Basics of Ethical Hacking: Chapter 1(Theory)

Chapter 1

                Intro to Ethical Hacking

                               What is Ethical Hacking

·      An ethical hacker is a computer and networking expert who systematically attempts to penetrate a computer system or network on behalf of its owners for the purpose of finding security vulnerabilities that a malicious hacker could potentially exploit.Ethical hacking is used to protect a system or a target.

 

What is bug bounty?

·      A bug bounty program is a deal offered by many websites and software developers by which individual can receive recognition and compensation for reporting bugs , especially those pertaining to exploits and vulnerabilities. These program allow the developers to discover and resolve bugs before the general public is aware of them, preventing incident of widespread abuse.

·      Bug bounty programs have been implemented by a large numbers of organizations including

·      Mozilla, Facebook, Yahoo, Google, Reddit, Microsoft etc

 

What is penetration testing?

·      A penetration test, colloquially known as a pen test, is an authorized simulated attack on a computer system , perform to evaluate the security of the system. The test is performed to identify both weakness (also referred to as vulnerabilities ) , including the potential for unauthorized parties to gain access to the system’s

features and data , as well as strengths , enabling a full risk assessment to be completed.

 

What is forensic analysis?

·      Computer forensic is the application of investigation and analysis techniques to gather and preserve evidence from a particular  computing device in a way that is suitable for presentation in a court of law. The goal of computer forensics is to perform a structured investigation while maintaining a documented chain of evidence to find out exactly what happened on a computing device and who was responsible for it.

 

Who is a Hacker?

·      A hacker is a person who finds and exploits weakness in computer systems to gain access.

·      A hacker is a person who thinks outside the box.

·      A hacker is a person who discovers unknown features and properties in a computer or in a computer network.

·      A hacker is person who is highly creative and dedicated to knowledge.

·      All hackers are not criminals that are depending on their work.

 

Types of Hacker

There are three types of hacker

·      White hat hacker

·      Black hat hacker

·      Grey hat hacker

 

White hat hacker:

A hacker who gains access to system with permissions to fix the identified weakness. They may also perform penetration testing and vulnerability assessment.

 

Black hat hacker:

A hacker who gains unauthorised access to computer systems for personal gain. The intent is usually to steal corporate Data, violate privacy rights, transfer funds from bank accounts etc.

Grey hat hacker:

A hacker who perform both actions according to the situations of a white hat and a black hat hacker.

Who is a cracker?

·      A cracker is also called black hat hacker.

·      Cracker is an individual with extensive computer knowledge whose purpose is to breach or bypass internet security or gain access to software without paying royalties. The general view is that, while hackers build things, crackers break things.

·      A cracker is a computer user who attempts to break into copyrighted software or a network computer system.

What is hacking?

·      Hacking is the process used by an attacker to take control on a target without his will.

·      Mostly hacking is used for criminal activities.

·      There is no ethics in hacking.

What is ethical hacking?

·      An ethical hacker is a computer and networking expert who systematically attempts to penetrate a computer system or network on behalf of its owner for the purpose of finding security vulnerabilities that a malicious hacker could potentially exploit.

·      Ethical hacker is used to protect a target or a system.

Terms used in hacking?

·      Script kiddies is a non-skilled person who gains access to computer system used already made tools.

·      Hacktivist_A hacker who use hacking to send social, religious and political, etc. messages. This is usually done by hijacking websites and leaving the massage on the hijacked website.

·      Phreacker_A hacker who identifies and exploits weakness in telephones instead of computers.

·      Exploit this is a clearly defined way to breach the security of a system.

·       

·      Botnet A botnet is a group of computers controlled without their owner’s knowledge and used to send spam or make denial of service attacks.

·      Rootkit A rootkit is a set of software programs used to gain administrator-level access to a system.

·      Spam Unwanted and unsolicited email and other electronic message that attempts to convince the receiver to either purchase a product or service, or use that prospect to defraud the recipient.

·      Hack value this term describes a target that may attract an above-average level of attention to an attacker. Presumably because this target is attractive, it has more value to an attacker because of what it may contain.

·      Zero day this describes a thread or vulnerability that is unknown to developers and has not been addressed. It is considered a serious problem in many cases.

·      Vulnerability weakness of a system.

·      Phishing is the attempts to obtain sensitive information such as usernames, password, and credit card details, often for malicious reasons, by sending an email that looks as if it is from a legitimate organization; usually it contains a fake website or link.

·      Pharming is yet another way hackers attempts to manipulate users on the internet. Pharming redirects users to false website without them even knowing it.

PPremium Course Link: www.instamojo.com/RITETECHNOLOGYINDIA