NPTEL - Ethical Hacking by Madhur Jatiya.pdf
MaskMan27
104 views
44 slides
May 12, 2023
Slide 1 of 44
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
About This Presentation
NPTEL Ethical Hacking Study Material
Slide Content
NPTL – Ethical Hacking
Created By: Madhur Jatiya
Email: [email protected]
Ethical Hacking
Syllabus
Week 1: Introduction to ethical hacking. Fundamentals of computer
networking. TCP/IP protocol stack.
Week 2: IP addressing and routing. TCP and UDP. IP subnets.
Week 3: Routing protocols. IP version 6.
Week-4: Installation of attacker and victim system. Information
gathering using advanced google search, archive.org, netcraft, whois,
host, dig, dnsenum and NMAP tool.
Week-5: Vulnerability scanning using NMAP and Nessus. Creating a
secure hacking environment. System Hacking: password cracking,
privilege escalation, application execution. Malware and Virus. ARP
spoofing and MAC attack.
Week 6: Introduction to cryptography, private-key encryption, public-
key encryption.
Week 7: Cryptographic hash functions, digital signature and
certificate, applications.
Week 8: Steganography, biometric authentication, network-based
attacks, DNS and Email security. Week-9: Packet sniffing using
Wireshark and burp suite, password attack using burp suite. Social
engineering attacks and Denial of service attacks.
Week 10: Case studies: various attacks scenarios and their remedies.
Created By: Madhur Jatiya
Email: [email protected]
Ethical Hacking
Syllabus
Week 1: Introduction to ethical hacking. Fundamentals of computer
networking. TCP/IP protocol stack.
Week 2: IP addressing and routing. TCP and UDP. IP subnets.
Week 3: Routing protocols. IP version 6.
Week-4: Installation of attacker and victim system. Information
gathering using advanced google search, archive.org, netcraft, whois,
host, dig, dnsenum and NMAP tool.
Week-5: Vulnerability scanning using NMAP and Nessus. Creating a
secure hacking environment. System Hacking: password cracking,
privilege escalation, application execution. Malware and Virus. ARP
spoofing and MAC attack.
Week 6: Introduction to cryptography, private-key encryption, public-
key encryption.
Week 7: Cryptographic hash functions, digital signature and
certificate, applications.
Week 8: Steganography, biometric authentication, network-based
attacks, DNS and Email security. Week-9: Packet sniffing using
Wireshark and burp suite, password attack using burp suite. Social
engineering attacks and Denial of service attacks.
Week 10: Case studies: various attacks scenarios and their remedies.
NPTL – Ethical Hacking
Created By: Madhur Jatiya
Email: [email protected]
1. What is Ethical Hacking?
Ans: Ethical hacking, also known as "white hat" hacking, is the practice of
using hacking techniques for the purpose of identifying security vulnerabilities
and weaknesses in computer systems and networks, with the goal of improving
their security. Ethical hackers are authorized professionals who use their
knowledge and skills to find and exploit vulnerabilities in order to help
organizations improve their cybersecurity.
The aim of ethical hacking is to identify and fix vulnerabilities before malicious
hackers can exploit them for nefarious purposes such as stealing sensitive data,
disrupting services, or installing malware.
Types of Ethical Hacking
• Web Application hacking: This involves testing web applications for
vulnerabilities, such as SQL injection and cross-site scripting (XSS), which could
allow attackers to access sensitive information.
• Network Hacking: This involves identifying and exploiting weaknesses in a
network's infrastructure, such as routers, switches, and firewalls.
• Social Engineering: Social engineering is an attempt to manipulate you to
share personal info, sometimes by impersonating a trustworthy supply.
• Mobile Device Hacking: This involves testing the security of mobile devices,
such as smartphones and tablets, and identifying vulnerabilities that could be
exploited to steal data or take control of the device.
• Wireless Network Hacking: This involves testing the security of wireless
networks, such as Wi-Fi, and identifying weaknesses in encryption protocols,
authentication mechanisms, and access controls.
Created By: Madhur Jatiya
Email: [email protected]
1. What is Ethical Hacking?
Ans: Ethical hacking, also known as "white hat" hacking, is the practice of
using hacking techniques for the purpose of identifying security vulnerabilities
and weaknesses in computer systems and networks, with the goal of improving
their security. Ethical hackers are authorized professionals who use their
knowledge and skills to find and exploit vulnerabilities in order to help
organizations improve their cybersecurity.
The aim of ethical hacking is to identify and fix vulnerabilities before malicious
hackers can exploit them for nefarious purposes such as stealing sensitive data,
disrupting services, or installing malware.
Types of Ethical Hacking
• Web Application hacking: This involves testing web applications for
vulnerabilities, such as SQL injection and cross-site scripting (XSS), which could
allow attackers to access sensitive information.
• Network Hacking: This involves identifying and exploiting weaknesses in a
network's infrastructure, such as routers, switches, and firewalls.
• Social Engineering: Social engineering is an attempt to manipulate you to
share personal info, sometimes by impersonating a trustworthy supply.
• Mobile Device Hacking: This involves testing the security of mobile devices,
such as smartphones and tablets, and identifying vulnerabilities that could be
exploited to steal data or take control of the device.
• Wireless Network Hacking: This involves testing the security of wireless
networks, such as Wi-Fi, and identifying weaknesses in encryption protocols,
authentication mechanisms, and access controls.
NPTL – Ethical Hacking
Created By: Madhur Jatiya
Email: [email protected]
Advantages of Hacking
• It is used to recover the loss of information, especially when you lost your
password.
• It is used to perform penetration testing to increase the security of the
computer and network.
• It is used to test how good security is on your network.
Disadvantages of Hacking
• It can harm the privacy of someone.
• Criminal can use hacking to their advantage.
• Damage devices.
Types of Hackers
• White Hat Hacker: White hat hackers, also known as ethical hackers, are
cybersecurity experts who assist the government and businesses by
performing penetration testing and identifying security flaws. Ethical hackers
use a variety of techniques to protect themselves from black hat hackers and
other cybercriminals.
• Black Hat Hackers: A black hat hacker is someone with objectives of studying
and using cyber security techniques and tools for personal or private gain
through malicious or threat activity. They may also release malware that
destroys files, holds computers hostage, or steals passwords, credit card
numbers, and other personal information
• Gray Hat Hackers: Grey Hat Hackers fall in between white and black hat
hackers. Grey hat hackers may not use their skills for personal gain, they can
however have both good and bad intentions.
2. Fundamentals of Computer Networking?
Ans: Computer networking is the practice of connecting computer
devices to enable communication and information sharing between
them either via wired cables or wireless networks.
• Network Topology: This refers to the physical or logical
arrangement of devices in a network.
Created By: Madhur Jatiya
Email: [email protected]
Advantages of Hacking
• It is used to recover the loss of information, especially when you lost your
password.
• It is used to perform penetration testing to increase the security of the
computer and network.
• It is used to test how good security is on your network.
Disadvantages of Hacking
• It can harm the privacy of someone.
• Criminal can use hacking to their advantage.
• Damage devices.
Types of Hackers
• White Hat Hacker: White hat hackers, also known as ethical hackers, are
cybersecurity experts who assist the government and businesses by
performing penetration testing and identifying security flaws. Ethical hackers
use a variety of techniques to protect themselves from black hat hackers and
other cybercriminals.
• Black Hat Hackers: A black hat hacker is someone with objectives of studying
and using cyber security techniques and tools for personal or private gain
through malicious or threat activity. They may also release malware that
destroys files, holds computers hostage, or steals passwords, credit card
numbers, and other personal information
• Gray Hat Hackers: Grey Hat Hackers fall in between white and black hat
hackers. Grey hat hackers may not use their skills for personal gain, they can
however have both good and bad intentions.
2. Fundamentals of Computer Networking?
Ans: Computer networking is the practice of connecting computer
devices to enable communication and information sharing between
them either via wired cables or wireless networks.
• Network Topology: This refers to the physical or logical
arrangement of devices in a network.
NPTL – Ethical Hacking
Created By: Madhur Jatiya
Email: [email protected]
• Network Protocols: These are rules and standards that govern how
information is transmitted over a network.
• Network Devices: These are hardware components that facilitate
the transmission of information over a network. Common network
devices include routers, switches, modems, and firewalls.
• Network Security: This refers to the measures taken to protect a
network from unauthorized access, data breaches, and other threats.
Network security includes authentication, access control, encryption,
and intrusion detection.
Types of Networks
• LAN [Local Area Network]: LAN or Local Area Network is a group of devices
connecting the computers and other devices such as switches, servers, printers,
etc., over a short distance such as office, home. The commonly used LAN is
Ethernet LAN. This network is used as it allows the user to transfer or share
data, files, and resources.
Created By: Madhur Jatiya
Email: [email protected]
• Network Protocols: These are rules and standards that govern how
information is transmitted over a network.
• Network Devices: These are hardware components that facilitate
the transmission of information over a network. Common network
devices include routers, switches, modems, and firewalls.
• Network Security: This refers to the measures taken to protect a
network from unauthorized access, data breaches, and other threats.
Network security includes authentication, access control, encryption,
and intrusion detection.
Types of Networks
• LAN [Local Area Network]: LAN or Local Area Network is a group of devices
connecting the computers and other devices such as switches, servers, printers,
etc., over a short distance such as office, home. The commonly used LAN is
Ethernet LAN. This network is used as it allows the user to transfer or share
data, files, and resources.
NPTL – Ethical Hacking
Created By: Madhur Jatiya
Email: [email protected]
• WLAN [Wireless local area network]: WLAN or Wireless local area network
is similar to LAN with the difference that it uses wireless communication
between devices instead of wired connections. WLAN typically involves a Wi-
Fi router or wireless access point for devices, unlike smartphones, laptops,
desktops, etc.
• CAN [Campus Area Network]: A Campus Area Network (CAN) is a type of
network that is designed to connect multiple LANs within a campus or a
university. It is a combination of wired and wireless networks that allows for
communication and information sharing between different departments,
buildings, and locations within the campus.
