Let me start with a Question, Does the world need more Ethical Hackers? The answer is “absolutely yes” and if you are here, then you can learn and contribute to the world of Cyber-Security. Do you need to be totally awesome at Computers and be a Coding Guru? It helps, but it’s not totally necessary. With Cisco CCNA network level skills and a strong understanding of Linux systems and you are good to to begin learning Ethical hacking. If you do not have CCNA level network skills or have not got strong Linux knowledge then you should take a step back and get those skills. There are plenty of YouTube channels out there that can help.
Understanding the why and how hackers are doing something illegal is the key to stopping them. Know your enemy as the saying goes.
Consider the learning process to be an Ethical Hacker to be a journey with no final destination. The budding Ethical Hacker can use these blog posts to start their learning process but they will find embedded in all these posts references to other sites, books, You Tube channels, etc. So it can be easy to get trapped down a rabbit hole. I would say at the beginning if you find something that works for you then stick with until you master it and follow all the rabbit holes you can on that topic.
So on with the show…
Table of Contents
What do Hackers do?
Hacking refers to exploiting systems, Identifying either (or both) hardware or software vulnerabilities that can be used to make the device do something it was never meant to do. For example hackers have hacked various devices to run the classic game Doom. These hackers have no ill will or malicious intent with this type of hacking. Yet most people consider the word hacker with cyber-criminal, etc so the industry had to come up with better terms to describe what the hackers does,
What are the Types of Hackers?
To stem the confusion if that a hacker is good, bad or somewhere in between it seems (lucky for us) hackers wear hats of different colours, even Ethical Hacking has a hat. So these colours define if they are the good guys, bad guys or somewhere in between. Lets take a look at a few.
Black Hat
Also known as “Advanced Persistent Threats”, these really are the bad guys. Black Hat hackers are highly skilled individual who use their amazing computer skills for self gain and take part in criminal activities such as stealing Business data, Credit Card information and passwords all to be resold on the Dark web.
White Hat
White Hat hackers are the good guys. This is the hat that Ethical Hackers wear. They use their extraordinary skills to pen test software or networks for vulnerabilities, so to help identify them that vendors can close the gaps. This is often offered as a service by some companies or if the business is big enough then they will have their own Red Team that can take care of it. White Hat Hackers have permissions for what they are doing.
Gray Hat
Gray Hat Hackers sit on the fence between White Hat and Black Hat. They tend to have the same motivation as White Hat Hackers in that they like to find bugs and flaws in software but unlike White Hat Hackers they don’t have permissions to to it. A lot of Grey Hat Hackers tend to go after Bug Bounties where they find flaws in web sites, they then report these flaws back to the the site owners and can get paid Bounties for it. This can be quite lucrative.
Black Hat Hacker
As the most nefarious hacker is “Black Hat”, lets dig a bit deeper into it and break it down into even further categories.
State Sponsored
These are Computer hackers employed by Governments to infiltrate other Governments or corporations. As these are State Sponsored the attacks are very sophisticated and hackers are at very little risk of being caught. Therefore these Hackers are after top secret information that can be used to damage other Governments.
Hacktivists
These are an individual or group who break into corporate or Government systems as a protest. Typically these politically motivated people tend to deface public web sites.
Script Kiddies
These would be the lowest type of hackers, mostly unskilled and depend on other hackers to create their scripts for them. A script kiddie, skiddie, or skid is relatively unskilled.
Ethical Hacking
As we begin, where does Ethical Hacking fit into all of this? We have to learn the skills of our enemy so we can know them and beat them at their own game. It only takes one poor password or unpatched services for a hacker to get in and gain a foothold. Once in they can scan down the networks and start to move latterly across the servers estate looking for valuable data. This makes it harder and harder to find them and lock them out.
Learn how to hack
Best way to begin to learn Ethical Hacking is “Learning by Doing”, and one of my favourite ways of achieving this is though CTF challenges. However before the Ethical Hacker approaches a CTF challenge then need some knowledge of the Hacking process.
Another solid way to learn is by building your own lab and practise there. An old laptop or PC with a modern version of Linux is a great start. Docker can be installed and you can install various Docker images for learning. Take a look at my Dam Vulnerable Linux Labs if this is something you are interested in.
You can also spin up some virtual online servers which have a very little cost and you can also install tools via Docker to hack.
The Phases
I have broken the learning process down to a Phased approach to begin with Ethical Hacking. These are the skills that Ethical Hacker needs to have a basic knowledge of in order to get started.
First Phase – Reconnaissance
82% of all breaches in 2021 were down to the Human element. Computers and software may be secure but are the people behind it? It’s the Reconnaissance Phase that the Black Hat Hacker first turns to when looking to exploit environments. The Ethical Hacker must learn the techniques that are used and how to prevent it from happening. Educating Users is mostly the key hear as Users tend to be the week link.
Second Phase – Scanning
Unlike Reconnaissance the Scanning Phase is much more focused. The Hacker takes what they have learned and now applies it. They scan network IP addresses that they found and identify what ports are open. It’s at this stage that vulnerable or insecure software is found. This process can take some time and the Hacker will try to be stealthy about it but if the Reconnaissance is good then there is a chance…
Third Phase – Gaining Access
Once Scanning is completed and documented, then all the results are examined. Perhaps something interested is spotted like a old version of smb or ftp server with an anonymouse login enabled, now deeper Enumeration is required. The Hacker will Analyse and Enumerate until they find a week spot. Once a way is found the hacker can proceed to the next step.
Forth Phase – Maintaining Access
Once Access is gained it’s important to the hacker to maintain this access. Sometimes this stage is called Command and Control. There is special software just for this. The Hacker will even go as far as fixing the Exploit that gave them access just so others wont try this exploit and get access.
Fifth Phase – Cleaning Up
To Avoid getting into trouble or for someone to discover that their systems have been compromised, the Hacker must clean up after them selves. This involves cleaning up logs, deleting history files, etc.
Sixth Phase – Up Skilling
The Hacker and their techniques keep evolving and so the Ethical Hacker must also evolve. This can be done through training, security blogs, podcasts, etc. What ever it takes to keep their skills updated.
Wrap Up
So now as you begin your journey with Ethical Hacking you should have some idea where to start. As I mentioned previously, if you find something that really takes your interest, then stick with it and master it. The rest will come naturally.
Over the coming Weeks and Months I will populate the rest of the phases on this blog and eventually will have a full course of learning.
Links For Ethical Hacking
