Penetration Testing for Cybersecurity Professionals is a joint presentation by Charles Chol and Chuol Buok who are both Cyber Security Analysts in South Sudan.

1. Topic: Penetration Testing for Cybersecurity Professionals
Penetration tests have become an essential way to stay
proactive in identifying and demonstrating the impact of
security weaknesses before they are discovered and
put to use by a threat actor.

2. I am a dedicated and experienced
cybersecurity analyst with 3 years of
industry expertise, specializing in
safeguarding digital systems and
information from malicious cyber
threats. I holds a bachelor's degree in
Networking and Cybersecurity from
ISBAT University and a diploma in
Computer Science from St. Lawrence
University Uganda, Kampala. proficient
in Cyber threat intelligence ,
Vulnerability Management, Incident
Response, Ethical Hacking, SOC and
OSINT. Currently works as a cyber
incident handler at Safetycomm
ABOUT ME
CYBER SECURITY ANALYST ,
SAFETYCOMM
CHUOL BUOK YAK

3. What Is Penetration Testing?
A penetration test, or pen test, is an attempt to
evaluate the security of an IT infrastructure by safely
trying to exploit vulnerabilities. These vulnerabilities
may exist in operating systems, services and
application flaws, improper configurations or risky
end-user behavior. Such assessments are also useful
in validating the efficacy of defensive mechanisms, as
well as end-user adherence to security policies.

4. Why is Pen Testing Important?
 Identify and Prioritize Security Risks
 Intelligently Manage Vulnerabilities
 Leverage a Proactive Security Approach
 Meet Regulatory Requirements
 Increase Confidence in Your Security Strategy

5. Who Performs Penetration Tests?
One of the biggest hurdles in creating a successful
cybersecurity program is finding people with the right
qualifications and experience. The cybersecurity skills
gap is well-documented issue with a qualified supply of
security professionals not keeping up with demand. This
is particularly true with pen testing. Unfortunately, there
is no shortage of threat actors and cybercrime groups.
Consequently, organizations can’t delay deploying
critical pen testing initiatives.

6. Five Stages of Pen Testing

7. How Often Should You Pen Test?
Penetration testing should be performed on a regular basis to ensure more
consistent IT and network security management. A pen-tester will reveal how
newly discovered threats or emerging vulnerabilities may potentially be assailed
by attackers. In addition to regularly scheduled analysis and assessments
required by regulatory mandates, tests should also be run whenever:

8. What Should You Do After a Pen Test?
t’s important to plan time for a post-mortem to disseminate, discuss, and
fully understand the findings. Additionally, relaying these results with
actionable insights to decision makers within the organization will better
emphasize the risk that these vulnerabilities pose, and the positive impact
that remediation will have on the business. With review, evaluation, and
leadership buy-in, pen test results can transform into action items for
immediate improvements and takeaways that will help shape larger
security strategies.

9. What is Reconnaissance?
Cyber Reconnaissance is the first step of any professional penetration
test. In this phase the goal is to gather as much information about the
target as possible. This includes technical information about it’s network
topology and systems. But it also includes information on employees and
the company itself that may be useful in the later stages of the
penetration test. The more information you gather during the
reconnaissance phase the more likely you are to succeed in the later
stages of the penetration test. There are two types of cyber
reconnaissance that you can perform active information gathering and
passive information gathering.

10. Difference Between Vulnerability Scans and Pen Tests?
Vulnerability scanning is a security management strategy used to identify
and report vulnerabilities in web applications, servers and firewalls. The main
goal of vulnerability scanning is to help your organization’s IT department
detect, classify and report weaknesses in your internal and external networks,
computers, IP addresses and communication equipment.
Penetration testing is a type of test conducted mostly by ethical hackers and
experienced DevOps engineers to test and determine possible security gaps
in an organization’s security architecture. Pen testing is also a form of ethical
hacking deployed to fully understand security vulnerabilities and ways to
remove them from an organization’s security environment.

11. Different Types of Pen Testing?

12. 5 pen testing rules of engagement
Rules of Engagement for Pen testing
Rules of Engagement (RoE) is a document that deals with the manner in
which the penetration test is to be conducted. Some of the directives that
should be clearly spelled out in RoE before you start the penetration test
are as follows:
 The type and scope of testing
 Client contact details
 Client IT team notifications
 Sensitive data handling
 Status meeting and reports

13. White Box, Black Box, and Gray Box Penetration Testing

14. Penetration testing methods continue………..
External testing
External penetration tests target the assets of a
company that are visible on the internet, e.g., the
web application itself, the company website, and
email and domain name servers (DNS). The goal
is to gain access and extract valuable data.
Internal testing
In an internal test, a tester with access to an
application behind its firewall simulates an attack
by a malicious insider. This isn’t necessarily
simulating a rogue employee. A common starting
scenario can be an employee whose credentials
were stolen due to a phishing attack.

15. What Is Teaming?
Red Teams
A red team is on the offensive side. A red team is formed with the intention of identifying and
assessing vulnerabilities, testing assumptions, viewing alternate options for attack, and revealing
the limitations and security risks for that organization.
Blue Teams
The blue team is tasked with defending the organization. Blue teams are in charge of building up
an organization’s protective measures, and taking action when needed.
Purple Teams
Recently, the concept of a purple team has become more popular in teaming exercises. This is
the mindset of seeing and treating red and blue teams as symbiotic. It’s not red teams vs. blue
teams, but rather one large team focusing on the one overarching goal: improving security. The
key to becoming a purple team comes down to communication between individuals and their
teams.

16. Penetration Testing/Ethical Hacking Demo
Let’s Hack things now
Window Demo Linux Demo

17. THE END
Thank you
Q & A
chuol@safetycomm.org
0927318255