About Workshop:

As the entire country is going online, India is among the biggest users of everything on the internet, every paper in government offices is being replaced by an online document accessible to everyone, every day more than thousands of people joining social networking sites, the Internet, IT Security is a necessarily required skill for youths of tomorrow. Every youth of tomorrow irrespective of his/her field of work or learning should have ethical hacking skills & expertise to protect them from being trapped on the internet.

Prerequisites:

• Basic Idea of Networking
• Absolute Beginners. No prior Cloud experience is necessary
• Windows: Putty, Putty KeyGen, and Web Browser with Internet connectivity.
• Linux/Mac: Default Terminal

Attendee: Any UG/PG Students

Duration: 3-5 Days

Content:

Module 1: Ethics & Hacking:

• Hacking history: How it all begin
• Why is security needed?
• What is ethical hacking?
• Ethical Hacker Vs Malicious hacker
• Types of Hackers
• Building an approach for ethical hacking
• Steps in Ethical hacking

Module 2: Basics of Internet, Networking & Hacking

• What is a Network?
• Types of network – LANs, WANs & WLANs
• What is Internet?
• History of the Internet
• Basic Structure
• What is a Server?
• What is an IP Address?
• What is a domain name?
• IP-Domain Relation
• Client-Server Relationship Model
• Internet networking
• What is a port?
• What is Programming?
• Types of programming languages.
• What is a Programming loophole or error?

Module 3: Basic hacks (Demo)

• How can Google hacking help an Ethical Hacker? (Demo)
• Accessing online remote cameras

Module 4: Windows security (Practical)

• Windows security (Demo)
• Registry (Demo)
• Port & Services (Demo)
• Securing Windows
• Looking for loop holes in windows

Module 5: SQL injections attacks (Practical)

• Introduction of SQL
• What is SQL INJECTION?
• Checking SQL injection vulnerability (demo)
• Basic strategy of SQL injection (Demo)
• Getting login credientials using SQL injections (Live Demo)
• Using SQL to login via middleware language (Demo)
• URL and Forms (Demo)
• SQL Query SELECT, DROP etc. (Demo)
• SQL cheat sheets (Demo)
• Using source changes to bypass client side validation (Demo)
• Live demonstration of the attack (Demo)
• Using SQL injection tools (Demo)
• Importance of server side validation (Demo)
• How to protect your system from SQL Injections (Demo)

Module 6: Man-in-the-middle attack (MITM Attack) (Practical)

• What is Man-in-the-middle attack?
• What is Backtrack linux (Most common unix system for ethical hacking)?
• Preparation for Man-in-the-middle attack (Demo)
• Setting ettercap tool for the attack (demo)
• Identifying victim (Demo)
• Cache poisining (Demo)
• Routing table modification (Demo)
• Eveasdroping (Demo)
• Countermeasures against MITM attack (Demo)

Module 7: Cross site scripting attack (XSS) (Practical)

• What is XSS attack?
• Loopholes causing XSS attack?
• Identifying victim for XSS Attack (Demo)
• Preparation for XSS attack (Demo)
• Introduction to javascript
• Java script for XSS Attack (Demo)
• Attacking on website through XSS(Live Demo)
• Damages caused by XSS attack (Demo)
• Protecting systems against XSS attack (Demo)

Module 8: Phishing, trojan & viruses

• What is phishing?
• Social engineering used in phishing (Demo)
• Phishing attack (Demo)
• Phishing sites (Demo)
• Protection against phishing (Demo)
• Viruses: Trojans, Worms, Malware, Spyware
• Modes of spreading
• Different Ways a Trojan can Get into a System (Demo)
• Creation of Trojan using cybergate (Demo)
• Attacking a system using our created trojan (Demo)
• Indications of a Trojan Attack (Demo)
• Some Famous Trojans and Ports They Use (Demo)
• How to Detect Trojans? (Demo)
• How to Determine which Ports are Listening (Demo)

Session 9: hijacking & Cookie grabbing:

• Understanding sessions
• What are cookies? (Demo)
• Reading and writing cookies (Demo)
• Passive Vs Active session hijack (demo)
• TCP sessions and HTTP sessions (Demo)
• TCP session hijacking: Telnet (Demo)
• Stealing Cookies to hijack session using: XSS (Demo)
• Sniffers (Demo)
• Spoofing (Demo)
• Spoofing Vs Hijacking
• Types of Hijacking
• Protection against session Hijacking (Demo)

Module 10: E-Mail Hacking, forging & tracing:

• How does an email work?
• Tracing an email (Demo)
• Spamming
• Fake emails generation (Demo)
• Detecting fake emails (Demo)
• What is a firewall? & how can it help you
• How a firewall works
• What are key loggers? (Demo)
• Types of key loggers? (Demo)
• How key logger works? (Demo)
• How to detect key logger? (Demo)

Module 11: Fake SMS & Calls

• What is Fake SMS & Call?
• Method of generating fake SMS & Calls (Demo)
• Actions to be taken for fake SMS and Calls (Demo)

Module 12: Charge/penalties against hacking in INDIA

• IT ACT 2000
• Cybercrime/terrorism and its type
• Sections in the Indian constitution Sec. 65, 66 A, B, C, D , 67, 69 etc.
• Penalty in all sections of Indian constitution