top of page
Bita Nafardavoodi

Penetration Testing


What is Pen Testing?

Penetration testing or pen testing simulates a cyber-attack. This method targets your computer system to identify weaknesses and exploit vulnerabilities. Pen testing aims to mitigate security defects such as unauthorized access, data loss, and information leakage and inspect whether a system is robust enough against authorized and unauthorized malicious activities.


Let us easily understand this, suppose you are building a house now, and it will have multiple entry points, such as doors, windows, and so on. These are important for us to come in and out of the house. You also only want the people of your family or friends to enter the house. In other words, only authorized people can enter your home, and nobody else. So you want to know the security weaknesses at the entry points of your home and the possibility of somebody breaking into your house.



Why is Pen Testing important?

Penetration testing is a proactive task allowing hackers (white hat) to analyze the system, identify the vulnerable sections, and provide a protection mechanism before any attacks manipulate or steal data. Many security vulnerabilities could have been mitigated if the remediation plan had been applied at the time. Thus, the company can save time and money in addressing the latter security issues.


What are the Pen testing phases?


The pen process basically includes five phases:



1. Planning and reconnaissance:

The first step in this process is to determine the test scope, the goal of the test, and the testing methods to simulate a malicious attack. This step also includes gathering information about the target system from public and private sources such as network topology, domain names, mail servers, IP addresses, list of employee names, and so forth. This information helps to realize how the system works and its potential vulnerabilities to design the attack strategy.


2. Scanning:

The information collected in the planning phase is employed to explore the system and network to uncover weaknesses or flaws and understand how the target responds to security attacks.


3. Gaining Access:

Having identified entry points and possible vulnerabilities, the tester attacks the system using backdoors, SQL injection, cross-site scripting, malware, or something else to exploit the system, steal data, intercept traffic, and finally gain access to the system. The goal is to see how far attackers can get into the environment and find what they can achieve.


4. Maintaining Access:

Once the penetration tester reaches the system access, they should keep their credentials and simulated attack long enough to fulfill malicious actions. This step's goal is to persistently keep the presence of threats to identify which sensitive information will be affected and abused.


5. Analysis:

After the exploitation stage, it is time to document the result of a penetration test. In this step, the test or security team provides a report explaining the test process. This report can include the following details:

  • The methods and tools used to penetrate the system.

  • Discovered vulnerabilities and the risks they cause

  • Sensitive data that got available to the attackers

  • Remediation plan for addressing vulnerabilities



What are Pen Testing methods?

There are different penetration testing methods done internally or externally. Here we mention some of them.


Social engineering:

The attackers try to disclose sensitive data such as usernames, passwords, business data, and so on. This information can be obtained through the employee, sales representative, or help desks by internet or phone.


Web application:

The attackers using tools recognize weaknesses within web applications.


Physical penetration:

In this case, the attacker attempts to break into premises and assess physical security control, physical network devices, and entry points of networks.


Wireless security:

The tester investigates to identify and then infiltrate low-security and unauthorized networks.





Where to go from here?

Gobenchmark is a platform that simplifies engineering practices such as performance and monitoring. It is also going to provide a security engineering mentor to get your maturity level and learn how security engineering could become a fundamental part of your value stream. Please check out Gobenchmark and stay tuned for more updates.



71 views0 comments

Comments


bottom of page