What is ethical hacking?

Five phases of ethical hacking

Most ethical hacking takes place in five stages. Let’s break down each stage, and how hackers go about the process. 

1. Reconnaissance

During the reconnaissance stage, hackers gather as much information and data as possible in a particular network. Hackers also spend time auditing security and identifying potential entry points to scan in the next step.

The information hackers gather depends on the network itself. For example, ethical hackers might come across details like IP addresses, email addresses, databases or webpage links.

2. Scanning

Using information gathered during reconnaissance, ethical hackers directly scan systems for weaknesses. This means focusing on specific areas of a network that might be particularly vulnerable to hacking attempts. It might also mean scanning specific applications connected to company networks that could serve as a viable point of entry.

Network mapping is a major priority during the scanning stage. This occurs when hackers map a network in terms of range, hosts and associated devices. This helps hackers achieve a much better understanding of a company’s network infrastructure, as well as the access permissions they might find inside.

3. Gaining access

Insight becomes action in this third stage, as ethical hackers attempt to exploit vulnerabilities they’ve identified. They might use techniques in code injection, buffer overflow or authentication bypass to gain unauthorized access to specific ports or files. Hackers might use social engineering techniques if they identify weaknesses in a company’s workforce.

Once they gain access to a network, ethical hackers attempt to widen their scope of visibility. Where malicious hackers would begin to steal information or install malware, ethical hackers only document their findings. They record specific steps that explain how they broke into the network.

4. Maintaining access

After obtaining access to a network, ethical hackers work to maintain it. This stage mimics a malicious hacker’s attempts to hold a network open long enough to take control of the system. That process typically involves rootkits and malicious software that more easily enables unauthorized access to a particular system or network.

If an ethical hacker is actively working against a company’s IT team to hack a network, they often practice persistence — techniques to reestablish network access after it is cut off. They might also simulate a backdoor attack that establishes consistent network access even if the original entry point is patched. 

5. Covering tracks

Many ethical hackers will further simulate a real-world attack by “covering their tracks” after the hack has concluded. This means hiding evidence that an attack took place. Hackers might modify registry values, revise log files or delete data that suggests illicit network entry.

A first step in hiding hack evidence is revising event logs. Event logs typically record major actions within a specific network, from user login times to file access. Malicious hackers may try to clear these logs to avoid raising suspicion within the organization they just hacked. Ethical hackers follow suit, attempting to erase this evidence before presenting a report to the hiring company.

Ethical hacking tools and resources

Certified ethical hackers use a variety of tools to help save time when scanning networks, identifying vulnerabilities or performing actual exploits.

 Here are some of the most popular resources:

• Metasploit: An open-source tool that helps hackers introduce custom code into a network for testing and potential exploitation.
• Nmap: An open-source tool, short for Network Mapper, that helps scan systems and perform network inventory tasks before proceeding with any exploitation.
• Nessus: A remote security tool that scans devices for vulnerabilities, one port at a time. 
• Acunetix: A dynamic hacking tool that automatically scans for more than 4,500 common vulnerabilities across scanned web applications.

Ethical hackers often use a combination of tools for a single hack, depending on their objectives. Together, these tools help accomplish all five stages of an ethical hack — from reconnaissance through network exit and reporting.

Challenges faced by ethical hackers

Ethical hackers face a unique set of challenges each day at work, particularly in staying up to date with techniques.

It’s their job to simulate a malicious attack. To do so, they must stay updated on the latest malware, phishing and hacking trends. They also need to regularly update their tools and their own skills in cybersecurity as hacking practices evolve.

Legal and ethical considerations

An ethical hacker can also face challenges in maintaining compliance. Unlike other professionals, they attempt to emulate illegal activities. Even as they attempt to breach a company’s networks, they can only perform activities that follow legal guidelines.

Ethical hackers need explicit permission from a company before breaching their systems. Without that permission, hackers’ actions are considered malicious — subject to criminal charges under the Computer Fraud and Abuse Act. 

They should follow responsible disclosure practices. This means fully revealing all security vulnerabilities after examining a company’s security. It also means allowing that company sufficient time to fix vulnerabilities before making information public.

How do you become an ethical hacker?

There’s really no such thing as an entry-level ethical hacker. Many work toward becoming job-ready professionals by gaining experience in related information security and cloud computing roles. 

