Penetration Testing

---

Penetration test is a test that uses active tools and security utilities to evaluate security by simulating an attack on a system.

• aka pentesting or ethical hacking
• is the process of testing a system for vulnerabilities that an attacker could exploit
• more in-depth process than vulnerability scanning
• often done manually
• use the same tools and techniques as genuinely hostile hackers
• may attempt to gather additional info from users or systems, exploit security flaws, or conduct attacks through unpatched vulnerabilities
• how it works
  • verify a threat exists
  • bypass security controls
  • actively test security controls
  • exploit vulnerabilities
• excels at identifying vulnerabilities associated with
  • improper configurations
  • or weak security policies
• provides a deeper and more comprehensive analysis of an organization’s security posture
• typically performed by
  • a hired team of professional ethical hackers
  • within a confined time frame
  • using a structured approach based on the organization’s requirements

Key Concepts

• Penetration Test Process
• Active and Passive Reconnaissance
• Classifying Penetration Tests
• Targets of Penetration Tests

Technological Challenges for Penetration Testing

• Face many of the same issues as vulnerability assessments

The Cloud

• cloud providers generally don’t like testers attacking their cloud infrastructure at will
• often require you to formally request permission to penetration test and conduct the test within a specific schedule, from known IP addresses

Finding Skilled Testers

• difficult to find skilled penetration testers
• unskilled tester may not get much further than reviewing the results the vulnerability scanning tool spit out
  • likely contain unverified false positives and miss major issues
• Penetration testing skills take time and experience to develop