Introduction to Ethical Hacking

Cybersecurity is one of the most exciting and rapidly growing fields in the world. Each day, security professionals and researchers are discovering new and emerging threats at an increasing rate, and many organizations are discovering that their systems and networks have been compromised by malicious actors, while there are so many other companies without proper cyber defenses to detect threats and determine whether their assets have been compromised or not. Due to the increase in cyber-attacks and threats around the world, more cybersecurity-related jobs are being created within many organizations that seek to acquire industry experts and skilled professionals who can help improve their cyber defenses and safeguard their assets from cyber criminals. This book is designed with the intention of providing you with the skills, knowledge, and wisdom that are needed by aspiring ethical hackers and penetration testers for the cybersecurity industry.

During the course of this book, you will develop new skills and learn techniques for simulating real-world cyber-attacks on systems and networks as a cybersecurity professional with the intent to discover hidden security vulnerabilities within organizations, while understanding the Tactics, Techniques, and Procedures (TTPs) used by real attackers to compromise their targets. In addition, you will learn how to leverage one of the most popular Linux distributions within the cybersecurity industry, Kali Linux, to perform ethical hacking and penetration testing assessments on targeted systems and network infrastructure. The Kali Linux operation system has tons of pre-installed Linux packages (applications) and security tools that are commonly used by industry experts, hence it’s an arsenal packed with everything you’ll need as an ethical hacker and penetration tester. Throughout this book, we’ll be using a student-centric and learner-friendly approach, filled with a lot of practical and hands-on exercises to help you gradually progress from beginner-friendly to intermediate and advanced topics.

In this chapter, you will learn about various types of threat actors and the intentions/motives behind their attacks on targets. You will discover how various key factors play an important role for attackers when planning a cyber-attack, and how such factors determine the level of complexity to compromise a targeted system, network, or organization as compared to cybersecurity professionals such as ethical hackers and penetration testers who are hired to discover hidden vulnerabilities within a company. Furthermore, you will learn about the various phases of ethical hacking and penetration testing approaches that are commonly used by industry professionals.

Lastly, you will gain a solid understanding of how the Cyber Kill Chain framework is used to help cybersecurity professionals to better understand cyber-attacks, and how each phase can be aligned with penetration testing techniques.

In this chapter, we will cover the following topics:

• Understanding the need for cybersecurity
• Exploring the importance of penetration testing
• Identifying threat actors and their intent
• Understanding what matters to threat actors
• Exploring the importance of penetration testing
• Penetration testing methodologies
• Discovering penetration testing approaches
• Types of penetration testing
• Exploring the phases of penetration testing
• Understanding the Cyber Kill Chain framework

I hope you’re as excited as I am to begin this awesome journey. Let’s dive in!