There are 6 basic steps in hacking process. A young Enthusiast has to understand that hacking follows a very strategic process and when broken down can give your tasks and agenda clarity.
First Step: Reconnaissance
Recon is the most important step of all the processes and it is broken down into two sub- task : Active and Passive. During this phase your primary goal is obtaining as much information about your target as possible.
Sub-Task 1: Passive Recon
The Passive approach to Recon is when you ignore the target but observe the elements associated to the target. (i.e. Google, social media searches on people connected to target).
Sub-Task 2: Active Recon
The Active Recon is when you are interacting with your target trying to expose the open ports and application. Using software like nmap or zenmap etc.
Second Step: Exploitation
After you have performed your recon and found a vulnerability now your ready to exploit that vulnerability and take control of your target. Using pre-written exploit found in Metasploit for example would aid in this.
Third Step: Privilege User Access
Now that we are inside, its time to gain Admin or Super User access. You want to be able to have free roam in the environment.
Fourth Step: Staying Power
Now you want to be able to get in and out as much as you like. in the event we get disconnected from your target. Also you should be able to tunnel net work traffic through the machine at your leisure. A commonly used utility is netcat. It is used for reading from and writing to network connections using TCP or UDP.
Fifth Step: Dead Drop
Moving data to a intermediary server is ready to be done. Data extraction is the act or process of retrieving data out of data sources for further data processing or data storage. So having a place to store gathered data is vital.
Sixth: No Digital Foot Print
OK now its time to ghost out! not leave a trace of ever been in the environment. But it is important to note that upon exiting, missing logs is just as questionable as noticing weird things in them. The key is to modify the logs so that normal activity is seen and your presence is not.
The Take Away
Its important to understand that this just a highlight version of the process. Each step is much more in depth than described. Depending on your abilities The recon phase could take weeks or months. Exploitation could require custom tools to be developed. Dead drop portion could take days to get out the data you have obtained. So be prepared to do your do diligence.
Happy Hacking!