Week 3: Ethical Hacking
Welcome back. This blog post is a recap of what I learned in week 3 of the TCM Security PNPT free live course. Before this week started, I was excited and nervous. Why? I’m not that experience with red team skills. I don't want to feel lost because I do not understand what’s happening or cannot follow along. Even though, TCM Security prompts this course stating no experience is necessary to take it. They do recommend that you are familiar with specific topics such as basic command Kali Linux commands, some bash scripting and python, and network subnetting.
This week, the TCM Security PNPT course introduces ethical hacking. This is what everyone's been waiting for. Before we hack into systems, we have to discuss the basics first. So, what is ethical hacking? Ethical hacking detects vulnerabilities found in application, system, and organization’s infrastructure to identify weak security measures that hackers can use to exploit and launch cyberattacks. There are different types of pentesting that ethical hackers can encounter on the job such as external network pentesting, internal network pentesting, web application pentesting, wireless pen testing, mobile pentesting, physical pentesting, and so much more.
Before an ethical hacker can start, both the ethical hacker and the client must sign a document called the rules of engagement. Rules of engagement is a document that defines for the client and ethical hacker to know exactly what is being testing, when it's being tested, and how it's being tested. It is important because it sets up the expectations of the pentesting and protects the pen tester from any damages, liabilities, or unexpected surprises that can occur during the pen test. Another part of pen testing is defining the scope. It defines the targets, boundaries, and depth of an assessment such as IP addresses, systems, networks, etc. Going out of the defined scope can land you into serious trouble with the company or with authorities, so please tread lightly.
After defining the scope with the client and signing the rules of engagement, you can begin pentesting. There are five stages to ethical hacking. There are the following: 1) Reconnaissance, 2) Scanning & Enumeration, 3) Gaining access through exploitation, 4) Maintaining access, and 5) Covering tracks.
This week, the course went over reconnaissance. During reconnaissance, the ethical hacker gathers intelligence to understand the target and find vulnerabilities. Ethical hackers use OSINT or Open Source Intelligence. Open Source Intelligence is data that is gathered and collected from free public sources. Before you ask, it is legal. Anything you have voluntarily put on the internet such as your email address, pictures, your job title, your employer, etc hackers can use to launch a cyberattack. They can do a simple google search using search operations such as site, OR, AND, filetype, etc, or use OSINT tools that can discover email addresses, passwords, satellite images, building layout, etc. It is crazy how much you can find out about a target during passive recon. This is why it is important to take cybersecurity seriously. Do not post just anything on the internet. Be extremely careful about what you put online and who has access to it.
That’s it. Thank you for reading my blog post. Please follow along for week 4. Bye !!!!