What is a Penetration test?
A penetration test is an authorized simulated attack on a computer system, web applications or network to evaluate the security of the system. The test is performed to discover vulnerabilities on a targeted system but also to discover if there is any way to gain access to the system’s features. Tests can be executed with automated software or performed manually.
However, a manual test provides more information, and this is easy to illustrate with DNS scanning:
When performing a DNS scan with automated software it will only reveal DNS domains and subdomains, but if a manual scan is done, more information can be found, such as MX servers or other DNS servers.
In order to execute a penetration test, most ethical hackers use Kali Linux, because it is an operating system that contains a lot of penetration tools. Moreover, penetration test tutorials for Kali are omnipresent online.
A penetration test can be used to verify the company’s policy, to give cybersecurity awareness to their employees and to check how the organisation is responding to these threats.
What are penetration test boxes?
Penetration tests are classified based on the level of knowledge and access granted to the pentester. There are 3 different penetration test boxes:
– Black-Box testing: the penetration tester does not have any internal knowledge of the targeted system. A black-box penetration test will determine the vulnerabilities of a system which is exploitable from outside the network.
– Grey-Box testing: the penetration tester has access to the same knowledge as an employee/user in the company with potentially elevated privileges. Most of the time, they also have some knowledge about network architecture and may have an internal account to access the network.
– White-Box testing: the penetration tester is given full access to source code and architecture model. His/her role is to identify a potential point of weakness.
How is a penetration test?
A penetration test is composed of 7 different stages:
1) Engagement: a penetration test always begins with engagement with the company in order to define the scope; it can be a web application server, network, social engineering tests.
2) Reconnaissance: an ethical hacker gathers as much information as he/she can on the targeted company. This phase is important because if there is a bad recognition, further actions will have no effect. For example, gathering IP addresses.
3) Scanning: with all the information gathered in the reconnaissance stage, ethical hackers identify vulnerabilities by sending probes to the target and recording the response to various inputs. It is also in this phase that an attacker will scan the target with automated scanning tools, identify open share drives, and open FTP portals and other running services.
4) Exploitation: it is in this phase that ethical hackers feel the importance of their work. Thanks to the list of vulnerabilities, it is in this phase that they begin to exploit them. They will go as far as they can in order to gain full access to the targeted system.
5) Post-exploitation: every attack on the targeted system must be written in a report which will be sent to the company.
6) Reporting: with the report done on the previous phase, attackers will have to give recommendations to correct these vulnerabilities.
7) Resolution and re-testing: In this phase, the targeted company corrects its vulnerabilities. Ethical hackers then try again to perform tests in order to seek any other vulnerabilities and reach the targeted company’s systems/networks.
By using these 7 steps, we will put clients at ease and make them feel secure, so they can go about their business with a smile.
Monday – Friday 9:00 – 17:00 Hrs
(Phone until 17:00 Hrs)