Ethical Hacking and Penetration Testing: Concepts and Methods

Verified

Added on 2022/08/12

AI Summary

This presentation provides an overview of ethical hacking and penetration testing, covering essential concepts, tools, and techniques. It begins by defining ethical hacking and its significance, then delves into password security, including where passwords are stored in different operating systems like UNIX, Windows, and Mac OSX. The presentation explores various methods for viewing passwords and details the process of password cracking, including formulation, encryption, and comparison. It also examines different types of attacks, such as dictionary attacks, brute force attacks, and the use of rainbow tables. Furthermore, it lists and explains various password cracking tools like Brutus, Rainbow Crack, and John the Ripper. The presentation is concluded with a bibliography of relevant sources.

ETHICAL HACKING AND
PENETRATION TESTING
Name of Student:
Name of University:
Author Note:

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

INTRODUCTION
The presentation deals with the ethical
hacking and penetration testing. As the
lead security analyst, the chief security
officer of the company has asked to
introduce the concepts about the tools
and the skills used by the hackers to
hack as system. The presentation
consists of the concepts about the tools
and skills required for hacking.

HASH
 It is also known as message digest
 Number produced from string of text
 Used to make sure that the transmitted
messages are not transferred
 The hash is used for password hashing
 Converts passwords into unreadable
strings
 Hashes are not designed to be
decrypted

LOCATION OF
PASSWORDS
 Passwords in UNIX is stored
in/etc/passwd but moved to
/etc/shadow.
 The passwords are hashed and salted
 The passwords in windows are stored in
C:\windows\system 32\SAM
 The passwords in Mac OSX is stored in
the keychain Access app

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

METHODS TO VIEW
PASSWORDS
 The passwords in windows can be can
be viewed from the credential manager
in the manage password options
 The passwords in the Linux operating
system can be viewed from the package
“shadow-utils”.
 The passwords can be found saved in
the safari browser

PROCESS OF PASSWORD
CRACKING
 formulation of an estimate about the
password
 Encrypting the speculated password
utilizing the similar algorithm as the
system being attacked
 Comparison of the hashed guess against
the real value of hashed that was
captured

TYPES OF ATTACKS
 Dictionary attack: Technique of
breaking into a server or a computer
that is protected by passwords by
entering words of dictionary
 Brute force: Method to get access to a
site by trying different combinations of
passwords and usernames
 Rainbow tables: it is a precomputed
table that is used in order to reverse the
functions of hash.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

TOOLS OF PASSWORD
CRACKING
There are various tools those are used in
password cracking. These include
 Brutus: It is a password cracker used for
windows. It works online and try to
break telnet or IMAP.
 Rainbow Crack: It is a tool that produces
rainbow tables to be used in cracking of
passwords.
 John the ripper: It is a UNIX tool that is
used for cracking of password.

BIBLIOGRAPHY
 Yisa, V., Baba, M., & Olaniyi, E. (2016, November). A review of top open source password
cracking tools. In Proc. of the International Conference on Information and Communication
Technology and its Applications (ICTA).
 Seide, F. (2017, February). Keynote: The computer science behind the microsoft cognitive
toolkit: an open source large-scale deep learning toolkit for Windows and Linux. In 2017
IEEE/ACM International Symposium on Code Generation and Optimization (CGO) (pp. xi-xi).
IEEE.
 Devi, K. K., & Arumugam, S. (2019, April). Password Cracking Algorithm using Probabilistic
Conjunctive Grammar. In 2019 IEEE International Conference on Intelligent Techniques in
Control, Optimization and Signal Processing (INCOS) (pp. 1-4). IEEE.
 Liu, E., Nakanishi, A., Golla, M., Cash, D., & Ur, B. (2019, May). Reasoning Analytically About
Password-Cracking Software. In 2019 IEEE Symposium on Security and Privacy (SP) (pp. 380-
397). IEEE.
 Yaswinski, M. R., Chowdhury, M. M., & Jochen, M. (2019, May). Linux Security: A Survey. In 2019
IEEE International Conference on Electro Information Technology (EIT) (pp. 357-362). IEEE.
 Valois, M., Lacharme, P., & Le Bars, J. M. (2019, June). Performance of Password Guessing
Enumerators Under Cracking Conditions. In IFIP International Conference on ICT Systems
Security and Privacy Protection (pp. 67-80). Springer, Cham.

1 out of 10

Ethical Hacking and Penetration Testing: Concepts and Methods

Secure Best Marks with AI Grader

Secure Best Marks with AI Grader

Paraphrase This Document

Related Documents

MN623 T2 2019: Report on Penetration Testing Tool Demonstration

Cyber Security and Analytics: Penetration Testing Tool Demonstration

MN623 T1 2020: Implementation and Evaluation of Pen Testing Tools

MN623 Cyber Security and Analytics: Password Cracking and Testing

+13062052269

info@desklib.com