1.

0 Rationale :-

Ethical hacking involves an authorized attempt to gain unauthorized access to a computer

system, application, or data. Carrying out an ethical hack involves duplicating the strategies
and actions of malicious attackers. This practice helps to identify security vulnerabilities which
can then be resolved before a malicious attacker could exploit them.

2.0 Aim/Benefits of the Micro-Project :-

• The aim of this course is to help the student to acquire the knowledge of emerging trends.
• Students will be able to understand the concept of ethical hacking better.
• By learning this concept, students.
• Can play a vital role in securing the systems and data from threats and attacks.

3.0 Course Outcomes Achieved :-

• Describe Artificial Intelligence , Machine learning and deep learning

• Interpret to IOT concepts
• Compare models of digital forensic investigation
• Describe evidence handling processes
• Describe ethical hacking processes
• Detect network , Operating system and applications vulnerabilities

4.0 Literature Review :-

During the development of the Internet, computer security has become a major concern for
different industries, businesses and Governments. The organizations use the Internet for
electronic commerce, advertising, information distribution and access, and other pursuits, but
they are worried about the possibility of being "hacked”. One effect to this state of
relationships is term as Ethical Hacking. Ethical hacking involves an authorized attempt to
gain unauthorized access to a computer system, application, or data. Carrying out an ethical
hack involves duplicating the strategies and actions of malicious attackers. This practice helps
to identify security vulnerabilities which can then be resolved before a malicious attacker
could exploit them.

5.0 Actual Procedure Followed :-

Emerging trends aims at creating awareness about major trends that will define technological
disruption in the upcoming years in the field of computer engineering and information and
technology . Our project is also about one of the emerging trends in today’s world and which
is Ethical hacking . It is slowly being one of the fastest growing markets in the world . Ethical
hacking involves an authorized attempt to gain unauthorized access to a computer system . In
this project we have included all information regarding ethical hacking which includes some
basic information about this term . how and what are the types of ethical hacking which will
help us in better understanding of the project . How many phases and what are the skill sets

1
required to be an ethical hacker is also mentioned in the project. And at last we have included
the advantages and limitations of the ethical hacking.

6.0 Actual Resources Used :-

Sr. No. Name of Resources Specifications Qty Remarks

Required

1. Computer System 8 GB Ram and i5 processor 1

2. MS Word Latest 1

3. Browser Chrome 1

4. Operating System Windows 11 1

7.0 Outputs of the Micro-Project :-

2
Study of Ethical Hacking

1) INTRODUCTION :

The term hacking has been around for a long time now. The first recorded instance of hacking dates
to the early 1960s in MIT where both the terms, ‘Hacking’ and ‘Hacker’ were coined. Since then,
hacking has evolved into a broadly followed discipline for the computing community.

Ethical hacking involves an authorized attempt to gain unauthorized access to a computer

system, application, or data. Carrying out an ethical hack involves duplicating the strategies
and actions of malicious attackers. This practice helps to identify security vulnerabilities
which can then be resolved before a malicious attacker could exploit them.

An ethical hacker finds the weak points or loopholes in a computer, web application or
network and reports them to the organization.

Nonetheless, hacking can be legal if done with permission. Computer experts are often hired
by companies to hack into their system to find vulnerabilities and weak endpoints so that
they can be fixed. This is done as a precautionary measure against legitimate hackers who
have malicious intent. Such people, who hack into a system with permission, without any
malicious intent, are known as ethical hackers and the process is known as ethical hacking.

3
2) TYPES OF HACKERS :

1. White Hat Hackers : Here, we look for bugs and ethically report them to the organization.
We are authorized as a user to test for bugs in a website or network and report it to them.
White hat hackers generally get all the needed information about the application or network
to test for, from the organization itself. They use their skills to test it before the website
goes live or attacked by malicious hackers.

2. Black Hat Hackers : Here, the organization does not allow the user to test it. They
unethically enter inside the website and steal data from the admin panel or manipulate the
data. They only focus on themselves and the advantages they will get from the personal
data for personal financial gain. They can cause major damage to the company by altering
the functions which lead to the loss of the company at a much higher extent. This can even
lead you to extreme consequences. These hackers use a variety of tools and techniques to
achieve their goals. One of the most common methods used by black hat hackers is
phishing, which involves tricking people into providing credentials or personal information
via fake websites or emails. Once they have access to this information, they can use it to
gain unauthorized access to computer systems and networks.

