penetration testing
Complete Guide & Stages of Penetration Testing Certification Introduction The design of the organization these days is very complex- networks, applications, servers, storage devices, WAF, DDOS protection mechanisms, cloud technology and so far more is involved. With such choices in hand, the system becomes advanced. Since a single person isn't handling this stuff, complete knowledge is not possible. Some teams handle network and make rules on business demand, some handle the configuration part and make sure that the functionality is taken care of; these eventualities leave space for weaknesses. An attacker can identify these vulnerabilities and launch attacks that can do a lot of damage. This possibility cannot be brought down to zero but can be reduced to an acceptable level. The need is to bring an ethical hacker to the environment and get the things tested. He/she will be responsible for performing penetration tests on the target agreed upon. What is Penetration Testing? Penetration testing is the art of finding vulnerabilities and digging deep to seek out what proportion a target can be compromised, just in case of a legitimate attack. A penetration test will involve exploiting the network, servers, computers, firewalls, etc., to uncover vulnerabilities and highlight the practical risks involved with the identified vulnerabilities. Stages of Penetration Testing Penetration testing Certification can be broken down into multiple phases; this will vary depending on the organization and the type of test conducted– internal or external. Let’s discuss each phase: 1) Agreement phase: In this phase, there is a mutual agreement between the parties; the agreement covers high-level details- methods followed and the exploitation levels. The attacker cannot bring down the production server even if the testing has been done at non-peak hours. What if the attacker changes the data that has been contained in the database in production? This will unveil the vulnerabilities but at the cost of business. A non-disclosure agreement has to be signed between the parties before the test starts. 2) Planning and reconnaissance: In this phase, the attacker gathers as much information about the target as possible. The information can be IP addresses, domain details, mail servers, network topology, etc. An expert hacker will spend most of the time in this phase, this will help with further phases of the attack. 3) Scanning: An attacker can send probes to the target and records the response of the target to numerous inputs. This section includes- scanning the network with numerous scanning tools, identification of open share drives, open FTP portals, services that are running, and much more. In the case of a web application, the scanning part can be either dynamic or static. In static scanning, the application code is scanned by either a tool or an expert application vulnerability analyst. The aim is to identify the vulnerable functions, libraries and logic implemented. In dynamic analysis, the tester will pass various inputs to the application and record the responses; various vulnerabilities like injection, cross-site scripting, remote code execution can be identified in this phase. 4) Gaining Access: Once the vulnerabilities have been identified, the next step is to exploit the vulnerabilities to gain access to the target. The target can be a system, firewall, secured zone or server. Be aware that not all vulnerabilities will lead you to this stage. You need to identify the ones that are exploitable enough to provide you with access to the target. 5) Maintaining access: The next step is to ensure that the access is maintained; i.e., persistence. This is required to ensure that the access is maintained even if the system is rebooted, reset or modified. This kind of persistence is used by attackers who live in the system and gain knowledge about them over some time, and when the environment is suitable, they exploit. 6) Exploitation: This is the phase where the actual damage is done. An attacker will try to get the data, compromise the system, launch dos attacks, etc. Usually, this phase is controlled in penetration testing Certification to ensure that the mayhem on the network is limited. This phase is modified in this way- a dummy flag is placed in the critical zone, maybe in the database; the exploitation phase will aim to get the flag. Revealing the contents of the flag will be enough to ensure the practical exploitation of the network or data theft. 7) Evidence collection and report generation: Once the penetration test is over, the ultimate aim is to gather the proof of the exploited vulnerabilities and report it to the executive management for review and action. Now, it’s the management’s decision on however this risk must be addressed. Whether they want to just accept the danger, transfer it or ignore it (least doubtless option). Different Types and Methods of Penetration Testing Types of penetration testing Certification can be categorized based on either, the knowledge of the target or the position of the penetration tester. There are a few other parameters to the categorization of penetration. • Black Box, Gray Box, and White Box: When the penetration tester is given the complete knowledge of the target, this is called a white-box penetration test. The attacker has complete knowledge of the IP addresses, controls in place, code samples, etc. When the attacker does not know the target, this is referred to as a black box penetration test. Please note that the tester can still have all the information that is publically available about the target. When the tester has partial information concerning the target, this is often brought up as grey box penetration testing. In this case, the attacker is having more knowledge of the target like URLs, IP addresses, etc., however, he doesn't have complete knowledge or access. Internal and External Penetration test: If the penetration test is conducted from outside the network, this is often mentioned as external penetration testing. If the attacker is present inside the network, simulation of this situation is mentioned as internal penetration testing. Since the attacker is an internal person, the knowledge regarding the system and therefore the target will be abundant when compared to a test conducted from outside. • In-house and Third-party Penetration test: When the test is performed by an in-house security team, it’s another kind of internal penetration testing. Companies often recruit third-party organizations to conduct these tests, this can be referred to as third-party penetration testing. • Blind and Double-Blind Penetration test: In a blind penetration test, the penetration tester is supplied with no previous information however the management name. The penetration tester will have to do all the homework, rather like a legitimate assaulter would do. This will surely take more time, but the results would be more close to the practical attacks. A double-blind test is a blind test but the security professionals won't know when the testing can begin. Only senior management will have this information. This will test the processes, controls and also the awareness of the security teams if and when a real attack happens. Importance of penetration testing certification in business For an organization, the most important thing is business continuity. The second most important thing is the supporting services that ensure the business runs smoothly. Thus, to confirm that senior management is involved and pays real attention, a penetration tester should highlight the risks that a business would possibly face due to the findings. Let’s discuss a few important pointers that cover two things: What is in this for the business, in terms of capital? What is there for the security teams? A penetration test will ensure that: 1) Weaknesses in the architecture are identified and fixed before a hacker can find and exploit them; thus, causing a business loss or unavailability of services. 2) Organizations these days need to comply with various standards and compliance procedures. A penetration test will ensure that the gaps are fixed in time to meet compliance. One of the examples is PCI-DSS; an organization that deals with customer’s credit card information (store, process or transmit) have to get them PCI-DSS certified. One of the requirements is to get penetration testing done. 3) Penetration tests will be an eye-opener or a check on the organization’s internal security team
|
||||||
SEO Analysis:
|
- Art
- Causes
- Crafts
- Dance
- Drinks
- Film
- Fitness
- Food
- Jogos
- Gardening
- Health
- Início
- Literature
- Music
- Networking
- Outro
- Party
- Religion
- Shopping
- Sports
- Theater
- Wellness