(also white hat hacking, penetration testing)
Ethical hacking definition
Ethical hacking aims to identify security vulnerabilities in networks, software, or hardware. Ethical hackers — also called “white hats” or “red teams” — are cybersecurity experts who legally hack and test their client’s systems to identify and eliminate security problems. They always have the permission of the hacking target to hack into systems and expose vulnerabilities.
Five phases of ethical hacking
Ethical hacking is more about the mindset, not the tools and techniques used. However, the typical five phases of hacking apply:
- Reconnaissance. In this phase, the hacker gathers data about the target.
- Scanning. The hacker analyzes the data and selects a suitable hacking method for exposing vulnerabilities.
- Gaining access. In this phase, the attack takes place. The hacker accesses the target’s system.
- Maintaining access. The hacker tries to maintain their access for future attacks and prevent the target from finding out about the attack.
- Covering tracks. The hacker attempts to cover their tracks so law enforcement or security personnel won’t find out about the attack.