Penetration Testing
Ethical hacking refers to the act of locating weaknesses and vulnerabilities of computer and information systems by duplicating the intent and actions of malicious hackers. Ethical hacking is also known as penetration testing, intrusion testing, or red teaming.
In real life practice, it always go hand in hand with vulnerability management by make use of various vulnerability scanner to detect potential vulnerability worth the effort for the manual penetration testing or for vulnerability exploitable validation, verification by the practice of system breach (ie ethical hacking). Pentesting go beyond vulnerability assessment by using automated vulnerability scanner tools. It includes the search for logical flaws, which cannot be detected by automatic tools, and a phase of manual exploitation of the identified vulnerabilities. It is a more comprehensive and proven security audit method, which enables to measure the real impact of any type of flaw.
Penetration testing is an authorized simulation of an attack on a system, network, or application to find potential vulnerabilities that can be exploited. Depending on the approaches, it can be either a blackbox, gray box or white box testing model engagement that follows specific penetration testing methodologies and standards. Black-box tests target the attack surface available to any external attacker, while grey-box tests target areas accessible only to customers, partners or employees of an organisation. As for the white box audit, it allows to analyze the security level by having the same level of access as a system administrator (server, application…).
The typically deliverable handed out following a penetration test is a human crafted security audit report that presents the identified vulnerabilities, classified by criticality level, as well as technical suggestions for remediation. In addition to the report, a non-technical summary can also be delivered, for presentation to the management committee or partners. If the exploit indeed does exist in the enterprise context, a screenshot evidence of the exploit, together with a detailed attack vector and patch will be detailed document down, so it can be used for cyber defense and mitigate the real attack risk that already proof and demonstrated and capture in the pen testing report.
The typical pen testing methodologies based on a four-phase methodology, Recon, Mapping, Discovery, Exploitation. Depending on the Pentest target, it can be either web platform, mobile applications, connected devices - IoT, Infrastructure and Network, social engineering.