Loading presentation...

Present Remotely

Send the link below via email or IM

Copy

Present to your audience

Start remote presentation

  • Invited audience members will follow you as you navigate and present
  • People invited to a presentation do not need a Prezi account
  • This link expires 10 minutes after you close the presentation
  • A maximum of 30 users can follow your presentation
  • Learn more about this feature in our knowledge base article

Do you really want to delete this prezi?

Neither you, nor the coeditors you shared it with will be able to recover it again.

DeleteCancel

Make your likes visible on Facebook?

Connect your Facebook account to Prezi and let your likes appear on your timeline.
You can change this under Settings & Account at any time.

No, thanks

hacking for fun & profit

No description
by

Ahmed Fouda

on 11 May 2015

Comments (0)

Please log in to add your comment.

Report abuse

Transcript of hacking for fun & profit

Hacking for fun & profit
be a real hacker not a 7amada hacker
about me
Ahmed Fouda
Information Security Researcher
twitter@0xfouda
0xfouda@gmail.com
0xfouda.wordpress.com

agenda
- Expectations vs. Reality
- Real hackers vs. 7amada hackers
- Information security as a CS field
- Information security roadmap
- Hacking skills Prerequisites
- The ULTIMATE #1 hacking tool
- Protecting yourself from hackers
- Demos
Expectations vs. Reality
Hacking & Movies don't mix
Hacking is a science
Hacking Definitions
Using technologies or products in different ways than it’s supposed to be used


art of exploiting computers to get access to otherwise unauthorized information
Who is a hacker ?
someone who seeks and exploits weaknesses in a computer system or computer network and may be motivated by
Profit
Protest
Challenge
Enjoyment
evaluate weaknesses
Who are real hackers ?
who is 7amada hackerz ?
7amada hackers
vs.
Real hackers
Black hat Hackers
break for their personal gain
White Hat Hackers
break to fix security holes
Grey Hat Hackers
Hackers categories
break to fix security holes
without permission
Hacking Stories
hacking is fun
can it make a profit
?!
Information Security as a CS field
Securing everything around you
IT Networks
Operating System
Software Applications [ Desktop, Web, Mobile … ]
Smartphones
Industrial Control Systems
IoTs [ Internet of Things ]

Even more ...
securing organizations’ resources by
implementing different security controls
to defend corporate network from different attack vector
information security can be applied in two fashions
Defensive
Offensive
securing organizations’ resources by
simulating different attack scenarios
to test implemented security controls
Defensive
Offensive
Information Security Terminologies
Vulnerability
Exploit
Zero Day Vulnerability
Confidentiality
Integrity
Availability
Malware
Virus
computer virus is a program that tries to hide himself and cause damage to the user's computer
It's a virus that infects user's computer, cause damage and then propagate through user's network looking for more computers
It's a malware disguised as a normal computer software so that user can install it without noticing being compromised
a malware when installed on your computer will make your computer under the command and control of a master computer
a virus that is used to capture what you type on keyboard and send it back to the hacker
Trojan
Worm
Bot
Key Logger
Famous Attacks
DoS
attack against a website or computer network to make it temporarily unresponsive. This is often achieved by sending so many content requests to the site that the server overloads
Information Security Road Map
Software Security
System Security
Network Security
Penetration Testing
Incident Handling
Forensics Analysis
Malware Analysis
ICS Security
Preparing yourself to InfoSec Field
Programming
Operating Systems
Networking
The ULTIMATE #1 hacking tool
Google
He is your best friend along the journey ;)
Operating
System
Network
Smartphone
Online
Browsing
Protecting yourself
DDoS
DoS using a number of separate machines. This can be accomplished by seeding machines with a Trojan and creating a botnet or, as is the case with a number of Anonymous attacks, by using the machines of volunteers.
Phishing
Tricking someone into giving you their personal information, including login information and passwords by imitating legitimate companies, organizations, or people online. and it's done via fake emails or links to fraudulent websites.
Email Spoofing
Altering the header of an email so that it appears to come from elsewhere.

A black hat hacker, for instance, might alter his email header so it appears to come from your bank
Social Engineering
the art of manipulating people and conning them into giving you confidential information, such as passwords to their accounts
Man in The Middle
network attack where the hacker will sit in the middle between you and your gateway and eavesdrop on everything you send from your computer
Demo time
Phone Phreaks
Stuxnet
OPIsreal
flaw or weakness in a system's design, implementation, or operation and management that could be used to violate security policy
a piece of software that is used to take advantage of a vulnerability to cause unintended actions
zero day vulnerability means hole in software that is unknown to the vendor. This security hole is then exploited by hackers before the vendor becomes aware and hurries to fix it
preventing sensitive information from reaching the wrong people, while making sure that the right people can in fact get it
the assurance that information can only be accessed or modified by those authorized to do so
ensuring that authorized parties are able to access the information when needed
malicious software that disrupts computer operation, gather sensitive information, or gain access to private computer systems
umbrella term refers to a variety of forms including
Full transcript