The Phases of Ethical Hacking

The process of ethical hacking can be broken down into five distinct phases. 
An ethical hacker follows processes similar to those of a malicious hacker. The steps to gain and maintain entry into a computer system are similar no matter what the hacker's intentions are. Figure 1 illustrates the five phases that hackers generally follow in hacking a computer system.

Figure 1: Phases of hacking

Phase 1: Passive and Active Reconnaissance

Passive reconnaissance involves gathering information about a potential target without the targeted individual's or company's knowledge. Passive reconnaissance can be as simple as watching a building to identify what time employees enter the building and when they leave. However, most reconnaissance is done sitting in front of a computer.
When hackers are looking for information on a potential target, they commonly run an Internet search on an individual or company to gain information. I'm sure many of you have performed the same search on your own name or a potential employer, or just to gather information on a topic. This process when used to gather information regarding a TOE is generally called information gathering. Social engineering and dumpster diving are also considered passive information-gathering methods. 
Sniffing the network is another means of passive reconnaissance and can yield useful information such as IP address ranges, naming conventions, hidden servers or networks, and other available services on the system or network. Sniffing network traffic is similar to building monitoring: a hacker watches the flow of data to see what time certain transactions take place and where the traffic is going. Sniffing network traffic is a common hook for many ethical hackers. Once they use some of the hacking tools and are able to see all the data that is transmitted in the clear over the communication networks, they are eager to learn and see more.
Sniffing tools are simple and easy to use and yield a great deal of valuable information which literally let you see all the data that is transmitted on the network. Many times this includes usernames and passwords and other sensitive data. This is usually quite an eye-opening experience for many network administrators and security professionals and leads to serious security concerns.
Active reconnaissance involves probing the network to discover individual hosts, IP addresses, and services on the network. This process involves more risk of detection than passive reconnaissance and is sometimes called rattling the doorknobs. Active reconnaissance can give a hacker an indication of security measures in place (is the front door locked?), but the process also increases the chance of being caught or at least raising suspicion. Many software tools that perform active reconnaissance can be traced back to the computer that is running the tools, thus increasing the chance of detection for the hacker.
Both passive and active reconnaissance can lead to the discovery of useful information to use in an attack. For example, it's usually easy to find the type of web server and the operating system (OS) version number that a company is using. This information may enable a hacker to find a vulnerability in that OS version and exploit the vulnerability to gain more access.

Phase 2: Scanning

Scanning involves taking the information discovered during reconnaissance and using it to examine the network. Tools that a hacker may employ during the scanning phase include
  • Dialers
  • Port scanners
  • Internet Control Message Protocol (ICMP) scanners
  • Ping sweeps
  • Network mappers
  • Simple Network Management Protocol (SNMP) sweepers
  • Vulnerability scanners
Hackers are seeking any information that can help them perpetrate an attack on a target, such as the following:
  • Computer names
  • Operating system (OS)
  • Installed software
  • IP addresses
  • User accounts

Phase 3: Gaining Access

Phase 3 is when the real hacking takes place. Vulnerabilities exposed during the reconnaissance and scanning phase are now exploited to gain access to the target system. The hacking attack can be delivered to the target system via a local area network (LAN), either wired or wireless; local access to a PC; the Internet; or offline. Examples include stack-based buffer overflows, denial of service, and session hijacking. Gaining access is known in the hacker world as owning the system because once a system has been hacked, the hacker has control and can use that system as they wish.

Phase 4: Maintaining Access

Once a hacker has gained access to a target system, they want to keep that access for future exploitation and attacks. Sometimes, hackers harden the system from other hackers or security personnel by securing their exclusive access with backdoors, rootkits, and Trojans. Once the hacker owns the system, they can use it as a base to launch additional attacks. In this case, the owned system is sometimes referred to as a zombie system.

