Phases of Hacking

Phases of Hacking


Phase 1 | Reconnaissance

Information Gathering and getting to know the target systems is the first process in ethical hacking. Reconnaissance is a set of processes and techniques (Footprinting, Scanning & Enumeration) used to covertly discover and collect information about a target system.

During reconnaissance, an ethical hacker attempts to gather as much information about a target system as possible, following  listed below

  • Gather initial information
  • Determine the network range
  • Identify active machines
  • Discover open ports and access points
  • Fingerprint the operating system
  • Uncover services on ports

Reconnaissance takes place in two parts − Active Reconnaissance and Passive Reconnaissance.

Active Reconnaissance

In this process, you will directly interact with the computer system to gain information. This information can be relevant and accurate. But there is a risk of getting detected if you are planning active reconnaissance without permission. He can file a case against you.

Passive Reconnaissance

In this process, you will not be directly connected to a computer system. This process is used to gather essential information without ever interacting with the target systems.

Phase 2 | Scanning

The phase of scanning requires the application of technical tools to gather further information on your target, but in this case, the info being sought is more commonly about the systems that they have in place. A good example would be the use of a vulnerability scanner on a target network.

Phase 3 | Gaining Access

The Phase of gaining Access is where real hacking takes place. By using the information gathered by the phase 1 & 2 , Hacker built a plan or strategy attack to Gain Access to the target. The attack based on the vulnerabilities which were identified during phase 1 & 2.

Phase 4 | Maintaining Access

Once a hacker has gained access, they want to keep that access for future exploitation and attacks. Once the hacker owns the system, they can use it as a base to launch additional attacks.

Maintaining access requires taking the steps involved in being able to be persistently within the target environment in order to gather as much data as possible. The attacker must remain stealthy in this phase, so as to not get caught while using the host environment.

Phase 5 | Covering Tracks

The final phase of covering tracks simply means that the attacker must take the steps necessary to remove all his presence of detection. Any changes that were made, authorizations that were escalated etc. all must return to a state of non-recognition by the host network’s administrators. In such a way that the host should not know that the attack was happened.

Protect yourself 

  • Do not post information on social media that can be related to challenge questions
  • Use passwords that cannot be broken by brute force or guessing.
  • Consider 2 factor authentication when possible.
  • Verify source of contact.
  • Try to retype the link instead of directly clicking on it . This protect from Phishing page which looks exactly  Original.
  • Before clicking a link, check the URL properly it.
  • Always scan a file and never click on batch files.
  • Be sure to have a anti-virus installed and set root passwords for installation.
  • Log out of sessions and clean the cache.
If you think you are compromised, inform the service providers and if you are confirmed then you must report it to the cyber crime department. These days such incidents are being taken seriously.
If you think this article is helpful please let me know on the comments below. And Share as much as possible.

One thought on “Phases of Hacking

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s