Skip to main content

Phases of Ethical Hacking

Like every discipline out there in the world, ethical hacking is divided into distinct phases. Ethical hacking has 6 distinct phases. These phases are not strict rules, but more like a guideline to be followed.

Reconnaissance

Reconnaissance is the process of information gathering. In this phase, the hacker gathers relevant information regarding the target system. These include detecting services, operating systems, packet-hops to reach the system, IP configuration etc. Various tools like Nmap, Hping, Google Dorks etc are used for reconnaissance purposes

Scanning

In the scanning phase, the hacker begins to actively probe the target machine or network for vulnerabilities that can be exploited. Tools like Nessus, Nexpose, and NMAP are widely used by hackers in this process.

Gaining Access

In this phase, the vulnerability located during scanning is exploited using various methods and the hacker tries to enter the target system without raising any alarms. The primary tool that is used in this process is Metasploit.

Maintaining Access

This is one of the most integral phases. In this phase, the hacker installs various backdoors and payloads onto the target system. Just in case you don’t know, Payload is a term used for activities performed on a system after gaining unauthorized access. Backdoors help the hacker gaining quicker access onto the target system in the future.

Clearing Tracks

This process is an unethical activity. It has to do with the deletion of logs of all the activities that take place during the hacking process. Nonetheless, Ethical Hackers still have to perform this phase to demonstrate how a Black Hat Hacker would go about his activities.

Reporting

Reporting is the last step in finishing the ethical hacking process. Here the Ethical Hacker compiles a report with his findings and the job that was done such as the tools used, the success rate, vulnerabilities found, and the exploit processes.

Comments

Popular posts from this blog

NMAP and ZenMAP

NMAP and ZenMAP are useful tools for the scanning phase of Ethical Hacking in Kali Linux. NMAP and ZenMAP are practically the same tool, however NMAP uses command line while ZenMAP has a GUI. NMAP is a free utility tool for network discovery and security auditing. Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime. NMAP uses raw IP packets in novel ways to determine which hosts are available on the network, what services (application name and version) those hosts are offering, which operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, etc. Now, let’s go step by step and learn how to use NMAP and ZenMAP. Step 1 − To open, go to Applications → 01-Information Gathering → nmap or zenmap. Step 2 − The next step is to detect the OS type/version of the target host. Based on the help indicat...

networks nd networking 2

Network Topologies •There are three main local area network (LAN) topologies: Bus Star Ring •Other network topologies include: Mesh Wireless What is a server? •Server is a machine which provides services to the nodes or computers in a network and those computers using services are known as client machines. •For each any every service client have to request to the server. Client Server Model   Servers •Computers or processes that manage network resources Disk drives (file servers) Printers (print servers) Network traffic (network servers) •Example: Database Server A computer system that processes database queries Clients •Application that run on a computer •Rely on a server for Files Devices Processing power •Example: E-mail client An application that enables you to send and receive e-mail Types of Servers •Application Servers •Audio/Video Servers •Chat Servers •Fax Servers •FTP Servers •Groupware Servers •IRC Servers •List Servers •Mail Servers •News Server...

Internet Of Things -IOT

Hey there! Have you heard of IoT? Yes the most popular thing in industry. If not, it is Internet of Things. Do you use smart watches or have you heard about smart city, smart house, these are the practical application of IoT. Didn’t get it?If you just Google “what is IoT?”, you will get a technical answer: “The Internet of Things (IoT) is a system of interrelated computing devices, mechanical and digital machines, objects, animals or people that are provided with unique identifiers and the ability to transfer data over a network without requiring human-to-human or human-to-computer interaction.”  Simply, The Internet of Things, or IoT, refers to the billions of physical devices around the world that are now connected to the internet, collecting and sharing data. Now you’ll ask me “Okay, but why is it so much important?”. Today majority of devices works on sensors but sensors will not live forever. In other words, cheap sensors are not going to be 100% reliable, 100% of the time. Ph...