SHORT-TIPS TO BECAME ETHICAL HACKER
What you must know to become an Ethical Hacker?
- Right meaning and role of an Ethical Hacker
- Programming languages and Networking
- Proper sources to learn Hacking
- Use Penetration Testing Lab
- Learn Kali Linux (Penetration Testing OS)
- Professional Ethical Hacking Certifications
- Patience and Passion of learning
Note::: Short Introduction to Ethical Hacking
Who is an Ethical Hacker and what’s its role?
Learn Programming languages and Networking
Programming and Networking are the two most important things in Hacking and Security. Every application you use is programmed in particular programming language and with the help of networking it can be used online or shared computer network, Now if you want to hack an application so first of all you’ve to understand how it works and without knowing programming language you cannot understand its logic and so it becomes harder for you to find vulnerability in its logic.
Networking is another essential topic in hacking and security. Networking is the major part of internet security. If you want to be a professional security expert or hacker then learning networking is very important because the whole internet relies on TCP/IP and In order to find vulnerabilities in web sites and applications you must need to understand the network logic.
Sources of learning Ethical Hacking For Free
Internet is the only best place to learn Ethical Hacking for free of cost. All you need is little Googling skill and patience to learn. There are countless Hacking and Pentesting blogs on internet where you can learn a lot about Hacking, Pentesting and Security. The another best way is watching video tutorials, Security Researcher’s vulnerability POCs, reading white papers and free online eBooks etc. I also suggest to join Hacking forums.
Create Virtual Penetration Testing lab
Creating virtual penetration testing lab in your computer is the best method to learn web application pentesting and hacking. A virtual pentesting lab is a real vulnerable application which can be used to explore, demonstrate common web vulnerabilities and its impact. Pentesting lab is widely used by Security Experts and newbies in hacking to learn new web vulnerabilities and how to discover them. I highly suggest you to use a pentesting lab to learn and hone your hacking skills.
Learn Kali Linux – Advance Penetration Testing OS
Kali Linux is an operating system especially made for hackers and penetration testers, It has hundreds of pre-installed Hacking tools, Automated scanners, fuzzing, forensics and other essential penetration testing tools. One must learn to operate Kali Linux and learn to use its tools. Kali Linux is the latest version of (BackTrack), It is one of the most popular and widely used by Hackers.
Creating Pentesting Lab In kali linux Is a super best method to Learn Web-hacking and Other stuff like this
Get Professional Certifications
If you’re really serious about considering hacking and security as your career choice then you must get Penetration testing license, Ethical hacking and Security certificates.
Keep patience and be passionate about learning
So you want be a hacker? Good but its not easy you know. It takes years to become a professional ethical hacker or a security expert so be patient, nobody is born expert, start from scratch and be passionate about learning new things. Keep yourself inspired by reading inspirational Interviews of successful Hackers and Security researchers.
EVERY EXPERT IN ANYTHING WAS ONCE A BEGINNER AND BEGINNING IS THE HARDEST PART.
Hacker And Types Of Hackers
A hacker is basically someone who breaks into computer networks or standalone personal computer systems for the challenge of it or because they want to profit from their innate hacking capabilities. The hacker subculture that has developed among these new-age outlaws is often defined as the computer underground, although as of late it has evolved into a more open society of sorts. At any rate, here are the different types of hackers.
White Hat security professional
A white hat ethical hacker / cracker is A good .Who tests the security of internet Products and ask the developer to make Necessary changes to avoid hacking
Grey Hat hacker
A grey hat hacker / cracker is actually a white hat hacker in Day time but ,he do evil things in Nights(Hacks System ,security Credientials) or things like that.Most of white hat hackers are Grey-Hat hackers(Means they are good as well as Bad Guys)
Black Hat hacker / cracker
A black hat hacker / cracker is indeed a bad Guys Who love to tease other people,steal their passwords ,Hack into their system,Defaces website and these kinds of Illegal Stuff.
elite hackers are those hackers who works for the betterment of society
Script Kiddie cracker
A script kiddie is basically a non-expert hacker or a kid who want to learn hacking.He uses scripts of High class hackers to hack systems but indeed he doesn’t know.Whats going on in background
STEPS OF ETHICAL HACKING
Passive and Active Reconnaissance
Passive reconnaissance involves gathering information regarding a potential target without .the targeted individual’s or company’s knowledge. Passive reconnaissance can be as simple as watching a building to identify what time employees enter the building and when they leave.However, it’s usually done using Internet searches or by Googling an individual or company to gain information. This process is generally called information gathering. Social engineering and dumpster divingare also considered passive information-gathering methods.
and services on the network. This usually involves more risk of detection than passive reconnaissance and is sometimes called rattling the doorknobs. Active reconnaissance can give a hacker an indication of security measures in place (is the front door locked?), but the process also increases the chance of being caught or at least raising suspicion.
Scanning involves taking the information discovered during reconnaissance and using it to examine the network. Tools that a hacker may employ during the scanning phase can include dialers, port scanners, network mappers, sweepers, and vulnerability scanners. Hackers are
seeking any information that can help them perpetrate attack such as computer names, IP addresses, and user accounts.
Once a hacker has gained access, they want to keep that access for future exploitation and attacks. Sometimes, hackers harden the system from other hackers or security personnel by securing their exclusive access with backdoors, rootkits, and Trojans. Once the hacker owns the system, they can use it as a base to launch additional attacks. In this case, the owned system is sometimes referred to as a zombie system.
or intrusion detection system (IDS) alarms. Examples of activities during this phase of the attack include steganography, the use of tunneling protocols, and altering log files.
Types Of Attacks
- Injection Attacks
- Cross Site Scripting
- Click Jacking
- Dns Poisoning
- Social Engineering Attacks
- Remote Code Execution Attacks
- Daniel Of Services (DOS ) And DDOS
Pre-Requisites Of Being Ethical Hacker
well there are multiple things you should be perfectly aware of
- you should know about Networking-How network Devices Talk to each other
- You should be well Aware Of Network and Web Architecture to test security of Websites
- You should Be enthusiastic and passion to learn
Written by :Tamoor Nasir