Penetration Testing step-by-step Explained

Types Penetration Testing
Penetration Testing

What is Penetration Testing?

Penetration testing is kind of an… unfortunate name, but we’re stuck with it. Penetration testing (or “pen testing” for short) is an authorized attempt to find and exploit computer systems. Why would someone want such a thing? The idea is to have the “good guys” find flaws (so that they can be fixed) before the “bad guys” find them.

The goal of penetration testing (aka why a company would pay for such a service) is to:

  • Simulate an attack by malicious hackers
  • Determine the extent of the system’s vulnerabilities and provide proof-of-concept attacks of those vulnerabilities
  • Based on those findings, make recommendations for fixing the issues found in the test

A Penetration Test by any other name…

Either out of convenience (fewer letters) or immaturity (giggling at “penetration” is very middle school), there are a number of other names for penetration testing, like:

  • Pen testing
  • PT
  • “White hat” hacking
  • Red teaming
  • Ethical hacking

White Hat / Black Hat

The mention of “white hat” might make you wonder… are there other hat colors? (yes) Are there other team colors? (also yes).

While ethics in tech aren’t typically so cut-and-dry, hackers are often grouped into “white hat,” “gray hat” and “black hat.”

While there isn’t necessarily much difference in the techniques or tools that the different groups use, the “white hat” end of the spectrum is the (more) legal side, and “black hat” is the definitely not legal side.

The difference legality is due to a difference in authorization. Pen testers or white hats are authorized (and paid) by companies to find vulnerabilities so that they can be fixed. The scope and goal of the tests are agreed upon beforehand.

Additionally, their motivations or intents likely differ. Pen testing is not meant for personal gain, and is instead meant to help the organization involved. Black hat hacking is not so altruistic, and might be motivated by money, revenge, fame, boredom… who knows. In any case, it isn’t the altruism (or lack thereof) that could jeopardize a career or freedom, it’s the legal aspect. So, pen testers should be careful to have proper authorization beforehand, and only practice on their own, personal, sandboxed systems.

Vulnerability Assessment?

Vulnerability assessments and penetration testing are two different things, although there seems to be some disagreement on this point. Engebretson argues that a vulnerability assessment is reviewing systems and services for potential issues, where as penetration testing actually involves finding and enacting proof-of-concept attacks.

Others argue that a vulnerability test is more of a “full scan” of systems, so that a client can have a full list of prioritized issues, and that a pen test is a specific, simulated attack for clients who feel that they’ve addressed issues that might be found in a vulnerability test. In other words, for clients who have reached their desired “security posture.” A vulnerability test would search for security issues in all parts of a system, whereas a pen test would only uncover issues related to a specific goal (for example, trying to gain access to a database of customer information).

Additionally, there is “overt” vs “covert” testing. “Overt” does not worry about stealth, but instead focuses on being thorough. “Covert” is more realistic (hopefully someone would be detected and stopped before evaluating an entire system) but will likely yield fewer found vulnerabilities.

Pen Testing Process

Depending on who you ask, there are different processes for pen testing. These processes aren’t super detailed, and instead, outline a general set of steps taken by the testers.

SecureWorks lists their general process as:

  1. Determination of scope
  2. Targeted information gathering or reconnaissance
  3. Exploit attempts for access and escalation
  4. Sensitive data collection testing
  5. Clean up and final reporting

In “The Basics of Hacking and Penetration Testing”, Engebretson lists the general steps as:

  1. Reconnaissance
  2. Scanning
  3. Exploitation
  4. Post exploitation and maintaining access
  5. (there’s a 5th step left out of the book, which is “Covering your tracks”)

While there are undoubtedly many others, even the comparison of these two shows some general similarities.

RELATED :

June Long Challenge 2021 Solutions

March Long Challenge 2021 Solutions

April Long Challenge 2021 Solutions

Codechef Long Challenge Solutions

February Long Challenge 2021

January Long Challenge 2021

November Challenge 2020 SOLUTION CodeChef

October Lunchtime 2020 CodeChef SOLUTIONS

Related :

Related :

1 thought on “Penetration Testing step-by-step Explained”

Comments are closed.

close
error: Content is protected !!
Free Udemy Courses and Hacking Resources Join Us on TelegramClick Here
+