CYBER SECURITY

&
Ethical hacking
 INTRODUCTION
 The term cyber security is used to refer to the
security offered through on-line services to protect
your online information.

 With an increasing amount of people getting connected to

internet, the security threats that cause massive harm are also
increasing.

 Cyber crime is a growing trend, as with most crimes the

police can’t tackle this problem alone.
 COURSE CONTEXT
 SPF Record & Spoofing
Mail.
 Live Phishing Attack.
 Web jacking.
 System Shell Hacking.
 Mobile Hacking with APK
binding.
 SQL Injection and
Reporting.
 Wi-Fi Live Hacking.
 Network Security, Window
Security and System audit.
 Introduction to
Vulnerability Assessment.
 Cryptography &
Steganography.
 TECHNOLOGY LEARNT
 Basic Commands of Linux
1) pwd - To know which directory you are in.
2) cd - To go to a directory.
3) mkdir & rmdir – mkdir to create and rmdir to remove a folder.
touch - to create a file.
 Metasploit Framework
 Mobile Hacking
 NGROK
 Social Engineering Tool Kit
 Wi-Fi Hacking using Airmon Tool
 Cryptography
 Email Spoofing
 TYPES OF HACKERS
 Black Hat Hackers: Black Hat Hacker refers to an individual who forces
his way into a system in order to exploit it for malicious reasons.
 White Hat Hackers:  White hat hackers receive permission from the
authorized owners of such a system or network to attempt to identify any
loopholes or problems with the existing security networks.
 Gray Hat Hackers: Gray Hat Hackers are those who are neither White
Hat Hackers nor Black Hat Hackers but fall somewhere in between.
 Blue Hat Hackers: Blue Hat Hacker is one who is employed to identify
loopholes in unreleased products and services.
 Red Hat Hackers: Red Hat Hackers employ ruthless and aggressive
counter-measures that may at times even completely destroy the system of
the Black Hat Hacker.
 Script Kiddies: Script kiddie hacker has little to no knowledge or skills
when it comes to hacking but instead uses scripts and tools created by
other hackers in order to deface websites, disrupt services or hack into
systems.
 Hacktivists: Individuals who hack into government portals and websites
and cause disruption of government services and activities as a way of
drawing the attention of the government towards any political or social
cause.
 State-sponsored Hackers: Some governments may wish to gain
unauthorized information about other countries or confidential
information about foreign or local entities in order to protect the interests
of the people they govern.
 Whistle-blowers:  whistleblower is one who takes advantage of his or her
position within an organization in order to gain access to certain data that
they then use to blackmail the organization to give them what they want.
 PHISHING
 Phishing is the attempt to obtain sensitive information by deception.
 They will be after your login credentials, payment card details, or to upload malware to
your computer.
 The email will normally impersonate a genuine company or person.

How to tackle the Problem :

 Don’t click any links on the

email unless you know who
it is from.
 Use a trusted method to
contact the company via a
phone number, app or
website.
 Mark the email as spam and
contact the organization.
 PROJECT
Assessing Wi-Fi Security

Wireless Security Protocols such as Wired Equivalent Privacy (WEP) and Wi-
Fi Protected Access (WPA) is the authentication security protocols created by
the Wireless Alliance used to ensure wireless security. There are four wireless
security protocols currently available.

 Wired Equivalent Privacy (WEP)

 Wi-Fi Protected Access (WPA)
 Wi-Fi Protected Access 2 (WPA 2)
 Wi-Fi Protected Access 3 (WPA 3)

To be sure your network is secure, you must first identify which network
yours falls under.
Step 1: Open terminal and type ifconfig to check the
wireless interface is available on your machine.
Step 2: Nmap is in managed mode. Change it to the
monitor mode by using the airmon-ng tool.
Step 3: After that we will use airodump-ng wlan0mon
to start scanning for all available networks.
Step 4: Select any of the available access points from
the list then use airodump-ng to capture the handshake
details in a file.
Step 5: Now, DE authenticate the connected device from the
target device using aireplay-ng.
Step 6: The handshake details are stored in the .cap file.
Step 7: Finally, by using aircrack-ng, you can find the
passphrase. It may take too long if the password is more
complicated.
 LEARNING OUTCOMES

 Firstly, I learnt Basic Terminology of Hacking then I understood some

definitions.
 I learnt email spoofing, checking the SPF record of an email.
 I learnt how hackers can spoof email using fake mailer
websites( emkeiz ).
 I learnt about Metasploit Framework in which I learnt how to create
payload for windows machine and also for android machine.
 I learnt to hack the mobile and system by Metasploit.
 I understood how SQL injection works, I came to know that we can find
bugs for websites and get rewarded.
 I learnt how to hack / Crack the password of WIFI
 I understood about cryptography.