What is penetration testing?
A penetration test, also known as a pen test, is a simulated cyberattack against your computer system to check for exploitable vulnerabilities. In the context of web application security, penetration testing is commonly used to enhance the web application firewall (WAF).
Pen testing can involve attempting to breach any number of application systems, (eg, application protocol interfaces (APIs), frontend/backend servers) to uncover vulnerabilities, such as inputs susceptible to code injection attacks. For App Penetration Testing Tutorial visit Tutorials Freak.
The information provided by penetration testing can be used to fix your WAF security policies and patch identified vulnerabilities.
penetration testing phase
The pen test process can be divided into five steps.
1. Planning and Reconnaissance
The first stage includes:
Defining the scope and goals of a test, including the system to be addressed and the test methods to be used.
Gathering intelligence (eg, network and domain names, mail servers) to better understand how a target works and its potential vulnerabilities.
2. Scanning
The next step is to understand how the target application will respond to various intrusion attempts. This is usually done using:
Static Analysis - Inspecting an application's code to predict how it behaves while it is running. These devices can scan the entire code in a single pass.
Dynamic Analysis - Inspecting the code of an application in a running state. This is a more practical method of scanning, as it provides a real-time view into the performance of an application.
3. Gaining Access
This phase uses web application attacks, such as cross-site scripting, SQL injection, and backdoors, to expose the target's vulnerabilities. Testers then try to exploit these vulnerabilities, usually by elevating privileges, stealing data, intercepting traffic, etc., which they can cause harm.
Also read: What is ReactJS | ReactJS History
4. Maintaining Access
The goal of this phase is to see if the vulnerability can be used to gain a consistent presence in the exploit system—enough for a bad actor to gain access in depth. The idea is to mimic advanced persistent threats, which often remain in systems for months, to steal an organization's most sensitive data. Visit Tutorials Freak for a web application penetration testing tutorial.
5. Analysis
The results of the entrance test are then compiled into a report:
Specific vulnerabilities exploited
sensitive data that was accessed
The length of time the pen tester was able to stay in the system is not known
This information is then analyzed by security personnel to help configure an enterprise's WAF settings and other application security solutions to patch vulnerabilities and protect against future attacks.
Penetration Test Methods
External Test
External penetration tests target a company's assets that are visible on the Internet, for example, the web applications themselves, company websites and email and domain name servers (DNS). The goal is to gain access to and extract valuable data.
Internal Test
In an internal test, a tester who has access to an application behind his firewall simulates an attack by a malicious insider. It's not necessarily simulating a rogue employee. A common starting scenario might be an employee whose credentials were stolen due to a phishing attack.
Blind Test
In a blind test, a tester is given only the name of the enterprise that is being targeted. This lets security personnel see in real-time how a real application attack will take place.
Double-Blind Test
In the double-blind test, the security personnel have no prior knowledge of the simulated attack. As in the real world, they will have no time to shore up their defences before a breach is attempted.
Targeted Testing
In this scenario, both the examiner and the security personnel work together and keep each other informed of their activities. This is a valuable training exercise that provides a security team with real-time feedback from a hacker's perspective.
Also read: What is Ethical Hacking and Type of Ethical Hackers
0 Comments