Hello friends, In this post i will
tell you the steps or phases of ethical hacking and penetration
testing. Basically, in this post you will get the answer of most
frequently asked question how to do ethical hacking or how ethical
hacking should be done.
Whole process of ethical hacking and
penetration testing is divided into five phases or steps. Every
ethical hacker must follow these steps to complete security audit in
most reliable way. OK, what these steps are, these are Information
Gathering, Scanning, Gaining Access, Maintaining access and Covering
tracks.
Lets learn about these steps more
deeply.
Information Gathering:- Also known as
Reconnaissance is most important and time consuming step of hacking.
Because gaining more information about target helps in later attacks
like password cracking, social engineering etc. And this is why this
step is so important. I am calling it time consuming because it takes
much to time collect information about target.
In this step, hacker collect
information about target organisations website, perform who is
queries, information about type and size of organisation, their
web servers, Operating Systems etc. Hacker can collect this type of
information from various online and offline resources like Google
searches, Social Engineering, Who Is queries etc.
Scanning:- This is the second step of
hacking. In this step, an ethical hacker perform scanning against target
systems and collect information about open and closed ports,
vulnerabilities, operating systems, services running on target system
etc.
Gaining Access :- After collecting
enough information and discovering open ports and vulnerabilities, this
is where real hacking starts. This step includes exploiting or
hacking the system with the help of some tools, scripts and
vulnerability scanned in last process. In this step, basically,
hacker will gain access to particular target or service running on target,
tries to escalate privileges, crack passwords modify files or perform
the desired task.
Read More - Best website to start learning ethical hacking
Read More - Best website to start learning ethical hacking
Maintaining Access:- The process takes
whole time to hack a system. So to avoid wastage of time a hacker can install some backdoor and root kits on compromised system or network
to easily gain access next time.
Covering Tracks :- This is last step
performed by hacker after performing or achieving objectives. This
step includes deleting or manipulating log files, hiding data using
steganography tools to avoid detection of signs of unauthorized
access.
So, This is the whole process performed
by ethical hackers and penetration testers for security audit. And
this was also the answer of questions like how to do ethical hacking or how ethical
hacking should be done. These are steps or phases of ethical hacking and penetration testing.
Read More :- Learn dns spoofing
Nice one
ReplyDeleteThis comment has been removed by a blog administrator.
ReplyDelete