A penetration test, also known as a pen test, simulates cyberattacks against systems to identify vulnerabilities. There are different types of pen tests, including external tests targeting internet-facing assets, internal tests simulating insider attacks, and blind or double-blind tests with limited information provided to the tester. Pen tests help security teams understand attack methods to prevent real attacks by thinking like real-world hackers. Common tools used include Kali Linux, Metasploit, nmap, and network analyzers.

1. NAME-
SECTION – C

2. Cyber and Information Security

4. What is Brute Force Attack ?
Brute force attack is one in which hackers try a large
number of possible keyword or password combinations
to gain unauthorized access to a system or file
Brute force attacks are often used to defeat a cryptographic
scheme, such as those secured by passwords. Hackers use
computer programs to try a very large number of passwords to
decrypt the message or access the system

6. Password Length Guesses
2 characters = 3,844 guesses because of:
First character: lower case letters (26) +
upper case letters (26) + numbers (10) = 62
Second character: same = 62
Total permutations = 62*62 = 3,844

7. >> Pros
• Finding the password is quite high since the attack uses so many
possible answers.
• It is a fairly simplistic attack that doesn't require a lot of work to
setup or initiate .
>> Cons
• Hardware intensive : consume lots of processing power
• Extends the amount of time needed to crack the code by huge
margin.
Pros. and Cons.

8. Solution
1) Use passwords that are difficult to identify as you type them
in Make sure that you don’t use repeated characters or keys
close together on the keyboard
2) Consider using a passphrase a passphrase is a string of
words, rather than a single word. Unlikely combinations of
words can be hard to guess
3) Make your password as long as possible The longer a
password is, the harder it is to guess or to find by trying all
possible combinations
4) Use different types of characters Include numbers,
punctuation marks, symbols, and uppercase and lowercase
letters
5) Don’t use dictionary words Don’t use words, names or
place names that are usually found in dictionaries
6) Don’t use personal information

10. What is MITM ?
A man-in-the-middle (MITM) attack is a form of
eavesdropping where communication between
two users is monitored and modified by an
unauthorized party. Generally, the attacker
actively eavesdrops by intercepting a public key
message exchange and retransmits the message
while replacing the requested key with his own.

12. Name Origin:
The name "Man-in-the-Middle" is derived from the basketball
scenario where two players intend to pass a ball to each other
while one player between them tries to seize it. MITM attacks
are sometimes referred to as "bucket brigade attacks" or "fire
brigade attacks." Those names are derived from the fire brigade
operation of dousing off the fire by passing buckets from one
person to another between the water source and the fire.

13. How Does It Work?
Man in the middle is known most to others as "session
hijacking" and to general public as "hijacking". These hackers
are primarily targeting specific data about the transactions on
computers. This can be anything from an email to a bank
transaction that said the hackers begin their investigation of
the party of interest

14. An attacker puts up a fake bank website and entices user
to that website. User types in his password, and the
attacker in turn uses it to access the bank's real website.
Done right, the user will never realize that he isn't at the
bank's website. Then the attacker either disconnects the
user and makes any fraudulent transactions he wants, or
passes along the user's banking transactions while
making his own transactions at the same time.
A BASIC ILLUSTRATION

15. Avoid public wifi
Use vpns
Use HTTPS instead of HTTP
Install Authentication Certificates
set up an intrusion detection system (IDS)
Identifying attacks: Detecting a man in the middle
attack can be very difficult. In this case, prevention is
better than cure, since there are very few methods to
detect these attacks. Typically, you should not use
public networks for working on any confidential
matters

17. WHAT IS PENETRATION TESTING
A penetration test, also known as a pen test, is a simulated
cyberattack against your computer system to check for
exploitable vulnerabilities
Pen testing can involve the attempted breaching of any
number of application systems, to uncover vulnerabilities,
such as unsanitized inputs that are susceptible to code
injection attacks.

18. PENETRATION TESTING METHODS
EXTERNAL TESTING
External penetration tests target the assets of a company that are
visible on the internet, e.g., the web application itself, the company
website, and email and domain name servers (DNS). The goal is to
gain access and extract valuable data.
INTERNAL TESTING
In an internal test, a tester with access to an application behind its
firewall simulates an attack by a malicious insider. This isn't
necessarily simulating a rogue employee. A common starting
scenario can be an employee whose credentials were stolen due to
a phishing attack.
BLIND TESTING
In a blind test, a tester is only given the name of the enterprise
that's being targeted. This gives security personnel a real-time
look into how an actual application assault would take place.

19. DOUBLE BLIND TESTING
In a double blind test, security personnel have no prior knowledge
of the simulated attack. As in the real world, they won't have any
time to shore up their defenses before an attempted breach.
TARGETED TESTING
In this scenario, both the tester and security personnel
work together and keep each other appraised of their
movements. This is a valuable training exercise that
provides a security team with real-time feedback from a
hacker's point of view.

20. The role of this testing method is to identify and fix potential holes in
order to stop or prevent Attacks that can be harmful to the web site
or any device
By understanding and simulating real attacks the IT team can prevent
later attacks on a larger scale
it’s one of the most effective ways to identify weaknesses; A pentester
has to think like a real world (black hat) cracker, so a pentest could
reflect the real life behaviour of an assault; He has to discover means in
which a cracker might compromise the security and deliver damage to
the organization

21. Tools & utilities
Operating systems:
Kali Linux (formerly BackTrack) -
based on Debian;
Pentoo - based on Gentoo;
WHAX - based on Slackware
Frameworks:
Metasploit;
w3af. Tools:
nmap, netcat, John the
Ripper, tcpdump, Wireshark,
upx, etc.