Professional Documents
Culture Documents
TECHNOLOGY
Symbiosis International University
(Established under section 3 of the UGC Act, 1956 vide notification No. F 9-12/2001-U 3 of Government of India)
:
:
:
Made a professional Report for the scanning and submitted in the end of
the month (May,2016)
Studied about wireless Security Attacks and how they can be exploited (1st
week june)
Learning about social engineering and Role Playing
3. Reviews of the Technical or Business or Managerial aspects to problems
identified:
I have observed that in Hacking , 80% hacks occurs because of social
engineering . Social engineering is one of the biggest vulnerability and
exploit. In this it requires trust gaining , shoulder surfing etc.
Second thing I observed is that most of the website can be hacked just
because of the small vulnerabilities . Organizations some times ignores
small vulnerabilities while taking care of bigger vulnerabilities.
Next I observed is the most of the websites are Vulnerable to top 10
OWASP Vulnerabilties.
Most of Old organizations dont care about upgrading their systems and
versions .
Week code can lead to source code disclosure and can create back door
entries
4. Approches to above problems:
Social engineering is tough to coup up but some measure can be taken like
a background check of employ before joining , Dont share your passwords
with anyone no matter how close he/she is
Organizations should keep on updraging their systems and their webserver
and services version with time to avoid attacks.
Organizations should scan their website on regular intervals for any new
discovered vulnerabilities and should keep their database updated.
Codes should be tested properly and then checked that source code is not
being disclosed.
5. Analysis of work Done :
(April 2016)
Studied about Ethical hacking
About networks
About Ports
Basics of penetration Testing , all its phases and about different tools
Learning about various tools used:
1. Nessus Online vulnerability scanner
2. Nmap for Scanning Ports , Services
3. Uniscan scan system for Vulnerabilties , sourcecode, backdoors ,
versions, ports
4. Acunetix Vulnerability Scanner