Created By: Madhur Jatiya
Email: [email protected]
• WLAN [Wireless local area network]: WLAN or Wireless local area network
is similar to LAN with the difference that it uses wireless communication
between devices instead of wired connections. WLAN typically involves a Wi-
Fi router or wireless access point for devices, unlike smartphones, laptops,
desktops, etc.
• CAN [Campus Area Network]: A Campus Area Network (CAN) is a type of
network that is designed to connect multiple LANs within a campus or a
university. It is a combination of wired and wireless networks that allows for
communication and information sharing between different departments,
buildings, and locations within the campus.
NPTL – Ethical Hacking
Created By: Madhur Jatiya
Email: [email protected]
• MAN [Metropolitan Area Network]: A MAN is a network that covers a city
or metropolitan area. It is larger than a LAN but smaller than a WAN and is
often used by businesses and organizations to connect multiple sites within a
city.
Created By: Madhur Jatiya
Email: [email protected]
• MAN [Metropolitan Area Network]: A MAN is a network that covers a city
or metropolitan area. It is larger than a LAN but smaller than a WAN and is
often used by businesses and organizations to connect multiple sites within a
city.
NPTL – Ethical Hacking
Created By: Madhur Jatiya
Email: [email protected]
• PAN [Personal Area Network]: A Personal Area Network (PAN) is a type of
network that is used for communication between devices that are located
within a short distance of each other, typically within a person's workspace.
This network usually connects devices unlike your smartphones, laptop, or
desktop to sync content and share small files, unlike songs, photos, videos,
calendars, etc. These devices connect via wireless networks such as Wi-Fi,
Bluetooth, Infrared, etc.
• WAN [Wide Area Network]: WAN or Wide Area Network is the most
significant network type connecting computers over a wide geographical area,
such as a country, continent. WAN includes several LANs, MANs, and CANs. An
example of WAN is the Internet, which connects billions of computers globally.
Created By: Madhur Jatiya
Email: [email protected]
• PAN [Personal Area Network]: A Personal Area Network (PAN) is a type of
network that is used for communication between devices that are located
within a short distance of each other, typically within a person's workspace.
This network usually connects devices unlike your smartphones, laptop, or
desktop to sync content and share small files, unlike songs, photos, videos,
calendars, etc. These devices connect via wireless networks such as Wi-Fi,
Bluetooth, Infrared, etc.
• WAN [Wide Area Network]: WAN or Wide Area Network is the most
significant network type connecting computers over a wide geographical area,
such as a country, continent. WAN includes several LANs, MANs, and CANs. An
example of WAN is the Internet, which connects billions of computers globally.
NPTL – Ethical Hacking
Created By: Madhur Jatiya
Email: [email protected]
• VPN [Virtual Private Network]: VPN or Virtual Private Network is a secure
tool that encrypts point-to-point Internet connection and hides the user's IP
address and virtual location. It determines an encrypted network to boost
user's online privacy so as their identity and data are inaccessible to hackers.
3. TCP/IP model
Ans: The TCP/IP model was developed prior to the OSI model. The TCP/IP
model consists of five layers: the application layer, transport layer, network
layer, data link layer and physical layer.
Created By: Madhur Jatiya
Email: [email protected]
• VPN [Virtual Private Network]: VPN or Virtual Private Network is a secure
tool that encrypts point-to-point Internet connection and hides the user's IP
address and virtual location. It determines an encrypted network to boost
user's online privacy so as their identity and data are inaccessible to hackers.
3. TCP/IP model
Ans: The TCP/IP model was developed prior to the OSI model. The TCP/IP
model consists of five layers: the application layer, transport layer, network
layer, data link layer and physical layer.
NPTL – Ethical Hacking
Created By: Madhur Jatiya
Email: [email protected]
• Application layer: An application layer is the topmost layer in the TCP/IP
model. It is responsible for handling high-level protocols, issues of
representation. This layer allows the user to interact with the application. When
one application layer protocol wants to communicate with another application
layer, it forwards its data to the transport layer.
The main protocols present in this layer are:
• HTTP and HTTPS: HTTP stands for Hypertext transfer protocol. It is used by the
World Wide Web to manage communications between web browsers and
servers. HTTPS stands for HTTP-Secure. It is a combination of HTTP with SSL
(Secure Socket Layer). It is efficient in cases where the browser needs to fill out
forms, sign in, authenticate and carry out bank transactions.
• SMTP: SMTP stands for Simple mail transfer protocol. The TCP/IP protocol that
supports the e-mail is known as a Simple mail transfer protocol. This protocol is
used to send the data to another e-mail address.
• DNS: DNS stands for Domain Name System. An IP address is used to identify the
connection of a host to the internet uniquely. But people prefer to use the names
instead of addresses. Therefore, the system that maps the name to the address
is known as Domain Name System.
• FTP: FTP stands for File Transfer Protocol. FTP is a standard internet protocol
used for transmitting the files from one computer to another computer.
• SNMP: SNMP stands for Simple Network Management Protocol. It is a
framework used for managing the devices on the internet by using the TCP/IP
protocol suite.
4. IP addressing and routing
Ans: IP addressing: IP addressing is the process of assigning a unique
numerical identifier to each device on a network that uses the Internet Protocol
(IP) for communication. This identifier, called an IP address, allows devices to
communicate with each other and exchange data over the network. IP
addresses are used by routers to direct traffic between devices on different
networks, based on their unique addresses.
Created By: Madhur Jatiya
Email: [email protected]
• Application layer: An application layer is the topmost layer in the TCP/IP
model. It is responsible for handling high-level protocols, issues of
representation. This layer allows the user to interact with the application. When
one application layer protocol wants to communicate with another application
layer, it forwards its data to the transport layer.
The main protocols present in this layer are:
• HTTP and HTTPS: HTTP stands for Hypertext transfer protocol. It is used by the
World Wide Web to manage communications between web browsers and
servers. HTTPS stands for HTTP-Secure. It is a combination of HTTP with SSL
(Secure Socket Layer). It is efficient in cases where the browser needs to fill out
forms, sign in, authenticate and carry out bank transactions.
• SMTP: SMTP stands for Simple mail transfer protocol. The TCP/IP protocol that
supports the e-mail is known as a Simple mail transfer protocol. This protocol is
used to send the data to another e-mail address.
• DNS: DNS stands for Domain Name System. An IP address is used to identify the
connection of a host to the internet uniquely. But people prefer to use the names
instead of addresses. Therefore, the system that maps the name to the address
is known as Domain Name System.
• FTP: FTP stands for File Transfer Protocol. FTP is a standard internet protocol
used for transmitting the files from one computer to another computer.
• SNMP: SNMP stands for Simple Network Management Protocol. It is a
framework used for managing the devices on the internet by using the TCP/IP
protocol suite.
4. IP addressing and routing
Ans: IP addressing: IP addressing is the process of assigning a unique
numerical identifier to each device on a network that uses the Internet Protocol
(IP) for communication. This identifier, called an IP address, allows devices to
communicate with each other and exchange data over the network. IP
addresses are used by routers to direct traffic between devices on different
networks, based on their unique addresses.
NPTL – Ethical Hacking
Created By: Madhur Jatiya
Email: [email protected]
IP Routing: IP routing is the process that defines the shortest path through
which data travels to reach from source to destination. It determines the
shortest path to send the data from one computer to another computer in the
same or different network. Routing uses different protocols for the different
networks to find the path that data follows. It defines the path through which
data travel across multiple networks from one computer to other. Forwarding
the packets from source to destination via different routers is called routing.
The routing decision is taken by the routers.
5. TCP and UDP
Ans: TCP: The TCP stands for Transmission Control Protocol. It is one of the
most widely used protocols over the TCP/IP network. It lies between the
Application and Network Layers which are used in providing reliable delivery
services. It is a connection-oriented protocol for communications that helps in
the exchange of messages between different devices over a network.
UDP: The UDP stands for User Datagram Protocol. Its working is similar to the
TCP as it is also used for sending and receiving the message. The main
difference is that UDP is a connectionless protocol. Here, connectionless means
that no connection establishes prior to communication. It also does not
guarantee the delivery of data packets. It does not even care whether the data
has been received on the receiver's end or not. UDP is faster than TCP as it
does not provide the assurance for the delivery of the packets.
Created By: Madhur Jatiya
Email: [email protected]
IP Routing: IP routing is the process that defines the shortest path through
which data travels to reach from source to destination. It determines the
shortest path to send the data from one computer to another computer in the
same or different network. Routing uses different protocols for the different
networks to find the path that data follows. It defines the path through which
data travel across multiple networks from one computer to other. Forwarding
the packets from source to destination via different routers is called routing.
The routing decision is taken by the routers.
5. TCP and UDP
Ans: TCP: The TCP stands for Transmission Control Protocol. It is one of the
most widely used protocols over the TCP/IP network. It lies between the
Application and Network Layers which are used in providing reliable delivery
services. It is a connection-oriented protocol for communications that helps in
the exchange of messages between different devices over a network.
UDP: The UDP stands for User Datagram Protocol. Its working is similar to the
TCP as it is also used for sending and receiving the message. The main
difference is that UDP is a connectionless protocol. Here, connectionless means
that no connection establishes prior to communication. It also does not
guarantee the delivery of data packets. It does not even care whether the data
has been received on the receiver's end or not. UDP is faster than TCP as it
does not provide the assurance for the delivery of the packets.
NPTL – Ethical Hacking
Created By: Madhur Jatiya
Email: [email protected]
Let's look at the differences between the TCP and UDP in a tabular form.
TCP UDP
Full form It stands for Transmission Control
Protocol.
It stands for User Datagram
Protocol.
Type of
connection
It is a connection-oriented protocol, which
means that the connection needs to be
established before the data is transmitted
over the network.
It is a connectionless protocol, which
means that it sends the data without
checking whether the system is ready
to receive or not.
Reliable TCP is a reliable protocol as it provides
assurance for the delivery of data packets.
UDP is an unreliable protocol as it
does not take the guarantee for the
delivery of packets.
Speed TCP is slower than UDP as it performs error
checking, flow control, and provides
assurance for the delivery of
UDP is faster than TCP as it does not
guarantee the delivery of data
packets.
Header size The size of TCP is 20 bytes. The size of the UDP is 8 bytes.
Error
checking
TCP performs error checking by using a
checksum. When the data is corrected,
then the data is retransmitted to the
receiver.
