The Five Stages of Ethical Hacking

In these five stages, we actually start with
1- Reconnaissance:
this stage is also known as Information gathering, there are two different types of Recon. Active and Passive
- Passive Recon. : when you going to google and search for something, say you are given a client and you are looking there Linkedin accounts, pictures, employees names, etc. this all passive you’re not actually going to the company website and doing something active against it.
- Active Recon. : It is a more direct approach. when you actually interact directly with the company website and doing digging into it, it is kind of falls with the second phase which is scanning and enumeration, that is when you go out and take tools such as Nmap, Nessus, Nikto. etc.

2- Scanning & Enumeration:
This is when we looking for open ports, vulnerabilities, etc. what returns in these results when we do the scanning, we also perform what is called enumeration, enumeration is just looking at items and digging into them to see if you can find anything of a value say that there is a web server running on port 80, we see port 80 is open and running something like Apache 1.2 which will be really outdated, we would go to google and we would ask google if there is any exploit for Apache 1.2 version and we will do research that is Enum.

{ if you still have confusion between Recon. and Enum. we can say Recon. you’re looking for targets to attack, Enum you’re looking at the target for what you can exploit }

3- Gaining Access:
this is also known as exploitation, we will run exploit against the client or against the vulnerable server or whatever it may be to try to gain access into a machine or a network, when we have that access the process starts to repeat and we would do Scanning & Enumeration again and again.

4- Maintaining Access:
what if we kicked out or a user shuts down their computer how we maintain that access, so that when they turn their computer back on we still have access to it.

5- Covering Tracks:
you want to delete any logs that you may leave behind, you want to delete any kind of malware that you upload which is more important as pentester or any account that you create for any reason, you just want to clean up.

In the end, The tools may changes the attack method may change but the overall methodology is always the same.

$$ Please Use This Information For Ethical Purposes $$




Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

ARPA x AWS | Bring Mass Adoption To Privacy-Preserving Computation

How a hacker took over a business via changing the government records of the company

The CyberSecurity Review | Technology Magazine for Cybersecurity

{UPDATE} Kangaroo :: SC Hack Free Resources Generator

Geolocation `Attack`: Entrapping your anonymous opponent online

Why the Cybersecurity Community Should Adopt Pro Bono Services to Assist Their Community

{UPDATE} Connect Fruits Hack Free Resources Generator

Fact-Checking the “No on Prop 24 Ballot Argument”: Part 1

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Abdullah Baghuth

Abdullah Baghuth

More from Medium

With Great Power…

8 Important Questions To Ask Your Cybersecurity Integrator Before Signing

ASCII hacker GIF — at his desk and hacking — cybersecurity concept

Cybersecurity And Much More Newsletter — Week 03 (2022)

OSINT: Do I have to Capture The Flag(CTF)? Pt1.

A simple flag laying on wood. Chosen to represent the simple CTF we are creating but also it’s a flag and that seemed like a good leading image given the title of the article.