Ethical Hacking Terminology

Posted by Sharan R On 12:17 AM

A threat is an environment or situation that could lead to a potential breach of security.

Ethical hackers look for and prioritize threats when performing a security analysis.
In computer security, an exploit is a piece of software that takes advantage of a bug, glitch,
or vulnerability, leading to unauthorized access, privilege escalation, or denial of service on a
computer system.

There are two methods of classifying exploits:
A remote exploit works over a network and exploits security vulnerabilities without any
prior access to the vulnerable system.
A local exploit requires prior access to the vulnerable system to increase privileges.

An exploit is a defined way to breach the security of an IT system through a vulnerability.

A vulnerability is an existence of a software flaw, logic design, or implementation error that can
lead to an unexpected and undesirable event executing bad or damaging instructions to the system.

A target of evaluation is a system, program, or network that is the subject of a security
analysis or attack.

An attack occurs when a system is compromised based on a vulnerability. Many attacks are
perpetuated via an exploit. Ethical hackers use tools to find systems that may be vulnerable to
an exploit because of the operating system, network configuration, or applications installed
on the systems, and prevent an attack.

Types of Hacking Technologies

Most hacking tools exploit weaknesses in one of the following four areas:
Operating systems
Many systems administrators install operating systems with the default
settings, resulting in potential vulnerabilities that remain unpatched.
Applications
Applications usually aren’t tested for vulnerabilities when developers are writing
the code, which can leave many programming flaws that a hacker can exploit.
Shrink-wrap code
Many off-the-shelf programs come with extra features the common user
isn’t aware of, which can be used to exploit the system. One example is macros in Microsoft
Word, which can allow a hacker to execute programs from within the application.
Misconfigurations
Systems can also be misconfigured or left at the lowest common security
settings to increase ease of use for the user, which may result in vulnerability and an attack.

Attacks can be categorized as either
passive
or
active
Passive and active attacks are used on both network security infrastructures and on hosts. Active attacks actually alter the system or network they’re attacking, whereas passive attacks attempt to gain information
from the system.
Active attacks affect the availability, integrity, and authenticity of data; passive attacks are breaches of confidentiality.

In addition to the active and passive categories, attacks are categorized as either
inside
or
outside attacks. 

An attack originating from within the security perimeter of an organization is
an inside attack and usually is caused by an “insider” who gains access to more resources than
expected.
An outside attack originates from a source outside the security perimeter, such as the
Internet or a remote access connection.

Types of Hacker Classes

Hackers can be divided into three groups: white hats, black hats, and grey hats. Ethical hackers
usually fall into the white-hat category, but sometimes they’re former grey hats who have become
security professionals and who use their skills in an ethical manner.

White hats
White Hats are the good guys, the ethical hackers who use their hacking skills for
defensive purposes. White-hat hackers are usually security professionals with knowledge of
hacking and the hacker toolset and who use this knowledge to locate weaknesses and implement
countermeasures.

Black hats
Black hats are the bad guys: the malicious hackers or crackers who use their skills
for illegal or malicious purposes. They break into or otherwise violate the system integrity of
remote machines, with malicious intent. Having gained unauthorized access, black-hat hackers
destroy vital data, deny legitimate users service, and basically cause problems for their targets.
Black-hat hackers and crackers can easily be differentiated from white-hat hackers because their
actions are malicious.

Grey hats
Grey hats are hackers who may work offensively or defensively, depending on the situation.
This is the dividing line between hacker and cracker. Both are powerful forces on the Internet,
and both will remain permanently. And some individuals qualify for both categories. The
existence of such individuals further clouds the division between these two groups of people.

2 comments

  1. Jimmy loof Said,

    I have been living with my wife for some years now,i was afraid she has been cheating on me and a friend of mine introduced me to a Private Investigator (Mr Raymond), he helped me and gave me the password to her Facebook and Gmail account and also linked all her phone conversations to me.He saved me from all her lies and infidelity,he gave me all i wanted during our divorce and helped me with evidence in court.his services was cheap,and he was so reliable. I just ,want to openly say thank you.Contact (Gadgethacksolution@gmail.com) .tell him i referred you he will help you

    Posted on March 11, 2018 at 3:58 AM

     
  2. soumya Teja Said,

    This was an excellent blog I learn something from these blog about Ethical Hacking Online Training . Try yourself once.

    Posted on August 16, 2018 at 12:24 AM