Ethical hacking is never a haphazard process with no due diligence. There is a codified procedure established over the years that mandates ethical hackers to do their work by following a laid-out process.
The need for a process is necessary. To tackle the chaotic and dangerous approach of black hat hackers, a steely form of resistance and organization is needed.
The process of ethical hacking is largely the same. It is important for ethical hackers to follow the established procedure in order to evaluate the level of security a system or network has. The established process tends to cover all aspects of a cyber-attack, which is why anytime a complete autopsy of a given system or network is done, following the procedure is advised.
The first step in the process of ethical hacking is known as information gathering.
While some consider it to be a mere formality, information gathering is nearly always the reason a system ends up getting hacked or being stopped from getting hacked.
Hacking is often a game of information. If the malicious party posseses information about a system ethical hackers know nothing about, this creates a blindspot in the security of the system or network being protected. Thus, information gathering is important.
In this article, we will discuss some basic forms of information gathering ethical hackers should conduct in order to learn what a malicious hacker might know about a system or network.
Search Engines
Search engines like Google are highly informative and can be turned into highly responsive machines with the use of some search commands.
A hacker looking for information about the system or network he/she is about to target would probably first check out a search engine like Google.
Information on Google would help the hacker get some cursory knowledge about the system or network about to be targeted. Ethical hackers should also use search engines for information gathering in order to find out what a black hat hacker might know.
Social Media
After search engines, the next most popular destination of the internet is social media.
Hackers tend to scan through social media to get information about their target. While doing so, they pick up info about the people who use the system/network or work at the company using it.
Most information gathered on social media tends to be used for social engineering attacks. Thus, ethical hackers must carefully scan social media to find any relevant info a malicious hacker might use.
In Conclusion
In conclusion, this article covers some of the basic sources of information gathering ethical hackers must know.
About the Author – Ankur Vats is a well-known tech blogger with writing experience spanning four years. He also writes guest posts for Kapil Heera Academy, an institute known widely for its cyber security courses&best ethical hacking courses in Delhi and other programs in business analytics and digital marketing.
