Chapter 4. Hacking Methodology

In This Chapter

  • Examining steps for successful ethical hacking

  • Gleaning information about your organization from the Internet

  • Scanning your network

  • Looking for vulnerabilities

Before you dive in head first with your ethical hacking, it's critical to have at least a basic methodology to work from. Ethical hacking involves more than just penetrating and patching a system or network. Proven techniques can help guide you along the hacking highway and ensure that you end up at the right destination. Using a methodology that supports your ethical hacking goals separates the professionals from the amateurs and helps ensure that you make the most of your time and effort.

Setting the Stage for Testing

In the past a lot of ethical hacking involved manual processes. Now, tools can automate various tasks. These tools allow you to focus on performing the tests and less on the specific steps involved. However, following a general methodology and understanding what's going on behind the scenes will help you.

Ethical hacking is similar to beta testing software. Think logically — like a programmer, a radiologist, or a home inspector — to dissect and interact with all the system components to see how they work. You gather information, often in many small pieces, and assemble the pieces of the puzzle. You start at point A with several goals in mind, run your tests (repeating many steps along the way), and move closer until you discover security vulnerabilities at point B.

The ...

Get Hacking For Dummies® 3rd Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.