In order to get into the mindset of a hacker, you first need to know how you are to think like a hacker.
A hacker is someone who finds the security flaws within a system and exploits them either for good in order to show someone where the holes are, or will use those holes against him to collect all the sensitive date and essentially destroy your entire life.
- First, you need to be able to identify their exploits as well as any other information which would help you to create a footprint analysis. This is about collecting information of your clients as soon as possible.
- Pay attention to back door entry points: this would be you looking for things like startup companies that are most likely going to have weak security system since they are just starting out. This will be prevalent in companies that have recently been bought out by a larger company as well.
- Connect to listening UDP and TCP ports: when you do this, you are able to send out random data in order to determine what type of version of File Transfer protocol, mail server or even web server in order to identify any running applications as a response to random data that has been sent. By doing this, you will be able to find the exploits by cross-referencing any data that you have found in a vulnerable database such as SecurityFocus.
- This about how you are going to gain access to your target: are you going to need a password and a user account in order to gain access to network? Make sure that you are totally prepared. In having username and password, you will be able to make a sneak attack into network.
- Take a username and password obtained by any backdoors or Trojan now that you have username and password of someone who actually works within the company, you are able to sneak into company website unsuspected, much like the Greeks did with the Trojan House.
Now you totally into their system and you can replace software such as Notepad with a piece of Trojan Code. This will allow you to become a admin on that system and you can have a complete log later.