Lesson 1 Introduction to Ethical Hacking

45 minutes

What is Ethical Hacking?

Ethical hacking, also known as penetration testing or white-hat hacking, is the practice of intentionally probing systems, networks, and applications for security vulnerabilities in a legal and authorized manner.

Key Concepts

White Hat Hackers

Ethical hackers who work to protect systems and help organizations improve security.

Gray Hat Hackers

Hackers who may violate laws but don't have malicious intent.

Black Hat Hackers

Malicious hackers who exploit vulnerabilities for personal gain or to cause harm.

The Ethical Hacking Process

Important Note

Always ensure you have explicit written permission before testing any system that you don't own. Unauthorized access is illegal and can result in serious legal consequences.

Planning and Reconnaissance
Gather information about the target system and define the scope of testing.
Scanning
Use tools to discover live systems, open ports, and services.
Gaining Access
Exploit vulnerabilities to gain unauthorized access to systems.
Maintaining Access
Establish persistent access to demonstrate the impact of vulnerabilities.
Analysis and Reporting
Document findings and provide recommendations for remediation.

Essential Skills for Ethical Hackers

Technical Skills

Programming (Python, JavaScript, C++)
Networking fundamentals
Operating systems (Linux, Windows)
Web technologies
Database systems

Soft Skills

Problem-solving abilities
Attention to detail
Communication skills
Continuous learning mindset
Ethical decision-making

Sample Code: Simple Port Scanner

Here's a basic example of a port scanner written in Python:

#!/usr/bin/env python3
import socket
import sys
from datetime import datetime

def scan_port(target, port):
    """
    Scan a specific port on the target host
    """
    try:
        # Create a socket object
        sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
        sock.settimeout(1)  # 1 second timeout
        
        # Attempt to connect to the target and port
        result = sock.connect_ex((target, port))
        sock.close()
        
        # Port is open if result is 0
        return result == 0
    except socket.gaierror:
        # Hostname could not be resolved
        return False
    except Exception as e:
        print(f"Error scanning port {port}: {e}")
        return False

def main():
    """
    Simple port scanner example
    """
    if len(sys.argv) != 2:
        print("Usage: python3 port_scanner.py ")
        sys.exit(1)
    
    target = sys.argv[1]
    print(f"Starting port scan on {target}")
    print(f"Time started: {datetime.now()}")
    print("-" * 50)
    
    # Common ports to scan
    common_ports = [22, 23, 53, 80, 110, 443, 993, 995]
    
    open_ports = []
    for port in common_ports:
        if scan_port(target, port):
            print(f"Port {port}: Open")
            open_ports.append(port)
        else:
            print(f"Port {port}: Closed")
    
    print("-" * 50)
    print(f"Scan completed. Open ports: {open_ports}")

if __name__ == "__main__":
    main()

Legal Warning

This code is for educational purposes only. Only use it on systems you own or have explicit permission to test. Unauthorized port scanning may be illegal in your jurisdiction.

Exercise

Practice Activity

Research and write a short summary (2-3 paragraphs) about a famous ethical hacker and their contributions to cybersecurity. Some suggestions:

Kevin Mitnick
Steve Wozniak
Dan Kaminsky
Charlie Miller

Focus on how they transitioned from potentially malicious activities to helping improve security.

Lesson 1 of 10

Lessons