Skip to main content

Phases of Ethical Hacking








Planning and Reconnaissance:

The first step in ethical hacking is to define the scope and goals of a test as well as the testing methods to be followed. It also addresses intelligence to understand the potential vulnerabilities and how a target works. The prospective footprinting is made through search engines, web services, social network sites, DNS, email, network, etc. by using footprinting tools.

Scanning:

In the second step, scanning is performed to understand how a target reacts to various intrusion attempts, in two ways – when the application’s code is static and when the application’s code is functioning. The later is the most practical way to understand the application’s performance in real-time.

Gaining Access:

This is a crucial step where the web application is attacked using SQL injections, cross-site scripting, backdoors, etc. to find the vulnerabilities and then exploit them by stealing, intercepting traffic, and interfering privileges to understand the amount of damage that it can cause.

Maintaining Access:

In this step of penetration testing, the vulnerability is used as a persistent presence for a long duration in the infected system in order to steal sensitive information or to spread inside the network, quickly gaining access to the server.

Analysis:

The final stage of a penetration test is to compile the result by analyzing and commenting about the vulnerabilities exploited, access to the data, and the amount of time that the tester can remain unnoticed in the system.
Location: Guna, Madhya Pradesh, India

Comments

Post a Comment

Popular posts from this blog

Top 20 Tools for Ethical hacking in 2020

What are Hacking Tools? Hacking Tools are computer programs and scripts that help you find and exploit weaknesses in computer systems, web applications, servers and networks. There is a variety of such tools available on the market. Some of them are open source while others are commercial solution. In this list we highlight the top 20 tools for Ethical Hacking of web applications, servers and networks 1)  Netsparker Netsparker  is an easy to use web application security scanner that can automatically find SQL Injection, XSS and other vulnerabilities in your web applications and web services. It is available as on-premises and SAAS solution. Features Dead accurate vulnerability detection with the unique Proof-Based Scanning Technology. Minimal configuration required. Scanner automatically detects URL rewrite rules, custom 404 error pages. REST API for seamless integration with the SDLC, bug tracking systems etc. Fully scalable solution. Scan 1,000 web application...
Post a Comment
Read more

CompTIA Certification Guide: Career Paths & Study Material

CompTIA Certification Guide: Career Paths & Study Material What is CompTIA Certification? CompTIA certifications  course are considered one of the most trusted credentials in the IT industry as it accurately reflects employee success. CompTIA engages international focus groups and IT leaders from around the world that define various certification programs and helps you to create CompTIA certification exams. How to start a career with CompTIA certifications? If you are looking to start an IT career with a renowned certification, which has global recognition and ready-for acceptance by the employers, then CompTIA certification is the best way to start. This certification helps you to build critical thinking and problem-solving abilities, which is imperative in the modern enterprise network. The certification programs come in easy-to-learn ways to suit your time and convenience. You could take up a self-study or instruction-based learning. It is also meant for stu...
Post a Comment
Read more

Kali Linux Tutorial: What is, Install, Utilize Metasploit and Nmap

Kali Linux Tutorial: What is, Install, Utilize Metasploit and Nmap What is Kali Linux? Kali Linux is a Security Distribution of Linux specifically designed for digital forensics and penetration testing. It was developed by Mati Aharoni and Devon Kearns of Offensive Security through the rewrite of BackTrack. BackTrack was their previous information security Operating System. The first iteration of Kali Linux was Kali 1.0.0 was introduced in March 2013. Offensive Security currently funds and supports Kalin Linux. If you were to visit Kali's website today ( www.kali.org ), you would see a large banner stating, "Our Most Advanced Penetration Testing Distribution, Ever." A very bold statement that ironically has yet to be disproven. Kali Linux has over 600 preinstalled penetration-testing applications to discover. Each program with its unique flexibility and use case. Kali Linux does excellent job separating these useful utilities into the following categories: In...
Post a Comment
Read more