2.1 - Penetration Testing Process and Types

 2.1 - Penetration testing process and types 

 

Key Terms 

    • Ethical hacking – Exploiting systems to find vulnerabilities and security weaknesses to be patched. 
    • Penetration test – An action of breaking into a computer system to find weaknesses. 
    • Red team – An offensive team that attempts to discover vulnerabilities. 
    • Blue team – A defensive team that attempts to close vulnerabilities. 
    • Purple team – A mix of both teams. 

 

The Hacking Process 

Reconnaissance/footprint - the hacker gains information about a target through public data, social engineering, ‘dumpster diving’, etc... 

Scanning/enumeration - the hacker engages with the victim and uses tools to gain information about the target. This can be anything from gathering open ports on a network, extracting usernames, computer names, network resources, shares and services. 

Gain access – the hacker exploits vulnerabilities in the system found through the reconnaissance and scanning phase. This is where damage to the system is done, or data is stolen/deleted. 

Maintain access – the hacker must ensure they have access to the system however long it takes to complete the attack. They do this through installing backdoors, rootkits and trojan horse malware. Once a hacker installs these exploits, they can carry out larger and more complex attacks. 

Clear your tracks – the hacker overwrites log files and clears any other indication of a breach. This makes sure they aren’t found and prosecuted for their actions. 

 

Penetration Test Life Cycle 

Every step in the penetration test life cycle is the same except for ‘clear your tracks’. Instead, it is replaced by the reporting phase – the tester will report back the vulnerabilities they have found and show the client how to close exploits and mitigate risks of real cyber-attacks. 

 

Penetration Testing Frameworks 

    • OWASP – Open Web Application Security Project. This educates people on basic web application security such as SQL injection prevention. 
    • OSSTMM – Open Source Security Testing Methodology Manual. Attempts to create one method for an extensively secure security test. 
    • NIST – National (USA) institute of Standards and Technology special publication 800-115 (NIST SP 800-115). A guide to the basic technical aspects of conducting security assessments. 

 

Penetration Testing Types 

    • Black box – this is when the tester has no prior information about the target. It is the most effective way of simulating a real cyber-attack. The test ignores inside threats and takes a long time to complete. It is also the most expensive test to complete as a lot of time and resources are needed to go into the reconnaissance and scanning phase. 
    • White box – this is when the tester is given full knowledge of the target computer system and networks. It provides a comprehensive test of the environment, however; it is not as realistic as a black box test. 
    • Grey box – this simulates an insider threat. The tester is given partial information about the computer system which can be used to save time on reconnaissance and scanning the target.

 

 

 

Comments

Post a Comment

Popular posts from this blog

OSA Assignment 1 - Task 3 GUIDE

Image
  OSA Assignment 1 – Task 3 Guide     Exam parameters   Time length – 5 hours (2x 2 ½ sessions)   Marks available – 28     Task 3: Design – Communication Equipment   In this task you are required to submit :   A technical proposal covering the switches, wireless infrastructure and specifications   Justification of planned network architecture and considerations for security, resilience, performance and redundancy   Evidence print screens   Annotated floor plan/network diagram     Technical Proposal   The technical proposal in task 3 follows a similar format as task 2. It's another large document detailing the requirements and recommendations for the company. In task 3, however , it should discuss communication and other digital equipment such as switches, CCTV and APs.   You should recommend multiple hardware solutions and justify between them.   Here are some examples of tables and information ...
Read more

OSA Assignment 1 - Task 1 GUIDE

  OSA Assignment 1 – Task 1 Guide     Exam parameters   Time length – 3 hours   Marks available – 20     Task 1: Planning   In this task you are required to submit :   A project plan   Gantt chart showing th e critical path   Explanation of legal requirements   Physical and digital threat countermeasures   Annotated floor plan     Gantt Chart   The Gantt Chart is the first document you should create. This details each phase of the project alongside the timescale to complete it.   Ensure you make a note of the deadline for the project along with any pre-requisites such as cabling. This should all be implemented into your Gantt Chart.   You can follow a layout like this:   Project:   Pre considerations (Gathering project timescale, risk assessments, ...)   Planning (Devising project plan, identifying budget, ...)   Design (Research hardware, identify topology, ...)   Pre ...
Read more

OSA Summer 2023 Mock - Task 1, Assignment 1

Image
  OSA Summer 2023 Mock – Task 1           Legal requirements   The company must ensure they are compliant with the correct legislation whilst the project is undertaken.   If any person is working at height, the correct safety measures to prevent injury or death must be imposed under The Work at Height Regulations 2005. They must have an appropriate safety harness on and hazardous areas at height should be i dentified in the risk assessment.   By storing data internally on a local file server, the business is responsible for maintaining the confidentiality, availability and integrity of that data. They must comply with The Data Protection Act 2018 and General Data Protection Regulations.   Display screen equipment regulations (DSE) should be considered when installing workstations. Ergonomic and posture-friendly chairs should be installed and employees given appropriate breaks from working around screens.     Data p...
Read more