It does not perform any error
checking, and also does not resend
the lost data packets.
Created By: Madhur Jatiya
Email: [email protected]
Let's look at the differences between the TCP and UDP in a tabular form.
TCP UDP
Full form It stands for Transmission Control
Protocol.
It stands for User Datagram
Protocol.
Type of
connection
It is a connection-oriented protocol, which
means that the connection needs to be
established before the data is transmitted
over the network.
It is a connectionless protocol, which
means that it sends the data without
checking whether the system is ready
to receive or not.
Reliable TCP is a reliable protocol as it provides
assurance for the delivery of data packets.
UDP is an unreliable protocol as it
does not take the guarantee for the
delivery of packets.
Speed TCP is slower than UDP as it performs error
checking, flow control, and provides
assurance for the delivery of
UDP is faster than TCP as it does not
guarantee the delivery of data
packets.
Header size The size of TCP is 20 bytes. The size of the UDP is 8 bytes.
Error
checking
TCP performs error checking by using a
checksum. When the data is corrected,
then the data is retransmitted to the
receiver.
It does not perform any error
checking, and also does not resend
the lost data packets.
NPTL – Ethical Hacking
Created By: Madhur Jatiya
Email: [email protected]
6. Routing Protocols
Ans:
Routing
• A Router is a process of selecting path along which the data can be transferred
from source to the destination. Routing is performed by a special device known
as a router.
• A Router works at the network layer in the OSI model and internet layer in
TCP/IP model.
• A router is a networking device that forwards the packet based on the
information available in the packet header. And routing algorithms are used
for routing the packets.
Types of Routing
Static Routing:
• Static Routing is also known as Nonadaptive Routing.
• It is a technique in which the administrator manually adds the routes in
a routing table.
• A Router can send the packets for the destination along the route
defined by the administrator.
Dynamic Routing:
• It is also known as Adaptive Routing.
• It is a technique in which a router adds a new route in the routing table
for each packet.
• Dynamic protocols are used to discover the new routes to reach the
destination.
• In Dynamic Routing, RIP and OSPF are the protocols used to discover
the new routes.
Routing protocols can be divided in two categories
• Interior Routing: Interior routing, also known as interior gateway
protocol (IGP), refers to the exchange of routing information between
routers within a single autonomous system (AS), which is a collection of
networks under a single administrative domain. IGPs such as OSPF (Open
Shortest Path First) and RIP (Routing Information Protocol) are commonly
Created By: Madhur Jatiya
Email: [email protected]
6. Routing Protocols
Ans:
Routing
• A Router is a process of selecting path along which the data can be transferred
from source to the destination. Routing is performed by a special device known
as a router.
• A Router works at the network layer in the OSI model and internet layer in
TCP/IP model.
• A router is a networking device that forwards the packet based on the
information available in the packet header. And routing algorithms are used
for routing the packets.
Types of Routing
Static Routing:
• Static Routing is also known as Nonadaptive Routing.
• It is a technique in which the administrator manually adds the routes in
a routing table.
• A Router can send the packets for the destination along the route
defined by the administrator.
Dynamic Routing:
• It is also known as Adaptive Routing.
• It is a technique in which a router adds a new route in the routing table
for each packet.
• Dynamic protocols are used to discover the new routes to reach the
destination.
• In Dynamic Routing, RIP and OSPF are the protocols used to discover
the new routes.
Routing protocols can be divided in two categories
• Interior Routing: Interior routing, also known as interior gateway
protocol (IGP), refers to the exchange of routing information between
routers within a single autonomous system (AS), which is a collection of
networks under a single administrative domain. IGPs such as OSPF (Open
Shortest Path First) and RIP (Routing Information Protocol) are commonly
NPTL – Ethical Hacking
Created By: Madhur Jatiya
Email: [email protected]
used in enterprise networks to exchange routing information within a
single AS.
• Exterior Routing: Exterior routing, also known as exterior gateway
protocol (EGP), refers to the exchange of routing information between
different autonomous systems (ASes) that make up the Internet. EGPs such
as Border Gateway Protocol (BGP) are used to exchange information
between routers in different ASes and enable routers to determine the
best path for data packets to travel through the Internet.
Different types of Routing Protocols
• RIP: RIP (Routing Information Protocol) is an interior gateway protocol
(IGP) that uses a distance-vector algorithm to determine the best path for
data packets to travel through a network. RIP is a simple protocol that is
easy to configure, but it has limited scalability and can take longer to
converge than other routing protocols.
• OSPF: OSPF (Open Shortest Path First) is another interior gateway
protocol (IGP) that uses a link-state algorithm to determine the best path
for data packets to travel through a network. OSPF is more complex than
RIP, but it can support larger networks with faster convergence and better
scalability.
• BGP: BGP (Border Gateway Protocol) is an exterior gateway protocol (EGP)
used to exchange routing information between different autonomous
systems in the Internet. BGP uses a path-vector algorithm to determine
the best path for data packets to travel through the Internet. BGP is more
complex than IGPs like RIP and OSPF, but it can handle the large scale and
complexity of the Internet routing system.
7. IPv6
Ans: IPv6 (Internet Protocol version 6) is the most recent version of the
Internet Protocol (IP), which is the primary protocol used for
communication on the Internet. IPv6 was developed to address the
limitations of IPv4, which is the previous version of the protocol.
Created By: Madhur Jatiya
Email: [email protected]
used in enterprise networks to exchange routing information within a
single AS.
• Exterior Routing: Exterior routing, also known as exterior gateway
protocol (EGP), refers to the exchange of routing information between
different autonomous systems (ASes) that make up the Internet. EGPs such
as Border Gateway Protocol (BGP) are used to exchange information
between routers in different ASes and enable routers to determine the
best path for data packets to travel through the Internet.
Different types of Routing Protocols
• RIP: RIP (Routing Information Protocol) is an interior gateway protocol
(IGP) that uses a distance-vector algorithm to determine the best path for
data packets to travel through a network. RIP is a simple protocol that is
easy to configure, but it has limited scalability and can take longer to
converge than other routing protocols.
• OSPF: OSPF (Open Shortest Path First) is another interior gateway
protocol (IGP) that uses a link-state algorithm to determine the best path
for data packets to travel through a network. OSPF is more complex than
RIP, but it can support larger networks with faster convergence and better
scalability.
• BGP: BGP (Border Gateway Protocol) is an exterior gateway protocol (EGP)
used to exchange routing information between different autonomous
systems in the Internet. BGP uses a path-vector algorithm to determine
the best path for data packets to travel through the Internet. BGP is more
complex than IGPs like RIP and OSPF, but it can handle the large scale and
complexity of the Internet routing system.
7. IPv6
Ans: IPv6 (Internet Protocol version 6) is the most recent version of the
Internet Protocol (IP), which is the primary protocol used for
communication on the Internet. IPv6 was developed to address the
limitations of IPv4, which is the previous version of the protocol.
NPTL – Ethical Hacking
Created By: Madhur Jatiya
Email: [email protected]
IPv6 provides several improvements over IPv4
• Larger Address Space: IPv6 addresses are 128 bits long, which provides
a much larger address space compared to the 32-bit addresses used in
IPv4.
• Improved Security: IPv6 includes features such as IPsec (Internet Protocol
Security) that are built into the protocol and provide enhanced security
features.
• Simplified Header: The IPv6 header is simpler and more efficient
compared to the IPv4 header, which makes packet processing faster and
more efficient.
• Auto-Configuration: IPv6 includes features such as stateless address
auto-configuration (SLAAC), which allows devices to automatically
configure their IP addresses without the need for manual configuration.
Created By: Madhur Jatiya
Email: [email protected]
IPv6 provides several improvements over IPv4
• Larger Address Space: IPv6 addresses are 128 bits long, which provides
a much larger address space compared to the 32-bit addresses used in
IPv4.
• Improved Security: IPv6 includes features such as IPsec (Internet Protocol
Security) that are built into the protocol and provide enhanced security
features.
• Simplified Header: The IPv6 header is simpler and more efficient
compared to the IPv4 header, which makes packet processing faster and
more efficient.
• Auto-Configuration: IPv6 includes features such as stateless address
auto-configuration (SLAAC), which allows devices to automatically
configure their IP addresses without the need for manual configuration.
NPTL – Ethical Hacking
Created By: Madhur Jatiya
Email: [email protected]
8. Information gathering using advanced google Search.
Ans:
• Use cache: to see Google's cached version of a website
For example, a search for => cache: www.sohamderoy.dev on the day of
(that is, 4th Aug 2022) returns the following result.
• Use quotes to get an "EXACT" match
If we wrap our search query or question in quotes like this: "your question
goes here" then Google will do a deep search.
Created By: Madhur Jatiya
Email: [email protected]
8. Information gathering using advanced google Search.
Ans:
• Use cache: to see Google's cached version of a website
For example, a search for => cache: www.sohamderoy.dev on the day of
(that is, 4th Aug 2022) returns the following result.
• Use quotes to get an "EXACT" match
If we wrap our search query or question in quotes like this: "your question
goes here" then Google will do a deep search.
NPTL – Ethical Hacking
Created By: Madhur Jatiya
Email: [email protected]
• Search within a specific site with site:
The site: operator is a useful Google search technique that allows you to
limit your search results to a specific website or domain.
• Exclude a term from search results with –
To exclude a term from search results, you can use the "-" operator
followed by the term you want to exclude. For e.g., a search on => how to
write components in React -class will return all the search results that don't
have the term "class" in them.
Created By: Madhur Jatiya
Email: [email protected]
• Search within a specific site with site:
The site: operator is a useful Google search technique that allows you to
limit your search results to a specific website or domain.
• Exclude a term from search results with –
To exclude a term from search results, you can use the "-" operator
followed by the term you want to exclude. For e.g., a search on => how to
write components in React -class will return all the search results that don't
have the term "class" in them.
NPTL – Ethical Hacking
Created By: Madhur Jatiya
Email: [email protected]
• Search for a particular filetype with filetype:
To search for a specific file type using Google, you can use the "filetype:"
operator followed by the file extension you are looking for.
