Phases Of Ethical Hacking
1. Reconnaissance – also known as the footprint or information gathering phase, the focus is to collect as much information as possible about the target such as passwords, details of the employees, etc. through various links, job profile, news and other such sources.
Reconnaissance is an essential phase of ethical hacking. It helps identify which attacks can be launched and how likely the organization’s systems fall vulnerable to those attacks. There are two types of foot printing methods –
a) Active – gather information directly from the target using Nmap tools to scan the target’s network.
b) Passive – collecting information through social media accounts, public websites, etc.

2. Scanning – as the term suggests, attackers use this method to gain the target’s information through quick and easy ways. These scanning practices generally involve
a. Vulnerability Scanning: This scanning practice targets the vulnerabilities and weak points of a target and tries various ways to exploit those weaknesses. It is conducted using automated tools such as Nets parker, OpenVAS, Nmap, etc.
b. Port Scanning: This involves using port scanners, dialers, and other data-gathering tools or software to listen to open TCP and UDP ports, running services, live systems on the target host. Penetration testers or attackers use this scanning to find open doors to access an organization’s systems.
c. Network Scanning: This practice is used to detect active devices on a network and find ways to exploit a network. It could be an organizational network where all employee systems are connected to a single network. Ethical hackers use network scanning to strengthen a company’s network by identifying vulnerabilities and open doors.

3. Gaining Access – This hacking phase attempts to get into the system and exploit the system by downloading malicious software or application, stealing sensitive information, getting unauthorized access, asking for ransom, etc. Metasploit is one of the most common tools used to gain access, and social engineering is a widely used attack to exploit a target.
Ethical hackers and penetration testers can secure potential entry points, ensure all systems and applications are password-protected, and secure the network infrastructure using a firewall. They can send fake social engineering emails to the employees and identify which employee is likely to fall victim to cyberattacks.

4. Maintaining Access – In this phase, the attacker aims to maintain their unauthorized access until they complete their malicious activities without the user finding out. Ethical hackers or penetration testers can utilize this phase by scanning the entire organization’s infrastructure to get hold of malicious activities and find their root cause to avoid the systems from being exploited.

5. Clearing Track – This step ensures that the attackers leave no clues or evidence behind that could be traced back. It is crucial as ethical hackers need to maintain their connection in the system without getting identified by incident response or the forensics team.
The following steps are taken in ethical hacking in order to erase their tracks:
a. Using reverse HTTP Shells
b. Deleting cache and history to erase the digital footprint
c. Using ICPM (Internet Control Message Protocol) tunnels