Introduction to

Ethical Hacking & Cyber Security

Powered by
Manoj Kumar
Koravangi
Founder & CEO
www.awetecks.com | www.skillsuprise.com
Leading Software Development Company
Leading Ed-Tech
Certified
Ethical Hacker
DSP Officers Training
(Andhra Pradesh)
Best Service Provider In Education
At The Global Business & Education Awards 2023
I like your way of teaching sir because But now this training gave me the Sir explanation is very good that it
Anyone with zero knowledge can also confidence that I have ability of makes easy to understand the concept
understand your teaching. developing websites

Majji Vijaya Baji Shaik Pravallika

Our Students Success Stories

Dadi Hemasri Sravani Suvvari Amulya Sowmya

Yawanth Sabbithi

DevOps Engineer SOC Analyst Software Developer

Software Developer Software Developer

Sowmya Chaganti Swetha Sri Bhavitha Supraja

Saif Khan

Software Engineer Software Developer Data Analyst

Associate Developer Software Developer
Offline Training
Programs
Areas of Expertise
01 Ethical Hacking & Cyber Security

02 Artificial Intelligence & Machine Learning

03 Data Science

04 Blockchain

05 Full Stack Website Development

06 UI/UX Development

07 App Development
Areas of Expertise
08 Internet of Things - IoT

09 Cloud Computing

10 Software Testing

11 Digital Marketing

12 Product Management

13 Human Resource Management

14 Enterpreneurship

15 www.reallygreatsite.com
Business Analytics
37%
NASSCOM predicts that

India would need over

1 million cybersecurity
professionals
The world has a shortage of

3 million cybersecurity
professionals
Job Roles
• Ethical Hacker • Security Consultant
• Cyber security analyst • Security auditor
• Security Engineer • Network security Engineer
• Security Analyst • Malware Analyst
• Soc analyst • Vulnerability Assessor
• Penetration Tester • Network Administrator
Growth of Cyber
security
Everyone
All the businesses is investing
are going online in across the globe
by connecting
Technology
to remove the barriers of businesses being limited to a geographic coverage
Things happening over the internet in 1 minute
Internet is a place of Billions of
Users Data
Internet Usage

Talking to a friend Order fav food online Run complex business

User Details

Phone Number Email Location Credit Card

Database
What happens
if this information falls under the hands of hackers?
If the information of a person is hacked, it can be misused.
Information Warfare’s takes place
Land Air Sea

Traditional Wars
Information Warfare
When a war is started by destroying an organization, company or
the government by destroying the information systems
Ie computers, satellites, networks etc
To Secure companies and individuals from hackers,
Companies are hiring ethical hackers
Roadmap

1
Roadmap

Learn the skills Get Certified Get experience

1 2 3
1. Learn the fundamentals
• Learn how websites, servers, networking devices work
• how they communicate to share information
• Tools used by hackers
• Techniques used by hackers
• Steps followed by hackers
• Rules and regulations
• How to protect ourselves from hackers
2. Get Certified
• Certificates are the major means of identifying
individual talents.
• They prove that you learned skills with industry
standards.

Certificates are not mandatory

But having certifications will give more weightage
to your resume and unlocks better opportunities
3. Gain Practical Experience
Cyber Security is a challenging domain that requires
practical exposure over theoretical understanding

Steps to get practical exposure & experience

• Hacking workshops
• Hacking challenges
• Hackathons
• CTF Events
• Bug Bounty Programs
• Internships
Skills Required
To Become a Hacker
Skills Required
1. Operating systems

2. Web technologies

3. Programming languages

4. Networking

5. Creative thinking
Operating Systems
Should i learn IOS
Windows OS
to hack microsoft ?

IOS
Operating Systems
• Different companies use different operating systems
• Servers and systems run over different operating systems in different companies based on
their needs and concerns.
• You need to adapt to different working environments and operating systems
• To understand the working of the servers, communication devices and be able to easily
hack into it
Web Technologies
The languages and tools that are used to build websites are called web technologies
Web Technologies
• Websites are the major means of online presence of businesses.

• Different organizations use different languages to build their websites.

• You need to understand the working of the website to hack into it

• It can be done only by knowing how codes are written and how
they are used for each functionality of the website.

• Gmail => AngularJs

• Instagram => ReactJs

• Therefore, you should be strong enough with web technologies.