Created By: Madhur Jatiya
Email: [email protected]
• Search for a particular filetype with filetype:
To search for a specific file type using Google, you can use the "filetype:"
operator followed by the file extension you are looking for.
NPTL – Ethical Hacking
Created By: Madhur Jatiya
Email: [email protected]
• Use wildcard * to make searches
IF we not sure about a particular word in a phrase, then we an asterisk (*)
to represent the missing word. Google will try to fill in the blanks.
9. Information gathering using archive.org netcraft, whois,
host, dig, dnsenum and Nmap tool.
Ans:
• Archive.org: Archive.org is a digital archive of the internet that stores
snapshots of websites and web pages over time. This can be useful for
researching how websites and online content have changed over time.
• Netcraft: Netcraft is a tool that can be used to gather information about
websites and their hosting environments. It can provide information such
as server types, operating systems, and security vulnerabilities.
• Whois: Whois is a database that contains information about domain name
registration. It can be used to find out who owns a particular domain
name, as well as other information such as the registration date, expiration
date, and contact information for the owner.
Created By: Madhur Jatiya
Email: [email protected]
• Use wildcard * to make searches
IF we not sure about a particular word in a phrase, then we an asterisk (*)
to represent the missing word. Google will try to fill in the blanks.
9. Information gathering using archive.org netcraft, whois,
host, dig, dnsenum and Nmap tool.
Ans:
• Archive.org: Archive.org is a digital archive of the internet that stores
snapshots of websites and web pages over time. This can be useful for
researching how websites and online content have changed over time.
• Netcraft: Netcraft is a tool that can be used to gather information about
websites and their hosting environments. It can provide information such
as server types, operating systems, and security vulnerabilities.
• Whois: Whois is a database that contains information about domain name
registration. It can be used to find out who owns a particular domain
name, as well as other information such as the registration date, expiration
date, and contact information for the owner.
NPTL – Ethical Hacking
Created By: Madhur Jatiya
Email: [email protected]
• Host: Host is a command-line tool that can be used to resolve domain
names to IP addresses and vice versa. It can also be used to perform
various types of network diagnostics and troubleshooting.
• Dig: Dig is another command-line tool that can be used to perform DNS
lookups and query DNS servers. It can be useful for troubleshooting DNS-
related issues and for gathering information about DNS configurations.
• Dnsenum: Dnsenum is a tool that can be used to enumerate DNS
information about a target domain. It can be used to gather information
such as DNS nameservers, hostnames, and IP addresses.
• Nmap: Nmap is a powerful tool that can be used for network exploration,
port scanning, and vulnerability testing. It can be used to identify hosts
and services on a network, as well as to detect security vulnerabilities and
misconfigurations.
10. Vulnerability scanning using Nmap and Nessus.
Ans:
Nmap (Network Mapper)
• Nmap, or network mapper, is a toolkit for functionality and penetration
testing throughout a network, including port scanning and vulnerability
detection.
• Nmap scripting engine (NSE) Script is one of the most popular and
powerful capabilities of Nmap. These Nmap vulnerability scan scripts are
used by penetration testers and hackers to examine commonly known
vulnerabilities.
Steps to perform a vulnerability scan using Nmap.
• Download and install Nmap.
• Identify the target determine the IP address or hostname of the target
system that you want to scan for vulnerabilities.
• Choose a script.
• Run the scan.
• Analyse the results.
Created By: Madhur Jatiya
Email: [email protected]
• Host: Host is a command-line tool that can be used to resolve domain
names to IP addresses and vice versa. It can also be used to perform
various types of network diagnostics and troubleshooting.
• Dig: Dig is another command-line tool that can be used to perform DNS
lookups and query DNS servers. It can be useful for troubleshooting DNS-
related issues and for gathering information about DNS configurations.
• Dnsenum: Dnsenum is a tool that can be used to enumerate DNS
information about a target domain. It can be used to gather information
such as DNS nameservers, hostnames, and IP addresses.
• Nmap: Nmap is a powerful tool that can be used for network exploration,
port scanning, and vulnerability testing. It can be used to identify hosts
and services on a network, as well as to detect security vulnerabilities and
misconfigurations.
10. Vulnerability scanning using Nmap and Nessus.
Ans:
Nmap (Network Mapper)
• Nmap, or network mapper, is a toolkit for functionality and penetration
testing throughout a network, including port scanning and vulnerability
detection.
• Nmap scripting engine (NSE) Script is one of the most popular and
powerful capabilities of Nmap. These Nmap vulnerability scan scripts are
used by penetration testers and hackers to examine commonly known
vulnerabilities.
Steps to perform a vulnerability scan using Nmap.
• Download and install Nmap.
• Identify the target determine the IP address or hostname of the target
system that you want to scan for vulnerabilities.
• Choose a script.
• Run the scan.
• Analyse the results.
NPTL – Ethical Hacking
Created By: Madhur Jatiya
Email: [email protected]
Nessus
Nessus is a popular vulnerability scanner that can be used to identify
security vulnerabilities on networks and systems. It scans a computer and
raises an alert if it discovers any vulnerabilities that malicious hackers
could use to gain access to any computer you have connected to a
network.
Steps to perform a vulnerability scan using Nmap.
• Download and install Nessus.
• After installing Nessus, launch the Nessus web interface and configure
the scanner.
• Once Nessus is configured, start a new scan by clicking on the "New
Scan" button.
• Configure the scan
• Run the scan.
• Analyse the results.
11. System hacking, password cracking, escalating
privileges and application execution?
Ans:
System Hacking
System hacking involves gaining unauthorized access to a computer system or
network. This can be achieved through a variety of methods, such as exploiting
weak passwords, exploiting software vulnerabilities, or using social engineering
techniques to trick users into revealing their login credentials.
Password Cracking
Password cracking involves using tools or techniques to guess or obtain
passwords.
The hacker follows these steps to crack the password:
• Find a valid user account (such as Administrator or Guest).
• Create a list of possible passwords.
• Rank the passwords from high to low probability.
Created By: Madhur Jatiya
Email: [email protected]
Nessus
Nessus is a popular vulnerability scanner that can be used to identify
security vulnerabilities on networks and systems. It scans a computer and
raises an alert if it discovers any vulnerabilities that malicious hackers
could use to gain access to any computer you have connected to a
network.
Steps to perform a vulnerability scan using Nmap.
• Download and install Nessus.
• After installing Nessus, launch the Nessus web interface and configure
the scanner.
• Once Nessus is configured, start a new scan by clicking on the "New
Scan" button.
• Configure the scan
• Run the scan.
• Analyse the results.
11. System hacking, password cracking, escalating
privileges and application execution?
Ans:
System Hacking
System hacking involves gaining unauthorized access to a computer system or
network. This can be achieved through a variety of methods, such as exploiting
weak passwords, exploiting software vulnerabilities, or using social engineering
techniques to trick users into revealing their login credentials.
Password Cracking
Password cracking involves using tools or techniques to guess or obtain
passwords.
The hacker follows these steps to crack the password:
• Find a valid user account (such as Administrator or Guest).
• Create a list of possible passwords.
• Rank the passwords from high to low probability.
NPTL – Ethical Hacking
Created By: Madhur Jatiya
Email: [email protected]
• Key in each password.
• Try again until a successful password is found.
Hacking tools to crack the password:
• John The Ripper
• Cain and Abel
• THC Hydra
• CrackStation
• Brutus Password Cracker
• RainbowCrack
• WFuzz
• Aircrack
Types of Password Attacks
• Dictionary attack
• Brute force attack
• Hybrid attack
• Social engineering
• Shoulder surfing
Escalating privileges
• Privilege escalation is a type of network attack used to gain unauthorized
access to systems within a security perimeter.
• Attackers start by finding weak points in an organization’s defences and
gaining access to a system.
Privilege escalation can occur through a variety of methods
• Exploiting software vulnerabilities: Attackers can exploit vulnerabilities
in software applications to gain higher privileges. This can be done by
exploiting buffer overflows, SQL injection, or other vulnerabilities.
• Weak passwords: If a user's password is weak or easily guessable,
attackers can use brute force attacks to gain access to the system and then
escalate their privileges.
Created By: Madhur Jatiya
Email: [email protected]
• Key in each password.
• Try again until a successful password is found.
Hacking tools to crack the password:
• John The Ripper
• Cain and Abel
• THC Hydra
• CrackStation
• Brutus Password Cracker
• RainbowCrack
• WFuzz
• Aircrack
Types of Password Attacks
• Dictionary attack
• Brute force attack
• Hybrid attack
• Social engineering
• Shoulder surfing
Escalating privileges
• Privilege escalation is a type of network attack used to gain unauthorized
access to systems within a security perimeter.
• Attackers start by finding weak points in an organization’s defences and
gaining access to a system.
Privilege escalation can occur through a variety of methods
• Exploiting software vulnerabilities: Attackers can exploit vulnerabilities
in software applications to gain higher privileges. This can be done by
exploiting buffer overflows, SQL injection, or other vulnerabilities.
• Weak passwords: If a user's password is weak or easily guessable,
attackers can use brute force attacks to gain access to the system and then
escalate their privileges.
NPTL – Ethical Hacking
Created By: Madhur Jatiya
Email: [email protected]
• Misconfigured permissions: Misconfigured permissions on files or
directories can allow an attacker to gain access to resources that they
should not have access to.
• Social engineering: Attackers can use social engineering techniques to
trick users into providing access to sensitive information or systems, which
can then be used to escalate privileges.
Horizontal vs. Vertical Privilege Escalation
• Vertical Privilege escalation: Vertical privilege escalation occurs when an
attacker gains higher privileges than they were originally granted. For
example, if a user with limited access rights is able to gain administrative
access to a system, this would be considered vertical privilege escalation.
This type of privilege escalation is typically more difficult to achieve than
horizontal privilege escalation.
• Horizontal Privilege escalation: Horizontal privilege escalation occurs
when an attacker gains access to another account with the same level of
privilege as their own. For example, if one user gains access to another
user's account with the same level of access, this would be considered
horizontal privilege escalation. This type of privilege escalation is often
easier to achieve than vertical privilege escalation.
Application Execution
Once a hacker has been able to access an account with administrator
privileges, the next thing they do is execute applications on the target
system. The purpose of executing applications may be to install a
backdoor on the system, install a keystroke logger to gather confidential
information, copy files, or just cause damage to the system—essentially,
anything the hacker wants to do on the system.
