1 00:00:01,500 --> 00:00:05,040 Now, let's start with our first course that is ethical hacking. 2 00:00:05,500 --> 00:00:09,000 OK, so what is ethical hacking? 3 00:00:10,020 --> 00:00:17,280 Well, some experts have written that there is no such word like ethical hacking because hacking will 4 00:00:17,280 --> 00:00:18,360 never be ethical. 5 00:00:18,720 --> 00:00:25,950 While, on the other hand, some experts suggested that performing hacking, with all required permission 6 00:00:25,950 --> 00:00:28,590 from the owner, is called ethical hacking. 7 00:00:29,100 --> 00:00:36,320 OK, now, if you don't assume that ethical hacking exist, then what is the whole process called? 8 00:00:36,800 --> 00:00:39,150 Well, it is called as penetration testing. 9 00:00:39,480 --> 00:00:39,800 Right? 10 00:00:40,560 --> 00:00:46,810 But for now, we have to assume that ethical hacking exist right now. 11 00:00:46,830 --> 00:00:48,600 What is hacking C? 12 00:00:48,720 --> 00:00:51,330 Hacking simply means illegal intrusion. 13 00:00:52,290 --> 00:00:56,530 OK, now what are the phases of ethical hacking? 14 00:00:57,450 --> 00:01:01,270 See, there are six phases of ethical hacking. 15 00:01:02,410 --> 00:01:05,760 OK, three phases. 16 00:01:07,560 --> 00:01:13,840 Now, if you search on the Internet, you will find this image OK? 17 00:01:14,730 --> 00:01:18,040 It's mentioning that there are five phases of ethical hacking. 18 00:01:18,700 --> 00:01:22,630 OK, we will see the sixth one at the end of this lesson. 19 00:01:23,430 --> 00:01:26,530 Now we will start with reunion's, OK? 20 00:01:26,850 --> 00:01:28,800 It is also called s footprinting. 21 00:01:29,610 --> 00:01:35,790 OK, footprinting means gathering information about your target as much as possible. 22 00:01:36,570 --> 00:01:39,780 Now we can collect information in three different parts. 23 00:01:39,990 --> 00:01:45,770 First network, second is host and the third one is people involved. 24 00:01:46,230 --> 00:01:46,560 Right. 25 00:01:47,460 --> 00:01:51,320 So footprinting is of two types. 26 00:01:51,750 --> 00:01:59,520 First is it to another espacio active means directly interacting with your target to gather information. 27 00:02:00,060 --> 00:02:05,040 Example, we can use some tools like and map to scan our target. 28 00:02:05,790 --> 00:02:09,060 OK, so that comes under active scanning. 29 00:02:09,690 --> 00:02:10,900 So the active footprinting. 30 00:02:11,490 --> 00:02:13,410 Now let's talk about passive footprinting. 31 00:02:13,860 --> 00:02:22,410 Passive means trying to collect information about your target but without directly interacting or without 32 00:02:22,410 --> 00:02:24,270 directly accessing the target. 33 00:02:25,200 --> 00:02:32,340 OK, for example, it involves collecting information from public websites and social media platforms. 34 00:02:32,850 --> 00:02:37,410 OK, now, now comes the second step that is scanning. 35 00:02:38,940 --> 00:02:42,750 So mainly three types of scanning is involved. 36 00:02:43,920 --> 00:02:45,810 First is your board scanning. 37 00:02:46,230 --> 00:02:48,360 Another one is already scanning. 38 00:02:48,360 --> 00:02:49,970 And the third one is network mapping. 39 00:02:50,280 --> 00:02:50,630 Right. 40 00:02:50,940 --> 00:03:00,000 So board scanning means scanning the target for information like open ports, life systems and other 41 00:03:00,000 --> 00:03:03,510 things like which operating system it was running on, etc.. 42 00:03:04,740 --> 00:03:06,570 Then comes the vulnerability scanning. 43 00:03:07,800 --> 00:03:12,630 It means checking our target for weaknesses. 44 00:03:12,820 --> 00:03:15,950 OK, checking for the weak points of our targets. 45 00:03:16,950 --> 00:03:21,990 We generally use some automated tools to perform this particular OK. 46 00:03:22,620 --> 00:03:25,020 Then comes the network mapping network. 47 00:03:25,020 --> 00:03:31,170 Mapping means finding out the network structure that is topology. 48 00:03:31,530 --> 00:03:34,060 OK, we will find out topology of network. 49 00:03:34,440 --> 00:03:38,640 We will also find information like routers, firewalls and servers. 50 00:03:39,750 --> 00:03:45,840 OK, now the third is gaining access. 51 00:03:46,140 --> 00:03:54,750 Gaining access means entering into your target system or entering into your network or entering into 52 00:03:54,750 --> 00:03:56,410 your target Web site. 53 00:03:56,910 --> 00:04:01,620 So the part of entering OK, this comes under gaining access. 54 00:04:03,090 --> 00:04:13,500 Now, after entering into a system, we can gain administrative privileges so that we can install applications 55 00:04:13,500 --> 00:04:14,250 which we need. 56 00:04:14,760 --> 00:04:19,300 Right, in order to modify our target's data. 57 00:04:20,370 --> 00:04:28,110 Then comes the maintaining access C maintaining access is very important because the longer the time 58 00:04:28,110 --> 00:04:34,470 you are in to your target system, you, the more you can gain information, the more you can steal 59 00:04:34,470 --> 00:04:36,120 information from the target. 60 00:04:36,540 --> 00:04:36,940 OK. 61 00:04:38,490 --> 00:04:47,430 Right now we can done this or you can do this using Georgian's rootkit and other malicious files. 62 00:04:48,300 --> 00:04:55,140 Right now comes the fifth phase that is clearing tracks C not if you wants to get caught. 63 00:04:55,530 --> 00:04:55,820 Right. 64 00:04:56,070 --> 00:04:59,580 So it is important to clear all the evidences. 65 00:05:00,440 --> 00:05:09,260 OK, so what we do in this is one very clear log's, OK, or we can modify some registry values or to 66 00:05:09,560 --> 00:05:15,850 and install applications that we have installed earlier in order to maintain access or we can hide such 67 00:05:15,870 --> 00:05:16,700 applications. 68 00:05:17,190 --> 00:05:17,480 Right. 69 00:05:18,170 --> 00:05:21,040 So this is how we can clear our tracks. 70 00:05:21,530 --> 00:05:28,000 We can do this in two ways, either manually or by using some automated tools like audit, phone, etc.. 71 00:05:29,030 --> 00:05:29,480 OK. 72 00:05:29,720 --> 00:05:35,710 Now comes the last phase that is report writing. 73 00:05:36,660 --> 00:05:45,020 OK, it is important for an ethical hacker to maintain a report so that we can present this later to 74 00:05:45,020 --> 00:05:45,800 the management. 75 00:05:46,610 --> 00:05:51,110 OK, so this is the sixth and last last phase of ethical hacking. 76 00:05:52,310 --> 00:05:58,490 I hope now you understand what what the ethical hacking is and what are the different phases of ethical 77 00:05:58,490 --> 00:05:58,910 hacking. 78 00:05:59,810 --> 00:06:00,190 Right.