Steps Involved In Hacking

As mentioned earlier ethical hacker takes same steps as malicious hacker. Following are different steps that are performed during hacking.

1.Reconnaissance:
This step involves gathering potential information about target system. In fact hacker spends 90% of time for this phase only and next 10% time for rest of the steps.

2.Scanning:
During this phase network is scanned for vulnerability.

3.Gaining Access:
This is the step where real hacking takes place. Hacker takes advantage of vulnerability found in scanning phase and penetrates the victim system.

4.Maintaining Access:
After gaining access hacker makes provision to come back by planting root-kit and backdoor.

5.Covering Tracks:
In this phase hacker removes all traces of his/her presence in system by removing log files and event logs.

skills required by hacker

Skills Required For A Hacker

Following are some must know things for a hacker or you can say requirements of hacker.

Operating System:
As a hacker you must have upper hand skills in Operating systems Windows, Linux and Unix. Once you master Linux and Unix you'll hardly face problem getting yourself on MAC. As we'll move further we will cover both of them in short and then slowly move our level to advanced.

Networking:
A hacker must have expertise in field of networking even if you don't have them you must be knowing about some basic terms used in networking. Please click on following links and try to grasp topics as thoroughly as you can.
OSI Model/Internet Protocol Stack
Network Topology
The reality is that a hacker should know networking to best level. Just knowing above terms is not sufficient though you'll not encounter that much problem while learning. We still recommend you buying a book on networking that should cover networking to level of pin points. My personal favor is to book Data Communication And Networking by Behrouz Forouzan if you want to start. Click on following link to know more, read people's view or if you want to purchase.

Data Communications and Networking (McGraw-Hill Forouzan Networking)


Knowledge About Setting Up And Configuring Servers:
Yes that is necessary for a hacker so when we will move ahead with flow. We will cover configuring IIS 7, Apache, Vertrigo on Windows and Apache on Linux. Both HTTP and FTP servers will be covered.

Programming:
Absolutely no one can deny all best hackers in world have master hand in programming. Following are must know programming languages but you can even make things work even if you don't know them. In any case I would recommend you learn programming.
HTML, C, C++, Java, SQL, Python, Perl, PHP and Ruby.
At most basic level my advise will be you must know HTML, C, SQL, PHP and ruby.

Tools:
Backtrack is platform which is specially crafted and designed for penetration testing. Metasploit is framework that is used to create and experiment with exploits and payloads. Both are must for a hacker today. Alternative to Backtrack is Knoppix Security Edition and Mautrix, if you master Bactrack you'll easily master both of them. So I will not leave them apart from our list, we'll also cover them.

Introduction of hacking

Ethical Hacking | An Introduction

________________________________________

Whenever term hacker comes before many people consider it as a guy sitting inside a room or garage with a bottle or beer and a Laptop or Desktop doing wonders on click of buttons. But the reality check is hacking is not that easy as portrayed in movies and television and term hacker doesn't mean a computer criminal.

So here first of all we'll clear all our misconceptions related to words hackers and hacking.

From Where This Word Came:

The word hacking has history in late 1960's, the time when computers were nothing but mighty pieces of machines and a computer just meant a machine that can compute. Electrical and Electronics geeks used to optimize circuits to make any system/circuit work faster, better and reliably. The job they used to do on circuits was known as hack. With time computer geeks also started finding way out to optimize their system to work better so in fact hacking was nothing but always a kind of reverse engineering. With time in professional world a word hacker got meaning, a person who is highly skilled in hardware, software and networking components. Then movies started portraying hackers do only dirty works and hence today the word hacker has a negative face according to people. No matter how the word met to a dreadful end a hacker always had all qualities that was first put forward in its definition may the be criminal or ethical. Criminal hackers are also known as Crackers.

Types Of Hackers:

White Hats: White hat hackers are good guys who use their hacking skills for defensive purposes. Organizations and industries pay them high salaries to protect their systems and networks from intrusion.

Black Hats: Black hats are actually bad guys in filed. Their main job is to breach security and make money. They make money by using their hacking skills for offensive purposes.

Grey Hats: Gray hats are hackers who work for offensive and defensive purposes depending on situations. They are hired by people to intrude and protect systems.

Hactivist: A hacktivist is kinda hacker who thinks hacking can bring out some social changes and hacks government and organizations to show his discomfort over some trivial issues.

Suicide Hackers: Suicide hackers are those who hack for some purpose and even don't bother to suffer long term jail due to their activities. They can be bad as well as good.

Script Kiddie: A script kiddie is a person who boasts breaking system using scripts and codes written by others though he hardly knows what the code does.

Phreak: It is a person who tries to intrude systems for fun or malicious personal activities. Mostly they are children of age 12-15 who don't even know wrong consequences of hacking.

Types Of Hacking:

Local Hacking: This type of hacking is done when a hacker has full access to the system to implant a virus, keylogger and RATs

Remote Hacking: Remote hacking is done on a remote system using Internet.

Social Engineering: Social Engineering is kinda interacting skill that a hacker uses to manipulate people giving out sensitive information. Its kinda trick done using good verbal, social skills and understanding.

Terminologies Used Under Hacking:

Threat: A threat is an environment or situation that could lead to a potential breach of security. Ethical hackers look for and prioritize threats when performing a security analysis.

An Exploit: An exploit is a piece of software that takes advantage of a bug, glitch, or vulnerability, leading to unauthorized access, privilege escalation, or denial of service on a computer system.

Vulnerability: A vulnerability is an existence of a software flaw, logic design, or implementation error that can lead to an unexpected and undesirable event executing bad or damaging instructions to the system. In easy word vulnerability is weakness in system.

Payload: Payload is agent that helps in taking advantage of vulnerability in remote hacking.

Attack: An attack occurs when a system is compromised based on a vulnerability.

Types Of Attack:

1.Operating System Attack      

2.Application level Attack

3.Shrink Wrap Code Attack

4.Misconfiguration Attack

Operating system attack is attack done on specific type of OS. Such attack is done using flaws in programs and services shipped with OS. Application level attack is done over faulty coding practices done over software during its development. Shrink Wrap Code attack are attacks done over UN-refined scripts used for making task simpler. Last is misconfiguration attack, it is kinda attack which is done over mis-configured system or a system with default settings.

Work Of An Ethical Hacker:

Job of an ethical hacker is to use all his skills and tools used by malicious hackers to find vulnerabilities in system and then provide it security against those vulnerabilities.

Conclusion: At last what I want to tell, nothing happens in clicks of buttons. A hacker is highly skilled person in field of computing who usually have ample knowledge about software, hardware, OS, networking and programming. A hacker may it be criminal or ethical has immense patience, determination, organization, discipline and persistence. An attacker may spend months of time planning, analyzing and executing an attack. This shows his level of dedication to achieve whatever goal he/she has set. A person can never become a good hacker unless he have all above qualities.

Note: Now onwards we will cover hacking as our main stream topic on this blog. Real hacking is never done over lamers who hardly knows about security, it is done over a person who is highly skilled as you are. You can never learn hacking until you do some practical and gain knowledge about field so now onwards I urge you to perform practicals that will be now posted on this blog on your own system. Next no tutorial will be taken as a lamer so they will be in possible higher details, so this may happen that you may not understand something. Rather than keeping yourself mum I plea you to please ask whenever you encounter a problem or get bothered by topic. Whenever I 'll post on hacking I 'll try to keep a theoretical and one practical tutorial, you are requested to read both and grasp matter completely. Thanks for visiting and please tell are you clear with all points discussed or need some explanation on your difficulty.