Once the hacker is able to execute applications, the system is considered
owned and under the control of the hacker.
Created By: Madhur Jatiya
Email: [email protected]
• Misconfigured permissions: Misconfigured permissions on files or
directories can allow an attacker to gain access to resources that they
should not have access to.
• Social engineering: Attackers can use social engineering techniques to
trick users into providing access to sensitive information or systems, which
can then be used to escalate privileges.
Horizontal vs. Vertical Privilege Escalation
• Vertical Privilege escalation: Vertical privilege escalation occurs when an
attacker gains higher privileges than they were originally granted. For
example, if a user with limited access rights is able to gain administrative
access to a system, this would be considered vertical privilege escalation.
This type of privilege escalation is typically more difficult to achieve than
horizontal privilege escalation.
• Horizontal Privilege escalation: Horizontal privilege escalation occurs
when an attacker gains access to another account with the same level of
privilege as their own. For example, if one user gains access to another
user's account with the same level of access, this would be considered
horizontal privilege escalation. This type of privilege escalation is often
easier to achieve than vertical privilege escalation.
Application Execution
Once a hacker has been able to access an account with administrator
privileges, the next thing they do is execute applications on the target
system. The purpose of executing applications may be to install a
backdoor on the system, install a keystroke logger to gather confidential
information, copy files, or just cause damage to the system—essentially,
anything the hacker wants to do on the system.
Once the hacker is able to execute applications, the system is considered
owned and under the control of the hacker.
NPTL – Ethical Hacking
Created By: Madhur Jatiya
Email: [email protected]
12. Malware and Viruses
Ans: Malware and Viruses are both types of malicious software that are
designed to cause harm to computer systems or steal sensitive
information.
Malware: Malware is a general term used to describe any type of
software that is specifically designed to damage, disrupt, or otherwise
harm a computer system or network. Malware can take many forms,
including viruses, worms, Trojans, ransomware, spyware, adware, and
more.
Virus: A Virus is a specific type of malware that is capable of replicating
itself and spreading from one computer to another. A virus typically works
by infecting a legitimate file on the host system and then using that file to
spread to other systems. Viruses can cause a wide range of problems, from
simply annoying pop-ups to serious data loss or system crashes.
Created By: Madhur Jatiya
Email: [email protected]
12. Malware and Viruses
Ans: Malware and Viruses are both types of malicious software that are
designed to cause harm to computer systems or steal sensitive
information.
Malware: Malware is a general term used to describe any type of
software that is specifically designed to damage, disrupt, or otherwise
harm a computer system or network. Malware can take many forms,
including viruses, worms, Trojans, ransomware, spyware, adware, and
more.
Virus: A Virus is a specific type of malware that is capable of replicating
itself and spreading from one computer to another. A virus typically works
by infecting a legitimate file on the host system and then using that file to
spread to other systems. Viruses can cause a wide range of problems, from
simply annoying pop-ups to serious data loss or system crashes.
NPTL – Ethical Hacking
Created By: Madhur Jatiya
Email: [email protected]
13. ARP Spoofing and MAC attack
Ans:
ARP Spoofing: An Address Resolution Protocol (ARP) spoofing, also
known as ARP poisoning, is a Man in the Middle (MitM) attack that allows
attackers to intercept communication between network devices.
It is a type of network attack that involves sending fake Address Resolution
Protocol (ARP) messages to a local area network (LAN) in order to
associate the attacker's Media Access Control (MAC) address with the IP
address of another device on the network.
This allows the attacker to intercept, modify, or block network traffic,
potentially stealing sensitive information like login credentials, personal
data, or financial information.
Created By: Madhur Jatiya
Email: [email protected]
13. ARP Spoofing and MAC attack
Ans:
ARP Spoofing: An Address Resolution Protocol (ARP) spoofing, also
known as ARP poisoning, is a Man in the Middle (MitM) attack that allows
attackers to intercept communication between network devices.
It is a type of network attack that involves sending fake Address Resolution
Protocol (ARP) messages to a local area network (LAN) in order to
associate the attacker's Media Access Control (MAC) address with the IP
address of another device on the network.
This allows the attacker to intercept, modify, or block network traffic,
potentially stealing sensitive information like login credentials, personal
data, or financial information.
NPTL – Ethical Hacking
Created By: Madhur Jatiya
Email: [email protected]
MAC Flooding Attack: A MAC flooding attack happens when an attacker
floods the switch with fake data packets containing fake MAC addresses.
The switch's table fills up with these fake addresses, and it can't keep track
of the real ones anymore.
When this happens, the switch enters into a fail-open mode, which means
it starts forwarding data packets to all devices on the network, rather than
just the intended recipient. This can allow the attacker to intercept and
modify network traffic, which can be dangerous for the network and its
users.
Created By: Madhur Jatiya
Email: [email protected]
MAC Flooding Attack: A MAC flooding attack happens when an attacker
floods the switch with fake data packets containing fake MAC addresses.
The switch's table fills up with these fake addresses, and it can't keep track
of the real ones anymore.
When this happens, the switch enters into a fail-open mode, which means
it starts forwarding data packets to all devices on the network, rather than
just the intended recipient. This can allow the attacker to intercept and
modify network traffic, which can be dangerous for the network and its
users.
NPTL – Ethical Hacking
Created By: Madhur Jatiya
Email: [email protected]
14. Cryptography
Ans: Cryptography is the science of secure communication and data
protection, using mathematical algorithms and protocols to transform
plain text into unreadable cipher text, and vice versa. The main goal of
cryptography is to provide confidentiality, integrity, and authenticity of
information, preventing unauthorized access, modification, or
interception.
Features Of Cryptography
• Confidentiality: Cryptography helps ensure that information is kept
confidential, meaning it is only accessible to those authorized to see it.
• Integrity: Cryptography can help ensure that data has not been
modified or tampered with in transit.
• Authentication: The identities of sender and receiver are confirmed.
As well as destination/origin of information is confirmed.
• Non-repudiation: The creator/sender of information cannot deny his
intention to send information at later stage.
Types Of Cryptography
Symmetric Key Cryptography: In this type of cryptography, the same
secret key is used for both encryption and decryption. This means that the
sender and receiver must have the same key to communicate securely.
Asymmetric Key Cryptography: Also known as public-key cryptography,
this type of cryptography uses two different keys, a public key and a
Created By: Madhur Jatiya
Email: [email protected]
14. Cryptography
Ans: Cryptography is the science of secure communication and data
protection, using mathematical algorithms and protocols to transform
plain text into unreadable cipher text, and vice versa. The main goal of
cryptography is to provide confidentiality, integrity, and authenticity of
information, preventing unauthorized access, modification, or
interception.
Features Of Cryptography
• Confidentiality: Cryptography helps ensure that information is kept
confidential, meaning it is only accessible to those authorized to see it.
• Integrity: Cryptography can help ensure that data has not been
modified or tampered with in transit.
• Authentication: The identities of sender and receiver are confirmed.
As well as destination/origin of information is confirmed.
• Non-repudiation: The creator/sender of information cannot deny his
intention to send information at later stage.
Types Of Cryptography
Symmetric Key Cryptography: In this type of cryptography, the same
secret key is used for both encryption and decryption. This means that the
sender and receiver must have the same key to communicate securely.
Asymmetric Key Cryptography: Also known as public-key cryptography,
this type of cryptography uses two different keys, a public key and a
NPTL – Ethical Hacking
Created By: Madhur Jatiya
Email: [email protected]
private key. The public key is used for encryption and can be distributed
freely, while the private key is used for decryption and must be kept secret.
15. Public and Private Key Encryption
Ans:
Private and public key encryption are two different methods of encryption
used to secure information and communications.
Public Key
Public key encryption, also known as asymmetric key encryption, uses two
different keys, a public key and a private key, to encrypt and decrypt
information. The public key is widely available and can be used by anyone
to encrypt messages, but only the owner of the corresponding private key
can decrypt the message. The private key is kept secret by the owner and
is used to decrypt messages that have been encrypted with the
corresponding public key.
Private Key
Private key encryption, also known as symmetric key encryption, uses a
single key to encrypt and decrypt information. This means that the same
key is used both to encrypt and decrypt the data. With private key
encryption, both the sender and recipient of the message must have the
same key in order to communicate securely.
Created By: Madhur Jatiya
Email: [email protected]
private key. The public key is used for encryption and can be distributed
freely, while the private key is used for decryption and must be kept secret.
15. Public and Private Key Encryption
Ans:
Private and public key encryption are two different methods of encryption
used to secure information and communications.
Public Key
Public key encryption, also known as asymmetric key encryption, uses two
different keys, a public key and a private key, to encrypt and decrypt
information. The public key is widely available and can be used by anyone
to encrypt messages, but only the owner of the corresponding private key
can decrypt the message. The private key is kept secret by the owner and
is used to decrypt messages that have been encrypted with the
corresponding public key.
Private Key
Private key encryption, also known as symmetric key encryption, uses a
single key to encrypt and decrypt information. This means that the same
key is used both to encrypt and decrypt the data. With private key
encryption, both the sender and recipient of the message must have the
same key in order to communicate securely.
NPTL – Ethical Hacking
Created By: Madhur Jatiya
Email: [email protected]
Difference between Public key vs Private Key
Key Private Key Public Key
Algorithm
Private key is used for both encrypting
and decrypting the sensitive data. It is
shared between the sender and receiver
of encrypted data.
Public key is used only for the
purpose of encrypting the data.
Performance
The private key mechanism is faster. The public key mechanism is
slower.
Secrecy
The private key is kept secret and not
public to anyone apart from the sender
and the receiver.
The public key is free to use and
the private key is kept secret
only.
Type
The private key mechanism is called
"symmetric" because a single key is
shared between two parties.
The public key mechanism is
called "asymmetric" because
there are two keys for different
purposes.
Sharing
The private key is to be shared between
two parties.
The public key can be used by
anyone but the private key is to
be shared between two parties
only.