Phase 5: Covering Tracks

Once hackers have been able to gain and maintain access, they cover their tracks to avoid detection by security personnel, to continue to use the owned system, to remove evidence of hacking, or to avoid legal action. Hackers try to remove all traces of the attack, such as log files or intrusion detection system (IDS) alarms. Examples of activities during this phase of the attack include
  • Steganography
  • Using a tunneling protocol
  • Altering log files


  1. I was reading through some of your content on this article and I conceive this blog is really instructive! If you are looking for indepth CEH Training, please check out mindmajix

  2. This is a great article, I have been always to read something with specific tips! I will have to work on the time for scheduling my learning.
    Selenium Training in Chennai

  3. Truly a very good blog on how to handle the future technology. Thanks for sharing your post. You can also more read : Best Ethical Hacking Institute in Delhi, India

  4. Pmp training india, Digital Marketing Course
    Eduslab knowledge solutions provide some services as Project Management, Quality Management, Agile Management, IT Service Management etc...Our Mission is to become the foremost Essential, Respected, and skilled Development Company worldwide adhering to our values and attribute. Visit: for more infrmation call us 9971205918

  5. Hi
    Your concepts about ethical hacking were easy to understand. This information is definitely useful for everyone.

    Best Hacking Institute in Delhi

  6. Oracle Fusion Financials Training in Ameerpet:Calfre is the best website to choose the best oracle fusion financials training in Ameerpet and the institutes which are mentioned in the website are rated as the best and the user can also search for other information such as phone numbers,address and reviews of each institute.For more details visit to website:

  7. This comment has been removed by the author.

  8. Thanks for providing me this content.i read your content its so informative. Keep it up.
    Ethical Hacking Training in Gurgaon

  9. It is really a great work and the way in which u r sharing the knowledge is excellentYou can also read: Ethical hacking training

  10. This blog contains The Phases of Ethical Hacking. The information is very useful which will provided by you. Good Explanation and keep going on. Ethical hacking is one such field that has got reputation and a great scope in terms of career. If you want to Learn in depth detailed about Ethical Hacker like certifications and pre-requisites and certification exam visit here once.
    Introduction to Ethical Hacker Certifications

  11. thank you for sharing. And Croma campus provide best Ethical Hacking Training in Delhi with live project training. Trainer are 10 years experience and job placement support.

  12. Thanks for the amazing content on your blog I am very interested in this article and you have really helped me.

    ethical hacking certification

  13. Nice Article! Indian Cyber Army's is now coming up with Summer Internship in cyber crime investigation and ethical hacking which is is live now

  14. Thank you for sharing such great information very useful to us.
    Ethical Hacking Training in Delhi

  15. It’s a great post. Keep sharing this kind of worthy information. Good luck!

    Salesforce Training in Chennai | Salesforce Training Course in Chennai

  16. You really did a great job. I found your blog very interesting and very informative. I think your blog is great information source & I like your way of writing and explaining the topics.According to Ethical hacker Prep Guide by Wiley, An ethical hacker attempts to duplicate the intent and actions of malicious hackers without causing harm Readmore..

  17. nice post.thanks for sharing the more valuable information.
    Indian Cyber Army credibility in Ethical hacking training & Cybercrime investigation training is acknowledged across nation as we offer hands on practical knowledge and full assistance with basic as well as advanced level ethical hacking & cybercrime investigation courses. The training is conducted by subject specialist corporate professionals with wide experience in managing real-time ethical hacking/ cyber security projects. Indian Cyber Army implements a blend of academic learning and practical sessions to give the candidate optimum exposure.Ethical hacking training ,
    Ethical hacking course

  18. Thank you for sharing such great information very useful to us.
    Ethical Hacking Course in Delhi

  19. I read this blog this is an excellent information about ethical hacking, learn I read this blog this is an excellent information about ethical hacking, learn Ethical Hacking Online Course

  20. The actual time and effort took to create this wonderful article were really great and would like to read this blog regularly to get more updates...
    DevOps Training in Chennai | DevOps Online Training in Chennai

  21. Thanks for sharing this valuable and interesting article with smart content..keep updating.
    For more information about Phython Training please click here: CEH Training In Hyderabad

  22. Ethical Hacking is the order of the day and protecting your data from harm is getting a widespread importance. If you live near or in Delhi, then worry not. There are several institutes which provide ethical hacking course in Chennai.

  23. Your blog is very useful for me, Thanks for your sharing.

    MSBI Training in Hyderabad


Popular Posts