Loading presentation...

Present Remotely

Send the link below via email or IM


Present to your audience

Start remote presentation

  • Invited audience members will follow you as you navigate and present
  • People invited to a presentation do not need a Prezi account
  • This link expires 10 minutes after you close the presentation
  • A maximum of 30 users can follow your presentation
  • Learn more about this feature in our knowledge base article

Do you really want to delete this prezi?

Neither you, nor the coeditors you shared it with will be able to recover it again.


hacking for fun & profit

No description

Ahmed Fouda

on 11 May 2015

Comments (0)

Please log in to add your comment.

Report abuse

Transcript of hacking for fun & profit

Hacking for fun & profit
be a real hacker not a 7amada hacker
about me
Ahmed Fouda
Information Security Researcher

- Expectations vs. Reality
- Real hackers vs. 7amada hackers
- Information security as a CS field
- Information security roadmap
- Hacking skills Prerequisites
- The ULTIMATE #1 hacking tool
- Protecting yourself from hackers
- Demos
Expectations vs. Reality
Hacking & Movies don't mix
Hacking is a science
Hacking Definitions
Using technologies or products in different ways than it’s supposed to be used

art of exploiting computers to get access to otherwise unauthorized information
Who is a hacker ?
someone who seeks and exploits weaknesses in a computer system or computer network and may be motivated by
evaluate weaknesses
Who are real hackers ?
who is 7amada hackerz ?
7amada hackers
Real hackers
Black hat Hackers
break for their personal gain
White Hat Hackers
break to fix security holes
Grey Hat Hackers
Hackers categories
break to fix security holes
without permission
Hacking Stories
hacking is fun
can it make a profit
Information Security as a CS field
Securing everything around you
IT Networks
Operating System
Software Applications [ Desktop, Web, Mobile … ]
Industrial Control Systems
IoTs [ Internet of Things ]

Even more ...
securing organizations’ resources by
implementing different security controls
to defend corporate network from different attack vector
information security can be applied in two fashions
securing organizations’ resources by
simulating different attack scenarios
to test implemented security controls
Information Security Terminologies
Zero Day Vulnerability
computer virus is a program that tries to hide himself and cause damage to the user's computer
It's a virus that infects user's computer, cause damage and then propagate through user's network looking for more computers
It's a malware disguised as a normal computer software so that user can install it without noticing being compromised
a malware when installed on your computer will make your computer under the command and control of a master computer
a virus that is used to capture what you type on keyboard and send it back to the hacker
Key Logger
Famous Attacks
attack against a website or computer network to make it temporarily unresponsive. This is often achieved by sending so many content requests to the site that the server overloads
Information Security Road Map
Software Security
System Security
Network Security
Penetration Testing
Incident Handling
Forensics Analysis
Malware Analysis
ICS Security
Preparing yourself to InfoSec Field
Operating Systems
The ULTIMATE #1 hacking tool
He is your best friend along the journey ;)
Protecting yourself
DoS using a number of separate machines. This can be accomplished by seeding machines with a Trojan and creating a botnet or, as is the case with a number of Anonymous attacks, by using the machines of volunteers.
Tricking someone into giving you their personal information, including login information and passwords by imitating legitimate companies, organizations, or people online. and it's done via fake emails or links to fraudulent websites.
Email Spoofing
Altering the header of an email so that it appears to come from elsewhere.

A black hat hacker, for instance, might alter his email header so it appears to come from your bank
Social Engineering
the art of manipulating people and conning them into giving you confidential information, such as passwords to their accounts
Man in The Middle
network attack where the hacker will sit in the middle between you and your gateway and eavesdrop on everything you send from your computer
Demo time
Phone Phreaks
flaw or weakness in a system's design, implementation, or operation and management that could be used to violate security policy
a piece of software that is used to take advantage of a vulnerability to cause unintended actions
zero day vulnerability means hole in software that is unknown to the vendor. This security hole is then exploited by hackers before the vendor becomes aware and hurries to fix it
preventing sensitive information from reaching the wrong people, while making sure that the right people can in fact get it
the assurance that information can only be accessed or modified by those authorized to do so
ensuring that authorized parties are able to access the information when needed
malicious software that disrupts computer operation, gather sensitive information, or gain access to private computer systems
umbrella term refers to a variety of forms including
Full transcript