Open in app

Sign in

Write

Sign in

Everything about Ethical Hacking

Cherry
5 min readSep 11, 2020

--

What is Hacking?

  • Hacking is identifying weaknesses in computer systems or networks to exploit its weaknesses to gain access.
  • Example: Using a password cracking algorithm to gain access to a system

What is Ethical Hacking?

  • Also known as penetration testing/intrusion testing/red teaming
  • It is the controversial act of locating weaknesses and vulnerabilities of computers and Information systems by duplicating the intent and actions of malicious hackers.
  • In simple terms, Ethical Hacking is identifying weaknesses in computer systems and/or computer networks and coming with countermeasures to protect the weaknesses.

The Legality of Ethical Hacking :

Ethical Hacking is legal if the hacker abides by the stipulated rules :

  • Get written permission from the owner of the computer system and/or computer network before hacking.
  • Protect the privacy of the organization been hacked.
  • Transparently report all the identified weaknesses in the computer system to the organization.
  • Inform hardware and software vendors of the identified weaknesses.

Why Ethical Hacking?

  • Information is one of the most valuable assets of an organization. Keeping information secure can protect an organization’s image and save an organization a lot of money.
  • Hacking can lead to loss of business for organizations that deal in finance such as PayPal. Ethical hacking puts them a step ahead of the cybercriminals who would otherwise lead to loss of business.

Types of Hackers :

BLACK HAT :

A hacker who gains unauthorized access to computer systems for personal gain. The intent is usually to steal corporate data, violate privacy rights, transfer funds from bank accounts, etc.

GREY HAT :

A hacker who is in between ethical and black hat hackers. He/she breaks into computer systems without authority to identify weaknesses and reveal them to the system owner.

WHITE HAT :

A hacker who gains access to systems to fix the identified weaknesses. They may also perform Penetration Testing and vulnerability assessments.

HACKTIVISTS :

A hacker who uses hacking to send social, religious, and political, etc. messages. This is usually done by hijacking websites and leaving the message on the hijacked website.

SCRIPT KIDDIES :

A non-skilled person who gains access to computer systems using already made tools.

PHREAKERS :

A hacker who identifies and exploits weaknesses in telephones instead of computers.

What is a Security Threat?

  • A threat is a possible danger that might exploit a vulnerability to breach security and therefore cause possible harm.
  • Security Threat is defined as a risk which can potentially harm computer systems and organization.
  • The cause could be physical such as someone stealing a computer that contains vital data.
  • The cause could also be non-physical such as a virus attack. In these tutorial series, we will define a threat as a potential attack from a hacker that can allow them to gain unauthorized access to a computer system.

The Hacking Process :

RECONNAISSANCE :

Reconnaissance is the phase where the attacker gathers information about a target using active or passive means. The tools that are widely used in this process are NMAP, Hoping, Maltego, and Google Dorks.

SCANNING :

In this process, the attacker begins to actively probe a target machine or network for vulnerabilities that can be exploited. The tools used in this process are Nessus, Nexpose, and NMAP.

GAINING ACCESS :

In this process, the vulnerability is located and you attempt to exploit it in order into the system. The primary tool that is used in this process is Metasploit.

MAINTAINING ACCESS :

It is the process where the hacker has already gained access to a system. After gaining access, the hacker installs some backdoors in order into the system when he needs access to this owned system in the future. Metasploit is the preferred tool in this process.

CLEARING TRACKS :

This process is actually an unethical activity. It has to do with the deletion of logs of all the activities that take place during the hacking process.

REPORTING :

Reporting is the last step in finishing the ethical hacking process. Here the Ethical Hacker compiles a report with his findings and the job that was done such as the tools used, the success rate, vulnerabilities found, and the exploit processes.

Hacking Tools :

Here is a list of the top 15 Tools for Ethical hacking in 2020 :

1. Netsparker

2. Acunetix

3. Intruder

4. SaferVPN

5. Burp Suite

6. Luminati

7. Ettercap

8. Aircrack

9. Angry IP Scanner

10. GFI LanGuard

11. Savvius

12. Qualys

13.WebInspect

14. Hashcat

15. IronWASP

Ethical Hacking
Hacking
Hacking Tools
Cybersecurity
Pentesting

--

--

Cherry

Written by Cherry

0 Followers

Hope is a dangerous weapon

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams