This article is the part of series “Ethical Hacking Student Guide Series.” Don’t forget to subscribe with Hackers Enigma to stay updated.

Black box is a second type of penetration testing which is something “real hackers thing” In black box testing a professional ethical hacker is hired to perform test on a network. He just do not know anything about the network, OS, anything …

With this zero knowledge he is completely kept in dark about system information hence the test is named as black box. This ethical hacker try to perform passive attack gathering which included gaining information about organization, its employees & technical details about the servers from outside.

This is performed like any other black hat hacker does for some criminal activity.

This test is more effective compared to white box testing & really tests the ethical hacker’s knowledge about penetrating the system.

Penetration testing needs highly trained & experienced professional as this test is quite risky & performed under observation of organizational officials.

Before performing any such tests legal permissions must be taken from their Internet Service Provider (ISP) & from local cops if necessary. The agreements are signed between ethical hacker & organization. And things should be clearly defined on what to do & what not to, for making circumstances workable to an ethical hacker.

Concept is simple but the actual work needs some experience. Its process is complex & involves many things that you see for the first time so newbie or fresher in this field can not take the responsibility of performing a back box

This article is posted under the “Ethical Hacking Student Guide Series”. So don’t forget to subscribe our blog to stay updated.

Penetration testing in simple words can be defined as the test on the live networks or servers directly by attacking by the trained ethical hacking professional person or network security administrator.

If you still cant get, let me make it simpler for you. Consider an organization having its employee working on certain software. It stores all database into some kind of “database server”. What will we do is just hire some ethical hacking trained person & he will directly conduct the test on the possible vulnerable areas of the system or network or the software.

Why Penetration Testing if we can do Vulnerability Assessments?

Well in vulnerability assessment we basically use the automated software which can be handled by unskilled employee. It scans for general vulnerabilities which are well known. But you have to consider those criminal hackers which are always looking for the newest security breaches or flaws on subjected systems. They always wish to do things in smarter way. And to detect such unique security holes we can better perform a penetration testing on network. Its worth, trust me.

Every ethical hacking student has to learn penetration testing as it is the most exciting & hardest thing to do in ethical hacking. If you want to learn hacking then you cant miss this part as it is one of the core exercises that ethical hacking professional have to perform.

We can simply find something which is known to all in vulnerability assessment, but something where you have to test your patience & knowledge is termed as penetration testing in your ethical hacking syllabus.

Classification of Penetration Testing

Penetration testing is basically classified according to the things that are known to ethical hackers. It is classified as follows

- White Box Testing
- Black Box Testing

In white box tests the ethical hacker physically sees all network & its previous data & updates. Means he knows everything then he performs testing.

In black box testing ethical hackers do complete attack without knowing even the operating stem on the networks. So black box test is real hard thing to do in ethical hacking.

You will get to know this more in upcoming posts here on Hackers Enigma, so just come back or click here to subscribe our ethical hacking blog.

Please don’t hesitate to ask any question here in comments; even you think it will be stupid to ask & even if you are a beginner & don’t know anything about this. I will answer all your doubts regarding it.
 

Ethical Hacking Series : Chunk 1

Ethical hacking basically means preventing criminal hackers from stealing information of any personal computer r corporate network.

Ethical hackers use same technology – software and tool that criminal hackers uses. But they use them for preventing crimes.

Penetration testing and vulnerability assessing are the basic types of test ethical hackers perform so as to check the drawback in the systems. These drawbacks (or weak part) of the system are termed as Vulnerability or a security hole. Vulnerabilities can be in program or network or the hardware. Physical and technical are basic classification of vulnerabilities.

There are general vulnerabilities in system or programs. Like windows XP or OS X have some known vulnerabilities. By exploiting those vulnerabilities crackers generally try to intrude the system. They first comes the network(LAN or WAN) of the victim company . And from that they try to access the databases of company which have very sensitive data.

Eavesdroppers also sniff the data packets from communication lines to get the more information. They come to Network by Passive Information Gathering which is the first stage of attack.

Ethical hackers usually take tests to find the severe vulnerabilities in network and then they shield it by various methods.

We’ll concentrate on these tests and securing methods in next chunks of the series. ( Includes White Box, Black Box test , Penetration and vulnerability assessments.)

So Watch out for our next post.

  Download This in PDF Format . . . 

All right guys, Get ready for the real ethical hacking stuff by Hackers Enigma.com  

Millions of people are curious about hacking all over the world, and you are one of them. You searched lot of things on hacking (Ethical or Unethical), but didn’t get anything solid, from where you can learn. There is no proper start point for this career. All searches on Google, for hacking, softwares download by hacking and many more goes totally fail because there is no such thing available.

Well, some day I was at your place and through out my career I never find anything that gives me sound knowledge. Now, I have enough knowledge to perform hacking (In Ethical ways off course). So I thought to start a new series on Ethical hacking here on my blog hackersenigma.com. And the day is here when I am ready with subject and my strategy.

This series consists every single details of ethical hacking as the concept, syllabus, programming and OS stuff, penetration tests, vulnerability assessments, tools required, knowledge you need, How and from where to get all the things, hacking and its types, various attacks and defense techniques, network security, cyber laws ,  responsibilities and many more things than you can think.

Still, I wanted to tell you one thing that everything I am explaining is Ethical Hacking stuff, not the Criminal Hacking. Neither am I promoting that you commit some crime with these things. I’ll surely take care that you can’t use in ‘That Way’ 

            Anything that will be in the series is for educational purposes only, I don’t take any responsibility for any criminal use of it.

            I guess this much disclaimer is enough to start my series. I will try to make it in PDF format so you can download (free) and view it offline too. Have a nice time and visit again for the first article of the series.

Download This in PDF Format . . .