okay so vulnerabilities so we are talking about vulnerabilities so vulnerabilities when vulnerabilities are created when you are not updating the software in your system when you are using pirated operating system at that time vulnerability is created in your computer or you are any kind of operating system like android ios etc okay so i am going to teach you all different kinds of vulnerabilities here as well as i'm going to teach you various cyber attacks okay how to perform the cyber attacks these cyber attacks then how to secure your os or your server august cyber attacks this kind of a thing i'm going to teach you now the question will be arises in your mind hey performing cyber attack is a crime correct so how you are going to teach us this thing so i am going to use use some of the website which are allowed by us government okay our websites by us government for hacking okay some of the websites are provided by u.s government for a hacking purpose so you can hack this website and it will not be treated as a crime so i'm going to teach you uh the attacks on all these websites also i am going to use one of the user created software or operating system which is called as a dvwa dbwa means damn vulnerable wave application so we are going to perform the attack on this damn vulnerable web application and we are using this us government website for performing for practicing our hacking skills so you will ask me the question hey why you are teaching a cyber attack okay we don't want to teach learn here cyber attack we want to become a cyber police cyber security expert but do you know that if you know cyber attack if you know how attacker performs the attack then only you can understand how to secure your server your network your company against the cyber attack correct so first you must understand how to perform the attack then only you can understand how to secure your operating system your server again so i am going to teach you both the things how to perform attacks as well as how to secure your operating system obviously if i will teach you this attack and if you are performing this attack on any of the legitimate website like a google facebook then i will be our joyrice technology will not be responsible for this okay so i am requesting you whenever i'm going to teach you anything please perform this use this knowledge for the learning purpose only for working as a cyber security professional then this is the information regarding this course okay this course is provided by ac council it has total 125 number of questions four hours of exam will be there multiple choice questions will be there and its validity will be three years and what is the cost cost is around 500 okay now whether the certification will be provided in this course so we are not providing the critical hacking certification by ec council to you you have to apply for this certification and i'm going to teach you all the things which are required for passing this exam understood as this i'm going to teach you all these things which are required for passing the exam okay uh wait for a minute okay now my screen is visible to you correct okay yeah correct yes after that we are going to see another thing cyber crime news in today's world we are observing various kinds of cyber crime news in a newspaper in an on a news channel in day to day life okay there are many cyber crimes are happening around around us so some of these cyber crimes are given over here like a ransomware attack performed by some of the people a u.s fraudster performed the attack u.s food importer atlanta admits the right somewhere attack like this so package for cyber security professional so if you learn this course and if you are a fresher without any experience zero years of experience then in our india you will get at least billion sorry 5 million of package okay 0.5 million rupees package i'm
talking about okay and if you learn this course and you have a knowledge okay and you have a three plus years experience then you will get a package above one million uh up to the two million to three million per year okay so these are some of the companies which are providing very high package for a three plus years cyber security professional so i will provide you the knowledge which which will be equals to the three plus years experience okay means you will not face a difficulty after getting a job into the industry i will teach you all the content which are given in this certified ethical hacking course okay and also this training i will allow you to share your screen and perform the things which you want to do okay if you want that i should share my screen then i should share my screen and i will show you the attacks and everything okay so it depends on your requirement your decision then these are some of the recent vacancies for a certified ethical hacker you can see that there are many vacancies okay on various job portals after learning this course you can join as a security analyst security architect security software developer crypto analyst security engineer security administrator cryptographer security consultant these will be the various posts where you can apply okay then who can take this course if you are learning if you want to earn money by performing hacking hacking then you should learn this course this is the perfect career path for you if you want to develop your career in a cyber security domain if you want to learn various attacks you enjoy while learning the attack then you should learn this course if you want to pursue higher education in a cyber security field then you should learn this course hey what what is cyber security why cyber security what are its benefits if you learn this cyber security then you can improvise the knowledge of various risk vulnerabilities and shortcomings in a operating system servers then you can started thinking like a hacker you can boost your existing salary suppose you are working professional and you want to boost your existing salary then you can boost your salary by learning this course by getting extra knowledge your social impact will