What is Ethical Hacking? | Ethical Hacking

What is an ethical hacker?

An ethical hacker is a computer and network security expert who uses their skills to help organisations improve their security. Ethical hackers are also known as whitehat hackers or penetration testers.

What is ethical hacking?

Ethical hacking is the practice of breaking into computer systems to test their security. Ethical hackers are hired by organisations to find and fix security vulnerabilities before they can be exploited by criminal hackers.

Is ethical hacking legal?

Yes. An ethical hacker is an individual trusted to attempt to penetrate an organisation’s networks or computer systems using the same knowledge and tools as a criminal hacker but lawfully and legitimately.

Ethical hacking techniques

Many ethical hacking techniques can be used to test the security of a system. Some of the most common techniques include the following:

  1. Password cracking: Using tools to guess or brute force passwords.
  2. Social engineering: Using deception and manipulation to get people to reveal sensitive information.
  3. SQL injection: Injecting malicious code into a database query to access or modify data.
  4. Cross-site scripting: Injecting malicious code into a web page so that it is executed by visitors to the page.
  5. Session hijacking: Taking over an active user session to gain access to resources or data.
  6. Wireless hacking: Gaining unauthorised access to wireless networks and devices.

Attacking and defending

Protecting current systems and networks requires a broad understanding of attack strategies and in-depth knowledge of the hacker’s tactics, tools and motivations.

Effective ethical hacking is based on knowledge of the system network, equipment, user interaction, policies, procedures, physical security and business culture.

The increasing use of social engineering attack methodologies demands that every tester is also aware of the organisation and the habits of its IT users (staff).


The EC-Council (International Council of E-Commerce Consultants) is an organisation that certifies individuals in e-business and information security skills.

The EC-Council is the owner and creator of the Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (CHFI), and EC-Council Certified Security Analyst (ECSA)/Licensed Penetration Tester (LPT) certifications.

IT Governance Ltd is an EC-Council ATC (Accredited Training Center) and provides the best instructor-led exam preparation experience possible for the Certified Ethical Hacker (CEH) qualification.

Certified Ethical Hacker (CEH) qualification

Launched in 2003 by the EC-Council, the Certified Ethical Hacker (CEH) is a globally recognised credential for those looking to develop a senior career as an ethical hacker or penetration tester.

The purpose of the CEH qualification is to establish minimum standards for ethical hacking measures, to inform the public that credentialed individuals meet or exceed these standards, and to reinforce ethical hacking as a unique and self-regulating profession.

How to become a Certified Ethical Hacker

To achieve the CEH qualification:

Certified Ethical Hacker (CEH) Training Course

CISMP Exam Preperation Training Programme

This ethical hacking course will equip you with the skills to plan and perform ethical hacking at an advanced level. Taught by an information security professional, you can achieve an industry-recognised qualification in just five days.

Speak to an expert

For more information and guidance on penetration testing or packages that IT Governance offers, please contact our experts who will be able to discuss your needs further

This website uses cookies. View our cookie policy