Important Web Technologies

Build Website Designs Front end Backend Logics Data Operations

Functionalities

Builder Painter Electricity Brain Memory Card

Networking
300 mts
Networking
• One need to know how websites and devices communicate with
each other to share information over the networks.
• That can be understood only if one knows the concepts of
networking unless you want to be a script kiddie who uses the
tools developed by someone to perform amateur attacks.
Programming Languages
• Different software applications use different languages
• To understand the working of these software’s, you should
know how the code is written and which language is used
for a specific feature or a functionality

Front end
Functionalities Backend Logics Data Operations
Programming Languages
• PHP • Java Script • Ruby • Bash
• SQL • Python • Perl • C/C++
Is Programming Mandatory ?
A beginners Mis-conception

Manufacture a bike Ride a bike Repairing a Bike

Creative thinking

Brick Wall Wooden Hammer

Stone Wall Iron Hammer

Creative thinking
• Pickup the right target from the list of targets
• Select the right tool to hack into the target
• Select the right method of hacking
• Install the right software’s to implement security
Are these sufficient?
• Yes, it is sufficient to make you an ethical hacker and get placed in profound companies.
Are these sufficient?
• Yes, it is sufficient to make you an ethical hacker and get placed in profound companies.

• The skills of an ethical hacker should not be limited to the above list.

Being an ethical hacker, To beat a hacker you must think like a hacker.

The more knowledgeable you are, the more advantageous it will be for you.
What is Hacking ?
Accessing computer systems, mobiles, networks,
websites or any devices without permission

Why next 2 minutes is important

• Hacking
• Hacker
• Ethical Hacker
• Vulnerability
• Penetration testing
• Vulnerability analysis
• Intrusion prevention systems
• Intrusion detection systems
Bed Room Master Bed Room

Hall
Kitchen
Bed Room Master Bed Room

Hall
Kitchen
Bed Room Master Bed Room

Hall
Kitchen
Bed Room Master Bed Room

Hall
Kitchen
Bed Room Master Bed Room

Hall
Kitchen
9999
9999
House Laptop / Smartphone

Doors Windows Software Hardware

Someone who steals valuable
Someone who steals valuable information from devices /
resources from others causes damage to others

Thief Hacker
Taking away valuable resources stealing valuable resources
without permission without permission from
computing devices

Stealing Hacking
A breakable entry point in the A breakable entry point in the
house that allowed thief to system that allows hackers to
enter inside it enter inside it or gain access to it

Weak point Loophole

Hacking
Accessing computer systems, mobiles, networks,
websites or any devices without permission

Hacker
A person who uses his technical skills such as
programming, computing, networking to gain
Un-authorized access to devices, networks and
servers etc
As Per Indian IT Act 2000
An activity is termed as hacking. If

• A computer is used to attack other computers

Example: Hacking, Virus / Worm attacks, DOS attacks etc.

• A computer is used as a weapon to commit real-world crimes.

Example: Cyber Terrorism, IPR violations (Intellectual Property Rights),
Credit Card Frauds, Pornography etc.
Types of hacking
Types of Hacking

Ethical Hacking Un Ethical Hacking

Ethical Hacking
• Accessing networks , systems , applications , devices finding security loopholes
and fixing them with permission .
• This is often termed as white hat hacking as the white hat hackers or ethical
hackers do these activities.

Example : When a hacker helps organizations or individuals

with finding security loopholes and fixing them with their
permission, it is referred as ethical hacking.
Un Ethical Hacking
• Accessing networks, systems, applications, devices without the permission
of the organization, owner
• Stealing data or causing damage to others,
• It is termed hacking or black hat hacking

Example : Thief stealing the valuable resources from the house

Types of hackers
Types of Hackers
1. White hat hackers

2. Black hat hackers

3. Grey hat hackers

4. Blue hat hackers

5. Red hat hackers

6. State sponsored hackers

7. Elite hackers

8. Script kiddies
3 Most Important
Types of Hackers
Black Hat Hackers
• They are the bad guys.
• They hack professional games & information of the people .
• These guys are essentially criminals
• They practice un ethical hacking.
White Hat Hackers
• They are the good guys.
• They help organizations and individuals in testing and
strengthening the security of the systems, websites, network’s
• They are also called as security professionals or ethical hackers
• They practice ethical hacking
Grey Hat Hackers
• They are partly white hats and black hats.
• They work for personal gain.
• They shift from white hat to black hat and vice versa based on
their needs and situations.

