Introduction and demonstration of two basic facets of ethical hacking, Reconnaissance (Information Gathering for the Ethical Hacker) and Scanning & enumeration (Demonstration with Nmap and Wireshark)
Sub event 1 Goals: (with demonstrations)
Vulnerability research, although not necessarily a footprinting effort per se, is an important part of your job as an ethical hacker. Research should include looking for the latest exploit news, any zero-day outbreaks in viruses and malware, and what recommendations are being made to deal with them. Some tools available to help in this regard are the National Vulnerability Database (https://nvd.nist.gov), Securitytracker (www.securitytracker.com), Hackerstorm Vulnerability Database Tool (www.hackerstorm.com), and SecurityFocus (www.securityfocus.com). Footprinting is defined as the process of gathering information on computer systems and networks. It is the first step in information gathering and provides a highlevel blueprint of the target system or network. Footprinting follows a logical flow—investigating web resources and competitive intelligence, mapping out network ranges, mining whois and DNS, and finishing up with social engineering, e-mail tracking, and Google hacking. Competitive intelligence refers to the information gathered by a business entity about its competitors’ customers, products, and marketing. Most of this information is readily available and is perfectly legal for you to pursue and acquire. Competitive intelligence tools include Google Alerts, Yahoo! Site Explorer, SEO for Firefox, SpyFu, Quarkbase, and DomainTools.com.
This session intends to expose the attendees into deeper aspects of tools they use on daily basis while feeding them the importance of information in today’s world, especially when dealing with aspects of cyber-security.
Sub even 2 Goals: (with demonstrations)
Scanning is the process of discovering systems on the network and taking a look at what open ports and applications may be running. Scanning methodology phases include the following: check for live systems, check for open ports, scan beyond IDS, perform banner grabbing, scan for vulnerabilities, draw network diagrams, and prepare proxies.
This session mainly intends to prioritize on inculcating a professional approach to the process of scanning which serves as on of the first steps in most ethical hacking tasks.
Bharati Vidyapeeth College of Engineering, Navi Mumbai