A Micro Project Report on Case Study Of Ethical Hacking Submitted by Mr Jagdish Pravin Patil Under the Guidance of Pr. D.M.Fegade In the Partial Fulfilment of sixthSemester of Diploma in Computer Engineering Affiliated to Maharashtra State Board of Technical Educati- Maharashtra State Board of Technical Education Certificate This is to certify that Mr. Jagdish Pravin Patil with Roll No-348has successfully completed Micro- project in course Network And Information Security for the academic year 2022-23 as prescribed in the ‘Assessment Manual during hisher tenure of completing Sixth Semester of Diploma Programme in Computer Engineering from institute, .S.Putil Institute of technology (polytechnic) ,Chopda Place: Chopda Enrollment No: 2100610136. Date: Exam Seat No:380102 Course Teacher Head of the Department Head of the InstituteAbstract: Hacking is basically expertise in any field. Hackers are classified as per w orking and as per knowledge. The et hical hackers come under white hat hackers. Ethical hackers use hacking techniques in order to provide secur ity. They are legally authorized hack ers. Various tools are used in order t 0 carry out hacking. The most comm on hacking technique used is phishin g. Since, there is a rapid growth in th e number of attack, there is a need f or people to learn ethical hacking co ncepts to secure themselvesSR.NO. CONTENT PAGE NO. Introduction » Need of ethical Types of Ethical Hacking © Web application hacking Social engineering @ System hacking e Hacking wireless networks © Web server hacking 4 types of Ethical Hackers 1) White Hat Hackers 2)Black Hat Hackers 3)Grey Hat Hackers 4)Miscellaneous Hackers s Professional Hackers in India ConclusionIntroduction To crack passwords or to steal data? No, it is much more than that. Ethical hacking is to scan vulnerabilities and to find potential threats on a computer or networks. An ethical hacker finds the weak points or loopholes in a computer, web applications or network and reports them to the organization. So, let’s explore more about Ethical Hacking step-by-step. Hacking is the activity of identifying weaknesses in a computer system or a network to exploit the security to gain access to personal data or business data. An example of computer hacking can be: using a password cracking algorithm to gain access to a computer system.ait} Security Neem taca y | Computers have become mandatory to run a successful businesses. It is not enough to have isolated computers systems; they need to be networked to facilitate communication with external businesses. This exposes them to the outside world and hacking. System hacking means using computers to commit fraudulent acts such as fraud, privacy invasion, stealing corporate/personal data, etc. Cyber crimes cost many organizations millions of dollars every year. Businesses need to protect themselves against such attacks.Who is a Hacker? A Hacker is a person who finds and exploits the weakness in computer systems and/or networks to gain access. Hackers are usually skilled computer programmers with knowledge of computer security. Need of ethical hacking We hear that attackers are hacked the big companies and big systems. Sometimes ago, a hacker hacked the Uber website. Due to this, the important information of around 50 million users was exposed. Many big companies like Google, Yahoo, Instagram, Facebook, Uber, they hire hackers. The hackers try to hack their systems. After hacking the system, they tell all the places where they found the weakness so that the company can fix it. Many companies also perform bug bounty programs. In this program, all the hackers around the world try to hack thewebsite or web of that company. If the hacker finds any bug, the company will pay them a reward for the bug. Ethical hacking is used to secure important data from enemies. It works as a safeguard of your computer from blackmail by the people who want to exploit the vulnerability. Using ethical hacking, a company or organization can find out security vulnerability and risks. types of ethical hacking @ Web application hacking Social engineering @ System hacking e Hacking wireless networks @ Web server hacking Web application hacking Web Applications acts as an interface between the users and servers using web pagesthat consist of script code that is supposed to be dynamically executed. One can access web applications with the help of the internet or intranet. Web hacking in general refers to the exploitation of applications via Hypertext Transfer Protocol (HTTP) which can be done by manipulating the application through its graphical web interface, tampering the Uniform Resource Identifier (URI) or exploiting HTTP elements. Social Engineering In the context of information security, social engineering is the psychological manipulation of people into performing actions or divulging confidential information. This differs from social engineering within the social sciences, which does not concern the divulging of confidential information. A type of confidence trick for the purpose of information gathering, fraud, or system access, it differs from a traditional "con"in that it is often one of many steps in a more complex fraud scheme. System Hacking System hacking is a vast subject that consists of hacking the