ETHICAL

HACKING
 WHAT IS HACKING?
• Hacking refers to the unauthorized or illicit access,
manipulation, or exploitation of computer systems,
networks, or software.

• It involves using technical skills and knowledge to

breach security measures and gain unauthorized
access to information or control over systems.
 Types of Hacking:

We can define hacking into different

categories, based on what is being hacked.

These are as follows:

• Network Hacking
• Website Hacking
• Computer Hacking
• Password Hacking
• Email Hacking
Network Hacking: Network hacking means gathering information about a
network with the intent to harm the network system and hamper its
operations using the various tools like Telnet, NS lookup, Ping, Tracert, etc.

Website hacking: Website hacking means taking unauthorized access over

a web server, database and make a change in the information.

Computer hacking: Computer hacking means unauthorized access to the

Computer and steals the information from PC like Computer ID and
password by applying hacking methods.

Password hacking: Password hacking is the process of recovering secret

passwords from data that has been already stored in the computer system.

Email hacking: Email hacking means unauthorized access on an Email

account and using it without the owner's permission.
Purpose of Hacking
• There could be various positive and negative intentions behind performing
hacking activities.
Here is a list of some probable reasons why people indulge in hacking activities

• Just for fun

• Show-off

• Steal important information

• Damaging the system

• Hampering privacy

• Money extortion

• System security testing

• To break policy compliance

Advantages of Hacking:
There are various advantages of hacking:

It is used to recover the lost of information, especially when you lost your password.

It is used to perform penetration testing to increase the security of the computer and
network.

It is used to test how good security is on your network.

Disadvantages of Hacking:
There are various disadvantages of hacking:

It can harm the privacy of someone.

Hacking is illegal.

Criminal can use hacking to their advantage.

Hampering system operations.

 FORMS OF HACKING:
Hacking can take various forms, including:
Malicious Hacking:
• This involves hacking with malicious intent, often for personal
gain, causing damage, stealing information, or disrupting
systems.
• Malicious hackers, also known as black hat hackers, engage in
activities such as spreading malware, stealing financial data,
launching DDoS attacks, or defacing websites.
• The primary motive of malicious/unethical hacking involves
stealing valuable information or financial gain.
• However, not all hacking is bad.
Ethical hacking:
• Ethical hacking involves an authorized attempt to gain
unauthorized access to a computer system, application, or
data.
• It is an authorized practice of detecting vulnerabilities in an
application, system, or organization’s infrastructure and
bypassing system security to identify potential data breaches
and threats in a network.
• Ethical hackers aim to investigate the system or network for
weak points that malicious hackers can exploit or destroy.
• They can improve the security footprint to withstand attacks
better or divert them.
• It's important to note that while hacking is often associated
with illegal activities, ethical hacking plays a valuable role in
improving cybersecurity and protecting systems.
Phases of Ethical Hacking:

There are multiple phases involved in any elaborate hacking process. Let’s go
through them one by one.

Reconnaissance:
Before executing any hack, you need to gather some preliminary information
about the target system. This information could be about the people or
organizations associated with the target, details about the host system, or the target
network. The primary intention of this step is to engineer a hack based on the
exact technology and security measures implemented by the target system.

Scanning:
Most of the time, hacking is done through network access. Most of our devices,
whether in an organization or at home, are connected to a network. The common
form of this network is Wi-Fi or WLAN. In offices, ethernet connections are also
laid down to ensure maximum efficiency. As a hacker, you can take advantage of
this factor and focus on gaining unauthorized access to the network of the target
host. In this process, the network topology and vulnerable ports are revealed.
Gaining Access
The two aforementioned steps complete the information gathering phase. Now,
based on that information, you need to start your hack. This step involves
breaking into the target system by cracking the password or bypassing the
security measures

Maintaining access
After gaining access, you need to ensure that once you are done with your first
session, you are able to retain access to the target system. This is done through a
backdoor. A backdoor is an exploit or a hack that is left in the target system for
future access. If you don’t leave a backdoor, the target system may implement a
newer security patch or reset its security measures, and you may have to execute
or craft the hack once again.

Clearing tracks
After finishing up with the attack or hack, it is important to remove the traces of
your incursion. This step involves removing any backdoors, executables, or logs
that may lead to the attack being traced back to you or found out in the first
place.
HACKTIVISM:

• Hacktivism refers to hacking activities carried out to

promote political or social causes.

• Hacktivists often target government websites,

organizations, or individuals they believe are
engaged in unethical practices.

• Their actions may involve website defacements, data

breaches, or denial-of-service attacks.
 OBJECTIVES OF ETHICAL HACKING:
• The objectives of ethical hacking include identifying
vulnerabilities, assessing the effectiveness of security
measures, and enhancing overall cybersecurity.

• By simulating real-world attacks, ethical hackers aim to

proactively discover weaknesses in systems, networks, and
applications before malicious actors exploit them.

