Penetration Testing (Ethical Hacking):
- is an authorized simulated cyberattack on a computer system, performed to evaluate the
security of the system.
- is performed to identify both weaknesses, including the potential for unauthorized parties to
gain access to the system’s features and data, as well as strengths enabling a full risk assessment
to be completed.
- The process typically identifies the target systems and a particular goal, then reviews available
information and undertakes various means to attain that goal.
Types of Pentest:
- White-box testing: which provides background and system information.
- Black-box testing: which provides only basic or no information except the company name.
- Grey-box testing: is a combination of the two (where limited knowledge of the target is shared
with the auditor).
7 stages in pentesting:
(i) Planning & Preparation:
Planning and preparation starts with defining the goals and objectives of penetration
testing. The client and the tester jointly define the goals so that both the parties have the
same objectives and understanding. The common objectives of penetration testing are −
*To identify the vulnerability and improve the security of the technical systems.
*Have IT security confirmed by an external third party.
*Increase the security of the organizational/personnel infrastructure.
The act of gathering important information on a target system which can be
used in performing an attack.
(iii) Discovery/ Scanning
Technical tools are used to further the attacker’s knowledge of
the system e.g. opened ports finding. In this step, a penetration tester will most likely use
the automated tools to scan target assets for discovering vulnerabilities. These tools
normally have their own databases giving the details of the latest vulnerabilities. However,
- Network Discovery − Such as discovery of additional systems, servers, and other
- Host Discovery − It determines open ports on these devices.
- Service Interrogation − It interrogates ports to discover actual services which are
running on them.
(iv) Analyzing Information and Risks
In this step, tester analyzes and assesses the information
gathered before the test steps for dynamically penetrating the system. Because of larger
number of systems and size of infrastructure, it is extremely time-consuming. While
analyzing, the tester considers the following elements –
- The defined goals of the penetration test.
- The potential risks to the system.
- The estimated time required for evaluating potential security flaws for the
subsequent active penetration testing.
However, from the list of identified systems, the tester may choose to test only those which contain
(v) Active Intrusion Attempts: This is the most important step that has to be performed with
due care. This step entails the extent to which the potential vulnerabilities that was
identified in the discovery step which possess the actual risks. This step must be performed
when a verification of potential vulnerabilities is needed. For those systems having very high
integrity requirements, the potential vulnerability and risk needs to be carefully considered
before conducting critical clean up procedures.
(vi) Final Analysis: This step primarily considers all the steps conducted (discussed above) till
that time and an evaluation of the vulnerabilities present in the form of potential risks.
Further, the tester recommends to eliminate the vulnerabilities and risks. Above all, the
tester must assure the transparency of the tests and the vulnerabilities that it disclosed.
(vii) Report Preparation: Report preparation must start with overall testing procedures, followed
by an analysis of vulnerabilities and risks. The high risks and critical vulnerabilities must have
priorities and then followed by the lower order.
However, while documenting the final report, the following points needs to be considered –
- Overall summary of penetration testing.
- Details of each step and the information gathered during the pen-testing.
- Details of all the vulnerabilities and risks discovered.
- Details of cleaning and fixing the systems.
- Suggestions for future security