also
someone that calls
you, pretends to
be a federal agent
and makes you
hand over your
user name and
password over the
phones, what we
know as social
engineering.

21. AUTOMTED ATTACKS
 An automated
attacks is simply
when computers do
the heavy lifting in
finding vulnerable
websites to exploit

22. DENIAL OF SERVICE
 It is an attack
meant shut down a
machine or
network, making an
inaccessible to its
intended user.

23. VIRUS, WORMS & TROJAN
HORSES
 Virus is a computer
program usually hidden
within another program
that produces copies of
itself and insert them
into other programs or
files and usually performs
a malicious actions.
 Worms are similar to
viruses.
 Trojan horses is a
program that does
something undocumented
which the programmer
intended,

24. REQURIEDSKILLS OF ETHICAL HACKERS
 Configuration, operation,
security settings of any OS.
 Good knowledge about routers,
mainframes, network protocol.
 Good knowledge about project
management.

25. WHAT TO DO AFTER ETHICAL HACKING
 Patch security holes
 Clear logs and hide themselves
 Install rootkit
 Install IRC (Internet relay chat) related programs
 Install scanner program
 Install exploit program

26. PATCH SECURITY HOLES
 Applying patch
to OS is pivotal
to network
security.

27. CLEAR LOGS AND HIDE
THEMSELVES
 On any OS or
any website
after the
hack and
leaving hackers
should clear
logs of the
system

28. INSTALL ROOTKIT
Once installed
it hides and
runs with
administrator
privilege.

29. INSTALL IRC RELATED
PROGRAM
 we can use IRC
servers
anywhere, or
set up our
own, rather
than be tied in
to centralized
messengers.

30. INSTALL SCANNER
PROGRAM
 A hacking tool such
as the Netsparker
online web
vulnerability scanner
assists securities
professionals and
penetration testers
to automate a huge
chunk of their tasks
during penetration
testing.

31. INSTALL EXPLOIT
PEOGRAM
 An exploit is
any attack
that takes
advantage of
vulnerabilities
in applications
or hardware

32. INSTALL DENIAL OF SERVICE
PROGRAM

33. Ethical hacking case study: The Zomato case
 Highlights how the
government should use
bug bounty
programmers
 A hacker broke into the
database of Zomato,
India’s largest online
restaurant guide, and
accessed five vital
details – names, emails,
numeric user IDs, user
names and password
hashes – of around 17
million users.

34. CASE STUDY OF ETHICAL HACKING
 The
Organization
 What Happened
 Impact

35. ADVANTAGE
 To catch a thief you have to think
like a thief.
 Helps to close the open holes
 Provides security
 Prevents website defacement

36. DISADVANTAGE
Hiring professionals is
expensive.
All depends upon hackers.

37.  A Certified Ethical
Hacker is a skilled
professional who
understands and knows
how to look for
weaknesses and
vulnerabilities in target
systems and uses the
same and tools as a
malicious hacker,
 but in a lawful and
legitimate manner to
assess the security
posture of a target
system(s).

38. FUTURE EHANCEMENT