Five Phases of Ethical Hacking

Posted on by

The word hacking itself may be controversial, as it is often associated with the criminals in the computer world. However, an ethical hacker is exactly the opposite of it. Ethical hackers help clients by detecting weaknesses and vulnerabilities. The steps are pretty much the same with regular hacking, but what differentiates it is the purpose and intention. Even though ethical hacking would not be used to compromise any data and would not put you in danger, both physically and legally, it still needs to be done professionally and step by step. So here are the 5 phases of ethical hacking.

  1. Reconnaissance: This is the step where you decide who your target would be. The social engineering would also be done in this stage. We’ve already talked about social engineering in another post, so be sure to check it out!
  2. Scanning. This is the part where you scan the target’s weaknesses and vulnerabilities. One of the methods is by Port Scanning. We’ve also talked about Port Scanning in another post as well! Once you find a vulnerability, we will use said vulnerability to move onto the next step.
  3. Gaining Access. After you have found a vulnerability now it is time to gain access into your targets computer. Kali Linux is an amazing tool to help you with that. It has so many uses, but you still have to learn a few command syntaxes. To see how to download it, again, refer to one of our posts.
  4. Maintaining Access. Simply gaining access is not enough if you are trying to meddle with your target’s computer. Maintaining access is important if you wish to maximize the results of your ethical hacking. This could also mean that you could know exactly and in detail of what the vulnerability is and how to prevent it from being exploited by unethical hackers. And no, unfortunately we haven’t written a post regarding how to do that.
  5. Covering Tracks. Even if you are an ethical hacker it is still wise to cover your tracks. By doing so, you can tell your clients how you covered your tracks. Similarly, you can tell your clients how to spot hackers who have covered their tracks.

 

Written by Adrian Alexander and Charottama Oshmar