Phases of Hacking

 

Hacking involves a systematic process comprising five distinct phases. While not strictly adhering to a sequential order, these steps contribute to a comprehensive and effective approach when followed in a stepwise manner.



Phases of Hacking:


1. Reconnaissance:

   - Also known as Footprinting, this initial phase involves gathering preparatory information about the target. Information is collected regarding the network, host, and individuals involved. Two methods of Footprinting include active (directly interacting with the target, e.g., using Nmap) and passive (collecting information without direct access, e.g., from social media).


2. Scanning:

   - This phase encompasses three types of scanning:

      - Port scanning: Identifying open ports, live systems, and services on the host.

      - Vulnerability scanning: Checking for exploitable weaknesses using automated tools.

      - Network mapping: Determining the network's topology, including routers, firewalls, servers, and hosts, and creating a network diagram.


3. Gaining Access:

   - In this critical phase, the attacker infiltrates the system/network using various tools or methods. After entry, the objective may include elevating privileges to administrator level for necessary installations, data modification, or data concealment.


4. Maintaining Access:

   - Post-infiltration, the hacker may choose to persist in the system, concealing the connection without the user's knowledge. Trojans, rootkits, or other malicious files might be employed to maintain access until the planned tasks are accomplished.


5. Action on Objectives

Performing the activities to achieve specific goals or objectives. This may involve manupulation or stealing data , distrupting IT operations or destructing data or systems . 


6. Clearing Tracks:

   - To avoid detection, a savvy hacker erases all evidence, modifying, corrupting, or deleting log values, altering registry values, uninstalling applications, and deleting created folders. This phase aims to eliminate any traces that could lead back to the hacker, emphasizing the importance of prompt action to address and rectify compromised sites.


Niranjan Meegammana

Cyber Security & ML Researcher

Shilpa Sayura Foundation 


Comments

Popular posts from this blog

What is Cyber Security?

Important characteristics of Information