Created By: Madhur Jatiya
Email: [email protected]
Difference between Public key vs Private Key
Key Private Key Public Key
Algorithm
Private key is used for both encrypting
and decrypting the sensitive data. It is
shared between the sender and receiver
of encrypted data.
Public key is used only for the
purpose of encrypting the data.
Performance
The private key mechanism is faster. The public key mechanism is
slower.
Secrecy
The private key is kept secret and not
public to anyone apart from the sender
and the receiver.
The public key is free to use and
the private key is kept secret
only.
Type
The private key mechanism is called
"symmetric" because a single key is
shared between two parties.
The public key mechanism is
called "asymmetric" because
there are two keys for different
purposes.
Sharing
The private key is to be shared between
two parties.
The public key can be used by
anyone but the private key is to
be shared between two parties
only.
NPTL – Ethical Hacking
Created By: Madhur Jatiya
Email: [email protected]
16. Public Cryptographic hash function.
Ans: Hash functions are extremely useful and appear in almost all
information security applications.
A public cryptographic hash function is a type of mathematical algorithm
that takes in a message or data of any size and produces a fixed-size
output Values returned by a hash function are called message digest or
simply hash values.
Created By: Madhur Jatiya
Email: [email protected]
16. Public Cryptographic hash function.
Ans: Hash functions are extremely useful and appear in almost all
information security applications.
A public cryptographic hash function is a type of mathematical algorithm
that takes in a message or data of any size and produces a fixed-size
output Values returned by a hash function are called message digest or
simply hash values.
NPTL – Ethical Hacking
Created By: Madhur Jatiya
Email: [email protected]
The key feature of a public cryptographic hash function is that it is a one-
way function, meaning that it is easy to compute the hash from the input,
but it is computationally infeasible to derive the input from the hash.
Public cryptographic hash functions are widely used in digital signatures,
message authentication codes, and password storage. Some common
examples of public cryptographic hash functions include SHA-1, SHA-2,
and MD5.
17. Digital Signature and its Applications.
Ans:
A digital signature is a special kind of signature used to verify the
authenticity and integrity of a digital document, message or transaction.
It works by using a combination of advanced mathematical techniques,
such as public key cryptography and hash functions, to create a unique
digital "fingerprint" of the document. This fingerprint is then encrypted
with the sender's private key, creating a digital signature.
When the recipient receives the digital document, they can use the
sender's public key to decrypt the signature and obtain the fingerprint.
They can then compare this fingerprint to a newly-generated fingerprint
of the document.
Created By: Madhur Jatiya
Email: [email protected]
The key feature of a public cryptographic hash function is that it is a one-
way function, meaning that it is easy to compute the hash from the input,
but it is computationally infeasible to derive the input from the hash.
Public cryptographic hash functions are widely used in digital signatures,
message authentication codes, and password storage. Some common
examples of public cryptographic hash functions include SHA-1, SHA-2,
and MD5.
17. Digital Signature and its Applications.
Ans:
A digital signature is a special kind of signature used to verify the
authenticity and integrity of a digital document, message or transaction.
It works by using a combination of advanced mathematical techniques,
such as public key cryptography and hash functions, to create a unique
digital "fingerprint" of the document. This fingerprint is then encrypted
with the sender's private key, creating a digital signature.
When the recipient receives the digital document, they can use the
sender's public key to decrypt the signature and obtain the fingerprint.
They can then compare this fingerprint to a newly-generated fingerprint
of the document.
NPTL – Ethical Hacking
Created By: Madhur Jatiya
Email: [email protected]
The steps followed in creating digital signature
• Message digest is computed by applying hash function on the message
and then message digest is encrypted using private key of sender to
form the digital signature. (Digital signature = encryption (private key
of sender, message digest) and message digest = message digest
algorithm(message)).
• Digital signature is then transmitted with the message. (message +
digital signature is transmitted)
• Receiver decrypts the digital signature using the public key of sender.
(This assures authenticity, as only sender has his private key so only
sender can encrypt using his private key which can thus be decrypted
by sender’s public key).
• The receiver now has the message digest.
• The receiver can compute the message digest from the message (actual
message is sent with the digital signature).
• The message digest computed by receiver and the message digest (got
by decryption on digital signature) need to be same for ensuring
integrity.
Benefits of Digital Signatures
• Security: Digital signatures use advanced cryptographic techniques to
ensure the authenticity and integrity of digital data. This makes them
difficult to forge or tamper with, providing a high level of security.
• Efficiency: Digital signatures can be signed and verified quickly and
easily, without the need for physical documents or signatures.
• Cost savings: By eliminating the need for physical documents and
signatures, digital signatures can help reduce paper, printing, and
mailing costs.
Applications of Digital Signatures
• Digital signatures can be used to sign and validate contracts,
agreements, and other legal documents.
• Digital signatures can be used to encrypt and sign email messages,
providing a high level of security and authenticity.
Created By: Madhur Jatiya
Email: [email protected]
The steps followed in creating digital signature
• Message digest is computed by applying hash function on the message
and then message digest is encrypted using private key of sender to
form the digital signature. (Digital signature = encryption (private key
of sender, message digest) and message digest = message digest
algorithm(message)).
• Digital signature is then transmitted with the message. (message +
digital signature is transmitted)
• Receiver decrypts the digital signature using the public key of sender.
(This assures authenticity, as only sender has his private key so only
sender can encrypt using his private key which can thus be decrypted
by sender’s public key).
• The receiver now has the message digest.
• The receiver can compute the message digest from the message (actual
message is sent with the digital signature).
• The message digest computed by receiver and the message digest (got
by decryption on digital signature) need to be same for ensuring
integrity.
Benefits of Digital Signatures
• Security: Digital signatures use advanced cryptographic techniques to
ensure the authenticity and integrity of digital data. This makes them
difficult to forge or tamper with, providing a high level of security.
• Efficiency: Digital signatures can be signed and verified quickly and
easily, without the need for physical documents or signatures.
• Cost savings: By eliminating the need for physical documents and
signatures, digital signatures can help reduce paper, printing, and
mailing costs.
Applications of Digital Signatures
• Digital signatures can be used to sign and validate contracts,
agreements, and other legal documents.
• Digital signatures can be used to encrypt and sign email messages,
providing a high level of security and authenticity.
NPTL – Ethical Hacking
Created By: Madhur Jatiya
Email: [email protected]
• Digital signatures can be used to sign and authenticate online
transactions, such as banking and e-commerce.
18. Digital Certificate and its Applications.
Ans: Digital certificate is an electronic document which is issued by a
trusted third party which proves sender’s identity to the receiver and
receiver’s identity to the sender.
A digital certificate is a certificate issued by a Certificate Authority (CA) to
verify the identity of the certificate holder. The CA issues an encrypted
digital certificate containing the applicant’s public key and a variety of
other identification information.
Digital certificate includes the following components
• Subject: This is the entity or person identified by the certificate, such as a
website or an individual.
• Public Key: This is the public key associated with the entity or person
identified in the subject field.
• Issuer: This is the organization or entity that issues the certificate.
Created By: Madhur Jatiya
Email: [email protected]
• Digital signatures can be used to sign and authenticate online
transactions, such as banking and e-commerce.
18. Digital Certificate and its Applications.
Ans: Digital certificate is an electronic document which is issued by a
trusted third party which proves sender’s identity to the receiver and
receiver’s identity to the sender.
A digital certificate is a certificate issued by a Certificate Authority (CA) to
verify the identity of the certificate holder. The CA issues an encrypted
digital certificate containing the applicant’s public key and a variety of
other identification information.
Digital certificate includes the following components
• Subject: This is the entity or person identified by the certificate, such as a
website or an individual.
• Public Key: This is the public key associated with the entity or person
identified in the subject field.
• Issuer: This is the organization or entity that issues the certificate.
NPTL – Ethical Hacking
Created By: Madhur Jatiya
Email: [email protected]
• Signature: This is the digital signature of the issuer, which verifies the
authenticity of the certificate.
• Validity Period: This is the period of time during which the certificate is
valid.
Benefits of Digital Certificate
• Security: Digital certificates use advanced cryptographic techniques
to ensure the authenticity and integrity of digital data, providing a
high level of security.
• Convenience: Digital certificates can be used to securely
authenticate users and devices without the need for physical tokens
or passwords.
• Trust: Digital certificates are issued by trusted third parties,
providing a high level of trust and confidence in the authenticity of
the certificate holder.
Applications of Digital Certificate
• Digital certificates are commonly used to secure online
communications, including email, instant messaging, and file transfers.
By verifying the identity of the sender and ensuring the integrity of the
data.
• Digital certificates are essential for secure online transactions, such as
online banking, e-commerce, and online payments. By verifying the
identity of both the buyer and the seller, digital certificates provide a
secure and trustworthy platform for online transactions.
• Digital certificates are used to sign software and other code, ensuring
its authenticity and integrity. This helps to prevent malware and other
forms of cyber-attacks, and provides a trusted source of software and
code.
Created By: Madhur Jatiya
Email: [email protected]
• Signature: This is the digital signature of the issuer, which verifies the
authenticity of the certificate.
• Validity Period: This is the period of time during which the certificate is
valid.
Benefits of Digital Certificate
• Security: Digital certificates use advanced cryptographic techniques
to ensure the authenticity and integrity of digital data, providing a
high level of security.
• Convenience: Digital certificates can be used to securely
authenticate users and devices without the need for physical tokens
or passwords.
• Trust: Digital certificates are issued by trusted third parties,
providing a high level of trust and confidence in the authenticity of
the certificate holder.
Applications of Digital Certificate
• Digital certificates are commonly used to secure online
communications, including email, instant messaging, and file transfers.
By verifying the identity of the sender and ensuring the integrity of the
data.
• Digital certificates are essential for secure online transactions, such as
online banking, e-commerce, and online payments. By verifying the
identity of both the buyer and the seller, digital certificates provide a
secure and trustworthy platform for online transactions.
• Digital certificates are used to sign software and other code, ensuring
its authenticity and integrity. This helps to prevent malware and other
forms of cyber-attacks, and provides a trusted source of software and
code.
NPTL – Ethical Hacking
Created By: Madhur Jatiya
Email: [email protected]
19. Steganography
Ans: Steganography is the technique of hiding a secret message or
information within another non-secret medium, such as an image, audio,
or video, in such a way that the presence of the hidden message is
undetectable.
