Phases Of Hacking


HACKING meant to possess extraordinary computer skills able to extend the limits of computer systems and besides that understanding, the victim is an essential component of a successful defense. However, today there are automated tools and codes available on the Internet that make it possible for anyone with a will and desire to hack and succeed. The ease with which system vulnerabilities can be exploited increased while the knowledge curve required to perform such exploits shortened. The concept of the elite/super hacker is an illusion. So HACKAGON listed down the Phases Of Hacking for the ease of HACKERS.

However, hackers are generally intelligent individuals with good computer skills and the ability to create and explore into the computer’s software and hardware. Their intention can be either to gain knowledge or dig around to do illegal things. Attackers are motivated by the zeal to know more while malicious attackers intend to steal data.

Phases Of Hacking Hackagon

About Phases Of Hacking:

The process could be divided into five distinct phases. There are different models but this one is common. White, black or grey hat hackers use the equivalent process. So, it is also important to understand the sequence of phases. Indeed, the result or the output of a phase is used in the following. It is not enough to run just security tools. It is vital to understand the order in which they are used to perform a penetration test complete and realistic.

Five Phases of Hacking

Phase#1  Reconnaissance

Reconnaissance is probably the longest phase, sometimes lasting weeks or months.  The black hat uses a variety of sources to learn as much as possible about the target victim and how it operates, including:

  • Internet searches
  • Social engineering
  • Dumpster diving
  • Domain names management/search services
  • Non-intrusive network scanning

The activities in this phase are not easy to defend against.  Information about an organization finds its way to the Internet via various routes.  Employees are often easily tricked into providing tidbits of information which, over time, act to complete a complete picture of processes, organizational structure, and potential soft spots.  However, there are some things you can do which make it much harder for an attacker, including

  • Make sure your systems don’t leak information to the Web, including:
    • Software versions and patch levels
    • Email addresses
    • Names and positions of key personnel
  • Ensure proper disposal of printed information
  • Provide generic contact information for domain name registration lookups
  • Prevent perimeter LAN/WAN devices from responding to scanning attempts

Phase#2  Scanning And Enumeration

Once the attacker has enough information to understand how the business works and what information of value might be available, he or she begins the process of scanning perimeter and internal network devices looking for weaknesses, including:

  • Dialers
  • Port scanners
  • Internet Control Message Protocol (ICMP) scanners
  • Ping sweeps
  • Network mappers
  • Simple Network Management Protocol (SNMP) sweepers
  • Vulnerability scanners

Scans of perimeter and internal devices can often be detected with intrusion detection (IDS) or prevention (IPS) solutions, but not always.  Veteran black hats know ways around these controls.  In any case, some steps you can take to thwart scans include

  • Shutting down all unneeded ports and services
  • Allow critical devices, or devices housing or processing sensitive information, to respond only to approved devices
  • Closely manage system design, resisting attempts to allow direct external access to servers except under special circumstances and constrained by end-to-end rules defined in access control lists
  • Maintain proper patch levels on endpoint and LAN/WAN systems

Phase#3  Gaining Access

Gaining access to resources is the whole point of a modern-day attack.  The usual goal is to either extract information of value to the attacker or use the network as a launch site for attacks against other targets.  In either situation, the attacker must gain some level of access to one or more network devices.

In addition to the defensive steps described above, security managers should make every effort to ensure end-user devices and servers are not easily accessible by unauthenticated users.  This includes denying local administrator access to business users and closely monitoring domain and local admin access to servers.  Further, physical security controls should detect attempts at a hands-on attack, and delay an intruder long enough to allow effective internal or external human response (i.e., security guards or law enforcement).

Finally, encrypt highly sensitive information and protect keys.  Even if network security is weak, scrambling information and denying attacker access to encryption keys is a good final defense when all other controls fail.  But don’t rely on encryption alone.  There are other risks due to weak security, such as system unavailability or use of your network in the commission of a crime.

Phase#4  Maintaining Access

Having gained access, an attacker must maintain access long enough to accomplish his or her objectives.  Although an attacker reaching this phase has successfully circumvented your security controls, this phase can increase the attacker’s vulnerability to detection.

In addition to using IDS and IPS devices to detect intrusions, you can also use them to detect extrusions.  A short list of intrusion/extrusion detection methods, described in Chapter 3 – Extrusion Detection Illustrated (Extrusion Detection: Security Monitoring for Internal Intrusions, Richard Bejtlich, 2006), includes

  • Detect and filter file transfer content to external sites or internal devices
  • Prevent/detect direct session initiation between servers in your data center and networks/systems not under your control
  • Look for connections to odd ports or nonstandard protocols
  • Detect sessions of unusual duration, frequency, or amount of content
  • Detect anomalous network or server behavior, including traffic mix per time interval

Phase#5  Covering Tracks

After achieving his or her objectives, the attacker typically takes steps to hide the intrusion and possible controls left behind for future visits.  Again, in addition to anti-malware, personal firewalls, and host-based IPS solutions, deny business users local administrator access to desktops.  Alert on any unusual activity, any activity not expected based on your knowledge of how the business works.  To make this work, the security and network teams must have at least as much knowledge of the network as the attacker has obtained during the attack process. Examples of activities during this phase of the attack include

  • Steganography
  • Using a tunneling protocol
  • Altering log files

This article about Phases Of Hacking is not intended to make you an expert in network defense. Instead, it should serve as an introduction to methods employed by black hat hackers when compromising an information resource. Armed with this information, security professionals are better prepared to prepare for battle, locating and engaging the enemy wherever or whenever necessary.

Note: – This guide is only for knowledge purpose and shouldn’t be used for any illegal activities as we are not responsible for anything happens with this.

Hope you like this article. So, doesn’t forget to share it with your friends and also feel free to drop a comment below if you still face any kind of problem.

  • Facebook
  • Twitter
  • Google+
  • Linkedin
  • Pinterest


  1. I seriously love your site.. Great colors & theme. Do you make this web site yourself?
    Please reply back as I’m about to create my very own personal site and would
    want to find out in which you got this from or precisely what the theme is known as.

    Appreciate it!

    • Thanks for the beautiful compliment JesseJKrejsa. We’ve made this website on our own but as you’re creating your own weblog so if you want any kind of help regarding blogging issues then we’re always there for our multitude reader just gives us a shout.

  2. Thanks a lot ElaSBukowski and also to your group of volunteers for liking our work. . .We are grateful that we have amazing readers like you guys who inspire us for writing all the amazing articles.
    Keep visiting for upcoming amazing tech hacks.

  3. I intended to put you one very small remark to finally thank you very much once again relating to the exceptional suggestions you have shared on this site. It was quite surprisingly generous with people like you to present without restraint what exactly many individuals could possibly have distributed as an electronic book in order to make some profit on their own, even more so seeing that you could have done it if you ever wanted. The solutions in addition worked to be the easy way to fully grasp that other people have a similar desire like my own to learn more and more when it comes to this problem. I know there are numerous more enjoyable situations ahead for many who find out your website.

  4. Hello WenHUplinger, Thanks a lot for appreciating our work and as you’ve asked suggestions for setting up a blog so that’s not difficult at all whether you are a coder or non-coder but I’ll suggest focusing on:
    1> Choose right domain.
    2> Best niche.
    3> Use WordPress as it’s best for blogging purpose.
    4> Choose the best color combination for your website (Stay Professional).
    5> Always write a unique quality article/content.

    Hope HACKAGON matched your expectations & feel free to ask if you still have any query.
    Visit Again.

Leave a Reply