This is my presentation.

1. Hacking & Cyber
Security
KALPESH DORU(C|EH)
1

2. 2
Things to
Remember

3. Things We Will Learn
 Hacking / Ethical Hacking Basics
 Rules for Ethical Hacker
 Tor
 Reconnaissance Techniques
 Mobile Hacking
 SQLi
 XSS Attacks
 Reverse Engineering
 LFI/RFI
 Prevention Techniques & Security Tips
3

4. Hacking
 There is Nothing Like White/Black/Evil/Ethical Hacking/Hacker.
 What is the Difference Between Ethical Hacker & Cyber Security Expert?
 What does the Term Hacker Mean?
 A Person Who Takes Unauthorized Access of Any Data/Device.
 What Hackers Do?
 Find Bugs & Vulnerabilities & Using Those Vulnerabilities, They Exploit, Takes Unauthorized Access,
Steal Data &/ Manipulates The Data
 What is the Prerequisite For To Be An Hacker?
 A Person Should Have Immense Knowledge of Computers. (Basic to Advance)
4

5. Types of Hackers 5
Black Hat White Hat Gray Hat
Suicide
Hackers
Activist Script Kiddies Sponsored

6. 6

7. 7

8. Rules for Ethical Hacker
1. Set Your Goals Straight.
1. Think Like Intruder
2. Ask for Permission.
1. Get Proper Permission
3. Work Ethically, Work Professionally.
1. Stick To Your Goals
4. Always Keep Records.
1. Well Maintain Records
5. Respect The Privacy of Others.
1. Do Not Misuse The Information
6. Pick One Tool & Stick With it.
1. Quality
7. Provide Timely Progress Updates.
1. Organization Should Aware What You Are
Doing
8

9. Let’s Watch Some Videos
 What is Hacking?
 Beware of Hackers While Uploading Photos
 Nothing is Free on Internet. We’re PAYING PASSIVELY AND UNINTENSIONALLY.
 How Much Cyber Security & Incident Response Team Matters?
 Is Any Body Safe on Internet? No, Not Even The Directors of FBI & CIA….!!
9

10. How Hacking Can Control A Country?
Step 1: Shutting Down Transport Systems
Step 2: Disable Financial Systems
Step 3: Turning off Public Utilities System
10

11. 11

12. Why Cybercrimes Happen?
 Lack of Knowledge in Cyber Security
 70% of Vulnerabilities Exists at Application Layer nor the Network
 30000 Websites Hacked Daily to Distribute Malware
 96% of Tested Apps Have Vulnerabilities
 86% of All Website Have At Least 1 Serious Vulnerability
12

13. Types of Internet
 There Are Two Types Of Internet
 Clearnet
 Clearnet Is A Term Typically Referring To The Unencrypted, Or Non-darknet, Non-tor Internet. This
Traditional World Wide Web Has Relatively Low-base Anonymity, With Most Websites Routinely Identifying
Users By Their IP Address.
 Darknet
 A Darknet (Or Dark Net) Is An Overlay Network That Can Only Be Accessed With Specific Software,
Configurations, Or Authorization, Often Using Non-standard Communications Protocols And Ports. Two Typical
Darknet Types Are Friend-to-friend Networks (Usually Used For File Sharing With A Peer-to-
peer Connection) And Privacy Networks Such As Tor.
 Dark Web
 The Dark Web Is The World Wide Web Content That Exists On Darknets, Overlay Networks Which Use The
Public Internet But Require Specific Software, Configurations Or Authorization To Access.
13

14. 14

15. Tor
 Tor Stands for The Onion Router
 It Encrypts The Data Multiple Times & Decrypted as it Travel Through The Network a Layer at
A Time: Like Peeling an Onion.
 Tor is Entirely Separated Internet With its Own Browser.
 The Domain/Extension of Tor Websites is .onion
 Tor is Probably The Most Popular and Widely Used Free Software to Achieve Anonymity on
The Internet
 Tor Has large User Base, The Project is Well Supported.
 It Routes The Data Through Network Called “Circuit”
 Data is Encrypted as it Passes Through Nodes (Until The Last Hop).
15

16. Let’s Explore Deep / Dark Web
 The Hidden Wiki! Can Potentially Find Everything From Here!
 http://kpvz7ki2v5agwt35.onion/wiki/index.php/Main_Page
 The Silk Road Where U Can Buy Drugs =O
 http://ianxz6zefk72ulzz.onion/index.php
 More
16

