Ethical Hacking - Process

The process of ethical hacking can be broken down into six distinct phases.

Phase 1Information Gathering : Information Gathering is one of the initial stages of the ethical hacking methodology . It is used to collect as much information as possible about the target system and/or network. The tools that are widely used in this process are NMAP, Maltego, and Google Dorks etc.

Phase 2Scanning and Enumeration : In this process, the attacker begins to actively or passively probe a target machine or network for vulnerabilities that can be exploited. The tools used in this process are NMAP, Burp-Suite and Nessus etc.

Phase 3Gaining Access : In this process, the attacker exploits the vulnerability to enter into the target system. The most commonly used tool is Metaspolit.

Phase 4Maintaining Access : After successfully compromising a system, the attacker installs some backdoors in order to enter into the system when he needs access in this owned system in future.

Phase 5Covering Tracks : To avoid the intrusion being detected, it may be possible to erase log files etc.

Phase 6Reporting : Reporting is the last step of finishing the ethical hacking process. Here the Ethical Hacker generates a report with his findings vulnerabilities, tools used, the success rate, and the exploit processes.