different software-based technological systems such as laptops, desktops, etc. System hacking is defined as the compromise of computer systems and software to access the target computer and steal or misuse their sensitive information. Here the malicious hacker exploits the weaknesses in a computer system or network to gain unauthorized access to its data or take illegal advantage. Hacking wireless networks Cracking a wireless network is defeating the security of a wireless local-area network (back-jack wireless LAN). A commonly used wireless LAN is a Wi-Fi network. WirelessLANs have inherent security weaknesses from which wired networks are exempt. Wireless cracking is an information network attack similar to a direct intrusion. Two frequent types of vulnerabilities in wireless LANs are those caused by poor configuration, and those caused by weak or flawed security protocols. Web Server Hacking Over the past decade, more individuals have access to the internet than ever before. Many organizations develop web-based applications, which their users can use to interact with them. But improper configuration and poorly written codes in web servers are a threat and can be used to gain unauthorized access to the servers’ sensitive data. This article tries to give an overview on Web Servers. We will be covering some topics which include working of a server, top web servers in the industry,web server vulnerabilities, webserver attacks, tools and some counter measures to protect against such attacks. Types of Ethical Hackers 5) White Hat Hackers 6) Black Hat Hackers 7) Grey Hat Hackers 8) Miscellaneous Hackers Hackers can be classified into different categories such as white hat, black hat, and grey hat, based on their intent of hacking a system. These different terms come from old Spaghetti Westerns, where the bad guy wears a black cowboy hat and the good guy wears a white hat.White Hat Hackers White Hat hackers are also known as Ethical Hackers. They never intent to harm a system, rather they try to find out weaknesses in a computer or a network system as a part of penetration testing and vulnerability assessments. Ethical hacking is not illegal and it is one of the demanding jobs available in the IT industry. There are numerous companies that hire ethical hackers for penetration testing and vulnerability assessments. 2)Black Hat Hackers Black Hat hackers, also known as crackers, are those who hack in order to gain unauthorized access to a system and harm its operations or steal sensitive information. Black Hat hacking is always illegal because of its bad intent which includes stealingcorporate data, violating privacy, damaging the system, blocking network communication, etc. 3)Grey Hat Hackers Grey hat hackers are a blend of both black hat and white hat hackers. They act without malicious intent but for their fun, they exploit a security weakness in a computer system or network without the owner’s permission or knowledge. Their intent is to bring the weakness to the attention of the owners and getting appreciation or a little bounty from the owners. 4) Miscellaneous Hackers Apart from the above well-known classes of hackers, we have the following categories of hackers based on what they hack and how they do it — 1) Red Hat HackersRed hat hackers are again a blend of both black hat and white hat hackers. They are usually on the level of hacking government agencies, top-secret information hubs, and generally anything that falls under the category of sensitive information. 2) Blue Hat Hackers A blue hat hacker is someone outside computer security consulting firms who is used to bug-test a system prior to its launch. They look for loopholes that can be exploited and try to close these gaps. Microsoft also uses the term BlueHat to represent a series of security briefing events. 3) Elite Hackers This is a social status among hackers, which is used to describe the most skilled. Newly discovered exploits will circulate among these hackers. 4) Script KiddieA script kiddie is a non-expert who breaks into computer systems by using pre-packaged automated tools written by others, usually with little understanding of the underlying concept, hence the term Kiddie. 5) Neophyte A neophyte, "n00b", or "newbie" or "Green Hat Hacker" is someone who is new to hacking or phreaking and has almost no knowledge or experience of the workings of technology and hacking. 6) Hacktivist A hacktivist is a hacker who utilizes technology to announce a social, ideological, religious, or political message. In general, most hacktivism involves website defacement or denialof-service attacks.List of Top 10 Best Professional Hackers in India @ Vivek Ramachandran e Benild Joseph e Ankit Fadia e Sunny Vaghela e Falgun Rathod e Anand Prakash e Koushik Dutta e Pranav Mistry @ Trishnit Arora e Rahul TyagiConclusion In conclusion, ethical hacking is not a criminal activity and should not be considered as such. While it is true that malicious hacking is a computer crime and criminal activity, ethical hacking is never a crime. Ethical hacking is in line with industry regulation and organizational IT policies. Malicious hacking should be prevented while ethical hacking which promotes research, innovation, and technological breakthroughs should be encouraged and allowed