This is my first time for me to learn about ethical hacking and penetration testing. In general thing, we divided any hacking thing into 3, ethical hacker, penetration test and security test. Ethical hacker is we asked to do penetration test from the company. Penetration test is we try to break through the security legally, means we ordered to do that. Security test is similar like ethical hacker but we can give a solution for better protection.
We divide hacker into 3, ethical hacker, hacker and cracker. Ethical hacker is we access someone computer by their permission. Hacker is the opposite of ethical hacker, they access it without permission of the owner. Cracker is a person who break through the security and steal / delete some information from the target. For this thing, we usually use "white hat" (good guy) and "black hat" (bad guy) to differentiate them.
Sometimes in hacking, we can found some script kiddies. Script kiddies is a inexperienced hacker and using someone code (which is experience in hacking) to help him do the hacking.
For penetration test, there are white box, black box and gray box. White box means the tester will be given any information about the network, while black box didn't. For gray box, it's a combination between black box and white box.
In security thing, there are red team and blue team. Red team usually detect the system vulnerable or we can say the attacker. Blue team is the one who set the defense of the network or we can say defender.
One important thing before do any hacking is read the law / Undang-Undang ITE so we can ensure what we do isn't against the law.