be improved if you tell anybody that i know cyber security i know how to perform my hacking everybody will give respect you can help your nation by providing cyber security because of this course these are some of the recent vacancies as i have already shown to you but bounty there is one another way to earn money with the help of a bug bounty is there anybody present here who knows bug bounty what is bug bounty do you want to share your thoughts anybody yes sir um yes okay so uh i have been practicing this bounty for a few of the companies as freelancer so basically uh they would be asking us to check their websites and check the uis on the database access what they came and try to find out any of the malfunctions of the applications perfect very perfect answer given by you thank you very much so we are going to see some of the websites there are some of the websites in a word we can see here like a work crowd okay so these websites are creating these bounty programs okay and in that bug bounty program you need to find various vulnerabilities in these websites or android application or ios application if you find a vulnerability then you get a amount of money for each and every vulnerability now we are going to see some of the very well known website these are all the websites who have created a bug bounty program for you recently created bug bounty programs okay so we will see the website like okay we will see this website one password website okay so you can see that this website has created a bug quantity program is and ready to provide 300 to 330 000 per vulnerability means if you find single vulnerability and if you inform them that this is a vulnerability i found that then they will give you the 300 for a single vulnerability if this vulnerability has a low effect if this very vulnerability is very dangerous then they will provide you 30 000 for a single vulnerability okay so these are the bug bounty programs so after learning this course you can participate in a quality program and you can earn money by sitting at a home very huge amount of money you can earn okay so this is one part of my training that i will uh help you to create account on about quantity program bounty websites and then you can start bug bounty by your own so these are various websites which provides bug bounty after main attraction of this course i will teach you many concepts this course will be on duration 30 to 32 hours duration but some of the main attraction few of the main attraction are given over here i'm going to teach you android hacking i'm going to teach you windows hacking wi-fi hacking penetration testing vulnerability assessment password hacking cryptography steganography browser security mobile security malware security these are some of the main attraction of this course questions do you have any questions up to here before moving to the further part if you have any question please ask me what silence i am taking as a no question there so we are going to see real time attacks in world with the help of this threat map website this threat map website provides you real-time attack scenario in all over the world in on today's date third of april total these around 1 billion attack 2 billion attack has performed okay so very huge attack has performed there and you can see that united states performing attack on mexico portugal is performing attack on different countries see that okay these are all the attacks okay united states has just performed attack on israel hong kong okay whenever you see red line it is a very dangerous attack whenever you see yellow line or any other color line it is a less dangerous so the name of the attacks are here on the left hand side trojan okay then windows attack okay on the right hand side you can see top targeted countries mongolia georgia angola nepal these are the top targeted countries you can see top targeted industries education government and healthcare these are the top targeted industries okay so these are the live cyber attack you can see every day these many attacks billions of attacks are performed by various countries on various other countries as well as in inside the countries also many attacks are performed okay so these websites provide you the real-time attack scenario we are going to see further hello yes sir that country knows that tech is performing on their countries or not yes actually yes country already knows that but what is happening recently i am working as a cyber security professional okay okay so what we are doing suppose anybody is performing attack on my operating system my network then i am not going to complain into the police station and i will not file his team and i am not going to find who is that person or who is that country what i will do i will start my ips ideas firewalls then i will block that particular ip address by which this cannot perform okay because every day in our company the many attacks around 50 to 60 attacks we found so if we file a complaint for each and every attack then it will be very difficult yeah yeah correct so instead of that instead of defending them we are trying to prevent ourselves by enabling ips ideas and firewall for this particular ipad [Music] there are three types of hackers in a word black hat white hat and grey black hat hector also but on the second day okay he recites into the jail into the prison okay because his intention is very bad okay he only wants to earn money in an unethical manner why that hacker is a person who knows everything how to perform attack everything but he is not using this knowledge in a bad way in an unethical way he is using this knowledge in an ethical way so why that icon so this wider anchor helps business and also helps the company to secure their infrastructure great hacker great hacker means the hacker who performs the hacking for a personal enjoyment or for a learning purpose this is the third type of a hacker which is called as a gray adapter so all 73 people over here are a great hacker they are already enjoying and learning the kind of hacking after completion of your learning you will