S2L8 - Penetration Testing (Phases of Penetration Testing (Planning and…
S2L8 - Penetration Testing
What is Penetration Testing?
Type of security testing that is used to test insecurity of app. Conducted to find security risks that might be [resent in system
Why is it needed?
It identifies a simulation environment; how an intruder may attack system through white hat.
It helps to find weak areas where attackers may use to exploit
It supports to avoid black hat attack and protects original data
It provides evidence to suggest why it is important to increase investments in security aspect of tech,
White/Black/Grey Hat Attack
Black: by criminals, wrongdoers
White: Performed by ethical hackers who work to protect systems & people
Grey: Have experience with both black and white hat tinkering
When to perform penetration testing?
Security System discovers new threats by attackers
Add new network infrastructure
System updated or new software installed
New end-user program/policy
Enhancement of Management System
Protection from Financial Damage
Types of Penetration Testing
Black Box Penetration Testing
tester has no idea about system
Interested in gathering information about target network/system
Tester need not to be an expert
Tester verifies contradiction in actual system & specs
Test conducted in perspective of user
Test cases difficult to design
Not worth if designer already conducted a test case
White Box Penetration Testing
A comprehensive testing as tester provided with whole range if info about system.
Simulation of an attack by an internal source.
It ensures all independent path of a module has been tested
It ensures all logical functions have been verified along with their boolean value
Finds design errors that may occur because of difference in logical flow of program and actual execution
Grey Hat Penetration Testing
Tester usually provided with partial info about internal details of program.
Considered as simulated attack by an external hacker who has gained illegal access to system
As tester does not require source code, it is non-intrusive and unbiased
Do not need to provide full interna info about program functions
Phases of Penetration Testing
Planning and Preparation
Define goals and objectives of penetration testing
Identify vulnerability and improve security
Have IT security confirmed by external third party
Analysis of preliminary information
Likely use automated tools to scan target assets for discovering vulnerabilities.
Host Discovery: Determines open ports
Service Interrogation: Interrogates ports to discover actual services running on them
Analysing Information & Risks
Tester analyses and assesses information gathered before penetrating the system
Defined goals of penetration tests
Potential risks to system
Estimated time for evaluating flaws for the subsequent active penetration testing
Active Intrusion Attempts
Considers all prior steps and evaluation of vulnerabilities present in the form of potential risks.
Must start with overall testing procedures, followed by an analysis of vulnerabilities and risks.
While documenting consider:
Overall summary of penetration testing
Details pf each step and info gathered during testing
Details of all vulnerabilities and risks discovered
Details of cleaning and fixing system
Suggestions for future security
Areas of Penetration Testing
Network Penetration Testing
Application Penetration Testing
Response or workflow of the system
Conducting Penetration Testing
Manual Penetration Testing
Testing done by humans where vulnerability and risk of machine tested by expert engineer
one can either collect data manually or use tool services.
Once data collected, helps identify security weakness and take preventive steps accordingly
Method expert used to launch an attack on target system
Once penetration done, tester prepares final report that describes test. Report analysed to take corrective steps to protect system
Types of Manual
Focused Manual Penetration Testing
Much focused method that tests specific vulnerabilities and risks. Automated testing cannot perform this.
Comprehensive Manual Penetration Testing
It is a thorough testing of whole system connected with each other to identify all sorts of risks and vulnerabilities.
Automated Penetration Testing
Much faster, efficient, easier and reliable that tests risks and vulnerabilities of system automatically. Does not require expert engineer, can be run with person having least knowledge
Manual v/s Automated
Expert ---- automated even learner can run
Results can vary test to test --- Fixed results
requires to remember cleaning memory --- does not
Exhaustive and time consuming --- efficient and fast
analyze better, think like a hacker and attack --- cannot analyse situation
For critical condition more reliable --- It is not