Five stages of ethical hacking.
Reconnaissance is essentially information gathering that can be active or passive.
Passive recon (reconnaisance):
- Google search
- Social media search
No active searches against a target website.
2, Scanning & Enumeration
This stage could be considered the second phase of reconnaissance. This is also the point where active searches (scans) like Nmap, Nessus, Nikto, etc are deployed. The purpose of this stage is to find open ports and vulnerabilities.
Enumeration is where we look et our findings in detail to see if we find anything of value.
3, Gaining Access
It is also known as exploitation. Scanning and enumeration are typically repeated at this point.
4, Maintaining Access
Maintaining access in the event of the user’s computer getting shut down or being kicked out by other ways.
5, Covering Tracks
Cleaning up, removing any user accounts created and any malware uploaded.