become a white hat hacker because you are going to help any industry for securing their infrastructure and i suggest you i request you please never become a black hat hacker and please never spoil my name as well as joyce technology just joking so these are some of the websites i have already told you where you can practice your hacking skill you can perform a hack you can hack these websites and it will not be treated as a crime it will not be treated as an illegal kind of thing okay what is cyber law in india to protect various cyber attacks some of the cyber laws are created okay and this side because of this cybernet if any hacker performs any hacking activity then he is definitely get a punishment for imprisonment as well as fine so you can see that if any hacker performs stamper the competent document then other document without the permission of that other person then he will get three years of imprisonment to lagrange if any hacker publish the photo or video of any person then he will get five years of imprisonment to lacrosse fight if any hacker breach the confidentiality okay breach the password or any secret document then three years of a jail and two lakh rupees two lakh means 0.2 million so in this way these are various punishment provided to the hacker that's why this is a very dangerous thing to learn but this is a uh by learning this thing you will enjoy a lot and you will definitely earn a good amount of money sql injection do you know what is sql can anybody tell me what is sql yes yes tell me that please uh structured query language to make to make commands or queries to a database okay extremely sorry you have given a correct answer but partially correct your full form is wrong the sql means sequential query language okay and you are given a current answer that you are creating the query to create a database in a company what is startup is it is a very simple thing in a database what you are going you are saving the employee information your information all the different kinds of information in the data okay so with the help of a sql injection attack what attacker is doing attacker is adding some columns in a database row in a database modify the database delete the database record the database various kinds of a thing can perform by attacker so if you write this single query in a google then you will find that whatever the website will get after writing this query all these websites are completely or may be vulnerable to the sql injection attack okay dot php question mark id equals to so if you open any website after writing this theory in a google and if you write single inverted comma there listen to me carefully okay single inverted comma this is a sign after the name of the website and press enter whatever the error you will get if you get the error that sql error or sql warning it means that this website is 100 vulnerable to the sql injection attack and any hacker can perform sql injection attack on that website okay so this is called as a sql injection attack now we are going to see sql injection attack on one of the website so i again request you even though these websites are vulnerable to the spell injection attack please never perform this attack on this website because doing attack performing attack is a crime obvious so now i am showing you how to perform this sql injection attachment see that yes do you have any question so we are performing sql injection attack with the help of a kali linux operating system kali linux is one kind of operating system which we will install on all all of your pc okay and you have to install it to try to understand to experience your hacking skill these operating system contain all the types of hacking tools inbuilt into that website okay so you can see here if i'm writing like this sql map here sql map is one of the tool which can be used for performing the sql injection attack okay then what i am writing we are going to perform this attack on one of the test website this is a test website and definitely it will not be treated as a client if i am going to perform the attack on this test website is php dot vulnerable so i will use this sync first command and i'm going to teach you what is the meaning of that command see that carefully please listen to me sql mac what it means means we are using this sql map tool okay hyphen u hyper this sign is called as a hyphen in our uh hacking or linux language then u means url so on this url we are going to perform the attack then hyphen hyphen dbs hyphen iphone dbs means we want to extract the name of a database that's why we have written this bbs means database i'm clicking on enter we are going to see which different kinds of databases are there so you can see that two databases are there acute and information schema okay so what is our purpose we want as a hacker we want to extract the information of this database we want to see we want to watch which information is there into that database this is definitely a confidential information okay and it is not allowed us to watch but because this is a test website that's why we can perform the attack on this website so now what i will do i will extract the tables in this database and we are going to understand this command very first okay sql map what is sql map it is the name of tool hyphen u means url which url this is the one hyphen d means database hey please uh don't write anything on my screen okay who is that person okay i'm stop sharing the screen okay thank you very much so uh hyphen team is name of database so which database we are going to hack your database we are going to have there are two databases we have just observed that correct we are going to have accurate database and we want to see tables in that database that's why i have written hyphen iphone table i'm pressing enter and you can see that these database contains these many tables okay artist cards okay then which are the tables category featured guest book pictures products users now this user database usually contain the password and username email id etc that's why i'm going to hack this user database so