Ethical Hacking

About Course

The United States National Security Agency offers certifications such as the CNSS 4011. Such a certification covers orderly, ethical hacking techniques and team-management. Aggressor teams are called “red” teams. Defender teams are called “blue” teams.[5] When the agency recruited at DEF CON in 2012, it promised applicants that “If you have a few, shall we say, indiscretions in your past, don’t be alarmed. You shouldn’t automatically assume you won’t be hired”.

Description

A white hat (or a white hat hacker) is an ethical computer hacker, or a computer security expert, who specializes in penetration testing and other testing methodologies that ensure the security of an organization’s information systems.[1] Ethical hacking is a term meant to imply a broader category than just penetration testing.[2][3] Contrasted with the black hat, a malicious hacker, the name comes from Western films, where heroic and antagonistic cowboys might traditionally wear a white and a black hat, respectively.[4] There is a third kind hacker known as a grey hat who hacks with good intentions but at times without permission.

The idea to bring this tactic of ethical hacking to assess security of systems was formulated by Dan Farmer and Wietse Venema. With the goal of raising the overall level of security on the Internet and intranets, they proceeded to describe how they were able to gather enough information about their targets to have been able to compromise security if they had chosen to do so. They provided several specific examples of how this information could be gathered and exploited to gain control of the target, and how such an attack could be prevented. They gathered up all the tools they had used during their work, packaged them in a single, easy-to-use application, and gave it away to anyone who chose to download it. Their program, called Security Administrator Tool for Analyzing Networks, or SATAN, was met with a great amount of media attention around the world in 1992