50% White Hat + 50% Black Hat

Steps Followed By Hackers

1 Information gathering

2 Vulnerability analysis

3 Penetration testing and gaining access

4 Escalating privileges and maintaining access

5 Clearing traces
Information Gathering
• Gathering as much information as possible about the target

• The target might be a website, system company, organization or even a human being
Information Gathering
• The basic working of various features of the website

Free Food

Motive: Steal ₹ 5,000 from Zomato Order food

Get Refund
Information Gathering
• The basic working of various features of the website

• What kind of service website is running

Information Gathering
Information Gathering
Information Gathering
Information Gathering
• The basic working of various features of the website

• What kind of service website is running

• The basic architecture of the website

• The programming language used to build website

Types of Information Gathering

Active Information Gathering Passive Information Gathering

Active Information Gathering
When the attacker directly interacts with the target to gather
information

Thief as a stranger House owner

Active Information Gathering

Hi sir do you have any rooms for rent? I’m sorry I’m living with my family we don’t
have any rooms for rent
Passive Information Gathering
Maltego
• Open Source Intelligence Tool (OSINT)

• Used for forensics, investigations and

opens source information gathering

• 4 Editions of Maltego
Describe during installation process
Vulnerability Analysis
￭It is analysing the information gathered about the target
￭We should analyse the information to find number of vulnerabilities present
in the target
￭To figure out the possible ways to enter into the systems

House Theft
ZAP (Zed Attack Proxy)
• Formerly known as OWASP Zap
• Open source web application security scanner
Penetration testing & Gaining Access
• It is analyzing the information gathered about the target to gain access

• We should analyze the information to find the easiest ways possible to enter into
the systems

Bed Room Master Bed Room

Kitchen Hall
Burpsuite
• Web application penetration testing tool
Privilege Escalation
• The process of transforming oneself from a normal user into an admin

Why should we do that ?

• Because, admin is the one who has access to everything
Security Guards

Electric fencing

￭KGF
Garuda’s Palace

KGF Tunnel

Garuda’s Palace
Privilege Escalation
Clearing traces
Clearing Traces
• Clears all traces ie digital footprints like ip address, comments , likes

• Deletes server log files

• Removes the software’s or the backdoors

Why Join Skills Uprise
Videos and resources can be found anywhere.
But a right mentor to guide you cant be found everywhere
Types of security testing 1
Types of security testing :
Security Testing is Carried by White hath hacker or Security experts and it is also called as Penetration testing

Based on the level of information provided.

White Box Testing Black Box Testing Grey Box Testing

Types of security testing 2
Based on location of security expert chooses to test the application

External Texting Internal Testing

Black Bo Testing
6 Weeks Online Training Program

A | Certified Ethical Hacker

What is Linux ?
• Linux is an operating system
• In fact, one of the most popular platforms on the planet
• Just like Windows, iOS, and Mac OS, Linux is an operating system and Android is powered by Linux.

Why Linux ?
• Linux is open source
• The freedom to run the program, for any purpose.
Back Boxmake
Testing Grey Box Testing
• You can read the source code and change it to it do what you wish.
• The freedom to redistribute copies so you can help your neighbor.
• You can share copies of your modified versions to others.
Linux is an operating system that is by the people, for the people. These are also a main factor in why
many people choose Linux. Its about freedom and freedom of use and freedom of choice.

www.acertifiedethicalhacker.com Copyright © AWETECKS All rights reserved

6 Weeks Online Training Program

A | Certified Ethical Hacker

Distributions

• Linux has number of different versions to suit any type of user.

• These versions are called distributions (or, in the short form, “distros”).

• Nearly every distribution of Linux can be downloaded for free

• LINUX MINT
• MANJARO
• DEBIAN
• UBUNTU
• ANTERGOS Grey Box Testing
• SOLUS
• FEDORA
• ELEMENTARY OS
• OPENSUSE

www.acertifiedethicalhacker.com Copyright © AWETECKS All rights reserved

6 Weeks Online Training Program

A | Certified Ethical Hacker

Top-10 Ethical Hacking & Pen Testing Operating Systems

1. Kali Linux
2. BackBox
3. Parrot Security
4. DEFT Linux
5. Samurai Web Testing Framework
6. Network Security Toolkit
7. BlackArch Linux
Grey Box Testing
8. Cyborg Hawk Linux
9. Gnack Track
10. NodeZero

www.acertifiedethicalhacker.com Copyright © AWETECKS All rights reserved

6 Weeks Online Training Program

A | Certified Ethical Hacker

What is Kali Linux ?

