you'll be surprised to know that while watching a 10-minute YouTube video demonstrating a specific hacking tool can be useful it won't necessarily help you in becoming a skilled hacker or Empower you to execute a successful attack this is because most of the videos you see online focus solely on one phase of hacking a system rather than discussing the complete picture and don't really mention the fact that a good hacker doesn't rely on hacking tools for carrying out a successful attack but rather focuses on their ability to think creatively and uniquely when orchestrating such an attack that's why in this video I'll walk you through the different phases that are truly involved in hacking a system and explain how keeping these phases in mind the next time you watch a YouTube video will actually help you in becoming a professional hacker so let's get started this video is sponsored by brilliant.org while learning how to approach hacking the right way is crucial it's equally important for an ethical hacker to understand what they're dealing with and how the technology they're thinking of hacking actually works brilliant.org is the go to platform for building this understanding as they offer a variety of interactive courses on computer science math and data science what sets it apart is its fun and graphical UI that teaches you by making you engage in Hands-On activities rather than just presenting Theory given the scope of this video I've personally found their courses on applied computer science very valuable as they help in clarifying Concepts on how various Technologies like chat GPT or search engines work in a short amount of time so whether you're an ethical hacker looking to upskill or a student looking to Ace your exams you can try everything brilliant has to offer free for 30 days and if you sign up using brilliant.org andali the first 200 of you will get an exclusive 20% discount on brilliant's annual premium subscription thanks for listening let's get back to the video disclaimer this video is intended for cyber security and enthusiasts and is for educational purposes only hacking someone or something without permission is highly discouraged and can result in serious legal consequences step number one reconnaissance reconnaissance is the act of gathering information about your Target and it is the first step that any hacker takes before hacking someone the main goal of doing reconnaissance is to either identify a vulnerability in the Target system or understand their psychology to perform social engineering attacks on them great reconnaissance is crucial to execute a great attack and a professional hacker invests somewhere between weeks or even months doing reconnaissance rather than jumping straight into performing an exploit now while there are multiple techniques of doing reconnaissance it can be broadly divided into two categories so let me walk you through them one by one firstly we have passive reconnaissance passive reconnaissance is what a hacker does when they gather information about their targets without actually touching or engaging with them it involves techniques like open source intelligence dumpster diving or web crawling and is much safer but less reliable to do as the data found might be outdated or even manipulated active reconnaissance on the other hand is more reliable but riskier to do as it involves actually engaging with the target rather than observing them from a distance and can increase the likelihood of being detected some common examples of this type of reconnaissance would be socially engineering the target into giving out the information themselves or scanning the Target's website with tools like nmath step number two exploitation after doing proper reconnaissance a hacker then moves on to brainstorming different ways for hacking the Target and this is where his ability of thinking outside the box that I mentioned at the start of the video comes into play now while this step would require a hacker to have knowledge about various attacking vectors and their corresponding hacking tools a large portion of his success wouldn't actually depend upon these things but would rely upon his ability of thinking creatively and coming up with unique solutions to certain situations so for instance if a hacker wanted to hack a person that was living in the same city as him instead of going through the complex tactic of tricking the target into installing a payload on his computer he could simply drive up close to the target's residence and hack his Wi-Fi to ultimately achieve the same results by gaining local access this creativity and the ability to think outside the box comes from a hacker's personal experiences and their problem solving capabilities step number three privilege escalation after successfully exploiting a system or a network a hacker may also find themselves signed in as a regular user rather than than being an admin or a root user and this is where their primary goal shifts from achieving the main objective to a process known as privilege escalation privilege escalation basically means gaining a higher level access than what a hacker already has and it is most commonly done in client side attacks where a Target is compromised through their vulnerable software such as an outdated web browser or a third class document reader step number four leaving a back door open once a hacker has successfully exploited the system and escalated their privileges they then set up a way to stay connected to the system and Achieve persistence even after it is restarted or rebooted for this they install something called a listener or a rootkit on the targeted device and set up a back door for themselves to return and continue controlling the system this listener or rootkit can take many forms but the most understandable example would be something that manipulates start off processes in the Windows registry and allows the attacker to gain continued access step number five extracting data after performing the mentioned four steps a hacker would ultimately do the main thing for which he hacked the target four and extract or exfiltrate their data this data might be credit card information personal identifiable information or any other thing that might be valuable to the hacker step number six covering tracks finally to make sure that nobody finds out and Trace the hacking back to the hacker they then take several approaches to hide what they did and cover their tracks this involves doing things like deleting log files or any command history they might have used and if you're interested in learning about how this phase of the attack is done you can search Google for the term anti forensics and read a few articles to gain insights anyway guys so this was it for the video before ending I would like to emphasize that while watching YouTube videos on hacking tools is a great place to start and learn how certain tools work try not to get caught up solely in the exploit phase of an attack and take the time to learn how someone can improve their problem solving skills Master the art of reconnaissance or clear their tracks to stay Anonymous if you have any questions make sure to ask them in the comment section down below and I'll see you in the next one