IETE-SF conducted its Ethical Hacking Workshop as part of FORTNIGHT for First Year students. It took place on the 1st and 2nd of October between 9:30am to 4:30pm. Mr Sachin Dedhia, Priya Savla, Jerry Thomas, Ashwin Iyer, Shyam Patil, Puneet Ojha were all a part of the professional team that conducted this training program.
Ethical hacking is the act of locating weaknesses and vulnerabilities of computer and information systems by duplicating the intent and actions of hackers. Ethical hacking is a penetration or intrusion testing technique. It is performed by a company or individual to help identify potential threats on a computer or network. An ethical hacker attempts to bypass system security and search for any weak points that could be exploited by malicious hackers. This information is then used by the organization to improve the system security, in an effort to minimize or eliminate any potential attacks.
Participants were introduced to the importance of ethical hacking tools, understanding the process, and implementing it. Hacking system provides the high securities to the customer’s methodologies and techniques to yield high qualities of infrastructures. The ethical hacking system includes some services like: Application Testing, War Dialling, Network Testing, Wireless Security, System Hardening.
On the First day of the workshop, Sachin Dedhia started of by explaining the types of hackers, and why ethical hacking is necessary.
Steganography, the science of writing hidden messages in a way that only the sender and intended recipient can realize the hidden message was the first subject to be addressed. The QuickCrypto steganography function allows carrier files to be photographs, drawings, images, and sound files. Practically, it is used to save the password in a allocated file and then hid in a carrier file. ‘Our Secret’ was used to apply this concept. The next hack that they learnt was key logging. Keylogging is the action of recording the keys struck on a keyboard, typically covertly, so that the person using the keyboard is unaware that their actions are being monitored. They also learnt how to acquire someone’s’ facebook password using basic web browsers. The final topic of the day was IP spoofing. It refers to connection hijacking through a fake Internet Protocol (IP) address; it is the action of masking a computer IP address so that it looks like it is authentic.
On The Second day Jerry Thomas introduced Kali linux (a virtual box), a new operating system to the participants. With Kali Linux, hacking becomes much easier since you have all the tools (more than 300 preinstalled tools) you are probably ever going to need, and they used this package to hack WiFi. Tools like Wireshark, Reaver ,Pixiewps and Aircrack-ng were introduced and explained. They also learnt how to hack an anroid based application using Kali Linux. The next subject introduced was Windows DUOS attack and was tackled using wire shark and kali. Phishing is typically carried out by email spoofing or instant messaging and it often directs users to enter personal information at a fake website, the look and feel of which are almost identical to the legitimate one. CrazyCall is the most popular website used for call spoofing. This website lets users make calls from any number they want. So, you can make prank calls with this. It also lets users change the voice to be anonymous while calling and you can also call from fake caller ID. All of these Softwares were given to the students and taught how to apply them and Hack ethically.
As the fortnight came to an end, with the end of this workshop, the participants came forth to give their feedback about how captivating and constructive the workshop was. It was a great learning experience for all of them as they got trained and received certificates, as they practically performed everything that was taught to them in hacking.