Introduction to Ethical Hacking

Authorized simulations to assess security weaknesses

Passive monitoring of network traffic for trends

Unauthorized probing to find exploitable flaws

Routine system maintenance and software updates

Encrypting files to protect sensitive data

Sending forged emails with a fake sender identity

Flooding a server with excessive traffic requests

Probing a host to discover open network ports

An antivirus feature scanning for malware signatures

A network firewall blocking unauthorized connections

A hidden mechanism bypassing standard authentication

An official login page requiring normal credentials

Trojan horse masquerading as trusted software

Password guessing on the normal login screen

Side channel attack exploiting timing leakage

Back door left for debugging and diagnostics

Power analysis of CPU consumption to infer keys

WiFi packet sniffing for session tokens

Phishing with urgent password reset emails

USB drop in office parking areas

Perform ARP spoofing to impersonate a gateway

Measure encryption timing variations per operation

Send spoofed emails requesting login credentials

Leave infected USB drives in common areas

Access a network without prior approval

Search current laws and local regulations

Install test malware on target systems

Launch limited DoS to gauge resilience

To avoid legal violations during engagements

To improve processor performance benchmarking

To comply with international maritime regulations

To reduce network latency in data centers

Black box

White box

Grey box

Tier box

white

black

grey

red