Penetration Testing
Last updated
Was this helpful?
Last updated
Was this helpful?
A penetration test consists in testing the security of an information system by carrying out attacks in order to identify system vulnerabilities and to recommend security corrections. Penetration testing and vulnerability testing differ in their objectives. Vulnerability testing relies on automatic scanners to quickly identify the most common vulnerabilities. Penetration testing goes further. In particular, it includes the search for logical flaws, which cannot be detected by automatic tools, and a phase of manual exploitation of the identified vulnerabilities. It is a more comprehensive and proven security audit method, which enables to measure the real impact of any type of flaw.
A penetration test can include black box, grey box or white box tests. Black-box tests target the attack surface available to any external attacker, while grey-box tests target areas accessible only to customers, partners or employees of an organisation. As for the white box audit, it allows to analyze the security level by having the same level of access as a system administrator (server, application…).
The deliverable handed out following a penetration test is a security audit report that presents the identified vulnerabilities, classified by criticality level, as well as technical suggestions for remediation. In addition to the report, a non-technical summary can also be delivered, for presentation to the management committee or partners.
A penetration test is based on a four-phase methodology, which is a cyclic process: Recon, Mapping, Discovery, Exploitation.
The recon phase consists in searching for open-source information on the target of the security audit. All information potentially useful for an attacker is collected, for example: IP addresses, domain and sub-domain names, types and versions of technologies used, technical information shared on forums or social networks, data leaks…
The mapping phase allows listing all functionalities of the audit target. This step enables pentesters to have a better visibility on the most critical and exposed elements. This step is particularly essential when the objective of the security audit is to conduct tests on all the functionalities of a target.
The discovery phase is an attack phase: pentesters look for vulnerabilities through manual searches complemented by automated tools. The objective is to discover as many vulnerabilities as possible on the target.
The exploitation phase consists in testing possible exploitations of the flaws identified in the previous phase. This step allows using certain flaws as “pivots”, in order to discover new vulnerabilities. The exploitation of security vulnerabilities allows evaluating their real impact and thus their criticality level.