17. Time for Practical
Session….
17

18. Reconnaissance & Tracing Human
 http://www.findandtrace.com/
 http://www.pipl.com/
 http://www.webmii.com/
 http://www.yasni.com/
 http://www.iplogger.com/
 http://www.iplocation.net/
 https://ievaphone.com/
 https://www.poptox.com/
 http://whois.domaintools.com/
 http://who.is/
18

19. Mobile Hacking (With Physical Access)
 http://thetruthspy.com
 http://shadow-spy.com
 http://spyhuman.com
19

20. SQL Injection - Google Dorking
 A Google Dork Query, Sometimes Just Referred To As A Dork, Is A Search String That Uses
Advanced Search Operators To Find Information That Is Not Readily Available On A Website.
 Google Dorking, Also Known As Google Hacking, Can Return Information That Is Difficult To Locate
Through Simple Search Queries. That Description Includes Information That Is Not Intended For Public
Viewing But That Has Not Been Adequately Protected.
 As A Passive Attack Method, Google Dorking Can Return Usernames And Passwords, Email Lists,
Sensitive Documents, Personally Identifiable Financial Information (Pifi) And Website Vulnerabilities.
That Information Can Be Used For Any Number Of Illegal Activities, Including Cyberterrorism, Industrial
Espionage, Identity Theft And Cyberstalking.
20

21. Dork List
about.php?cartID=
accinfo.php?cartId=
acclogin.php?cartID=
add.php?bookid=
add_cart.php?num=
addcart.php?
addItem.php
add-to-cart.php?ID=
addToCart.php?idProduct=
addtomylist.php?ProdId=
adminEditProductFields.php
?intProdID=
advSearch_h.php?idCategor
y=
affiliate.php?ID=
affiliate-
agreement.cfm?storeid=
affiliates.php?id=
ancillary.php?ID=
archive.php?id=
article.php?id=
phpx?PageID
basket.php?id=
Book.php?bookID=
book_list.php?bookid=
book_view.php?bookid=
BookDetails.php?ID=
browse.php?catid=
browse_item_details.php
Browse_Item_Details.php?S
tore_Id=
buy.php?
buy.php?bookid=
bycategory.php?id=
cardinfo.php?card=
cart.php?action=
cart.php?cart_id=
cart.php?id=
cart_additem.php?id=
cart_validate.php?id=
cartadd.php?id=
cat.php?iCat=
catalog.php
catalog.php?CatalogID=
catalog_item.php?ID=
catalog_main.php?catid=
category.php
category.php?catid=
category_list.php?id=
categorydisplay.php?catid=
checkout.php?cartid=
checkout.php?UserID=
checkout_confirmed.php?or
der_id=
checkout1.php?cartid=
comersus_listCategoriesAnd
Products.php?idCategory=
comersus_optEmailToFriend
Form.php?idProduct=
comersus_optReviewReadE
xec.php?idProduct=
comersus_viewItem.php?idP
roduct=
comments_form.php?ID=
contact.php?cartId=
content.php?id=
customerService.php?****ID
1=
default.php?catID=
description.php?bookid=
details.php?BookID=
details.php?Press_Release_
ID=
details.php?Product_ID=
details.php?Service_ID=
display_item.php?id=
displayproducts.php
downloadTrial.php?intProdI
D=
emailproduct.php?itemid=
emailToFriend.php?idProduc
t=
events.php?ID=
faq.php?cartID=
faq_list.php?id=
faqs.php?id=
feedback.php?title=
freedownload.php?bookid=
fullDisplay.php?item=
getbook.php?bookid=
GetItems.php?itemid=
giftDetail.php?id=
help.php?CartId=
home.php?id=
index.php?cart=
index.php?cartID=
index.php?ID=
info.php?ID=
item.php?eid=
item.php?item_id=
item.php?itemid=
item.php?model=
item.php?prodtype=
item.php?shopcd=
item_details.php?catid=
item_list.php?maingroup
item_show.php?code_no=
itemDesc.php?CartId=
itemdetail.php?item=
itemdetails.php?catalogid=
le
21

22. 22

23. How SQLi Works?
• The Most Common injection : put %' or '0'='0
• for example: $query = "SELECT first_name, last_name FROM users WHERE user_id = '$id';";
• after injecting the injection, the above query be like
• $query = "SELECT first_name, last_name FROM users WHERE user_id = ' %' or '0'='0 ';";
• Result of the first query when wrong id applied:
• SELECT first_name, last_name FROM users WHERE user_id = false;“
• Result of the second query when wrong id & injection applied:
• SELECT first_name, last_name FROM users WHERE user_id = false or true;“
• SELECT first_name, last_name FROM users WHERE user_id = true;“
23

