Search For Tutorial

Monday, 19 September 2016

Five phases or steps to successfully perform ethical hacking

Posted by Vijay Jangra
Hello friends, In this post i will tell you the steps or phases of ethical hacking and penetration testing. Basically, in this post you will get the answer of most frequently asked question how to do ethical hacking or how ethical hacking should be done.


Whole process of ethical hacking and penetration testing is divided into five phases or steps. Every ethical hacker must follow these steps to complete security audit in most reliable way. OK, what these steps are, these are Information Gathering, Scanning, Gaining Access, Maintaining access and Covering tracks.

Lets learn about these steps more deeply.


Information Gathering:- Also known as Reconnaissance is most important and time consuming step of hacking. Because gaining more information about target helps in later attacks like password cracking, social engineering etc. And this is why this step is so important. I am calling it time consuming because it takes much  to time collect information about target.

In this step, hacker collect information about target organisations website, perform who is queries, information about type and size of organisation, their web servers, Operating Systems etc. Hacker can collect this type of information from various online and offline resources like Google searches, Social Engineering, Who Is queries etc.

Scanning:- This is the second step of hacking. In this step, an ethical hacker perform scanning against target systems and collect information about open and closed ports, vulnerabilities, operating systems, services running on target system etc.

Gaining Access :- After collecting enough information and discovering open ports and vulnerabilities, this is where real hacking starts. This step includes exploiting or hacking the system with the help of some tools, scripts and vulnerability scanned in last process. In this step, basically, hacker will gain access to particular target or service running on target, tries to escalate privileges, crack passwords modify files or perform the desired task.

Read More - Best website to start learning ethical hacking

Maintaining Access:- The process takes whole time to hack a system. So to avoid wastage of time a hacker can install some backdoor and root kits on compromised system or network to easily gain access next time.

Covering Tracks :- This is last step performed by hacker after performing or achieving objectives. This step includes deleting or manipulating log files, hiding data using steganography tools to avoid detection of signs of unauthorized access.

So, This is the whole process performed by ethical hackers and penetration testers for security audit. And this was also the answer of questions like how to do ethical hacking or how ethical hacking should be done. These are steps or phases of ethical hacking and penetration testing.


Read  More :- Learn dns spoofing

2 comments: