ETHICAL HACKING

What is Hacking

Gaining access to a system that you are not supposed to have access is considered as hacking. For example: login into an email account that is not supposed to have access, gaining access to a remote computer that you are not supposed to have access, reading information that you are not supposed to be able to read is considered as hacking. There are a large number of ways to hack a system. In 1960, the first known event of hacking had taken place at MIT and at the same time, the term Hacker was organized.

Types of Hacker

White Hat Hackers:	White hat hackers are the one who are authorized. Or the certified hackers who work for the government and organizations by performing penetration testing and identifying loopholes in their cybersecurity. They also ensure the protection from the malicious cyber crimes. They work under the rules and regulations provided by the government, that’s why they are called Ethical hackers or Cybersecurity experts.
Black Hat Hackers:	They are often called Crackers. Black Hat Hackers can gain the unauthorized access of your system and destroy your vital data. The method of attacking they use common hacking practices they have learned earlier. They are considered to be as criminals and can be easily identified because of their malicious actions.
Gray Hat Hackers:	Gray hat hackers fall somewhere in the category between white hat and black hat hackers. They are not legally authorized hackers. They work with both good and bad intentions; they can use their skills for personal gain. It all depends upon the hacker. If a gray hat hacker uses his skill for his personal gains, he/she is considered as black hat hacker.

What is Ethical Hacking

Hacking can be legal if done with permission. Computer experts are often hired by companies to hack into their system to find vulnerabilities and weak endpoints so that they can be fixed. This is done as a precautionary measure against legitimate hackers who have malicious intent. Such people, who hack into a system with permission, without any malicious intent, are known as ethical hackers and the process is known as Ethical Hacking.

Who is an Ethical Hacker

An Ethical Hacker is a skilled professional who has excellent technical knowledge and skills and knows how to identify and exploit vulnerabilities in target systems. He works with the permission of the owner of networks. An Ethical Hacker must comply with the rules of the target organization or owner and the law of the land and their aim is to assess the security posture of a target organization/system.

Skills for an Ethical Hacker

An ethical hacker is a computer expert who specializes in networking and penetration testing. This generally entails the following skillset-

Expertise in various operating systems, primarily Linux and its various distribution. This is because a good portion of vulnerability testing includes invading the target system and sifting through their system. This is impossible without a good of operating systems.

In-depth knowledge of networking is also key to a successful ethical hacking career. This involves packet tracking, packet sniffing, intrusion detection & prevention, scanning subnets etc.

Programming: Now, programming is a vast topic with nuances in every language. As an ethical hacker, it is not expected of you to be a master-coder, but rather be a jack-of-all-trades.

Programming languages that ethical hackers usually uses:

HTML- Always begin with basics and HTML — HyperText Markup Language — should be the first one you should learn as a beginner. HTML is the building blocks of the internet and an ethical hacker should know it very well to understand web action, response, structure, and logic. Also, learning HTML is not at all that tough

JavaScript- JavaScript is the most used as client-side programming and for web development is also the best programming language for hacking web applications. In fact, it is the best programming language for hackers and security experts for developing cross-site scripting hacking programs. You should learn it on high priority mode. Understanding JavaScript code logic can help you find the web-apps flaws and it is the best one to manipulate both front-end and back-end web components.

SQL- SQL — Structured Query Language — is a database programming language used to query and fetch information from databases. All big and small websites and web apps are using databases to store data like login credentials and other valuable inventories — it is the most sensitive part of the Web. So a hacker must learn SQL to communicate with databases and to develop hacking programs based on SQL injection.

PHP- PHP is the most popular dynamic programming language, used mainly by websites build upon popular CMS like WordPress. So knowing PHP will help you to find vulnerabilities in such network and take down a personal website or blog. Hackers use PHP mainly for developing server hacking programs as it is a server-side scripting language. So, if you are into web hacking then deeper knowledge in PHP is necessary.

Bash - Bash is used for creating small batch files and handy scripts. They come in handy when you need to write your shellcodes, exploits, rootkits or understanding and expanding on existing ones.

C- The mother of all programming language, C is the most important programming language used in creation for Linux and Windows. So learning C programming will help an ethical hacker to understand the way of working of these systems — like how CPU and memory interact with each other. However, it is the best programming language for exploit writing and development. The low-level nature of C benefits security experts to develop hacking programs to access and manipulate system hardware and lower level resources.

Python- Python is the easiest one to learn. It is the most used language for exploit writing as Python is the easiest programming language to write automation scripts because of pre-built libraries with some powerful functionality. It is highly recommended you to learn Python Socket Programming because it helps lot learning exploit creation.

More coming soon!