Hello, world! Great to be back and writing. I've been on a mission lately exploring the operating systems of the Linux world, from mainstream to underground distros.

I've found a lot of great tools, and new ways of exploring how I go about testing products and services. Today I wanted to start the journey with Ethical Hacking

What is an Ethical Hacker?

An ethical hacker is somebody who understands the nature of exploiting vulnerable systems and has the ability to cause all hell and wreak havoc on systems connected to the internet. Especially with the Internet of Things, EVERYTHING is hackable!

But, instead of the normal "Bring down your website and business!" type of hackers. These hackers are testing for vulnerabilities in their own systems, whether for work or personal projects., or just for fun.

Ethical Hackers break the system and apply or tell you how to apply fixes. Better the good guys than the bad guys taking over your system, right?

Right!

Tools and Skills a White Hat should utilize:

• Kali OS (Custom Linux build with all the tools pre-loaded)
• A VPN to help hide identity. Whether legitimate or not, 'hacking' can be seen as a cybercrime by many governments. Don't let that be you.
• Keeping the proper intentions and morals. 

Yeah, you can rage hell on systems, or you can have the owners of those systems pay you to keep it secure. It's a certain type of gratification when you check your system logs and see all the failed attempts and even blocked IP addresses because you found your system's weakness before they did.

Nice and sleek. Kali Linux 

What skills and certifications should an ethical hacker obtain?

An ethical hacker should have a wide range of computer skills. They often specialize, becoming subject matter experts (SME) on a particular area within the ethical hacking domain.

All ethical hackers should have:

• Expertise in scripting languages.
• Proficiency in operating systems.
• Thorough knowledge of networking.
• A great understanding of information security

Some of the most common vulnerabilities discovered by ethical hackers include:

Injection attacks

An injection attack is a sophisticated tactic where a protagonist can inject their own programming on a target to gain access.

Broken authentication

Use to be, and still is a problem with Wifi. Strong encryption and passwords ads a MUST. Most wifi passwords are easily bruteforce'd, decrypted, or your password is sniffed out of the air by a program called air-ng.

Security misconfiguration.

You know what they say... RTFM! Misconfigured software is a common one easily solved with "Best configuration for X" on a search engine.

Use of components with known vulnerabilities. Things such as old PHP libraries for a website, or old software not being updated. It only takes one for an intruder to gain access to everything.

Sensitive data exposure. Keep your user's data encrypted and away from the public eye. Hackers today will scrape the entire website to get all users it can see data. They then manipulate the users and often sell their information.