You are new to hacking and you head of Ethical Hacking, wondering what is it ? Here is your overview with explanation!
When computer geeks search for vulnerabilities for companies, computer scientists call this activity ethical hacking. Before a criminal finds a vulnerability, honest computer scientists should see the company before a vulnerability so that they can quickly improve it.
Ethical hackers in large companies fall into two groups:
- RED : These geeks try to attack company systems “like a real hacker”. They should penetrate the system unnoticed and document all vulnerabilities and data leaks .
- BLUE : The geeks are there to prevent the RED team from succeeding (and to detect hacking attempts). If the RED team succeeds, the BLUE team will need to upgrade their systems with the accumulated knowledge of the RED team .
The term hacking means that a person tries to achieve/overcome a goal or obstacle using technical knowledge in a “non-standard” way . A person hacks with a positive intention or not. Hacking is not just limited to the computer .
Hacking can be legal if you hack your own system or with explicit consent from others (companies ) .
The term ethical does not fit (but is used). Computers / inventions have no morals. You can use each invention morally ( electricity from nuclear fission ) or not morally (nuclear bomb).
This is how ethical hackers work
Digital Loophole Hunters – Bug Bounties
Companies publish apps and websites. The companies advertise a bug bounty program for the applications .
Anyone who manages to identify security defects gets a finder’s reward. The finder’s reward is based on the “severity” of a security problem. If the finder can hack into the system and execute any arbitrary code, this is a serious problem ( Remote Code Execution ).
If only the software displays a button incorrectly, then the “finder’s reward” will be lower.
Time is a lot of money
Companies hire external people who look for errors for the company. An external perspective helps with development because the internal developers are blind to their own security gaps (operational blindness).
The company pays the freelancer an hourly or daily wage. If the software is “tested” , then the freelancer will find less. For hours, the freelancer can’t find a gap, but the company pays him. A bug bounty collector, on the other hand, only gets money on success.
Safer and Less Money – Employee
Permanent employees can engage in ethical hacking.
They look for security problems in the known structures and fix them. Often 2 different companies hold “hacking competitions” . Company A employee hacks Company B and Company B employee hacks Company A.
The parties share their insights and both companies benefit from each other’s perspectives.
Good courage or genius – volunteers
Not everyone starts work when payment is made.
Volunteers alert the open source maintainers to security vulnerabilities. Attentive customers notice errors in companies’ software and draw their attention to them. Because “good” hacking is still unknown, there is often no thank you (or something donated). Stupid companies sue some ethical hackers (wrongly and are left with the costs).
Approach to ethical hacking
Reconnaissance: This step is the basis of the hack. The hacker has to analyze the system. What information can I collect about the victim system with “read operations”?
- What software is installed? In which version?
- Which ports are open? What is behind the port?
In this step, the hacker wants to get an overview of the target system. If the hacker doesn’t find anything worth mentioning about his target, then the hack ends unsuccessfully.
Scanning: Ethical hackers use special tools that can scan for typical characteristics of certain software. These tools discover ports and determine versions of software. The more precise (not fake) information the hacker receives about the target system, the better the chances of a successful hack.
Find access: If there is enough information, the hacker tries to penetrate the system using so-called exploits (utilization software for vulnerabilities). Exploits are script files that take advantage of a specific vulnerability in the software. By specifying the target (IP and port), the hackers can hack into computers with a few keystrokes. At hoes, there is no straight-line access. The hacker has to try many ways to gain access to the system.
Maintain access: Once the first access is obtained, the hacker builds a reverse shell and demonstrates to the customer how much damage the hacker could do to the productive systems.
Prepare documentation: A SIEM can analyze the traces created during hacking and, on the basis of these, detect attempted attacks and block them via SOAR . The ethical hacker creates documentation on how he was able to bypass the system and what he proposes as a solution.
What is the difference to a penetration tester?
Ethical hacking is the broader umbrella term that brings together a catalog of cyber attack techniques .
A penetration tester is a job title. The pen tester checks a specific system for vulnerabilities and the company pays the pen tester for the tests performed and the documentation of the vulnerabilities. Ideally, the pen tester finds nothing.
How can I learn ethical hacking?
Depending on the application and goal, there are different approaches and techniques. If you want to hack websites , you have to deal with the security mechanisms of websites . If you want to hack apps, then you have to deal with applications on the mobile devices.
It’s about what are you targeting.
Where does ethical hacking border on criminal hacking?
Although an ethical hacker wants to help the company, he can “unintentionally become a criminal”.
If the ethical hacker discovers a directory on the bank’s website with a customer.xlxs, they must report the breach. He is not allowed to open the file because the hacker violates other personal rights.
“A Dance on the Razor Blade”
What tools does an ethical hacker use?
Ethical hackers use hacking tools, software specific to hacking. These tools can scan computers for vulnerabilities and, in a further step, exploit these vulnerabilities. When the hacker is in a system as an administrator, he can perform any operation and cause damage.
I have compiled for you the 30 most important hacking tools that are legally used for ethical hacking purposes.
How Much Does an Ethical Hacker Earn?
As an employee / freelancer earns a fixed base salary. In order to increase motivation at work, companies can offer the employee extra compensation for each weak point.
A bug bounty collector earns money when the collector finds a bug and finds it in time before all other bug bounty collectors. The company only pays out money if the vulnerability can be reproduced and if it is “dangerous”.
What are alternatives to ethical hacking?
The alternative to ethical hacking is secure programming . The development team checks several times whether new features and changes lead to vulnerabilities.
Secure programming doesn’t help to find all security problems, but an ethical hacker finds fewer problems.