vulnerability assessment and penetration testing. A process that involves identifying vulnerabilities and weaknesses in computer systems, networks, or applications, and then attempting to exploit those vulnerabilities to assess the potential impact of an attack.
5. Penetration Testing Road Map
01
02
03
04
05
Planning and
reconnaissance
Test goals are defined and intelligence
is gathered
Scanning
Scanning tools are used to understand
how a target responds to intrusions
Gaining Access
Web application attacks are staged to
uncover a
target's vulnerability
Maintaining access
APT's imitated to see if a
vulnerability
can be used to maintain access
Analysis and WAF
Configuration
Results are used to configure WAF
settings before testing is run again
6. Programming errors
Unintentional mistakes or intentional malware in General
Public License software
Improper system configurations
Mobile users sidestepping perimeter security controls
Rising attacks through viewing popular websites
Misconfiguration during setup
Forgotten to remove confidential files
Un-patched plugins and updates
Sources of Vulnerabilities
7. VULNERABILITY TESTING AND EXPLOITATION
Purpose: To check hosts for known vulnerabilities and to see if they are exploitable, as well as
to assess the potential severity of said vulnerabilities.
Methods:
Remote vulnerability scanning (Nessus, OpenVAS)
Active exploitation testing
Login checking and brute forcing
Vulnerability exploitation (Metasploit, Core Impact)
Zero day and exploit discovery (Fuzzing, program analysis)
Post exploitation techniques to assess severity (permission levels, backdoors, rootkits,
etc)
8. REPORTING
Purpose: To organize and document information found during the
reconnaissance, network scanning, and vulnerability testing phases of
a penetration testing.
Methods:
• Documentation using collected data during scanning and validation
o Organizes information by hosts, services, identified hazards and risks,
recommendations to fix problems