A penetration test involves the use of a variety of manual and automated techniques to stimulate an attack on an organization’s security arrangements. The penetration test should be conducted by the qualified penetration testing expert who is known as the ethical security tester.
- Infrastructure penetration testing
The use of pen test or commonly called as penetration testing is used to augment a web application firewall .
The penetration test is typically the assessment of IT infrastructure, networks and business applications to identify vulnerabilities and attacks.
- To check how an unwanted user can gain unauthorized access to the system that affects the fundamental security of the system, files.
- To confirm the applicable controls required by the pci dss compliant such as vulnerability management, segmentation is in place.
- Mobile application penetration testing
- Client server application penetration testing
- Device penetration testing
- Wireless penetration testing
- Telephony penetration testing
- Planning and reconnaissance
- Gaining access
- Maintaining access
- Defining the goals of a test including the computer system that should be addressed.
- Gathering intelligence to understand that how a target works in the system and its potential vulnerabilities.
In this scanning stage it is used to understand how the target application will react to various outsiders attempts
- Static Analysis – Checking the code to see the way it behaves while it is running. The code should be entirely in a single go.
- Dynamic Analysis – The code should be in a running state. It provides a real time view into an applications performance.
In this third stage it uses the web application attacks such as the SQL Injection, cross-site scripting to remove the targets vulnerabilities. Testers try and exploit these vulnerabilities that should be stealing data, intercepting traffic to know the damage they can cause.
This stage uses to see if the vulnerability is used to achieve the persistent presence in the exploited system. The idea is to imitate the advanced persistent threats, which remain in a system for months in order to steal an organization’s most sensitive data.
The results of the pen test are compiled into a report detailing:
- Sensitive data that was accessed
- The system will remain undetected when the amount of time the pen tester takes
- External testing
- Internal testing
- Blind testing
- Double- blind testing
- Targeted testing
External penetration tests the target of the assets of the company that are visible on the internet. Ex: Domain name servers . The goal is to gain the access and to extract the valuable data.
In an internal test, the tester with permission to an application behind its firewall that simulates an attack by a malicious insider.
In a blind test, a tester is only given the name of the enterprise that is being targeted. This gives the security people a real time look into how an actual application assault would occur.
In a double-blind test, security personnel have no prior knowledge of the their simulated attack. In the real time world, they don’t have any time to shore up their defenses before an attempted breach.
In this testing, both the tester and the security personnel will work together and keep each other appraised of their movements.
Penetration testing and Web Application Firewall are exclusive, yet mutually beneficial security measures. For many kinds of pen testing, the tester is likely to use Web Application Firewall data, such as logs, to locate and exploit an application’s weak spots. Web Application Firewall administrators can benefit from pen testing data. Web Application Firewall configurations can be updated to secure against the weak spots that are discovered in the test.
STYLE OF PENETRATION TESTING
- Black box
- Grey box
- White box
- In this there is no information given to the tester.
- It is useful for the external attacks with no prior knowledge of the environment.
- In this box, there is limited information is given.
- To understand the degree of access that the authorized users of the computer system can obtain.
- In this box, full information is provided.
- That supports more targeted test in the system that is required to check the vulnerabilities.
- Plays a small part in seeing the people element.
- Penetration Testing has only the snapshot of the system at a point of time.
- Provides technical results in nature and need to be interpreted in a business context.
- Can be limited by legal considerations, limiting the breadth.