What are different phases of Ethical Hacking?

In this article, I will tell you about different phases of ethical hacking, and I will also tell you about a few tools you can use for each phase. If you are a beginner and you don’t know what is ethical hacking and why should we learned it then read this article.

So below are the different phases of Ethical Hacking:

1. Reconnaissance
2. Scanning
3. Exploitation
4. Maintaining Access
5. Covering Tracks
6. Reporting

Reconnaissance

Reconnaissance is a phase where an ethical hacker collects the information about the target so that it will easy to understand, how to hack the target. The most basic information an ethical hacker need is the IP address of the target, IP address range, the architecture of the network, and DNS record. These are very basic information needed by ethical hackers to hack the target. And this information may vary according to what your target is.

Most common tools used for reconnaissance are:

• Search Engine
• NSLookup
• WHOis Lookup

Scanning

Scanning is the second phase of ethical hacking. It is basically a process of identifying the weak points or we can say the loopholes of the target from where a hacker can try to hack the target. Some of the basic information that hacker requires are active ports and active hosts, these are actually active ports on the network that are up and running. So, if you want to hack a network then you must hack it through any active computer on it which is life at that time. After that, you need to collect information about services. These services can be security services, firewall services, inclusion detection. And then you need to know about applications running and operating systems.

Most common tools for scanning are as follow:

• OpenVAS
• Nikto
• WireShark
• Nessus

Exploitation

Exploitation is the third phase of ethical hacking, in which hackers take advantage of the loopholes and weaknesses scanned in phase 2 to hack the target with appropriate tools. You have to choose and perform an appropriate attack depending on the weaknesses and loopholes of your target. It means Every attack is not applicable to every target. We need to analyze that, which attack can be performed on our target. And then we have to launch the attack. Finally, we will gain access to our target.

Some of the most popular tools used for exploitation phase are:

• BeEF
• MetaSpoilt
• SQLMap

Maintaining Access

Maintaining access is the fourth phase of ethical hacking, in which after hacking the hacker installs some software or makes some changes in the target system in such a manner so that he can access the target later in the future, without performing the whole attack from starting.

Some of the most popular and efficient ways of doing this are:

• Installing Backdoors
• Creating new Users
• Escalate privileges
• Installing Rootkits
• Installing Trojans

Some of the most common tools used for this purpose are:

• PowerSploit
• Weevly
• dns2tcp

Covering Tracks

Covering tracks is the fifth phase of ethical hacking, in which the hacker hides his identity and the way in which he exploits the target. So, the target would never know who hacked him and how. The most common ways of clearing the tracks are:

• Clearing Cache/Cookies
• Tampering Log files
• Close ports/ Stop Services

Reporting

Reporting is the final phase of ethical hacking, where the hacker creates documentation of all the weaknesses and loopholes found on the target, the way he used these weaknesses and loopholes to exploit the target, and also some precautions that the target can take to make the security better. This is the phase that differentiates a malicious hacker from an ethical hacker.

So, these are the six phases of ethical hacker. I hope this article is informative. If I miss something please tell me in comments.