The Ethical Hacker Methodology – Practical Ethical Hacking by TCM

by Kal Bartal

Five stages of ethical hacking.

1, Reconnaissance

Reconnaissance is essentially information gathering that can be active or passive.

Passive recon (reconnaisance):

  • Google search
  • Social media search
  • etc.

No active searches against a target website.

2, Scanning & Enumeration

This stage could be considered the second phase of reconnaissance. This is also the point where active searches (scans) like Nmap, Nessus, Nikto, etc are deployed. The purpose of this stage is to find open ports and vulnerabilities.

Enumeration is where we look et our findings in detail to see if we find anything of value.

3, Gaining Access

It is also known as exploitation. Scanning and enumeration are typically repeated at this point.

4, Maintaining Access

Maintaining access in the event of the user’s computer getting shut down or being kicked out by other ways.

5, Covering Tracks

Cleaning up, removing any user accounts created and any malware uploaded.

Related Posts

Leave a Comment