What is Penetration Testing and Why Is It Important? How Penetration Testing is Done? Tools also?
ฝัง
- เผยแพร่เมื่อ 14 ต.ค. 2024
- For more video's Like and subscribed our channel to update yourself with Latest technology
#india #technology #informationtechnology #itnetworking #cybersecurity #vapt
Introduction
What is Penetration Testing and Why Is It Important?
A penetration test, also known as a pen test, pentest, or ethical hacking is a type of security assessment that simulates cyberattacks against a computer system and is performed to evaluate how weak (or strong) the security of the system is. Penetration testing enables a full risk assessment to be completed because it checks for potential vulnerabilities and strengths of a systems security.
Penetration testing is an important and valuable exercise that all organizations should run on a consistent cadence because insights from pen tests can be used to examine whether an organization’s security policies are genuinely effective and fine-tune and strengthen these policies to prevent future cyber threats.
External Vs. Internal Penetration
Penetration testing happens in two phases which start with an external pen test and ends with an internal pen test. The difference between the two is as follows:
External Penetration Testing
An external pen test is designed to test the effectiveness of perimeter security controls to prevent and detect attacks, while at the same time, identify weaknesses in internal-facing assets. Think websites, email, file shares, etc.
During an external pen test the simulated attacker performs reconnaissance on assets, collecting intelligence on things like open ports, vulnerabilities, and other general information about a “target” organization’s users (for password attacks). Once the simulated attacks successfully breaches the network, internal pen testing begins.
Internal Penetration Testing
An internal pen test is performed to help decipher what a threat actor could achieve, or to put it another way, how far a threat actor can laterally move, with initial access to a network. Internal pen tests can simulate insider threats, such as employees intentionally or unintentionally performing malicious actions, and other methods and vectors of entry.
Once domain admin access is achieved, or the simulated attacker can gain control of the organization’s most valuable information, the test is generally ended.
Ethical Hacking
Penetration testing is often considered a form of ethical hacking, as internal and external pen tests revolve around an authorized attempt (hack) to gain unauthorized access to a network.chain.
Penetration Testing Vs. Vulnerability Assessment
Vulnerability Assessment and Penetration Testing are both valuable testing methods and are often combined to achieve a more complete analysis. They perform two different tasks with different results, within the same area of focus. Vulnerability Assessment intends to identify the vulnerabilities in a network, and is used to estimate how susceptible the network is to said vulnerabilities. Often, this assessment involves the use of automated network scanning tools. In contrast, Penetration Testing involves both identifying vulnerabilities and attempting to exploit them to penetrate into the system. The purpose of pen testing is to determine if the vulnerability is actually genuine.
In short, the key difference between the two is breadth vs. depth, whereas a vulnerability assessment focuses on uncovering as many weaknesses in a network, while penetration testing is used to decide if already “strong” security defenses are, in fact, hack-proof.
How Penetration Testing is Done
Penetration Testing is often conducted in 5 phases, although many groups approach pen testing with differing strategies and additional phases as needed.
Penetration Testing Phases
The 5 main phases in the average penetration test (similar to the Cyber Kill Chain):
1. Reconnaissance: This step consists of gathering as much intelligence on the target organization as possible and potential targets for exploits. Pen testers will collect information about the system, network components, active machines, open ports etc.
2. Scanning: This phase is tool-oriented - pen testers will run one or more scanner tools to gather more information about the target. This will mostly be collecting and noting as many vulnerabilities that the network has.
3. Gaining Access: In this phase, the pen tester will try and establish a connection with the target and exploit the vulnerabilities found in the previous phase. Exploitations may be buffer overflow attack, denial of service (DDoS) attack, etc.
4. Maintaining Access: Here is where the tester tries to create a backdoor into the network, which helps discover any hidden vulnerabilities in the system.
5. Covering Tracks: The final phase consists of attempting to remove all logs and footprints, erasing any indicators of the testers presence in the network.
![[UNCUT]“ฅนตื่นธรรม”ปะทะ“หมอปลา-ปู่มหามุนี-อั๋นโอกิ”สะเทือนกระทรวงเวทมนตร์ Iคนดังนั่งเคลียร์I10 ตค.67](http://i.ytimg.com/vi/peMD_SAkwNc/mqdefault.jpg)
