The 5 major steps involved in ethical hacking are:
Step 1: Reconnaissance - This is the first step of hacking which is also called the data gathering step. In this stage the attacker gathers information about the target. It is of two types.
Active Reconnaissance - involves direct communication with the target to get the information.
Passive Reconnaissance - indirect methods of collecting the information of the target (social media, online sites etc)
Step 2: Scanning - one of the important before attack phases where the hacker explores the weak points of the application or systems. Hacker scans the collected data and deploys the appropriate tool to hack the aimed system.
Step 3: Gaining Access - The actual hacking takes place at this phase where hack gets successful in gaining access to the target system, network, or application using the potential tools and techniques.
Step 4: Maintaining Access - As soon as the hacker gets access, they wish to keep that access for future attacks without letting the user know about it. There are various malicious files available online to do this job. Once the hacker maintains the access, he or she can use it as a base for undertaking other future attacks.
Step 5: Covering Tracks - This is the last phase of hacking where the attacker tries to cover all the tracks so that he doesn't get caught by the security personnel or not get into any legal trap.