Phases of Ethical Hacking
What are Phases of Ethical Hacking
Ethical Hacking is divided into distinct phases. Ethical hacking has 6 distinct phases. These phases are not strict rules, but more like a guideline to be followed. Not necessarily a hacker has to follow these 5 steps in a sequential manner. It’s a stepwise process and when followed yields a better result.
- Reconnaissance
- Scanning
- Gaining Access
- Maintaining Access
- Clearing Tracks
- Reporting
Reconnaissance
Reconnaissance is the process of information gathering. In reconnaissance phase, the hacker gathers relevant information regarding the target system. These include detecting services, operating systems, packet-hops to reach the system, IP configuration etc. Various tools like Nmap, Hping, Google Dorks etc are used for reconnaissance purposes.
Scanning
In the this phase, the hacker begins to actively probe the target machine or network for vulnerabilities that can be exploited. Tools like Nessus, Nexpose, and NMAP are widely used by hackers in this process.
Gaining Access
In Gain Access phase, the vulnerability located during scanning is exploited using various methods and the hacker tries to enter the target system without raising any alarms. The primary tool that is used in this process is Metasploit.
Maintaining Access
In Maintaining Access phase, the hacker installs various backdoors and payloads onto the target system. Payload is a term used for activities performed on a system after gaining unauthorized access. Backdoors help the hacker gaining quicker access onto the target system in the future.
Clearing Tracks
In this phase Ethical Hacker compiles a report with his findings and the job that was done such as the tools used, the success rate, vulnerabilities found, and the exploit processes.