ETHICAL HACKING (PART -1)

INTRODUCTION TO ETHICAL HACKING :

•  Ethical hackers are usually security professionals or network penetration testers who use their hacking skills and toolsets for defensive and protective purposes. 
•  Test their network and systems security for vulnerabilities using the same tools that a hacker might use to compromise the network. 
•  Any computer professional can learn the skills of ethical hacking.

TYPES OF HACKERS :

 WHITE HAT HACKER :

                         hacking skills for defensive purposes. locate weaknesses and implement countermeasures. White hats are those who hack with permission from the data owner. It is critical to get permission prior to beginning any hacking activity. This is what makes a security professional a white hat versus a malicious hacker who cannot be trusted .

 

 BLACK HAT HACKER :                                                                                                                                                                    Having gained unauthorized access, black-hat hackers destroy vital data, deny legitimate users service, and just cause problems for their targets. Black-hat hackers and crackers can easily be differentiated from white-hat hackers because their actions are malicious.

GREY HAT HACKER : 

                                   work offensively or defensively, depending on the situation. may just be interested in hacking tools and technologies and are not malicious black hats. Gray hats are self-proclaimed ethical hackers, who are interested in hacker tools mostly from a curiosity standpoint. They may want to highlight security problems in a system or educate victims so they secure their systems properly. difference between white hats and gray hats is that permission word .

                                          

WORKING PROCESS OF TYPES OF HACKERS :

 

WHAT DOES HAKERS DO :   

                                        

                                                  They do the same as cracker.  they’re trying to determine what an intruder can see on a targeted network and what the hacker can do with that information. Pen Test: This process of testing the security of a system or network is known as a penetration test.  doing this doesn’t usually involve a mysterious leap of hacker brilliance, but rather persistence and the dogged repetition of a handful of fairly well-known tricks that exploit common weaknesses in the security of target systems.  A pen test is no more than just performing those same steps with the same tools used by a malicious hacker to see what data could be exposed using hacking tools and techniques.  When hired, an ethical hacker asks the organization what is to be protected, from whom, and what resources the company is willing to expend in order to gain protection.  A penetration test plan can then be built around the data that needs to be protected and potential risks. Documenting the results of various tests is critical in producing the end product of the pen test: pen test report.  Taking screenshots of potentially valuable information or saving log files is critical to presenting the findings to a client in a pen test report. The pen test report is a compilation of all the potential risks in a computer or system.