3. Grey Hat Hackers : They sometimes access to the data and violates the law. But never
have the same intention as Black hat hackers, they often operate for the common good. The
main difference is that they exploit vulnerability publicly whereas white hat hackers do it
privately for the company. One criticism of Grey Hat hackers is that their actions can still
cause harm. Even if they do not steal or damage data, their unauthorized access to computer
systems can still disrupt operations and cause financial losses for companies.

4
4. Blue Hat hackers : They are much like the script kiddies; are beginners in the field of
hacking. If anyone makes angry a script kiddie and he/she may take revenge, then they are
considered as the blue hat hackers. Blue Hat hacker’s payback to those who have
challenged them or angry them.
5. Green Hat hackers : They are also amateurs in the world of hacking but they are bit
different from script kiddies. They care about hacking and strive to become full-blown
hackers. They are inspired by the hackers and ask them few questions about.

6. Red Hat Hackers : They are also known as the eagle-eyed hackers. Like white hat hackers,
red hat hackers also aim to halt the black hat hackers. There is a major difference in the way
they operate. They become ruthless while dealing with malware actions of the black hat
hackers. Red hat hacker will keep on attacking the hacker aggressively that the hacker may
know it as well have to replace the whole system

5
3) PHASES OF ETHICAL HACKING :

➢ Reconnaissance
The literal meaning of the word reconnaissance means a preliminary survey to gain
information. This is also known as foot-printing. This is the first stage in the methodology of
hacking. As given in the analogy, this is the stage in which the hacker collects information
about the company which the personal is going to hack. This is one of the pre-attacking phases.
Reconnaissance refers to the preparatory phase where an attacker learns about all the possible
attack vectors that can be used in their plan.

➢ Scanning
Scanning is the process of getting quick access to the outer level of the security framework of
any network or system. Once again, hackers look for relevant information in this phase. The
first step is pre-attack scanning, where information from reconnaissance is used to gather more
information. The second step is sniffing or port scanning, where a hacker uses tools like
vulnerability scanners, port scanners, dialers, etc., to survey the network. Lastly, information
extraction is where information about the ports, physical machine, and system details is
gathered to prepare for the hacking attack.

➢ Gaining Access
This is the actual hacking phase in which the hacker gains access to the system. The hacker will
make use of all the information he collected in the pre-attacking phases. Usually, the main
hindrance to gaining access to a system is the passwords. System hacking can be considered as
many steps. Once he gets in to the system the next thing, he wants will be to increase his
privileges so that he can have more control over the system. As a normal user the hacker may
not be able to see the confidential details or cannot upload or run the different hack tools for his
own personal interest. Another way to crack in to a system is by the attacks like man in the
middle attack.

6
➢ Maintaining Access
After an ethical hacker gains access to the system, they will continue to maintain the attack to
allow sufficient time to gather the information required or complete the purpose of hacking
This is analogous to making a small hidden door in the building so that he can directly enter in
to the building through the door easily. Additional attacks are also launched if the hacker needs
more time or wants to do more damage.

➢ Clearing Tracks
Escaping the security personnel and the security framework built into the system is as
important as gaining access. This is done by following steps such as closing open ports,
deleting the log files, clearing all cookies, etc. This ensures that the hacking attempt cannot be
tracked to the hacker.

7
4) HACKER SKILL SETS :

Ethical hackers should possess a diverse set of computer skills and may specialize in a particular
area within the ethical hacking domain. To be effective in their roles, ethical hackers should
have.

• Programming Knowledge that is required while working in the field of network

security.
• Scripting knowledge to identify and deal with attacks.
• Network skills, as most malicious hacking attacks are aimed at the network. Proper
knowledge of computer networking is required to help find the flaws in the system.
• Basic knowledge of operating systems such as Windows, macOS, Linux, etc. • Up-to-
date knowledge of new hacking methods, tools available, hacking patterns, etc.

❖ ROLES AND RESPONSIBILITIES OF AN ETHICAL HACKER :

• Getting proper permission from the organization to organization

• Understanding the scope of hacking and what the requirement is
• Think like a malicious hacker and find ways in which security can be breached
• Report the issues to the teams concerned to help find a solution
• Keep any discovery of flaws and any sensitive information confidential
• Not leave any trace of hacking to protect malicious hackers from using the same
cracks.