• Kali Linux is a Debian-based Linux Operating System
• It is an Open Source Operating system
• It is aimed at advanced Penetration Testing and Security Auditing.
• It comes handy with 600+ security tools
• The tools are geared towards various information security tasks, such as Penetration Testing, Security research,
Computer Forensics and Reverse Engineering.

www.acertifiedethicalhacker.com Copyright © AWETECKS All rights reserved

6 Weeks Online Training Program

A | Certified Ethical Hacker

What is Parrot Security OS ?

• Parrot Security OS is based on Debian GNU/Linux combined with the Frozenbox OS and Kali Linux.
• It provides ethical hackers the best-in-class experience of penetration and security testing in real-world environments

• It is also designed to provide vulnerability assessment and mitigation, computer forensics and anonymous
Web browsing
• This OS is known for being highly customisable and for its strong community support.

www.acertifiedethicalhacker.com Copyright © AWETECKS All rights reserved

6 Weeks Online Training Program

A | Certified Ethical Hacker

Difference between Kali Linux & Parrot OS

SNO. KALI LINUX PARROT OS

1. It needs more RAM, about 1 GB. While it requires lesser RAM, about 320 MB.

In terms of GPU, it requires a graphical card, While it does not need a graphical acceleration, hence no
2.
as it needs graphical acceleration. graphic card is needed.
It requires about 20 GB free space for
3. While it requires about 16 GB free space for installation.
installation.
Its interface follows the Gnome desktop While its interface is built the Ubuntu-Matte-Desktop-
4.
interface. Environment.
It does not have pre-installed compilers and While it comes pre-installed with a bunch of compilers and
5. Grey Box Testing
IDEs. IDEs.
6. It has a simpler user interface. While it has a much better user interface.
It has heavyweight requirements and is a bit
7. While it is very lightweight and doesn’t lag much.
laggy.
While it has all the tools that are available in Kali and also
8. It has all basic tools needed for hacking.
adds its own tools. Ex. AnonSurf, Wifiphisher, Airgeddon.
www.acertifiedethicalhacker.com Copyright © AWETECKS All rights reserved
6 Weeks Online Training Program

A | Certified Ethical Hacker

File System Hierarchy (FHS):
The FHS defines the purpose of each directory. The top-level directories are described as follows.
•/bin/: basic programs

•/boot/: Kali Linux kernel and other files required for its early boot process

•/etc/: configuration files

•/home/: user’s personal files

•/lib/: basic libraries

Grey Box Testing
•/media/*: mount points for removable devices (CD-ROM, USB keys, and so on)

•/mnt/: temporary mount point

•/opt/: extra applications provided by third parties

•/root/: administrator’s (root’s) personal files
www.acertifiedethicalhacker.com Copyright © AWETECKS All rights reserved
6 Weeks Online Training Program

A | Certified Ethical Hacker

•/run/: volatile runtime data that does not persist across reboots (not yet included in the FHS)

•/srv/: data used by servers hosted on this system

•/tmp/: temporary files (this directory is often emptied at boot)

•/usr/: applications (this directory is further subdivided into bin, sbin, lib according to the same logic as in the root directory)

Furthermore,

•/usr/share/ contains architecture-independent data.

Grey Box Testing
•The /usr/local/ directory is meant to be used by the administrator for installing applications manually without overwriting

files handled by the packaging system (dpkg).

•/var/: variable data handled by daemons. This includes log files, queues, spools, and caches.

•/sbin/: system programs

www.acertifiedethicalhacker.com Copyright © AWETECKS All rights reserved
6 Weeks Online Training Program

A | Certified Ethical Hacker

Basic Linux Commands

A command is a set of instructions that is given to an application or a service to get specified result
Different Operating Systems use different set of commands
• ls –a : list all files including hidden files
• ls –d : list directories
• ls -l : list with long format – shows permissions
• ls –la : list long format including hidden files
• ls –lh : list long format with readable file size
• ls –ls : list long format with file size
• ls –r : list in reverse order
• ls –s : list file size
• ls –S : sort by file size
• ls –t : sort by time and date

www.acertifiedethicalhacker.com Copyright © AWETECKS All rights reserved

6 Weeks Online Training Program

A | Certified Ethical Hacker

www.acertifiedethicalhacker.com Copyright © AWETECKS All rights reserved

6 Weeks Online Training Program

A | Certified Ethical Hacker

www.acertifiedethicalhacker.com Copyright © AWETECKS All rights reserved

6 Weeks Online Training Program

A | Certified Ethical Hacker

• pwd : Print the working directory

• mkdir : create a directory
• rmdir : remove an empty directory
• rm -r : remove a directory
• rm : remove a file
• touch : used to create a file
• cp : copy a file or directory
• mv : move a file or directory
• locate : used to locate a file in linux system
• sudo : sudo stands for "SuperUser Do“, it is used to run any program with administrative permissions

www.acertifiedethicalhacker.com Copyright © AWETECKS All rights reserved

6 Weeks Online Training Program

A | Certified Ethical Hacker

Ownership of linux files
Every file and directory on your Linux system is assigned 3 types of owner

