Ethical Hacking Process

-


Reconnaissance
Reconnaissance is the phase where the attacker gathers information about a target using active or passive means. The tools that are widely used in this process are NMAP, Hping, Maltego, and Google Dorks.

Scanning
In this process, the attacker begins to actively probe a target machine or network for vulnerabilities that can be exploited. The tools used in this process are Nessus, Nexpose, and NMAP.

Gaining Access
In this process, the vulnerability is located and you attempt to exploit it in order to enter into the system. The primary tool that is used in this process is Metasploit.

Maintaining Access
It is the process where the hacker has already gained access into a system. After gaining access, the hacker installs some backdoors in order to enter into the system when he needs access in this owned system in future. Metasploit is the preferred tool in this process.



Clearing Tracks
This process is actually an unethical activity. It has to do with the deletion of logs of all the activities that take place during the hacking process.

Reporting
Reporting is the last step of finishing the ethical hacking process. Here the Ethical Hacker compiles a report with his findings and the job that was done such as the tools used, the success rate, vulnerabilities found, and the exploit processes.





Comments

Post a Comment

Popular posts from this blog

What is Web Hosting And Types Of Webhosting

-
Image
Getting Web Hosting If you have already registered your domain name, the next step is to get a web hosting for your website. Web hosting is a service, which provides space for your website on internet. If you want your website to publish online, then you will have to get web hosting service. In a web hosting service, your website is stored in high powered computers called web servers, which are connected to a high speed network and they are powered-on 24/7. While purchasing a web hosting service, you rent a space for your website on these servers. There are basically three types of web hosting − Shared Hosting − In this type of web hosting, a single server hosts multiple websites, sometimes thousands of them. Each account on this server has certain limits on using disk space to store websites, databases and bandwidth. This is the amount of data transferred through your website. This type of hosting is cheap and suitable for small and medium websites. Virtual Private Servers ...
Read more

DuckDuckGo Privacy Search Engine

-
Image
DuckDuckGo Privacy Browser has the speed you need, the browsing features you expect (like tabs & bookmarks), and comes packed with best-in-class privacy essentials: Tap Fire Button, Burn Data — clear all your tabs and browsing data with one tap. Escape Online Tracking — automatically block hidden third-party trackers we can find lurking on websites you visit, which stops the companies behind those trackers from collecting and selling your data. Search Privately — our private search engine comes built-in so you can search the Internet without being tracked. Enforce Encryption — force sites to use an encrypted (HTTPS) connection where available, protecting your data from prying eyes, like from unwanted snoopers and Internet service providers. Decode Privacy — each site you visit gets a Privacy Grade (A-F) so you can see how protected you are at a glance, and you can even dig into the details to see who we caught trying to track you. Privacy, simplified. About...
Read more

What is Secure Sockets Layer (SSL) and How it Works

-
Image
What is Secure Sockets Layer (SSL) and How it Works Secure Sockets Layer (SSL) is the most widely used technology for providing a secure communication between the web client and the web server. Most of us are familiar with many sites such as Gmail, Yahoo etc. using https protocol in their login pages. When we see this, we may wonder what’s the difference between http and https. In simple words, a HTTP protocol is used for standard communication between the Web server and the client. HTTPS is used for a “Secure communication”. Working of HTTP: When A sends a message to B, the message is sent as a plain text in an unencrypted manner. This is acceptable in normal situations where the messages exchanged are not confidential. But, imagine a situation where A sends a PASSWORD to B. In this case, the password is also sent as a plain text. This has a serious security problem because, if an intruder (hacker) can gain unauthorized access to the ongoing communication between Aand B , he can...
Read more