What is a Penetration test?
A penetration test is an authorized simulated attack on a computer system, web applications or network to evaluate the security of the system. The test is performed to discover vulnerabilities on a targeted system but also to discover if there is any way to gain access to the system’s features. Tests can be executed with automated software or performed manually.
However, a manual test is providing more information. It is easy to illustrate with DNS scanning :
When performing a DNS scanning with automated software it will reveal only DNS domains and subdomains but if a manual scan is done, more information can be found like MX servers or other DNS servers.
In order to execute a penetration test, most ethical hackers are using Kali Linux because it is an operating system that contains a lot of penetration tools. Moreover, penetration test tutorials for Kali are omnipresent online.
A penetration test can be used to verify the company’s policy, to give cybersecurity awareness to their employees and check how the organization is responding to these threats.
What are penetration test boxes?
Penetration tests are classified based on the level of knowledge and access granted to the pentester. There are 3 different penetration test boxes :
– Black-Box testing: the penetration tester does not have any internal knowledge of the targeted system as any other hacker. A black-box penetration test will determine vulnerabilities from a system which is exploitable from outside the network.
– Grey-Box testing: the penetration tester has access to knowledge of a user in the company with potentially elevated privileges. Most of the time, they also have some knowledge about network architecture and may have an internal account to the network.
– White-Box testing: the penetration tester is given full access to source code and architecture model. His role is to identify a potential point of weakness.
How is a penetration test?
A penetration test is composed of 7 different stages :
1) Engagement: a penetration test always begins with an engagement with the company in order to define the scope; it can be a web application server, network, social engineering tests.
2) Reconnaissance: an ethical hacker is going to gather as much information as he can on the targeted company. This phase is important because if there is a bad recognition, further actions will have no effect. As an example, gathering IP addresses.
3) Scanning: with all information gathered in the reconnaissance stage, ethical hackers plan to identify vulnerabilities by sending probes to the target and records the response to various inputs. This is also in this phase that an attacker will scan the target with automated scanning tools, identification open share drives, open FTP portals and other running services.
4) Exploitation: it is in this phase that ethical hackers feel the consecration of their works. Thanks to the list of vulnerabilities, it is in this phase that they are exploiting them. They will try to go as far as they can in order to grant full access to the targeted system.
5) Post-exploitation: every attack led on the targeted system must be written in a report which will be sent to the company.
6) Reporting: with the report done on the previous phase, attackers will have to give recommendations to correct these vulnerabilities.
7) Resolution and re-testing: In this phase, the targeted company is correcting its vulnerabilities. Ethical hackers are trying again to perform tests again and find if there are other vulnerabilities to reach the targeted system’s company.
By using these 7 steps, it is a good way to provide a smile to clients.
Monday – Friday 9:00 – 17:00 Hrs
(Phone until 17:00 Hrs)