Skip to main content

Know about hacking [Basics]


Hacking is identifying weakness in computer systems or networks to exploit its weaknesses to gain access. Example of Hacking: Using password cracking algorithm to gain access to a system. 

Computers have become mandatory to run a successful businesses. It is not enough to have isolated computers systems; they need to be networked to facilitate communication with external businesses. This exposes them to the outside world and hacking. Hacking means using computers to commit fraudulent acts such as fraud, privacy invasion, stealing corporate/personal data, etc. Cyber crimes cost many organizations millions of dollars every year. Businesses need to protect themselves against such attacks. 

Who is a Hacker?


A Hacker is a person who finds and exploits the weakness in computer systems and/or networks to gain access. Hackers are usually skilled computer programmers with knowledge of computer security.

Hackers are classified according to the intent of their actions. The following list classifies hackers according to their intent. 


Hackers can be classified into different categories such as white hat, black hat, and grey hat, based on their intent of hacking a system. These different terms come from old Spaghetti Westerns, where the bad guy wears a black cowboy hat and the good guy wears a white hat.

White Hat Hackers

White Hat hackers are also known as Ethical Hackers. They never intent to harm a system, rather they try to find out weaknesses in a computer or a network system as a part of penetration testing and vulnerability assessments.
Ethical hacking is not illegal and it is one of the demanding jobs available in the IT industry. There are numerous companies that hire ethical hackers for penetration testing and vulnerability assessments.

Black Hat Hackers

Black Hat hackers, also known as crackers, are those who hack in order to gain unauthorized access to a system and harm its operations or steal sensitive information.
Black Hat hacking is always illegal because of its bad intent which includes stealing corporate data, violating privacy, damaging the system, blocking network communication, etc.

Grey Hat Hackers

Grey hat hackers are a blend of both black hat and white hat hackers. They act without malicious intent but for their fun, they exploit a security weakness in a computer system or network without the owner’s permission or knowledge.
Their intent is to bring the weakness to the attention of the owners and getting appreciation or a little bounty from the owners.

Miscellaneous Hackers

Apart from the above well-known classes of hackers, we have the following categories of hackers based on what they hack and how they do it −

Red Hat Hackers

Red hat hackers are again a blend of both black hat and white hat hackers. They are usually on the level of hacking government agencies, top-secret information hubs, and generally anything that falls under the category of sensitive information.

Blue Hat Hackers

A blue hat hacker is someone outside computer security consulting firms who is used to bug-test a system prior to its launch. They look for loopholes that can be exploited and try to close these gaps. Microsoft also uses the term BlueHat to represent a series of security briefing events.

Elite Hackers

This is a social status among hackers, which is used to describe the most skilled. Newly discovered exploits will circulate among these hackers.

Script Kiddie

A script kiddie is a non-expert who breaks into computer systems by using pre-packaged automated tools written by others, usually with little understanding of the underlying concept, hence the term Kiddie.

Neophyte

A neophyte, "n00b", or "newbie" or "Green Hat Hacker" is someone who is new to hacking or phreaking and has almost no knowledge or experience of the workings of technology and hacking.

Hacktivist


A hacktivist is a hacker who utilizes technology to announce a social, ideological, religious, or political message. In general, most hacktivism involves website defacement or denialof-service attacks.

 
Labels:

Comments

Post a Comment

Popular posts from this blog

My Life as Information security engineer Chapter 1: Tools

  Hi folks, here I am going to share the tools list that I am using in my daily life cycle. NMAP  Nmap (“Network Mapper”) is a free and open-source (license) utility for network discovery and security auditing. Basically, I will use it to discover the open ports and closed ports where I did Port Mapping in firewalls. We can use this in the local network as well as in the WAN network. Also with help of the NSE script, we do multiple things like vulnerability check, exploitation, etc., Ref: http://www.piratesshield.com/2017/11/nmap-network-mapper-securtiy-scanner.html CURL and WGET curl   is a tool to transfer data from or to a server, using one of the supported protocols (HTTP, HTTPS, FTP, FTPS, SCP, SFTP, TFTP, DICT, TELNET, LDAP or FILE). Normally using this tool to analyze the website headers when my web security device blocking some dynamic content websites and to create the Application signature in IPS. Wget   using to download files directly instead of opening and surfing the brow
Post a Comment
Read more

AquaSec Container Security Solution ( DevSecOps ) - A quickView

  What is AquaSec?      The Aqua Platform is the leading Cloud Native Application Protection Platform (CNAPP) and provides prevention, detection, and response automation across the entire application lifecycle to secure the supply chain, secure cloud infrastructure, and secure running workloads wherever they are deployed.    Solutions : Cloud Native Security Platform CSPM Cloud Security Container Security Kubernetes Security Serverless Security Cloud VM Security Dynamic Threat Analysis (DTA) Container Vulnerability Scanning Aquasec offers a 14days trial to learn the container security / Automated DevSecOps. Use this link to get free trail  Sign In | Aqua (aquasec.com)   How to start with AquaSec? Once login into the portal click the nine dots in the left-side top > Aqua Hub  Then click the "Integrations" The Integration page has a lot of options to connect your container Platform Choosing your platform provides the required key to integrate. (follow the OEM documents ) The
Post a Comment
Read more

Learn DevOps like a pro techie - PART 1

       Usually, all DevOps trainers advise you to set up the LAB environment on cloud platforms (AWS, Azure, GCP, etc). But if you understand the technologies you can set it up easily on your super PC.   PC REQUIREMENTS : (WARNING!) Processor      :  > = i3 (10th or 11th Gen)  RAM              :  8GB (minimum) Storage          :  SSD preferred TIPS: If you using win11 or win10 and performance is very slow means use the below script. Windows 11 only:  https://github.com/builtbybel/ThisIsWin11 Windows 10 only:  https://github.com/builtbybel/bloatbox The LAB mainly depends on the docker platform. So First, start learning the basics of Docker. Docker Basics:  https://www.tutorialspoint.com/docker/index.htm KNOWLEDGE REQUIRED - Linux Knowledge (5/10) (installation of apps, editing scripts, user privileges, and troubleshooting)  - Web Development (3/10) -  Google Search and Stackoverflow (9/10)....... he he he......... UTILITY TOOLS AND PRE-REQUISITES   - Install Window Terminal Preview
Post a Comment
Read more