Hello people ! Welcome back to my ethical hacking series .So in this series , we have seen the basics of ethical hacking and types of scanning in the previous two blogs . In this blog i am gonna start with the phases of ethical hacking and i will explain each of them in separate blogs ! Do follow the previous blogs for better understanding . Let's get into the blog .

There are mainly 5 phrases in hacking . These are phases may or may not be followed always but it is a step by step process to get a successful result in hacking . The first phase in ethical hacking is “ Reconnaissance”.

What is Reconnaissance ?

This is the preparatory phase where the hackers collect as many possible details about the targets . It is also called as Foot printing and Information gathering .the details is everything ! Starting from their mails , texts or an open loophole anything that leads to the target  and using the loopholes or details to their advantages .

Steps followed in reconnaissance :

• Accumulate inceptive data 
• Decide the range of the network
• To recognize all active machines
• To get hold of the OS being used
• Uniquely mark the working framework
• Revealing services used on ports 
• Understanding the network map

Two phases of reconnaissance :

1. Active reconnaissance 
2. Passive reconnaissance

Active Reconnaissance :

In this process , the hackers will directly interact with the computer systems and networks to gain information . At this point when we use active reconnaissance , there is a high possibility that data's like IP  address is known by the framework which we are attempting to accumulate the data about . But the defects of using this is there may be a chance of getting detected by others . eg : Using some tools to collect the details (NMAP).

Passive reconnaissance :

This means trying to collect the information about the target without directly accessing the targets through publicly available sources like social medias and one such source is open-source intelligence also known as OSINT. There are also many other sources like SHODAN  which are some very powerful tools when it comes to passive reconnaissance .

There are three sub processes of reconnaissance :

1. Foot printing is gathering data about the targets which will be used by using different strategies . Foot printing consumes maximum time .
2. Enumeration : the enumeration in data security is the way to extract names , network assets and different connections of the target systems .They use these data's to differentiate them into useful ones and vulnerabilities .
3. Scanning : it is most happening process where they search for the devices that can be used to misuse the frameworks . All the devices combined with LAN via a modem or ports will be discovered in scanning .

So that's all will be for reconnaissance  , i will see you with the next phase in another blog .

Thanks for reading ! 💙