The goal of steganography is to keep the fact that a message is being sent
a secret, while also ensuring that only the intended recipient can access
and understand the message.
Types of steganography
Created By: Madhur Jatiya
Email: [email protected]
19. Steganography
Ans: Steganography is the technique of hiding a secret message or
information within another non-secret medium, such as an image, audio,
or video, in such a way that the presence of the hidden message is
undetectable.
The goal of steganography is to keep the fact that a message is being sent
a secret, while also ensuring that only the intended recipient can access
and understand the message.
Types of steganography
NPTL – Ethical Hacking
Created By: Madhur Jatiya
Email: [email protected]
• Text steganography: The hiding of secret messages within text
documents, emails, or other textual data.
• Image steganography: The hiding of secret messages within digital
images by subtly modifying the pixel values of the image.
• Video steganography: The hiding of secret messages within digital
video streams by manipulating the video frames or audio tracks.
• Audio steganography: The hiding of secret messages within digital
audio streams by subtly modifying the audio samples.
• Network steganography: The hiding of secret messages within
network protocols or data transmissions by encoding the message into
the data packets or other communication protocols.
20. Biometric Authentication
Ans: Biometric authentication is a security mechanism that uses unique
biological characteristics, such as fingerprints, iris patterns, facial
recognition, voice patterns, or hand geometry, to verify the identity of an
individual.
Biometric authentication provides a highly secure and convenient way to
authenticate users because biometric data is unique to each individual and
cannot be easily replicated or stolen like passwords or tokens.
Created By: Madhur Jatiya
Email: [email protected]
• Text steganography: The hiding of secret messages within text
documents, emails, or other textual data.
• Image steganography: The hiding of secret messages within digital
images by subtly modifying the pixel values of the image.
• Video steganography: The hiding of secret messages within digital
video streams by manipulating the video frames or audio tracks.
• Audio steganography: The hiding of secret messages within digital
audio streams by subtly modifying the audio samples.
• Network steganography: The hiding of secret messages within
network protocols or data transmissions by encoding the message into
the data packets or other communication protocols.
20. Biometric Authentication
Ans: Biometric authentication is a security mechanism that uses unique
biological characteristics, such as fingerprints, iris patterns, facial
recognition, voice patterns, or hand geometry, to verify the identity of an
individual.
Biometric authentication provides a highly secure and convenient way to
authenticate users because biometric data is unique to each individual and
cannot be easily replicated or stolen like passwords or tokens.
NPTL – Ethical Hacking
Created By: Madhur Jatiya
Email: [email protected]
The process of biometric authentication involves capturing biometric data
from the user, such as a fingerprint or facial scan, and comparing it to a
pre-registered template or database of biometric data to verify the
identity of the user. If the biometric data matches the template, access is
granted; if not, access is denied.
Biometric authentication is commonly used in physical access control,
such as unlocking doors, as well as in digital systems, such as mobile
devices, computers, and online banking. It provides a higher level of
security compared to traditional authentication methods, such as
passwords, that can be easily guessed, stolen, or forgotten.
Types of Biometric Authentication
• Fingerprint recognition: Uses unique features of an individual's
fingerprints to authenticate their identity.
• Facial recognition: Analyses unique features of a person's face to
verify their identity.
• Iris recognition: Uses the unique pattern of the coloured ring around
the pupil of an individual's eye to authenticate their identity.
• Voice recognition: Analyses unique characteristics of a person's voice
to authenticate their identity.
Created By: Madhur Jatiya
Email: [email protected]
The process of biometric authentication involves capturing biometric data
from the user, such as a fingerprint or facial scan, and comparing it to a
pre-registered template or database of biometric data to verify the
identity of the user. If the biometric data matches the template, access is
granted; if not, access is denied.
Biometric authentication is commonly used in physical access control,
such as unlocking doors, as well as in digital systems, such as mobile
devices, computers, and online banking. It provides a higher level of
security compared to traditional authentication methods, such as
passwords, that can be easily guessed, stolen, or forgotten.
Types of Biometric Authentication
• Fingerprint recognition: Uses unique features of an individual's
fingerprints to authenticate their identity.
• Facial recognition: Analyses unique features of a person's face to
verify their identity.
• Iris recognition: Uses the unique pattern of the coloured ring around
the pupil of an individual's eye to authenticate their identity.
• Voice recognition: Analyses unique characteristics of a person's voice
to authenticate their identity.
NPTL – Ethical Hacking
Created By: Madhur Jatiya
Email: [email protected]
• Hand geometry recognition: Uses the unique physical
characteristics of an individual's hand and fingers to authenticate their
identity.
21. Network-Based Attacks.
Ans:
1. Denial-of-Service(DOS) and Distributed Denial-of-Service(DDOS):
A DoS attack is a type of attack that floods a server or network with
traffic, making it unable to respond to legitimate requests. In a DDoS
attack, the traffic comes from multiple sources, making it even harder
to mitigate. These attacks are often carried out using botnets, which
are networks of compromised computers that can be controlled
remotely.
2. Man in the middle attack: In a MitM attack, an attacker intercepts and
modifies communication between two parties who believe they are
communicating directly with each other. This can be used to steal
sensitive information, such as login credentials or credit card numbers.
Created By: Madhur Jatiya
Email: [email protected]
• Hand geometry recognition: Uses the unique physical
characteristics of an individual's hand and fingers to authenticate their
identity.
21. Network-Based Attacks.
Ans:
1. Denial-of-Service(DOS) and Distributed Denial-of-Service(DDOS):
A DoS attack is a type of attack that floods a server or network with
traffic, making it unable to respond to legitimate requests. In a DDoS
attack, the traffic comes from multiple sources, making it even harder
to mitigate. These attacks are often carried out using botnets, which
are networks of compromised computers that can be controlled
remotely.
2. Man in the middle attack: In a MitM attack, an attacker intercepts and
modifies communication between two parties who believe they are
communicating directly with each other. This can be used to steal
sensitive information, such as login credentials or credit card numbers.
NPTL – Ethical Hacking
Created By: Madhur Jatiya
Email: [email protected]
3. Packet sniffer: A packet sniffing attack, or simply a sniffing attack, is
a cyber-attack that involves intercepting and misusing content (like
reading sensitive data) passing through a network in the form of
packets. Unencrypted email communications, login passwords, and
financial information are common targets for a packet sniffing attack.
4. DNS Spoofing: DNS spoofing is a type of attack that targets the DNS
system, redirecting users to fake websites or servers. This can be used
to steal sensitive information, such as login credentials or credit card
numbers.
5. SQL Injection: SQL injection is a type of attack that targets web
applications with vulnerable SQL queries. By inserting malicious SQL
code into a vulnerable query, an attacker can gain unauthorized access
to sensitive data or even take control of the server.
Created By: Madhur Jatiya
Email: [email protected]
3. Packet sniffer: A packet sniffing attack, or simply a sniffing attack, is
a cyber-attack that involves intercepting and misusing content (like
reading sensitive data) passing through a network in the form of
packets. Unencrypted email communications, login passwords, and
financial information are common targets for a packet sniffing attack.
4. DNS Spoofing: DNS spoofing is a type of attack that targets the DNS
system, redirecting users to fake websites or servers. This can be used
to steal sensitive information, such as login credentials or credit card
numbers.
5. SQL Injection: SQL injection is a type of attack that targets web
applications with vulnerable SQL queries. By inserting malicious SQL
code into a vulnerable query, an attacker can gain unauthorized access
to sensitive data or even take control of the server.
NPTL – Ethical Hacking
Created By: Madhur Jatiya
Email: [email protected]
22. DNS and Email Security.
Ans:
DNS
DNS stands for Domain Name System. It is a distributed system that
translates domain names into IP addresses. It is essentially a phonebook
for the internet that enables users to access websites by typing in a
domain name instead of an IP address.
When a user types in a domain name (e.g., www.example.com) into their
web browser, the browser sends a request to a DNS server maps the
domain name to an IP address.
DNS Spoofing: DNS spoofing is a type of attack that targets the DNS
system, redirecting users to fake websites or servers. This can be used to
steal sensitive information, such as login credentials or credit card
numbers.
Created By: Madhur Jatiya
Email: [email protected]
22. DNS and Email Security.
Ans:
DNS
DNS stands for Domain Name System. It is a distributed system that
translates domain names into IP addresses. It is essentially a phonebook
for the internet that enables users to access websites by typing in a
domain name instead of an IP address.
When a user types in a domain name (e.g., www.example.com) into their
web browser, the browser sends a request to a DNS server maps the
domain name to an IP address.
DNS Spoofing: DNS spoofing is a type of attack that targets the DNS
system, redirecting users to fake websites or servers. This can be used to
steal sensitive information, such as login credentials or credit card
numbers.
NPTL – Ethical Hacking
Created By: Madhur Jatiya
Email: [email protected]
Email Security
Email security refers to the measures taken to protect email
communications from unauthorized access, interception, and
manipulation. Email is a common target for cybercriminals, who use
various tactics to compromise email accounts and steal sensitive
information.
Hackers and cybercriminals use email as a means to disseminate malware,
spam, and phishing assaults.
Threats to Email Marketing
• Spam: Spam is defined as unsolicited emails sent in large numbers.
• Phishing: Phishing is when hackers use false emails, adverts, links, or
messages to steal personal information or gain access to internet
accounts.
• Malware: Malware is when cybercriminals use harmful code distributed
in email communications to infect one or more machines.
• Spoofing: Spoofing is a spam and phishing assault tactic used by
hackers. It is meant to deceive consumers into believing that the
communication comes from someone or something they know or can
trust.
PGP
• PGP stands for Pretty Good Privacy (PGP).
• PGP is an open source and freely available software package for email
security.
• PGP was designed to provide all four aspects of security, i.e., privacy,
integrity, authentication, and non-repudiation in the sending of email.
• PGP uses a digital signature (a combination of hashing and public key
encryption) to provide integrity, authentication, and non-repudiation.
• PGP uses a combination of secret key encryption and public key
encryption to provide privacy.
