The Five Stages of Ethical Hacking

Please Use This Information For Ethical Purposes

Abdullah Baghuth
2 min readNov 22, 2020

In these five stages, we actually start with
1- Reconnaissance:
this stage is also known as Information gathering, there are two different types of Recon. Active and Passive
- Passive Recon. : when you going to google and search for something, say you are given a client and you are looking there Linkedin accounts, pictures, employees names, etc. this all passive you’re not actually going to the company website and doing something active against it.
- Active Recon. : It is a more direct approach. when you actually interact directly with the company website and doing digging into it, it is kind of falls with the second phase which is scanning and enumeration, that is when you go out and take tools such as Nmap, Nessus, Nikto. etc.

2- Scanning & Enumeration:
This is when we looking for open ports, vulnerabilities, etc. what returns in these results when we do the scanning, we also perform what is called enumeration, enumeration is just looking at items and digging into them to see if you can find anything of a value say that there is a web server running on port 80, we see port 80 is open and running something like Apache 1.2 which will be really outdated, we would go to google and we would ask google if there is any exploit for Apache 1.2 version and we will do research that is Enum.

{ if you still have confusion between Recon. and Enum. we can say Recon. you’re looking for targets to attack, Enum you’re looking at the target for what you can exploit }

3- Gaining Access:
this is also known as exploitation, we will run exploit against the client or against the vulnerable server or whatever it may be to try to gain access into a machine or a network, when we have that access the process starts to repeat and we would do Scanning & Enumeration again and again.

4- Maintaining Access:
what if we kicked out or a user shuts down their computer how we maintain that access, so that when they turn their computer back on we still have access to it.

5- Covering Tracks:
you want to delete any logs that you may leave behind, you want to delete any kind of malware that you upload which is more important as pentester or any account that you create for any reason, you just want to clean up.

In the end, The tools may changes the attack method may change but the overall methodology is always the same.

$$ Please Use This Information For Ethical Purposes $$