• This helps organizations strengthen their defenses, protect

sensitive information, prevent unauthorized access, and
minimize the risk of data breaches, thereby ensuring the
integrity and availability of critical assets.
 HACKER:
• The term ‘Hacker’ was coined to describe experts who used
their skills to re-develop mainframe systems, increasing their
efficiency and allowing them to multi-task.

• Nowadays, the term routinely describes skilled programmers

who gain unauthorized access into computer systems by
exploiting weaknesses or using bugs, motivated either by
malice or mischief.

• For example, a hacker can create algorithms to crack

passwords, penetrate networks, or even disrupt network
services.
What are the Different Types of Hackers?
The practice of ethical hacking is called “White Hat” hacking, and those who
perform it are called White Hat hackers.

In contrast to Ethical Hacking, “Black Hat” hacking describes practices involving

security violations. The Black Hat hackers use illegal techniques to compromise
the system or destroy information.

Unlike White Hat hackers, “Grey Hat” hackers don’t ask for permission before
getting into your system.

But Grey Hats are also different from Black Hats because they don’t perform
hacking for any personal or third-party benefit.

These hackers do not have any malicious intention and hack systems for fun or
various other reasons, usually informing the owner about any threats they find.

Grey Hat and Black Hat hacking are both illegal as they both constitute an
unauthorized system breach, even though the intentions of both types of hackers
differ.
White Hat Hacker v/s Black Hat Hacker

The best way to differentiate between White Hat and Black

Hat hackers is by taking a look at their motives.

• Black Hat hackers are motivated by malicious intent,

manifested by personal gains, profit, or harassment;
whereas White Hat hackers seek out and remedy
vulnerabilities, so as to prevent Black Hats from taking
advantage.
The other ways to draw a distinction between White Hat and Black Hat hackers
include:

Techniques Used
White Hat hackers duplicate the techniques and methods followed by malicious
hackers in order to find out the system discrepancies, replicating all the latter’s
steps to find out how a system attack occurred or may occur.
If they find a weak point in the system or network, they report it immediately
and fix the flaw.

Legality
Even though White Hat hacking follows the same techniques and methods as
Black Hat hacking, only one is legally acceptable.
Black Hat hackers break the law by penetrating systems without consent.

Ownership
White Hat hackers are employed by organizations to penetrate their systems
and detect security issues.
Black hat hackers neither own the system nor work for someone who owns it.
 What is an ethical hacker?
• Also known as “white hats,” ethical hackers are security experts
that perform these security assessments.

• The proactive work they do helps to improve an organization’s

security posture.

• With prior approval from the organization or owner of the IT

asset, the mission of ethical hacking is opposite from malicious
hacking.

• Thus, Ethical hackers work within legal boundaries, with

permission from the system owner, to identify vulnerabilities and
help secure systems against potential threats.
What are the Roles and Responsibilities of an Ethical
Hacker?
Ethical Hackers must follow certain guidelines in order to perform hacking legally.

A good hacker knows his or her responsibility and adheres to all of the ethical
guidelines.

Here are the most important rules of Ethical Hacking:

• An ethical hacker must seek authorization from the organization that owns the
system.

• Hackers should obtain complete approval before performing any security

assessment on the system or network.

• Determine the scope of their assessment and make known their plan to the
organization.
• Report any security breaches and vulnerabilities found in
the system or network.

• Keep their discoveries confidential.

• As their purpose is to secure the system or network,

ethical hackers should agree to and respect their non-
disclosure agreement.

• Erase all traces of the hack after checking the system for
any vulnerability.

• It prevents malicious hackers from entering the system

through the identified loopholes.
Skills Required to Become an Ethical Hacker:
An ethical hacker should have in-depth knowledge about all the systems,
networks, program codes, security measures, etc. to perform hacking efficiently.

Some of these skills include:

Knowledge of programming - It is required for security professionals working in

the field of application security and Software Development Life Cycle (SDLC).

Scripting knowledge - This is required for professionals dealing with network-

based attacks and host-based attacks.

Networking skills - This skill is important because threats mostly originate from
networks.

You should know about all of the devices present in the network, how they are
connected, and how to identify if they are compromised.
.
Understanding of databases –

• Attacks are mostly targeted at databases. Knowledge of database

management systems such as SQL will help you to effectively inspect
operations carried out in databases.

• Knowledge of multiple platforms like Windows, Linux, Unix, etc.

• The ability to work with different hacking tools available in the market.

• Knowledge of search engines and servers.

• Today’s technologically driven world needs white hats or ethical

hackers to prevent sensitive information and data from various cyber-
attacks.

• Some of the most famous Ethical Indian hacker are ANKIT FADIA,
VIVEK RAMCHANDRAN, SUNNY WAGHELA, ETC.
Conclusion

• Ethical hacking is a great career choice if you are

interested in tech and network security.

• It is evident that professionals in this discipline become

successful, as the list of the top hackers in India showcases.

• In today’s technologically advanced society, cyber security

is a serious concern, which is why honing the right
computer and hacking skills are expected of skilled ethical
hackers.
THANKYOU!