Phases of Ethical Hacking
by : Vyshu <vaishnavu c v >
Phases of Ethical Hacking
Like every discipline out there in the world, ethical hacking is divided into distinct phases. Ethical hacking has 6 distinct phases. These phases are not strict rules, but more like a guideline to be followed.
Reconnaissance
Reconnaissance is the process of information gathering. In this phase, the hacker gathers relevant information regarding the target system. These include detecting services, operating systems, packet-hops to reach the system, IP configuration etc. Various tools like Nmap, Hping, Google Dorks etc are used for reconnaissance purposes
Scanning
In the scanning phase, the hacker begins to actively probe the target machine or network for vulnerabilities that can be exploited. Tools like Nessus, Nexpose, and NMAP are widely used by hackers in this process.
Gaining Access
In this phase, the vulnerability located during scanning is exploited using various methods and the hacker tries to enter the target system without raising any alarms. The primary tool that is used in this process is Metasploit.
Maintaining Access
This is one of the most integral phases. In this phase, the hacker installs various backdoors and payloads onto the target system. Just in case you don’t know, Payload is a term used for activities performed on a system after gaining unauthorized access. Backdoors help the hacker gaining quicker access onto the target system in the future.
Clearing Tracks
This process is an unethical activity. It has to do with the deletion of logs of all the activities that take place during the hacking process. Nonetheless, Ethical Hackers still have to perform this phase to demonstrate how a Black Hat Hacker would go about his activities.
Reporting
Reporting
is the last step of finishing the ethical hacking process. Here the
Ethical Hacker compiles a report with his findings and the job that was
done such as the tools used, the success rate, vulnerabilities found,
and the exploit processes.
Reconnaissance
Okay, so let’s talk a little bit more about Reconnaissance. I’ve already mentioned that it is the process of gathering information about the target system, but what kind of information are we trying to gather? Well, to list them out would be a task but they can be boiled down to the following
- Gather initial information
- Determine the network range
- Identify active machines
- Discover open ports and access points
- Fingerprint the operating system
- Uncover services on ports
- Map the network
Active Reconnaissance
Active Reconnaissance refers to the process when you, the hacker, directly interact with the computer system to gain information. This information can be relevant and accurate. But there is a risk of getting detected if you are planning active reconnaissance without permission. If you are detected, the system admin can take severe action against you and trail your subsequent activities.
Passive Reconnaissance
Comments
Post a Comment