The term hacking has been around for a long time now. The first recorded instance of hacking dates back to the early 1960s in MIT where both the terms, ‘Hacking’ and ‘Hacker’ were coined. Since then, hacking has evolved into a broadly followed discipline for the computing community. In this “What is Ethical Hacking” article, we are going to go through the fundamentals of Ethical Hacking!
The following topics are discussed in this blog:What is Ethical Hacking? What are the types of Hackers? What are the types of Hacking? Phases of Ethical Hacking What is Footprinting? What is Fingerprinting? What is Ethical Hacking? | Ethical Hacking for Beginners |Edureka What is Ethical Hacking?
Hacking is the process of finding vulnerabilities in a system and using these found vulnerabilities to gain unauthorized access into the system to perform malicious activities ranging from deleting system files to stealing sensitive information. Hacking is illegal and can lead to extreme consequences if you are caught in the act. People have been sentenced to years of imprisonment because of hacking.
Nonetheless, hacking can be legal if done with permission. Computer experts are often hired by companies to hack into their system to find vulnerabilities and weak endpoints so that they can be fixed. This is done as a precautionary measure against legitimate hackers who have malicious intent. Such people, who hack into a system with permission, without any malicious intent, are known as e thical hackers and the process is known as e thicalhacking.
So now that we know what exactly ethical hacking is, and who ethical hackers are, let’s go over the different types of hackers.What are the types of Hackers?
Hackers can be segregated according to their intent.
White Hat Hacker
It is another name for an Ethical Hacker. They hack into a system with prior permission to find out vulnerabilities so that they can be fixed before a person with malicious intent finds them.
Black Hat Hacker
They are also known as crackers, who hack in order to gain unauthorized access to a system & harm its operations or steal sensitive information. It’s always illegal because of its malicious intent which includes stealing corporate data, violating privacy, damaging the system etc.
Grey Hat Hacker
They are a blend of both black hat and white hat hackers. They mostly hack for fun and exploit a security weakness in a computer system or network without the owner’s permission or knowledge. Their intent is to bring the weakness to the attention of the owners & earning some bug bounty.
A suicide hacker is a person who works with the intent to bring down major corporations and infrastructure. These kinds of hackers are not scared of the consequences of their actions as they mostly work with a vengeance in their mind. These people are also known as hacktivists. What are the different types of hacking?
Now that we have discussed the various types of Hackers, let’s go over the different types of hacking. We can segregate hacking into different types depending on what the hacker is trying to achieve.
Hacking a website means taking unauthorized control over a web server and its associated software such as databases and other interfaces.
Hacking a network means gathering information about a network by using tools like Telnet, NS lookup, Ping, Tracert, Netstat, etc. with the intent to harm the network system and hamper its operation.
This includes gaining unauthorized access to an Email account and using it without taking the consent of its owner for sending out spam links, third-party threats, and other such harmful activities.
This is the process of recovering secret passwords from data that has been stored in or transmitted by a computer system.
This is the process of stealing computer ID and password by applying hacking methods and getting unauthorized access to a computer system. Phases of Ethical Hacking
Like every discipline out there in the world, ethical hacking is divided into distinct phases. Ethical hacking has 6 distinct phases. These phases are not strict rules, but more like a guideline to be followed.
Reconnaissance is the process of information gathering. In this phase, the hacker gathers relevant information regarding the target system. These include detecting services, operating systems, packet-hops to reach the system, IP configuration etc. Various tools like Nmap, Hping, Google Dorks etc are used for reconnaissance purposes
In the scanning phase, the hacker begins to actively probe the target machine or network for vulnerabilities that can be exploited. Tools like Nessus, Nexpose, and NMAP are widely used by hackers in this process.
Cybersecurity Certification Course
In this phase, the vulnerability located during scanning is exploited using various methods and the hacker tries to enter the target system without raising any alarms. The primary tool that is used in this process is Metasploit.
This is one of the most integral phases. In this phase, the hacker installs various backdoors and payloads onto the target system. Just in case you don’t know, Payload is a term used for activities performed on a system after gaining unauthorized access. Backdoors help the hacker gaining quicker access onto the target system in the future.
This process is an unethical activity. It has to do with the deletion of logs of all the activities that take place during the hacking process. Nonetheless, Ethical Hackers still have to perform this phase to demonstrate how a Black Hat Hacker would go about his activities.
Reporting is the last step of finishing the ethical hacking process. Here the Ethical Hacker compiles a report with his findings and the job that was done such as the tools used, the success rate, vulnerabilities found, and the exploit processes.Reconnaissance