Go Back   2020 2021 Student Forum > Management Forum > Main Forum





 
  #2  
Old 25th March 2017, 04:10 PM
Super Moderator
 
Join Date: Mar 2013
Default Re: Ethical Hacking IIT Bombay

As you are searching for important notes on Ethical Hacking for IIT Bombay, so here I am giving notes on Ethical Hacking:

Notes on ‘Ethical Hacking’
Ethics : Covers History of Hacking, introduces the technical jargon's, and Industrial practices in the Information Security Domain.

Google Hacking : No, we are not hacking Google! Instead, we see how can one use Google Search Engine and its advanced operators, to dig out interesting (and sometimes dangerous) information from unsuspecting websites. This module will cover a hands-on Google hacking tricks, that uncover many private IP Cameras, password files, database dumps and more. Prevention, of course, will be covered too

Scanning : An old Chinese proverb goes, “If you know your enemy and yourself, then you will win every battle”. This is exactly we will be looking at in this module. Scanning aims at unearthing information by active involvement with the target. We will be covering DNS Zone transfers, IP range scanning, port scanning, banner grabbing, service profiling, among other scanning techniques.

Email Hacking : Emails are the lifelines of many corporates, institutions and individuals. However, current email protocols and implementations suffer many problems, which can be exploited easily for crackers gain. We will look at both exploiting and preventing these loopholes. Also, tracing emails, actively and passively will be covered.

Trojans : Imagine your system being under control of a remote, evil cracker, who can view your screen, see your keystrokes, listen through your microphone and see through your webcam. Sounds scary, right? This is precisely what Trojans (or to be technically correct, most widely used implementations of Trojans – Remote Access Tools or RATs) do. We will look at making Trojans, making them fully undetectable, problems in WAN attacking, port forwarding, dynamic DNS and launching them onto victims. Also, knowing how to do these, will enable us to have an active insight into functioning of Anti viruses, and manual detection of Trojans.

PHP Injection : PHP is the most widely used server side scripting language. It being open-source definitely makes it secure than its counterparts, but it does have share of its loopholes. Directory transversal, shell uploading, dangerous exec functions will be looked at, from both the attacker's and defender's perspective.

SQL Injection : SQL, is a standard language used to interact with most RDBMS packages. SQL injection is the process of injecting bits of SQL queries into input boxes or URL's to hack the web applications. It is a very simple attack, both to carry out and prevent. But still, as we will see, many of the top websites are vulnerable to this attack. Formulating SQL Injection queries, advanced URL based injection, database mapping, exploiting them and preventing them will be covered in this module.

Phishing : Phishing or “fishing” for passwords is a very simple attack. Do not undermine its
simplicity though, it is the culprit for leak of over 50% of the passwords online! Creating phishing pages, logging the passwords, using social engineering to direct the victims to our “phishing net” will be covered, along with security measures and preventions against these.

Notes on ‘Ethical Hacking’



Last edited by Rajkumar Agarwal; 25th March 2017 at 04:22 PM.
Reply With Quote Quick reply to this message
Reply


Quick Reply
Your Username: Click here to log in

Message:
Options

Thread Tools Search this Thread



All times are GMT +5. The time now is 03:56 AM.


Powered by vBulletin® Version 3.8.11
Copyright ©2000 - 2020, vBulletin Solutions Inc.
SEO by vBSEO 3.6.0 PL2

1 2 3