We will cover the basics of hacking, types of hackers, and phases of ethical hacking in this article. It’s a complete beginner-friendly article.
What is Hacking?
Hacking is the art find vulnerability or weaknesses in a system and exploiting the system to gain access to personal or financial data. And the one who performs it is called a hacker.
If you want to learn Ethical Hacking at an advanced level to get from a complete beginner to an expert ethical hacker, you can try the most affordable option Advanced Ethical Hacking and Penetration Testing Course.
Get Advanced Ethical Hacking and Penetration Testing Course
Types of hackers
There are many types of hackers; I will explain only important ones here which you need to know.
Black Hat Hackers
Also known as crackers is a type of hacker who exploits and hack into any computer system without authorization with the malicious intent of stealing personal or financial information of any person or organization.
White Hat Hackers
Also known as Ethical Hackers is the type of hacker who finds a vulnerability and exploits the system with permission using the skills of black hat hackers to test and evaluate system security. They also sign a non-disclosure agreement with their client.
Grey Hat Hackers
Hackers who work as ethical hackers in front of everyone but also perform black hat hacking are called grey hat hackers. They don’t have malicious intent like black hat hackers. Sometimes they cross the line of white hat hackers (by breaking laws and ethics), that’s why we classify them in the grey area.
A hacker with no real skills or knowledge of hacking and hacking tools about how it works and use them to gain unauthorized access to the system.
A hacker specialized in smartphone hacking.
Types of hackers who use their hacking skills for any political agenda.
These types of hackers who exploit security systems with malicious intent having any social or religious agenda. There are some skilled cyber terrorist hackers these days.
Hackers hired by govt to use their hacking skills to break into systems mostly for stealing secret information.
The easy way to explain these types of hackers is to imagine someone motivated by anger to have revenge on any person or any organization using hacking tools and skills. They mostly don’t fear if they get caught while hacking or planting malware.
In simple terms, a red team is a group of white hat hackers who hack into any organization or system and gain access to evaluate its security and provide feedback.
Then there is also a blue team that is concerned with maintaining the security of the internal network and assets of any organization and protecting from threats.
Also, anyone can be classified into one or two categories.
Let me know if there are any other types of hackers by commenting on this article.
Since we are starting the series on learning ethical hacking, let’s see how ethical hacking works.
Five Phases of Ethical Hacking
Usually, ethical hacking is done in these five phases or steps.
Also known as reconnaissance is the first phase or first step of ethical hacking in which you gather all the information about the targeted organization or person which is going to help in scanning and exploitation. You need to gather information like IP Addresses, emails, login portals, web pages and history, servers, operating systems, which apps are running, location, employee details, pages, domain names, subdomains, etc.
Now there are two ways to gather information. Passive information gathering is retrieving information about the target without making any direct contact with them like using forums, blogs, social media, etc. And active information Gathering is when you establish a connection with the target to get more information.
This is the second phase of ethical hacking where you have to scan for open ports, apps, and vulnerabilities to find potential weaknesses in the system which can be used to hack into the system and gain access. Scanning is done using information collected in the first phase of information gathering. The goal of scanning is host discovery, port scanning, and vulnerability scanning.
Using the information you gathered and weaknesses you found in the system during scanning we move on to the next phase which exploiting the system vulnerabilities and gaining access. You also escalate your system privileges after gaining access to get further access to confidential data and test the system security.
After gaining access, the next phase or step is to maintain your access by planting some rootkits or backdoors so that you don’t have to hack the system and go over the process again to gain access to the system. It makes it easy to gain access whenever you want.
The last phase of ethical hacking is to cover or erase all logs, tracks, and proofs of your hacks into the system.
So this is the first article in our series of learning ethical hacking. Please subscribe to the email newsletter or follow us on our social media pages to get the latest updates as soon as they are published. Also, share this post if you liked it.