For example, some cybersecurity analysts eventually grow into roles where they do penetration tests and other vulnerability-management tasks. Experienced software developers may pursue ethical hacker roles after developing overlapping information technology skills in programming, web compliance and application architecture.

Education and training for ethical hackers

Becoming an ethical hacker involves a combination of education and hands-on experience.

Many students begin their journey in the field of ethical hacking with a computer science, cybersecurity or technology degree. These programs teach important skills in cybersecurity, IT, data science and related subjects.

Many pursue education in cyber and network defense to reinforce skills like network analysis and risk management. You can further strengthen your knowledge with a certificate in digital forensics, learning even more about network traffic and threat reporting.

Ethical hacker salary and job description

The U.S. Bureau of Labor Statistics (BLS) categorizes an ethical hacker as a type of information security analyst. The average salary can vary based on several factors, like location, employer and years of experience. As of May 2021, information security analysts earned an annual salary range between $61,520 and $165,920, according to BLS.*

Here are some of the responsibilities of an ethical hacker:

• Conducting vulnerability assessments that identify a wide range of network weaknesses.
• Penetration testing to identify if it’s possible to breach a company’s systems, including its networks and data.
• Explaining to companies how and why their networks are vulnerable to external cybersecurity threats.
• Educating company employees on how they can guard against cyberattacks.

The exact tasks of an ethical hacker depend on the employer’s needs. For example, some ethical hackers spend more time assessing networks for threats. Others serve more of an educational role in helping employees take personal responsibility for data and network safety.

*Salary ranges are not specific to students or graduates of University of Phoenix. Actual outcomes vary based on multiple factors, including prior work experience, geographic location and other factors specific to the individual. University of Phoenix does not guarantee employment, salary level or career advancement. BLS data is geographically based. Information for a specific state/city can be researched on the BLS website.

Cybersecurity degrees and education at University of Phoenix

Whether you’re seeking a basic understanding of cybersecurity or you’re a working professional looking to expand your IT skill set, University of Phoenix (UOPX) offers online course collections, bachelor’s degrees and master’s degrees. Learn more about undergraduate and graduate online technology degrees and certificates from UOPX and start your IT journey today!

• Associate of Science in Cybersecurity — The International Council of E-Commerce Consultants (EC-Council) and University of Phoenix teamed up to launch the Associate of Science in Cybersecurity degree and elective courses that align with three EC-Council certification exams: Certified Ethical Hacker (CEH), Certified Network Defender (CND) and Certified Secure Computer User (CSCU). Awarded the EC-Council’s 2019-2022 Academic Circle of Excellence Award as a result of this partnership, this program is designed to help you develop the problem-solving skills and techniques needed to defend the cyber domain.
• Bachelor of Science in Information Technology — In this program, you’ll learn skills including business process, cybersecurity, information systems, operations and systems analysis.
• Bachelor of Science in Cybersecurity — This online program teaches skills such as security policies, network security, cybersecurity and more.
• Master of Science in Cybersecurity — This online program explores in depth such skills and topics as cybersecurity, security policies and vulnerability.
• Certified Ethical Hacker Course Collection — This course collection can help you prepare for the EC-Council Certified Ethical Hacker (CEH) exam. Topics include the phases of ethical hacking, recognizing weaknesses and vulnerabilities of a system, social engineering, IoT threats, risk mitigation and more. Tuition savings and a discounted certification exam fee are offered to non-degree students.
• Certified Incident Handler Course Collection — This course collection can help you prepare for the EC-Council Certified Incident Handler (ECIH) exam. This specialist certification focuses on how to effectively handle security breaches. Tuition savings and a discounted certification exam fee are offered to non-degree students.
• Certified Network Defender Course Collection — This course collection can help you prepare for the entry-level EC-Council Certified Network Defender (CND) exam. Courses focus on protecting a network from security breaches before they happen. Tuition savings and a discounted certification exam fee are offered to non-degree students.
• Computer Hacking Forensics Investigator Course Collection — This course collection can help you prepare for the EC-Council Computer Hacking Forensics Investigator (CHFI) exam. You’ll learn about the latest technologies, tools and methodologies in digital forensics, including the dark web, IoT, malware, the cloud and data forensics.
• Advanced Cybersecurity Certificate — You can develop technical knowledge to step into the fast-growing field of IT security, helping keep computer systems safe from data breaches and cyberattacks. You’ll get real-life experience through hands-on IT labs and simulations while developing a broad knowledge of cybersecurity to help prepare you for your technology career.