Introduction

Posted on by

Ethical hacking is about going into the vulnerability of a software or a website without breaking the law.
There are 3 types of ethical hackers, which are:
– Ethical Hackers.
They are the one hired by companies to do penetration testing.
– Penetration Test.
They are to report about their findings about the vulnerabilities in the security of the network in the company that they are hired at by legally attempting to break into the company network.
– Security Test.
Attempt to break in into the company’s network and analyze the procedure and security and offer a solution.

Hackers and Crackers are not the same!
Hackers are going through a computer system without the permission of the owner, which is illegal and their attempt might bring them to jail. While crackers, not only they go through a computer system, they steal and destroy the data inside it. And ethical hackers may be able to do what hackers did but with permission and do not go against the law.

There are many type of hackers. One of them is the inexperienced one, they use an open source code or technique that are available online, they are called script kiddies or packet monkey. Other is the experienced penetration tester, they can make their own code which mostly use Perl, python or C. Or some may make their own script.

There are 3 types of penetration testing methodologies:
– White Box Model.
They have an easier job due to being able to know the structure of the network and information are able to be asked in an interview with the IT personnel and other employees.
– Black Box Model.
They have a more hard time in these due to not able to gather the necessary information from the company’s employees. And the employees does not know about the test. Usually to test if the IT personnel or other employees are able to detect the attack.
– Gray Box Model.
This is a mix of both the white and black box model. They are able to gain some information given by the company.

For a penetration tester, they need to know what they are testing, analyzing how they are supposed to do the attack, and report to the company of their findings.
These are some common techniques:
– research
– network mapping and OS fingerprinting
– network sniffing
– brute force
– vulnerability scanning

To be an ethical hacker, you need to get a certificate.

Leave a Reply

Your email address will not be published. Required fields are marked *