User :
• A user is the owner of the file.
• By default, the person who created a file becomes its owner.
• Hence, a user is also sometimes called an owner.
Group
• A user- group can contain multiple users.
• All users belonging to a group will have the same access permissions to the file.
Suppose you have a project where a number of people require access to a file. Instead of manually assigning
permissions to each user, you could add all users to a group, and assign group permission to file such that only this
group members and no one else can read or modify the files.
Other
• Any other user who has access to a file. This person has neither created the file, nor he belongs to a usergroup
who could own the file.
www.acertifiedethicalhacker.com Copyright © AWETECKS All rights reserved
6 Weeks Online Training Program

A | Certified Ethical Hacker

User Denotations
u user/owner
g group
o other
a all

Grey Box Testing

www.acertifiedethicalhacker.com Copyright © AWETECKS All rights reserved

6 Weeks Online Training Program

A | Certified Ethical Hacker

Permissions
Every file and directory in your Linux system has following 3 permissions defined for all the 3 owners
• Read
• Write
• Execute

Read: This permission give you the authority to open and read a file. Read permission on a directory gives you the
ability to lists its content.

Write: The write permission gives you the authority to modify the contents of a file.

• The write permission on a directory gives you the authority to add, remove and rename files stored in the directory.
• Consider a scenario where you have to write permission on file but do not have write permission on the directory
where the file is stored. You will be able to modify the file contents. But you will not be able to rename, move or
remove the file from the directory.

www.acertifiedethicalhacker.com Copyright © AWETECKS All rights reserved

6 Weeks Online Training Program

A | Certified Ethical Hacker

Permissions

Execute:
• In Windows, an executable program usually has an extension ".exe" and which you can easily run.
• In Linux, you cannot run a program unless the execute permission is set.
• If the execute permission is not set, you might still be able to see/modify the program code(provided read & write
permissions are set), but not run it.

www.acertifiedethicalhacker.com Copyright © AWETECKS All rights reserved

6 Weeks Online Training Program

A | Certified Ethical Hacker

File Permissions and Symbols

Number Permission Type Symbol

0 No Permission ---
1 Execute --x
2 Write -w-
3 Execute + Write -wx
4 Read r--
5 Read + Execute r-x
Grey Box Testing
6 Read +Write rw-
7 Read + Write rwx
+Execute

www.acertifiedethicalhacker.com Copyright © AWETECKS All rights reserved

6 Weeks Online Training Program

A | Certified Ethical Hacker

User Denotations
Operator Description
+ Adds a permission to a file or
directory
- Removes the permission
= Sets the permission and
overrides the permissions set
earlier

Grey Box Testing

www.acertifiedethicalhacker.com Copyright © AWETECKS All rights reserved

6 Weeks Online Training Program

A | Certified Ethical Hacker

Changing File or Directory Permissions
• We can use the 'chmod' command which stands for 'change mode'

Modes of using chmod

1. Absolute mode
2. Symbolic mode

Grey Box Testing

www.acertifiedethicalhacker.com Copyright © AWETECKS All rights reserved

6 Weeks Online Training Program

A | Certified Ethical Hacker

• In the Absolute mode, you change permissions for all 3 owners.

• In the symbolic mode, you can modify permissions of a specific owner. It makes use of mathematical symbols
to modify the file permissions.

Grey Box Testing

www.acertifiedethicalhacker.com Copyright © AWETECKS All rights reserved

6 Weeks Online Training Program

A | Certified Ethical Hacker

Add User
• adduser username

Delete User
• userdel username

Create group
• sudo groupadd groupname

Delete a group
• sudo groupdel groupname Grey Box Testing

www.acertifiedethicalhacker.com Copyright © AWETECKS All rights reserved

Manoj Kumar Koravangi

Founder & CEO

www.awetecks.com | www.skillsuprise.com

@manojkoravangi