Skip to main content

Concept of hacking,phases and its types in securetecho

1.3 Hacking Concepts, Types, and Phases in securetecho

What is Hacking?

  • Hacking refers to exploiting system vulnerabilities and compromising security controls to gain unauthorized or inappropriate access to the system resources.
  • It involves modifying system or application features to achieve a goal outside of the creator's original purpose.
  • Hacking can be used to steal, pilfer, and redistribute intellectual property leading to business loss.

Who is a Hacking?

  • Intelligent individuals with excellent computer skills, with the ability to create and explore into the computer's software and hardware.
  • For some hackers, hacking is a hobby to see how many computers or networks they can compromise.
  • Their intention can either be to gain knowledge or to poke around to do illegal things.
  • Some do hacking with malicious intent behind their escapades, like stealing business data, credit card information, social security numbers, email passwords, etc.

Hacker Classes

  • Black Hats: Individuals with extraordinary computing skills, resorting to malicious or destructive activities and are also known as crackers.
  • White Hats: Individuals professing hacker skills and using them for defensive purposes and are also known as security analysts.
  • Gray Hats: Individuals who work both offensively and defensively at various times.
  • Suicide Hackers: Individuals who aim to bring down critical infrastructure for a "cause" and are not worried about facing jail terms or any other kind of punishment.
  • Script Kiddies: An unskilled hacker who compromises system by running scripts, tools, and software developed by real hackers.
  • Cyber Terrorists: Individuals with wide range of skills, motivated by religious or political beliefs to create fear by large-scale disruption of computer networks.
  • State Sponsored Hackers: Individuals employed by the government to penetrate and gain top-secret information and to damage information systems of other governments.
  • Hacktivist: Individuals who promote a political agenda by hacking, especially by defacing or disabling websites.

Hacking Phases: Reconnaissance

  • Reconnaissance refers to the preparatory phase where an attacker seeks to gather information about a target prior to launching an attack.
  • Could be the future point of return, noted for ease of entry for an attack when more about the target is known on a broad scale.
  • Reconnaissance target range may include the target organization's clients, employees, operations, network, and systems.
  • Reconnaissance Types:
    • Passive Reconnaissance:
      • Passive Reconnaissance involves acquiring information without directly interacting with the target.
      • For example, searching public records or news releases.
    • Active Reconnaissance:
      • Active Reconnaissance involves interacting with the target directly by any means.
      • For example, telephone calls to the help desk or technical department.

Hacking Phases: Scanning

  • Pre-Attacks Phase: Scanning refers to the pre-attack phase when the attacker scans the network for specific information on the basis of information gathered during reconnaissance.
  • Port Scanner: Scanning can include use of dialers, port scanners, network mappers, ping tools, vulnerability scanners, etc.
  • Extract Information: Attackers extract information such as live machines, port, port status, OS details, device type, system uptime, etc. to launch attack.

Hacking Phases: Gaining Access

  • Gaining access refers to the point where the attacker obtains access to the operating system or applications on the computer or network.
  • The attacker can gain access at operating system level, application level, or network level.
  • The attacker can escalate privileges to obtain complete control of the system. In the process, intermediate systems that are connected to it are also compromised.
  • Example include password cracking, buffer overflows, denial of service, session hijacking, etc.

Hacking Phases: Maintaining Access

  • Maintaining access refers to the phase when the attacker tries to retain his or her ownership of the system.
  • Attackers may prevent the system from being owned by other attackers by securing their exclusive access with Backdoors, RootKits, or Trojans.
  • Attackers can upload, download, or manipulate data, applications, and configurations on the owned system.
  • Attackers use the compromised system to launch further attacks.

Hacking Phases: Clearing Tracks

  • Covering tracks refers to the activities carried out by an attacker to hide malicious acts.
  • The attacker's intentions include: Continuing access to the victim's system, remaining unnoticed and uncaught, deleting evidence that might lead to his prosecution.
  • The attacker overwrites the server, system, and application logs to avoid suspicion.
  • Attackers always cover tracks to hide their identity.

WE CAN LEARN ABOUT PROFASSIONAL HACKING VISIT ON MY SITE SECURETECHO.

Comments

Post a Comment

Popular posts from this blog

Ethical hacking with full description in securetecho

                           ETHICAL HACKING Ethical hacking  refers to the act of locating weaknesses and vulnerabilities of computer and information systems by duplicating the intent and actions of malicious  hackers .  Ethical hacking  is also known as penetration testing. An  ethical  hacker is a computer and networking expert who systematically attempts to penetrate a computer system or network on behalf of its owners for the purpose of finding security vulnerabilities that a malicious hacker could potentially exploit. TOOLS FOR ETHICAL HACKING:               NMAP. Nmap stands for Network Mapper. ...     Metasploit. Metasploit is one of the most powerful exploit tools. ...     Burp Suit. Burp Suite is a popular platform that is widely used for performing security            testing ...
1 comment
Read more

10 Best Ways to Track a Location by Mobile Number || Securetecho

Tracking a mobile phone's location through its contact number that might seem impossible at first, but it doesn’t have to be. It’s quite simple, there are two alternates to do so: 1)Using a mobile phone lookup service 2)Using a spy software In this paragraph, you will learn how to use it, and what to expect, and we will give you a list of the top 10 spy software in the market today. Numlooker - an excellent software for contact number tracking WhoCallMe - scan the deep web and conduct comprehensive social sites searches USPhoneSearch - includes all the basic features you need when tracking a contact number. USPhoneLookup - an excellent service that help you in finding out who is calling within minutes TheNumberLookup - allows you to instantly identify the caller and get access to all the available information about him. WhatIsThisNumber - the most standard and convenient reverse phone lookup service Spokeo - experience the expert service of phone lookup CocoSpy - access a phone mon...
Post a Comment
Read more

How to prevent from online Money Froud

Here are 8 tips to use internet banking safely: 1. Always use Up-to-date anti-virus To protect your computer from phishing, malware, and other security threats always use Up-to-date anti-virus. Anti-virus helps in detecting and removing spyware that can steal your sensitive information 2. Avoid Using Public Wi-Fi or Use VPN software The biggest threat of an open Wi-Fi network is that the hacker can sit in between the end user and the hotspot and can trace all the data without any difficulty. Hackers see unsecured connection as an opportunity to introduce malware into your device. So, usage of public Wi-Fi hotspots for internet or mobile banking and making payments on ecommerce sites should be avoided. However if you are a regular public Wi-Fi user, consider setting up a VPN software on your computer. It creates a secure tunnel between the computer and the internet and prevents hackers from intercepting the traffic. 3. Check for latest updates of your Smartphone's operating system S...
Post a Comment
Read more