1. Define ethical hacking
1.1. Ethical hacking and ethical hacker are terms used to describe hacking performed by a company or individual to help identify potential threats on a computer or network.
2. system hacking cycle
2.1. system hacking cycle
3. ethical hacker
3.1. An ethical hacker is an individual hired to hack into a system to identify and repair potential vulnerabilities, effectively preventing exploitation by malicious hackers.
4. ways to conduct ethical hacking
4.1. Step 1: Formulating Your Plan
4.1.1. Approval for ethical hacking is essential. Make what you're doing known and visible at least to the decision makers. Obtaining sponsorship of the project is the first step.
4.2. Step 2: Do Some Recon
4.2.1. Find out what your target is doing. What are you up against? Size up your opponent (or rather thing) before you launch your attack. You can do some reconnaissance work by analyzing the network traffic of the target.
4.3. Step 3: Launch the Attack
4.3.1. Time and patience are important. Be careful when you're performing your ethical hacking tests. A hacker in your network or a seemingly benign employee looking over your shoulder may watch what's going on and use this information against you.
4.3.1.1. 1. Search the Internet for your organization's name, your computer and network system names, and your IP addresses. 2. Narrow your scope, targeting the specific systems you're testing.Whether you're assessing physical security structures or Web applications, a casual assessment can turn up a lot of information about your systems. 3. Further narrow your focus with a more critical eye. Perform actual scans and other detailed tests to uncover vulnerabilities on your systems. 4. Perform the attacks and exploit any vulnerabilities you've found, if that's what you choose to do.
4.4. Step 4: Evaluate the Results
4.4.1. Assess your results to see what you uncovered, assuming that the vulnerabilities haven't been made obvious before now. This is where knowledge counts. Evaluating the results and correlating the specific vulnerabilities discovered is a skill that gets better with experience. You'll end up knowing your systems much better than anyone else.
5. rules in ethical hacking
5.1. Expressed (often written) permission to probe the network and attempt to identify potential security risks.
5.2. You respect the individual's or company's privacy.
5.3. You close out your work, not leaving anything open for you or someone else to exploit at a later time.
5.4. You let the software developer or hardware manufacturer know of any security vulnerabilities you locate in their software or hardware, if not already known by the company.
6. crackers VS hackers
7. system hacking
7.1. System hacking is the way hackers get access to individual computers on a network.
8. testing types:
8.1. White Box
8.1.1. Refers to a software application used to measure the internal behaviors of a currently running program. Developed in the early 1970's, when using the white box the user must have an understanding of the design of the program and requires a black box for a complete test.
8.2. Black Box
8.2.1. Device commonly used in the early 1970's, a black box, is a testing technique where the individual testing the program examines the input and outputs of the program. This person does not need to know about the inner workings of the program, just a basic understanding of how the program works to ensure the program functions properly.
8.3. Grey Box
8.3.1. The testing of software with limited knowledge of its internal workings. Gray box testing is an ethical hacking technique where the hacker has to use limited information to identify the strengths and weaknesses of a target's security network