Skip to main content

Concept of hacking,phases and its types in securetecho

1.3 Hacking Concepts, Types, and Phases in securetecho

What is Hacking?

  • Hacking refers to exploiting system vulnerabilities and compromising security controls to gain unauthorized or inappropriate access to the system resources.
  • It involves modifying system or application features to achieve a goal outside of the creator's original purpose.
  • Hacking can be used to steal, pilfer, and redistribute intellectual property leading to business loss.

Who is a Hacking?

  • Intelligent individuals with excellent computer skills, with the ability to create and explore into the computer's software and hardware.
  • For some hackers, hacking is a hobby to see how many computers or networks they can compromise.
  • Their intention can either be to gain knowledge or to poke around to do illegal things.
  • Some do hacking with malicious intent behind their escapades, like stealing business data, credit card information, social security numbers, email passwords, etc.

Hacker Classes

  • Black Hats: Individuals with extraordinary computing skills, resorting to malicious or destructive activities and are also known as crackers.
  • White Hats: Individuals professing hacker skills and using them for defensive purposes and are also known as security analysts.
  • Gray Hats: Individuals who work both offensively and defensively at various times.
  • Suicide Hackers: Individuals who aim to bring down critical infrastructure for a "cause" and are not worried about facing jail terms or any other kind of punishment.
  • Script Kiddies: An unskilled hacker who compromises system by running scripts, tools, and software developed by real hackers.
  • Cyber Terrorists: Individuals with wide range of skills, motivated by religious or political beliefs to create fear by large-scale disruption of computer networks.
  • State Sponsored Hackers: Individuals employed by the government to penetrate and gain top-secret information and to damage information systems of other governments.
  • Hacktivist: Individuals who promote a political agenda by hacking, especially by defacing or disabling websites.

Hacking Phases: Reconnaissance

  • Reconnaissance refers to the preparatory phase where an attacker seeks to gather information about a target prior to launching an attack.
  • Could be the future point of return, noted for ease of entry for an attack when more about the target is known on a broad scale.
  • Reconnaissance target range may include the target organization's clients, employees, operations, network, and systems.
  • Reconnaissance Types:
    • Passive Reconnaissance:
      • Passive Reconnaissance involves acquiring information without directly interacting with the target.
      • For example, searching public records or news releases.
    • Active Reconnaissance:
      • Active Reconnaissance involves interacting with the target directly by any means.
      • For example, telephone calls to the help desk or technical department.

Hacking Phases: Scanning

  • Pre-Attacks Phase: Scanning refers to the pre-attack phase when the attacker scans the network for specific information on the basis of information gathered during reconnaissance.
  • Port Scanner: Scanning can include use of dialers, port scanners, network mappers, ping tools, vulnerability scanners, etc.
  • Extract Information: Attackers extract information such as live machines, port, port status, OS details, device type, system uptime, etc. to launch attack.

Hacking Phases: Gaining Access

  • Gaining access refers to the point where the attacker obtains access to the operating system or applications on the computer or network.
  • The attacker can gain access at operating system level, application level, or network level.
  • The attacker can escalate privileges to obtain complete control of the system. In the process, intermediate systems that are connected to it are also compromised.
  • Example include password cracking, buffer overflows, denial of service, session hijacking, etc.

Hacking Phases: Maintaining Access

  • Maintaining access refers to the phase when the attacker tries to retain his or her ownership of the system.
  • Attackers may prevent the system from being owned by other attackers by securing their exclusive access with Backdoors, RootKits, or Trojans.
  • Attackers can upload, download, or manipulate data, applications, and configurations on the owned system.
  • Attackers use the compromised system to launch further attacks.

Hacking Phases: Clearing Tracks

  • Covering tracks refers to the activities carried out by an attacker to hide malicious acts.
  • The attacker's intentions include: Continuing access to the victim's system, remaining unnoticed and uncaught, deleting evidence that might lead to his prosecution.
  • The attacker overwrites the server, system, and application logs to avoid suspicion.
  • Attackers always cover tracks to hide their identity.

WE CAN LEARN ABOUT PROFASSIONAL HACKING VISIT ON MY SITE SECURETECHO.

Comments

Post a Comment

Popular posts from this blog

10 Best Ways to Track a Location by Mobile Number || Securetecho

Tracking a mobile phone's location through its contact number that might seem impossible at first, but it doesn’t have to be. It’s quite simple, there are two alternates to do so: 1)Using a mobile phone lookup service 2)Using a spy software In this paragraph, you will learn how to use it, and what to expect, and we will give you a list of the top 10 spy software in the market today. Numlooker - an excellent software for contact number tracking WhoCallMe - scan the deep web and conduct comprehensive social sites searches USPhoneSearch - includes all the basic features you need when tracking a contact number. USPhoneLookup - an excellent service that help you in finding out who is calling within minutes TheNumberLookup - allows you to instantly identify the caller and get access to all the available information about him. WhatIsThisNumber - the most standard and convenient reverse phone lookup service Spokeo - experience the expert service of phone lookup CocoSpy - access a phone mon...
Post a Comment
Read more

Ethical hacking with full description in securetecho

                           ETHICAL HACKING Ethical hacking  refers to the act of locating weaknesses and vulnerabilities of computer and information systems by duplicating the intent and actions of malicious  hackers .  Ethical hacking  is also known as penetration testing. An  ethical  hacker is a computer and networking expert who systematically attempts to penetrate a computer system or network on behalf of its owners for the purpose of finding security vulnerabilities that a malicious hacker could potentially exploit. TOOLS FOR ETHICAL HACKING:               NMAP. Nmap stands for Network Mapper. ...     Metasploit. Metasploit is one of the most powerful exploit tools. ...     Burp Suit. Burp Suite is a popular platform that is widely used for performing security            testing ...
1 comment
Read more

CEH V9 Module in securetecho

CEH_v9              Introduction  in securetecho Chapter 01. Introduction to Ethical Hacking 1.1 Information Security Overview 1.2 Information Security Threats and Attack Vectors 1.3 Hacking Concepts, Types, and Phases 1.4 Ethical Hacking Concepts and Scope 1.5 Information Security Controls 1.6 Information Security Laws and Standards Module Summary Chapter 02. Footprinting and Reconnaissance 2.1 Footprinting Concepts 2.2 Footprinting Methodology 2.2.1 Footprinting through Search Engines 2.2.2 Footprinting Using Advanced Google Hacking Techniques 2.2.3 Footprinting through Social Networking Sites 2.2.4 Website Footprinting 2.2.5 Email Footprinting 2.2.6 Competitive Intelligence 2.2.7 WHOIS Footprinting 2.2.8 DNS Footprinting 2.2.9 Network Footprinting 2.2.10 Footprinting through Social Engineering 2.3 Footprinting Tools 2.4 Footprinting Countermeasure...
Post a Comment
Read more