24. XSS Attack
 Cross-site scripting (XSS) is a code injection attack that allows an attacker to execute malicious
JavaScript in another user's browser.
 Types: Reflected, Stored & DOM Based
 Cookie theft
 The attacker can access the victim's cookies associated with the website using document.cookie, send
them to his own server, and use them to extract sensitive information like session IDs.
 Keylogging
 The attacker can register a keyboard event listener using addEventListener and then send all of the
user's keystrokes to his own server, potentially recording sensitive information such as passwords and
credit card numbers.
 Phishing
 The attacker can insert a fake login form into the page using DOM manipulation, set the
form's action attribute to target his own server, and then trick the user into submitting sensitive
information.
24

25. How XSS Works? 25
Karmatube
+
DVWA
+
OWASP

26.  Reverse Engineering : WinRAR & Perfect Keylogger
 LFI/RFI : http://www.doe.gnu.ac.in/ + DVWA
 Stegnography
26Other Practical

27. Prevention Techniques
 Secure Programming : Use Different Terminologies, Use Prepared / Parameterized Query, Escape
Sequences, Regular Expression, etc.
 Install Software From Trusted Sources.
 View App Permissions Before Installing Any App in Android.
 Never Use MoD/Cracked Applications / Software.
 Never Patch / Crack App / Software.
 Use Firefox’s Private Window.
 Use Search Engine Other Than Google, Bing & Yahoo.
 Never Root (Android) / Jailbreak (iDevices).
 Use Hibernator Apps & Ram Cleaner Apps.
 Use Two – Factor or 2 – Step Verification.
 From Last Update of Whatsaap Also Supports 2 – Step Verification.
 Write Email ID Differently in Internet.
 Write Like This: neeradtheprogrammer1997 [at] gmail [dot] com
 Never Link Your Mobile Number in Social Networking Websites.
27

28. Prevention Techniques 28

29. Prevention Techniques
 Disable Google Timeline.
 Since it Records Your Common Routine Path, Your Home Address, Your Office Address, All Movements, All Places
You Visited, Photos Taken @ Various Places.
 Check Your Email @ These Website after Known Data Breach / Hack:
 https://haveibeenpwned.com/
 https://isleaked.com/
 Your Password’s Length Should be >8, It Should Contain At Least One Capital, One Small, One Numeric,
One Special Characters.
 Your Password Should NOT Contain Your Details (Name, Surname, Birth Date), Easily Predictable Words,
etc.
 Always Update Your Browser, OS, Antivirus + Antimalware.
 Avoid “Keep me logged in” or “Remember me”.
 Never Click Links From Whatsapp / Facebook Like:
 You can already get Internet Free Without WI-FI with WhatsApp and it is by means of invitations, here I give
you an invitation! > download link
 Never Spread This Kind of Messages & Delete it Immediately.
29

30. Prevention Techniques
 Use Free WiFi With Caution.
 Never Reply Suspicious E-Mails.
 Like: Your ATM is locked. Share your PIN and card number for security verification
 Check Email Address of The Sender, Verify Locally (Calling / Visiting Bank Support)
 Remember, None of Any Bank Never Ask You For Pin / Passwords.
 Be Aware While Filling Forms
 Check HTTPS
 Check What Information Asks For
 Setup Honeypots (For Business)
30

31. Prevention Techniques
 Always Like / Send Friend Request to Verified Accounts – Case Study : Bindaas
 Never Tag Anyone – Case Study: GFSU – Credit Card
 If Tagged, Use Remove Tag Option
31

32. Prevention Techniques
 Never Post Personal, Current Mood Information, Travelling, Check – In Information,
Listening, Watching Information, etc.
 Or Select Your Custom Audience (Privacy)
 Identify Fake Apps in Playstore & Other Markets
 View User Ratings & Comments
32

33. Prevention Techniques 33
Fake BHIM Apps

34. Last Video of Session
 After Lots of Practical Session & Theory, Let’s Watch A Video.
 We Will See What Hackers Actually Do & How Terrifying It Is.
34

35. At Last, Some Defaced Websites
 http://www.asrmaintl.com/
 http://www.eaglegear.net/
 http://www.gorsitech.com/
 http://abdulind.com/
 http://www.iph.com.pk/
 http://www.zisir.com/mcs.html
 http://www.paktradingco.com/mcs.html
 http://www.gimamedical.com/mcs.html
 http://www.mehramaind.com/mcs.html
 http://www.pphi.org.pk/admin/voucher.php
 http://www.nimlhr.gov.pk/nimPhotoGallery/staff/mcs.html
35

36. Thank You
36