i'm writing this next command here okay see that what is that command we are going to see this sql map sql map is the name of tool hyphen u is the name of url ipad d is the name of database which is the accurate hyphen t is a user table name of table so which table i am selecting i am selecting users table okay and then i am writing here hyphen iphone columns what it means hyphen iphone columns means hyphen for column space i want to get the columns details here extract the column details here so i'm pressing enter so i will come to know which columns are there into the user database for user table these are the column into the user table address card cc email name pass phone and unit okay now what is our next step our next step is i want to see the data into few of the columns okay so now how we are going to see this data okay so again i am going to explain you this command see that sql map hyphen u ipod um is what url hyphen d means what database this database accurate database hyper t means what table means column which column i use email column i want to extract the detail name column i want to extract the detail past column i want to accept the detail and hype on iphone dump please what done please dump the details download the details show the details i'm pressing enter here and you are going to see that we will get the details so you can see that email is a email email.com name is a john smith and password is a test so in this way you can get this information under this okay so this is a method by which you can extract the database information with the help of a sql injection attack so do you know anybody knows cryptography what is cryptography can you please tell me that nobody knows that yes ph please give me the answer so in my terms of cryptographics is that they uh modify the data in terms of a bit system uh it can be a crs or something so it can be cryptified so what is the meaning of crypto fighter i mean uh somehow they change the internal data to the bit so that it can be uh secured and in some way and the key is shared so that that's my obvious that's my understanding of it that's great you are understanding and your answer both are very correct but only technical terms are missing there so very good try i'm really impressed thank you very much so cryptography means whenever you want to send data to any person if you are directly sending the data any of the middle person third party person or attacker can see this data okay can download this data and can understand which information you have sent so if you want to avoid it you are going to encrypt the data in such a format that even though attacker can see this data he cannot read this he cannot understand it so in a cryptography plain text is there means if you are a sender you are sending plain text you are encrypting plaintext with the help of a key with the help of a password okay whatever the encrypted plaintext is there it is called as a cipher text this cipher text is decrypted with the help of another key so whenever any person any receiver receives your data he receives encrypted plaintext which is called as a cipher text he knows key very well you have already told the key to him or this is the other type of cryptography where he use his own private key and with the help of a private key he can decrypt the data and he will get original plaintext so data will be known to the person only who knows the password to decrypt the data otherwise nobody can decrypt the data understood as this this is called as a cryptogram yes you share do you want to say anything else again there are two types of cryptography first is the symmetric symmetric means for symmetric means a and b these are the two person this person is a b this person is b both are using the same keys same password okay a is using the password for example one two three four password for encrypting the message p is using the same password one two three four password for decrypting the message so if same password both the users are using resender as well as receiver it is called as a symmetric key cryptogram there are various symmetry key cryptography algorithms like advanced encryption standard rc4 rc5rc6 data encryption standard blow fish fixed we are going to see all symmetry key cryptography what it means it means that same password is not used by both the user suppose a and b these are two people both people both person have public key as well as private key what a is doing public key of a as well as public key of b is known to everybody suppose you all have a public key your public key known to everybody public password going to everybody suppose i want to send daca to the pharma what i will do i will use the public password appear sharma which is known to everybody for sending the data to him for encrypting the data when data will receive to the pharma what pure sharma will do pio sharma will decrease the data with the help of his private password which is only known to produce sharma and nobody else knows this password so this is called as a symmetric key cryptography understood is this so these are two different passwords for encryption we are using public password for decryption the person using his own secret password i'm going to show you symmetry key cryptography where same password is used i am writing a message here for example i am writing here push and i am clicking on n cipher okay this is a symmetric key cryptography that's why we want to use same password during encryption as well as decryption i am writing a password of one two three four okay and clicking on and ciphering so this is the encrypted message i got after writing one two three four this is the encrypted message okay i'm copying this message you can see that i am copying this message and pasting it over here and clicking on and ciphering after clicking after pasting this message here you can see that here the cipherhead option comes means decrypted i am clicking on deciphering and i am clicking on writing a same password one two three four and clicking on decrypt so when i decrypt this message i will get original