8
9
❖

DIFFERENCE BETWEEN HACKING AND ETHICAL HACKING :

Sr.no Hacking Ethical Hacking

Hack system to reduce

Steal Valuable information of company
1. vulnerabilities of company’s
and individual of illegal activity
system

Legal practice, authorized by

2. Illegal practice and considered a crime
the company or individua

Such types of hackers are called blackhat Such types of hackers are
3.
hackers called white-hat hackers

Such hackers try to access restricted

Such hackers create firewalls
4. networks through illegal practices and
and security protocols.
reduce the security of data

They work with different

They work for themselves for dirty
5. government agencies and big
money
tech companies

❖ LIMITATIONS OF ETHICAL HACKER :

Some of the common limitations of ethical hacking include

• The process of ethical hacking, if not done carefully, can damage the internal systems
and files or even erase data.
• Even though ethical hackers are often made to sign contracts before they begin
working, the information they see during their work may be used for personal gain or
malicious use.
• As ethical hackers will have access to the firm's systems and network, it can raise a
question of employee privacy and the privacy of client data.

10
❖

ADVANTAGES AND DISADVANTAGES OF ETHICAL HACKING :

Ethical hacking nowadays is the backbone of network security. Each day its relevance is
increasing, the major pros & cons of ethical hacking are given below

Advantages of Ethical Hacking :

Following are the advantages of Ethical Hacking as follows.

▪ This helps to fight against cyber terrorism and to fight against national security breaches.
▪ This helps to take preventive action against hackers.
▪ This helps to build a system that prevents any kinds of penetration by hackers.
▪ This offers security to banking and financial establishments.
▪ This helps to identify and close the open holes in a computer system or network.

Disadvantages of Ethical Hacking :

Following are the disadvantages of Ethical Hacking as follows.

▪ This may corrupt the files or data of an organization.
▪ They might use information gained for malicious use. Subsequently, trustful
programmers are expected to have achievement in this framework.
▪ By hiring such professionals will increase costs to the company.
▪ This technique can harm someone’s privacy. ▪ This system is illegal.
▪ It hampers system operation

11
❖

FUTURE ENHANCEMENT

History has shown us that ethical hackers are a great addition to an organization’s workforce. Their
extensive know-how and first-hand experience breaching the defenses of a well-protected company
serve them well in protecting their employers’ systems.

Ethical hacking has an infinite future Many areas, including government, corporate enterprises,
health care, entertainment, banking, and others, are quickly expanding in this arena. Even though
only 32% of people work in the ethical hacking industry. As a result, the demand for new staff is
on the rise.

since all organizations are constantly in danger of becoming the next cyber-attack target, ethical
hackers will continue getting jobs. As more companies move to the cloud, they will also need
better protection, especially for systems that are not on their premises and so may not be as closely
secured as those in their offices.

12
8.0 Skills Developed/Learning Outcomes of the Micro-Project :-

• The aim of this course is to help the student to acquire the knowledge of emerging
trends
• Students will be able to understand the concept of ethical hacking better .
• By learning this concept , students can play a vital role in securing the systems and data
from threats and attacks.

9.0 Applications of this Micro-Project :-

• Ethical hacking is nothing but the one which performs the hacks as security tests for
their systems. Ethical hacking can be used in many applications in case of web
applications which are often beaten down.
• This generally includes Hypertext Transfer Protocol (HTTP) and Simple Mail Transfer
Protocol (SMTP) applications are most frequently attacked because most of the
firewalls and other security are things has complete access to these programs from the
Internet.
• Malicious software includes viruses and Trojan horses which take down the system.
Spam is a junk e-mail which causes violent and needless disturbance on system and
storage space and carry the virus, so ethical hacking helps to reveal such attacks against
in computer systems and provides the security of the system.
• The main application of this is to provide the security on wireless infrastructure which
is the main purpose of present business organization.
• Ethical hacking has become main stream in organizations which are wishing to test their
intellectual and technical courage against the underworld. Ethical hacking plays
important role in providing security.
• Resources are the computer related services that performs the tasks on behalf of user.
• In Ethical hacking the resources are the core services, objects code etc. The ethical
hacking has advantages of gaining access to an organizations network and information
systems.
• This provides the security in the area of Information technology called as Infosec. This
provides security to the high level attacks such as viruses and traffic trough a firewall.
This has been providing the security for various applications which are even bypassing
the firewalls, Intrusion-detection systems and antivirus software.
• This includes hacking specific applications including coverage of e-mails systems,
instant messaging and VOIP (voice over IP).