Introduction - Practical foundations in ethical hacking

This chapter helps students develop a practical and professional understanding of who are ethical hackers and what they do, and the benefits and risks of ethical hacking

Chapter 6: Practical foundations in ethical hacking

Ethical hacking is the cornerstone of security verification within organizations. This chapter helps students develop a practical and professional understanding of who are ethical hackers and what they do. This chapter frames penetration testing as professional ethical hacking, a process involving authorized/contractual vulnerability discovery, exploitation, and mitigation.

This chapter will help students:

Contrast professional ethical hacking (authorized/contract-based) with grey hat hacking (unauthorized, but essentially apolitical) and hacktivism (politically motivated).
Become familiar with the professional ethics of ethical hackers.
Understand potential benefits and possible risks of ethical hacking.
Appreciate ethical and legal consequences (e.g., CFAA violations) of unethical hacking.
Become familiar with defensive security and offensive security approaches, including SIRT/CSIRT (Security Incident Response Team/Computer Security Incident Response Team), SOC (Security Operations Center), red teaming, and ethical hacking.
Describe common defensive cybersecurity technologies such as packet analyzers (e.g., Wireshark and tcpdump), IDS/IPS (e.g., Suricata and Snort), network security monitoring/SIEM (e.g., Wazuh), and host/network firewalls (e.g., OPNsense, pfilter, and nftables).
Describe the phases of the penetration testing process (planning, reconnaissance, scanning and enumeration, exploitation, post-exploitation, and reporting).
Describe types of penetration testing (network, wireless, web application, physical, social engineering, and cloud).
Compare black box penetration testing and white box penetration testing methods.
Become familiar with key penetration testing methodologies (e.g., OSSTMM, NIST SP 800-115, ISSAF, and PTES), frameworks (e.g., OWASP Testing Guide and MITRE ATT&CK), and technologies (e.g., Nmap, OpenVAS, Metasploit, and Burp Suite).
Identify common attack targets, including OS vulnerabilities, misconfigurations and default credentials, and OWASP Top 10 vulnerabilities such as cross-site scripting (XSS) and SQL injection (SQLi).