message which is called as a push message which i have encrypted while sending the message so do you understand this this is called as a symmetric key cryptography okay huge ask me one of the question okay whether only plain text format can be encrypted or any other data format can be encrypted so answer is any data can be encrypted with the help of a cryptography whether it is an image data video not a chip file any file can be encrypted and any file you can send by doing this encryption okay but for a practical purpose for excellent purpose i have shown you the plain text okay but you can perform encryption of any file i'm going to during our actual session i am going to show you how to encrypt the image file also so this cryptography is definitely used for security purpose then we are going to see our symmetry key cryptography now for symmetric key it means that two different keys are used in this cryptography or symmetry so you can see rsa algorithm is used by this website website generate rsa click i'm clicking on this okay so these are the rss so i will use this public key to send the data i'm clicking on control c copying this public key okay i am writing data so my data will be this time kundal kumar i'm writing kundal kumar this is my name okay i'm pasting i am writing public key over here for encrypting this dot public key okay and clicking on encrypt when i click on encrypt my data will get encrypted you can see that this is encrypted okay now i am going to write this encrypted message over here for decryption now i have said this encrypted message to my friend my friend got this message my friend wants to decrypt it then what my friend will do my friend will write this message over here then my friend will write his own private key what is the private key of my friend this is the private key of my friend so my friend will write his own private key to decrypt the message here he has written a private key use the same algorithm rsa algorithm and click on decrypt and you can see that my friend got the original data which is a kundan kumar which i have encrypted and sent to my friends okay so in this way i'm going to teach you various kinds of cryptography as well as technography as well as attacks as well as cyber security and this is a completion of this demo if you have any question you can ask here or you can contact my friend amit on this number the number of amit is given over here as well as the website is given over here so do you have any question please ask me the question yeah please okay here question asked by parry resolve that normally you send the private key over a secure connection right so the person on the other hand can decrypt the message example like get a ps ec2 remove access so you can send the private key over a secret connection as well as you can send private keys by some other method okay with the help of a hashtag so you can send okay so i will also teach you how to create hash to send a private key okay please don't write on my screen okay if i am teaching very bad then please sorry for that but please don't try on hp laptop asked me a question i think you don't need to be good in sql yes if you want to learn this course no need to be good in sql no need to be good in kali linux no need to be put in cyber security ethical hacking or networking any knowledge is not required only you should know english because i'm going to teach you this course in a complete english language if you know english if you have a basic knowledge of some of the things then you can understand this okay if you are hsc 12 standard past then you can understand this protein easy using algorithm yeah now i'm again sharing okay so next question asked what will be the duration of this training duration of training will be 30 to 32 hours 30 to 32 hours okay duration after that next question asked to me is that what if i am not good in sql definitely no problem you can learn this okay haha php.code is vulnerable here so okay how to get into android hacking while working on mobile device yes you can perform android hacking while working on the mobile devices do we have to have strong networking knowledge no need of networking knowledge i'm again writing in a chat box okay no need of networking knowledge as well as linux knowledge okay only english will be known to you windows or weekend yes if more participants are there then i'm ready on weekdays as well as weekends i'm reading on both the things big days as well as we can already on cleaning fees you need to ask the please record yours i'm recording okay so dropping the session for shift it was really information session thank you very much for you sharma do you have any other question anybody has any other question or we should stop this session now thank you so much yes okay always welcome so hope you all will join this session okay and you will take advantage of this opportunity okay do we get this ppt definitely i am ready to share this repeat with the permission of a shortlist technology only because i am working as a freelance trainer for children's technology so if they will provide a permission to share i will share how to get into android bios settings by using hacking how can i teach this thing right now this is a demonstration when you join the session i am going to teach all these things after this training will ch will be clear yes you can clear the certified ethical hacker of course i will also take some of the mcq test for you i will also take some of the interviews for you what will be the cost of course you have to ask to the amit my friend do you have ch exam questions yes i have a few of the ch exam questions i'm going to share these questions to you in a google form i will share these questions to you okay chatting sharma thanks uh okay welcome jadin sharma so shall we stop this session now yeah so all i'm saying thank you so i think so that we should stop this session okay bye bye see you have a good day hope you all will enjoy the session and will definitely join this course okay bye if you have any question please ask to the amit on his phone
2022-04-12