Know about whitehat for free
The term "white hat" in Internet slang refers to an ethical computer hacker, or a computer security expert, who specializes in penetration testing and in other testing methodologies to ensure the security of an organization's information systems. Ethical hacking is a term coined by IBM meant to imply a broader category than just penetration testing. White-hat hackers may also work in teams called "sneakers", red teams, or tiger teams. White hat hackers tend to stick to a contract authorized by solicitors which is signed by the hacker and the third party in order to cover the hackers back.
While penetration testing concentrates on attacking software and computer systems from the start – scanning ports, examining known defects and patch installations, for example – ethical hacking, which will likely include such things, is under no such limitations. A full blown ethical hack might include emailing staff to ask for password details, rummaging through executive’s dustbins or even breaking and entering – all, of course, with the knowledge and consent of the targets. To try to replicate some of the destructive techniques a real attack might employ, ethical hackers arrange for cloned test systems, or organize a hack late at night while systems are less critical.
Some other methods of carrying out these include:
Such methods identify and exploit known vulnerabilities, and attempt to evade security to gain entry into secured areas.
The term "white hat" in Internet slang refers to an ethical computer hacker, or a computer security expert, who specializes in penetration testing and in other testing methodologies to ensure the security of an organization's information systems. Ethical hacking is a term coined by IBM meant to imply a broader category than just penetration testing. White-hat hackers may also work in teams called "sneakers", red teams, or tiger teams. White hat hackers tend to stick to a contract authorized by solicitors which is signed by the hacker and the third party in order to cover the hackers back.
While penetration testing concentrates on attacking software and computer systems from the start – scanning ports, examining known defects and patch installations, for example – ethical hacking, which will likely include such things, is under no such limitations. A full blown ethical hack might include emailing staff to ask for password details, rummaging through executive’s dustbins or even breaking and entering – all, of course, with the knowledge and consent of the targets. To try to replicate some of the destructive techniques a real attack might employ, ethical hackers arrange for cloned test systems, or organize a hack late at night while systems are less critical.
Some other methods of carrying out these include:
- DoS attacks
- Social engineering tactics
- Security scanners such as:
- W3af
- Nessus
- Nexpose
- Frameworks such as:
- Metasploit
Such methods identify and exploit known vulnerabilities, and attempt to evade security to gain entry into secured areas.
0 comments:
Post a Comment