Created By: Madhur Jatiya
Email: [email protected]
Email Security
Email security refers to the measures taken to protect email
communications from unauthorized access, interception, and
manipulation. Email is a common target for cybercriminals, who use
various tactics to compromise email accounts and steal sensitive
information.
Hackers and cybercriminals use email as a means to disseminate malware,
spam, and phishing assaults.
Threats to Email Marketing
• Spam: Spam is defined as unsolicited emails sent in large numbers.
• Phishing: Phishing is when hackers use false emails, adverts, links, or
messages to steal personal information or gain access to internet
accounts.
• Malware: Malware is when cybercriminals use harmful code distributed
in email communications to infect one or more machines.
• Spoofing: Spoofing is a spam and phishing assault tactic used by
hackers. It is meant to deceive consumers into believing that the
communication comes from someone or something they know or can
trust.
PGP
• PGP stands for Pretty Good Privacy (PGP).
• PGP is an open source and freely available software package for email
security.
• PGP was designed to provide all four aspects of security, i.e., privacy,
integrity, authentication, and non-repudiation in the sending of email.
• PGP uses a digital signature (a combination of hashing and public key
encryption) to provide integrity, authentication, and non-repudiation.
• PGP uses a combination of secret key encryption and public key
encryption to provide privacy.
NPTL – Ethical Hacking
Created By: Madhur Jatiya
Email: [email protected]
23. Explain Packet sniffing using Wireshark and burp
suite in detail.
Ans: A packet sniffing attack, or simply a sniffing attack, is a cyber-
attack that involves intercepting and misusing content (like reading
sensitive data) passing through a network in the form of packets.
Unencrypted email communications, login passwords, and financial
information are common targets for a packet sniffing attack.
Two popular tools for packet sniffing are Wireshark and Burp Suite.
Wireshark is a free, open-source network protocol analyser that can
capture and analyse network traffic in real time. Burp Suite, on the other
hand, is a paid tool that is widely used for web application security testing,
but also includes a packet sniffer component.
24. Describe password attack using burp suite in detail.
Ans: Burp Suite is a popular tool used by security professionals
to test the security of web applications. It includes a variety of
tools, including a web proxy, scanner, and intruder, that can be
used to identify vulnerabilities and perform attacks.
Here are the steps for a password attack using Burp Suite:
1. Set up Burp Suite - Start by downloading and installing Burp Suite
from the PortSwigger website. Once installed, open Burp Suite and
configure your browser to use Burp Suite as a proxy. This will allow Burp
Created By: Madhur Jatiya
Email: [email protected]
23. Explain Packet sniffing using Wireshark and burp
suite in detail.
Ans: A packet sniffing attack, or simply a sniffing attack, is a cyber-
attack that involves intercepting and misusing content (like reading
sensitive data) passing through a network in the form of packets.
Unencrypted email communications, login passwords, and financial
information are common targets for a packet sniffing attack.
Two popular tools for packet sniffing are Wireshark and Burp Suite.
Wireshark is a free, open-source network protocol analyser that can
capture and analyse network traffic in real time. Burp Suite, on the other
hand, is a paid tool that is widely used for web application security testing,
but also includes a packet sniffer component.
24. Describe password attack using burp suite in detail.
Ans: Burp Suite is a popular tool used by security professionals
to test the security of web applications. It includes a variety of
tools, including a web proxy, scanner, and intruder, that can be
used to identify vulnerabilities and perform attacks.
Here are the steps for a password attack using Burp Suite:
1. Set up Burp Suite - Start by downloading and installing Burp Suite
from the PortSwigger website. Once installed, open Burp Suite and
configure your browser to use Burp Suite as a proxy. This will allow Burp
NPTL – Ethical Hacking
Created By: Madhur Jatiya
Email: [email protected]
Suite to intercept and modify the traffic between your browser and the
target web application.
2. Identify the login page - Use your browser to navigate to the login
page of the target web application.
3. Capture the login request - In Burp Suite, switch to the "Proxy" tab
and ensure that intercept is turned on. Refresh the login page in your
browser, and Burp Suite should intercept the request.
4. Configure the Intruder - In the Intruder tool, switch to the "Positions"
tab and select the login form fields that you want to attack (usually the
username and password fields). Switch to the "Payloads" tab and select
the "Payload type" to use for the attack. There are several options
available, but the most common are "Simple list" (a list of passwords to
try). In the "Payload options" section, enter the values you want to try.
You can use a dictionary attack, which is a list of common passwords or
brute-force attack, which generates random passwords.
5. Start the attack - Once you have configured the Intruder, click the
"Start attack" button to begin the password attack. Burp Suite will
automatically send the login request with each payload value, and you
can monitor the responses in the "Intruder" tab.
6. Analyse the results - After the attack has finished, you can analyse the
results in the "Intruder" tab. Look for any successful logins and note the
username and password combination that worked.
25. What do you understand by social engineering
attacks? Explain in detail.
Ans: Social engineering is a manipulation technique that exploits
human error to obtain private information or valuable data. In
cybercrime, the human hacking scams entice unsuspecting users
to disclose data, spread malware infections, or give them access
to restricted systems. Attacks can occur online, in-person, and by
other interactions.
Created By: Madhur Jatiya
Email: [email protected]
Suite to intercept and modify the traffic between your browser and the
target web application.
2. Identify the login page - Use your browser to navigate to the login
page of the target web application.
3. Capture the login request - In Burp Suite, switch to the "Proxy" tab
and ensure that intercept is turned on. Refresh the login page in your
browser, and Burp Suite should intercept the request.
4. Configure the Intruder - In the Intruder tool, switch to the "Positions"
tab and select the login form fields that you want to attack (usually the
username and password fields). Switch to the "Payloads" tab and select
the "Payload type" to use for the attack. There are several options
available, but the most common are "Simple list" (a list of passwords to
try). In the "Payload options" section, enter the values you want to try.
You can use a dictionary attack, which is a list of common passwords or
brute-force attack, which generates random passwords.
5. Start the attack - Once you have configured the Intruder, click the
"Start attack" button to begin the password attack. Burp Suite will
automatically send the login request with each payload value, and you
can monitor the responses in the "Intruder" tab.
6. Analyse the results - After the attack has finished, you can analyse the
results in the "Intruder" tab. Look for any successful logins and note the
username and password combination that worked.
25. What do you understand by social engineering
attacks? Explain in detail.
Ans: Social engineering is a manipulation technique that exploits
human error to obtain private information or valuable data. In
cybercrime, the human hacking scams entice unsuspecting users
to disclose data, spread malware infections, or give them access
to restricted systems. Attacks can occur online, in-person, and by
other interactions.
NPTL – Ethical Hacking
Created By: Madhur Jatiya
Email: [email protected]
Types of Social Engineering Attacks
• Phishing Attacks: As one of the most popular social engineering
attack types. Phishing attacks are a type of online scam where criminals
attempt to steal sensitive information such as login credentials, credit
card numbers, and other personal information by posing as a
trustworthy entity in an electronic communication, such as an email or
a message.
• Quid pro quo Attack: Quid pro quo is a social engineering attack
where an attacker offers a benefit or incentive in exchange for
confidential information or access to a protected system. The attacker
may pose as an IT technician, customer support representative, or other
trusted authority figure and offer to help solve a problem in exchange
for information or access.
• Baiting Attack: This technique involves offering something of value,
such as a free download or prize, to lure users into providing personal
information or clicking on a malicious link.
• Scareware Attack: Scareware is a type of malicious software that uses
social engineering tactics to trick users into thinking their computer is
infected with a virus or malware. The scareware typically appears in the
form of a pop-up window or alert that looks like a legitimate security
warning from a trusted source, such as a software vendor or antivirus
program.
• Honey trap: In this attack, the social engineer pretends to be an
attractive person to interact with a person online, fake an online
relationship and gather sensitive information through that relationship.
• Tailgating: Attackers physically follow or accompany someone into a
restricted area or building, pretending to be an employee or authorized
person, in order to gain access.
Created By: Madhur Jatiya
Email: [email protected]
Types of Social Engineering Attacks
• Phishing Attacks: As one of the most popular social engineering
attack types. Phishing attacks are a type of online scam where criminals
attempt to steal sensitive information such as login credentials, credit
card numbers, and other personal information by posing as a
trustworthy entity in an electronic communication, such as an email or
a message.
• Quid pro quo Attack: Quid pro quo is a social engineering attack
where an attacker offers a benefit or incentive in exchange for
confidential information or access to a protected system. The attacker
may pose as an IT technician, customer support representative, or other
trusted authority figure and offer to help solve a problem in exchange
for information or access.
• Baiting Attack: This technique involves offering something of value,
such as a free download or prize, to lure users into providing personal
information or clicking on a malicious link.
• Scareware Attack: Scareware is a type of malicious software that uses
social engineering tactics to trick users into thinking their computer is
infected with a virus or malware. The scareware typically appears in the
form of a pop-up window or alert that looks like a legitimate security
warning from a trusted source, such as a software vendor or antivirus
program.
• Honey trap: In this attack, the social engineer pretends to be an
attractive person to interact with a person online, fake an online
relationship and gather sensitive information through that relationship.
• Tailgating: Attackers physically follow or accompany someone into a
restricted area or building, pretending to be an employee or authorized
person, in order to gain access.
Categories
EducationDownload
Download Slideshow Get the original presentation fileQuick Actions
Statistics
- Views 104
- Slides 44
- Age 934 days
Related Slideshows
11
TLE-9-Prepare-Salad-and-Dressing.pptxkkk
MaAngelicaCanceran
32 views
12
LESSON 1 ABOUT MEDIA AND INFORMATION.pptx
JojitGueta
24 views
60
GRADE-8-AQUACULTURE-WEEKQ1.pdfdfawgwyrsewru
MaAngelicaCanceran
40 views
26
Feelings PP Game FOR CHILDREN IN ELEMENTARY SCHOOL.pptx
KaistaGlow
39 views
![Jeopardy_Figures_of_Speech_Template.pptx [Autosaved].pptx](https://slidepub.com/thumb/5828/284015828.jpg)
54
Jeopardy_Figures_of_Speech_Template.pptx [Autosaved].pptx
acecamero20
23 views
7
Jeopardy_Figures_of_Speech.pptxvdsvdsvsdvsd
acecamero20
24 views