Ethical Hacking and Penetration Testing

Author:Tinashe

We are living in a digital world. A world where people are becoming more trustworthy to technology. But then the truth is that the more we are able to improve our technology, the more the new technology becomes vulnerable. Pretty much everyone has access to a smartphone or personal computer(PC). The question on everyone's mind should be "Am I safe". We tend to use a smartphones without even thinking whether someone is lurking through the phones camera or something. We are living in a world where hacking has become part of our open lives



Types of Hackers
Believe it or not but hackers are actually divided into groups but specifically now we will look into the basic ones. Hackers as shown below have different things that they do depending on their motives

Teams used in hacking
In Ethical hacking we have different types of teaming. This would specifically describe the two sides in which hacking is performed, which is either as a threat or as a defence. Below are the two teaming used in Ethical hacking.

Information Gathering
Information Gathering refers to the collection of raw data on a certain target individual or system. This is done by collecting public information and scanning the system thus far receiving data and information about the target. For example if an information gathering scan technique was to be performed on the Microsoft web domain, it would reply back with information like the operating system that the domain runs on.

Types of methods used in information gathering
In information gathering many methods are used, but each method used will result in different type of information being retrieved. Below are some examples of them

Whois
In particular WHOIS is a type of GET script used to retrieve information on specific target domain. WHOIS can be done to retrieve information like, finding the owner of a specific domain and probably more

Nmap and Zenmap scanning
Nmap scanning is one great example of information gathering, it's known to be the most commonly used. Nmap is an application that was built for information gathering and footprinting. Nmap was created to be a CLI application ( command line application)

Nmap comes with a GUI (Graphic users interface) called zenmap which is specifically created for those who find it a bit intense using the CLI end of the app.