Penetration testing (also called pen testing) is the practice of testing a computer system, network or Web application to find vulnerabilities that an attacker could exploit.
2. What is Penetration and Penetration test?
● Penetration is generally defined as the act of entering into something or
going through something.
● A penetration test is an attack on a computer system, network or Web
application to find vulnerabilities that an attacker could exploit with the
intention of finding security weaknesses, potentially gaining access to it, its
functionality and data.
● A penetration test or pentest is a test evaluating the strengths of all security
controls on the computer system.
3. Who needs Penetration Test ?
● Banks/Financial Institutions, Government Organizations, Online Vendors, or
any organization processing and storing private information.
● PCI Data Security Standard's Section 11.3 requires organizations to perform
application and penetration tests at least once a year.
● HIPAA Security Rule's section 8 of the Administrative Safeguards requires
security process audits, periodic vulnerability analysis and penetration testing.
4. Phases Of Penetration Testing
● Reconnaissance and Information Gathering.
● Network Enumeration and Scanning.
● Vulnerability Testing and Exploitation.
● Reporting.
5. RECONNAISSANCE AND INFORMATION GATHERING
● Gathering preliminary data or intelligence on your target. Reconnaissance
can be performed actively or passively. In this phase you learn as much as
possible about the target business and how it operates. It includes identifying
the target, finding out the target IP address range, network, domain name,
mail server, DNS records, etc.
6. Network Enumeration and Scanning
● Scanning perimeter and internal network devices looking for weaknesses.
Requires the use of technical tools to gather further intelligence on your
target, about the systems that they have in place. It includes scanning the
target for services running, open ports, firewall detection, finding
vulnerabilities, OS detection, etc.
7. Vulnerability Testing and Exploitation
● To check hosts for known vulnerabilities and to see if they are exploitable, as
well as to assess the potential severity of said vulnerabilities.
● Remote vulnerability scanning (Nessus, OpenVAS)
● Active exploitation testing
● Login checking and bruteforcing
● Vulnerability exploitation (Metasploit, Core Impact)
● 0day and exploit discovery (Fuzzing, program analysis)
● Post exploitation techniques to assess severity (permission levels, backdoors,
rootkits, etc)
8. Reporting
● To organize and document information found during the reconnaissance,
network scanning, and vulnerability testing phases of a pentest.
9. Advantages of Penetration Testing
● A pen test helps you find vulnerabilities and fix them before an attacker does.
● Penetration testing will help reveal problems you didn’t know existed.
● Test your cyber-defence capability.
● Ensure business continuity.