Professional Documents
Culture Documents
Penetration Testing
Penetration Testing
Penetration Testing:
In simple words Penetration testing is the art of finding an open door (1) in security of an
application or a system. It also simply known as Pen-Testing or Security Testing and also as
ethical hacking. It is the technique employed to locate vulnerabilities in a security system before
an attacker tries to exploit it. In penetration testing the tester tries to gain access to networks or
systems resources without the knowledge of user credentials like usernames and passwords in
order to check the sustainability of that system (2).
Most important parts of penetration testing
include, identifying the input vectors of a web application and checking the results of an attack.
These indicate where an attack could be introduced and whether an attempted attack was
successful or not (3).
This phase includes planning and reconnaissance. In Planning, scope (what, which, why,
who, and how) of the test is determined. After the scope of the test is done, then
reconnaissance is done in which information (as much as possible) is gathered about
target network. Reconnaissance may consist of identifying target network status,
operating systems, IP addresses range, open ports, domain name, DNS, DHCP, Wi-Fi
Key, Mail Server Records etc. Host Finger Printing, Port Scanning, Network Mapping,
Network Enumeration are usually considered in reconnaissance (2) (4).
2. Scanning or Exploration:
This is the second phase that deals with exploring and scanning the entire network based
on necessary information gathered in reconnaissance. For example, using opened ports,
the tester can enter the network and explore the network more deeply. Tester scans the
network for discovering network devices, firewall rules, users accounts and access
control etc. Exploration and scanning include host exploration, services identification and
platform identification, etc. (2) (4).
This phase includes vulnerability assessment and exploitation. Vulnerabilities are actually
weakness in the system. Vulnerability assessment is the process of computing, ranking
and pinpointing the vulnerabilities in the system. Penetration testers may use automated
tools for known vulnerabilities. In exploitation, the tester deals with various attacks (e.g.,
Dos, injection, brute force, buffer overflow, etc.) to the target network. The penetration
tester tries to exploit for different vulnerabilities discovered in vulnerability assessment
and gains access to system resources (2) (4).
4. Maintaining Access:
After gaining access to system resources, it is important to maintain that to ensure future
access if any troubles come. This is done by placing different tools or items into the
system, e.g., Rookit, Trojan, Backdoor (2) (4).
5. Covering tracks, Reporting and Recommendations:
This is the last phase of penetration testing which includes (2) (4):
Covering tracks: Steps done to hide the work of the test done by various attack on
the system so that it cannot be noticed, e.g., clearing the logs and obscuring
trojans and malicious backdoor programs.
Reporting and Recommendation: Documentation is done by the tester. This is
final document which includes a cover sheet, executive summary of
vulnerabilities found in the network, threats imposed from these vulnerabilities,
list of tools used and most important final recommendation after overall
examination of test report. Final recommendation is comprising of preventive
proposals against founded vulnerabilities.
References:
1. Geer, D., & Harthorne, J. (2002, December). Penetration testing: A duet. In 18th Annual
Computer Security Applications Conference, 2002. Proceedings. (pp. 185-195). IEEE.
2. Yaqoob, I., Hussain, S. A., Mamoon, S., Naseer, N., Akram, J., & ur Rehman, A. (2017).
Penetration testing and vulnerability assessment. Journal of Network Communications and
Emerging Technologies (JNCET) www. jncet. org, 7(8).
3. Arkin, B., Stender, S., & McGraw, G. (2005). Software penetration testing. IEEE Security &
Privacy, 3(1), 84-87.
4. Shahi, M. A. (2021). CEH-v11-Study-Guide_1-Introduction.md a... · imrk51_CEH-v11-Study-
Guide · GitHub. Retrieved from GitHub: https://github.com/imrk51/CEH-v11-Study
Guide/blob/main/modules/1-introduction.md