Ethical Hacking

What is Ethical Hacking?

Ethical hacking and ethical hacker are terms used to describe hacking performed by a company or individual to help identify potential threats on a computer or network. An ethical hacker attempts to bypass system security and search for any weak points that could be exploited by malicious hackers. This information is then used by the organization to improve the system security, in an effort to minimize or eliminate any potential attacks.

What constitutes ethical hacking?


For hacking to be deemed ethical, the hacker must obey the following rules:

1.     Expressed (often written) permission to probe the network and attempt to identify potential security risks.
2.     You respect the individual's or company's privacy.
3.     You close out your work, not leaving anything open for you or someone else to exploit at a later time.
4.     You let the software developer or hardware manufacturer know of any security vulnerabilities you locate in their software or hardware, if not already known by the company.

Types of Hacking


We can segregate hacking into different categories, based on what is being hacked. Here is a set of examples –

·        Website Hacking − Hacking a website means taking unauthorized control over a web server and its associated software such as databases and other interfaces.
·        Network Hacking − Hacking a network means gathering information about a network by using tools like Telnet, NS lookup, Ping, Tracert, Netstat, etc. with the intent to harm the network system and hamper its operation.
·        Email Hacking − It includes getting unauthorized access on an Email account and using it without taking the consent of its owner.
·        Ethical Hacking − Ethical hacking involves finding weaknesses in a computer or network system for testing purpose and finally getting them fixed.
·        Password Hacking − This is the process of recovering secret passwords from data that has been stored in or transmitted by a computer system.
·        Computer Hacking − This is the process of stealing computer ID and password by applying hacking methods and getting unauthorized access to a computer system.

 

Advantages of Hacking


Hacking is quite useful in the following scenarios −
·        To recover lost information, especially in case you lost your password.
·        To perform penetration testing to strengthen computer and network security.
·        To put adequate preventative measures in place to prevent security breaches.
·        To have a computer system that prevents malicious hackers from gaining access.

 

Disadvantages of Hacking


Hacking is quite dangerous if it is done with harmful intent. It can cause −
·        Massive security breach.
·        Unauthorized system access on private information.
·        Privacy violation.
·        Hampering system operation.
·        Denial of service attacks.
·        Malicious attack on the system.

 

Purpose of Hacking


There could be various positive and negative intentions behind performing hacking activities. Here is a list of some probable reasons why people indulge in hacking activities −
·        Just for fun
·        Show-off
·        Steal important information
·        Damaging the system
·        Hampering privacy
·        Money extortion
·        System security testing
·        To break policy compliance

Top Indian Hackers

1. Saket Modi

Saket has been awarded the title of "Indian Ambassador of Cyber Security in Education" at the National Education Awards 2013. Over last 5 years, he along with his team have been conducting training and consultancy sessions across the globe. At a young age, he has already trained more than 5000 individuals across 100 plus Colleges, Corporates & Government Departments. Multiple Fortune 500 companies, Intelligence Agencies, Special Task Forces etc have been availing his services from time to time. Saket is also an advisor to reputed banks, oil & gas companies and e-commerce portals in designing and deploying safe cyber architectures for their business. In 2016 he was a part of both, Forbes India and Forbes Asia list of 30 under 30. 

2. Ankit Fadia

 Ankit Fadia  is an independent computer security and digital intelligence consultant with definitive experience in the field of Internet security based out of the Silicon Valley in California, USA. He has authored 14 internationally best-selling books on numerous topics related to Computer Security that have been widely appreciated by both professionals and industry leaders the world over. He was one of eight people named MTV India's Youth Icon of the Year for the year 2008.

3. Sunny Vaghela

 Sunny Vaghela is one of the countries pioneer Information Security & Cyber Crime Consultant. The young and dynamic personality of Sunny has not only assisted in solving complex cyber crime cases but has also played an instrumental role in creating awareness about information security and cyber crimes. During his graduation at Nirma University he developed projects like SMS Based Control System, Voice Recognition Based Control System exhibiting his sharp acumen for technology. 

4. Pranav Mistry
  
Pranav Mistry is a research assistant and a PhD candidate at MIT Media Lab. SixthSense has recently attracted global attention. Among some of his previous work, Pranav has invented Mouseless - an invisible computer mouse; intelligent sticky notes that can be searched, located and can send reminders and messages; a pen that can draw in 3D; and a public map that can act as Google of physical world. Pranav has commercialized his invention, the sixth sense and SixthSense is now being actively used at NASA. It is rumored that Facebook tried to acquire the technology from Pranav for a reportedly $2 billion and 5% ownership of Facebook, but Pranav decided to open source it instead.

5. Manan Shah

Manan Shah is an Indian entrepreneur and an ethical hacker. He is the founder and CEO of Avalance, an online cyber security company that is involved in securing government and enterprise digital setups. in 2016 he was a part of MSRC's top 100 Security Researcher in the world. In 2014 his a part of a television show on MTV India called "MTV Webbed 2", which he co-hosted with Kritika Kamra and sharing his thoughts on safe usage of Social Networks. at 17, he had defaced the website of the world's largest Domain name registrar GoDaddy, and godaddy offered him a job when informed about the defacement. He is also listed in BlackBerry, Google, Facebook, Yahoo, Twitter, Paypal, Micorosft Hall of Fame for his contributions to the organization. 

6. Vivek Ramchandran
  
Vivek Ramachandran is a world renowned security researcher and evangelist. His expertise includes computer and network security, exploit research, wireless security, computer forensics, embedded systems security, compliance and e-Governance. He is the author of the books – “Wireless Penetration Testing using Backtrack” and “The Metasploit Megaprimer”, both up for worldwide release in mid 2011. Vivek is a B.Tech from IIT Guwahati and an advisor to the computer science department’s Security Lab. In 2006, Microsoft declared Vivek as one of the winners of the Microsoft Security Shootout Contest held in India among an estimated 65,000 participants. 

7. Trishneet Arora
  
Trishneet Arora has authored for book “The Hacking Era” with several technical manuals and given countless lectures, workshops and seminars throughout his career. He trained IPS Officers, Crime Branch Cell, Banks and IT Experts. He  solves cyber crime cases with agencies, Trishneet Arora also known as Social Networking Specialist, solved many cases like Fake Profiles, Tracing on Facebook, Email Tracing and money fraud investigations. He is currently Chief Technical Officer at TAC Security Solutions. Trishneet and  Mr.Yashwant Sinha were keynote speakers at Bussines Relation Conference, Gujarat

8. Aseem Jakhar 

Aseem is a renowned security researcher with extensive experience in system programming, security research and consulting. He has worked on various security software including IBM ISS Proventia UTM appliance, Mirapoint messaging/security appliance, anti-spam engine, anti-virus software, multicast packet reflector, Transparent HTTPS proxy with captive portal, bayesian spam filter to name a few. The focus and mission of null is advanced security research, sharing information, responsible vulnerability disclosure and assisting Govt./private organizations with security issues.His research includes Linux remote thread injection, automated web application detection and dynamic web filter.


Comments

Post a Comment

Popular posts from this blog

પટેલ સમાજનો ઈતિહાસ જાણો : કોણ અને ક્યાંથી આવ્યા હતા પાટીદારો

Python HTML Generator using Yattag Part 1

Java Event Delegation Model, Listener and Adapter Classes