Ethical hacking uses techniques to identify and fix security flaws. Key methods include penetration testing, which simulates attacks to uncover vulnerabilities; vulnerability scanning, which employs automated tools to detect known issues; and social engineering, testing human factors by attempting to trick individuals into revealing confidential information. Network sniffing captures and analyzes network traffic to spot problems, while footprinting involves gathering information about a target system to find exploitation routes. Web application testing evaluates applications for vulnerabilities like SQL injection or cross-site scripting.