history NEW

What is ethical hacking

Most people are alerted when they hear the word hacker because they relates to criminals who use networks to penetrate computers and steal confidential information or carry out actions that the owner does not want.

However, A hacker is simply a computer security expert who understands how digital devices work and is able to find vulnerabilities that can compromise their security.

Work of an ethical or white hat hacker

Ethical hackers are highly sought after professionals who work in multiple technology companies. An example is the banking sector.

Banks hire ethical hackers or cybersecurity experts with the aim of The goal is for them to try to penetrate the system and exploit vulnerabilities. In this way, programmers can repair these vulnerabilities and avoid intrusion by malicious hackers.

Phases of ethical hacking

There are different phases that ethical hacking experts follow to try to penetrate the computer system. These phases are designed to simulate what a malicious hacker would do and try to find all types of vulnerabilities in order to solve them and improve the protection of the system.

Collect information

The first step to be able to enter a network or system is to have all the necessary information. It is important that the ethical hacker uses all resources to thoroughly understand the type of system they are trying to violate.

Information about the organization can be found through social networks or public websites. It is also possible to scan for some types of vulnerabilities with cybersecurity tools such as Nmap or the Kali Linux distribution.

Scanning for vulnerabilities, ports or networks

This is the moment in which the cybersecurity professional scans the different vulnerable points of the system. You can scan fragile devices connected to the network or find open ports that allow easy access.

There are several methods for scanning. There are open license programs that allow you to effectively scan all types of vulnerabilities, whether through ports or networks.

Access to the system

Once the data collection and scanning phases are completed, the ethical hacker must attempt to enter the system. This is the most crucial part of the hacking part and it is important to be protected to prevent them from following our trail.

There are several tools such as metasploit that allow you to gain access to systems. Other techniques such as social engineering can also be carried out.

Ethical hackers also known as white hat hackers They are in charge of carrying out penetration tests trying to access the system in an unauthorized manner.

Stay within the system

This point is important since many systems can detect that someone has entered and carry out cybersecurity protocols to eliminate the threat, in this case us.

If the hacker manages to stay inside the system then he can start launching all kinds of attacks to achieve his objectives, whether it is breaking the system or obtaining confidential information from the organization.

Delete the trace

The last step is to eliminate any evidence that implicates us in the cyber attack. We must try not to leave a trace of our presence. It's an important point from an experienced hacker.

Types of hackers

We find different types of computer hackers depending on their intentions and also whether or not they have authorization from organizations to find vulnerabilities and try to gain access.

Ethical hackers or white hat hackers

The goal of the ethical hacker is not to damage the system but rather to find vulnerabilities to prevent malicious people from entering and destroying it or collecting important data. They have permission from the organizations to access since they work for them as cybersecurity experts.

Unethical hackers, crackers or black hat hackers

These professionals use their knowledge in computer security to penetrate computer systems for personal purposes, whether for money or to achieve some objective.

gray hat hackers

These hackers are a mix of the previous two. They have no malicious purpose but you also do not have the authorization to enter. They simply do it for fun or to use the knowledge they have learned.