Pen test

• Penetration/vulnerability test – used to determine vulnerabilities in a controlled environment, involves an authorised attack on a system and also known as ethical hacking. Definition – a method of gaining assurance in the security of an IT system by attempting to breach some or all of that system’s security using the same tools and techniques as an adversary might.

5 steps of a penetratration test:Reconnaissance Scanning Vulnerability Assessment Exploitation Reporting

Jas Singh

Penetration Testing

• Reconnaissance - this is the first step of the penetration test and this is when the ethical hacker gathers as much information as they can about the organisation and their systems such as network topology, user accounts and any relevant information.
• Scanning - in this phase, the tester will be using a variety of tools to identify open ports and check network traffic on the target system, open ports can be used as entry points.
• Vulnerability Assessment - the tester will use all the gathered data from the first two phases and they will use it to identify potential vulnerabilities and weaknesses and finding out way to exploit them.
• Exploitation - this is when the tester attempts to access the system.
• Reporting - the tester will create a document which shows their findings throughout the test and how they managed to get into the system (sometimes they don't) and they will provide solutions on how to patch everything.