• info@helpingtesters.com
  • helpingtesters

Penetration Testing

October 11, 2016 Types of Testing
penetration testing,penetration test, security testing

First of all, it is important to know what Penetration Testing is and why it is needed. But Before that, let us be familiar with some of the commonly used terms like what is Vulnerability, Vulnerability Assessment, and Exploit. The vulnerability is a weakness in a computer system that an attacker can take advantage of. 

  • Vulnerability Assessment is the act of identifying vulnerabilities for specific computer or network. An exploit is a code that allows hackers to take advantage of Vulnerability.  An exploit may break the system and get the business information from the system by introducing payloads in the system which is nothing but code that runs after the exploit is successful.
  • There may be shell programming which directly interfaces with the system or can have backdoor entry to the system without real authentication. These are called virus in layman language.
  • Penetration Testing is a type of testing which helps us determine which part of the application is vulnerable to be attacked and hence fix the issue before releasing the application on the web.
  • It also is used to prevent the server from unauthorized access. As we know that web applications are available and accessible to all on the internet. Behind every web application, there is code running behind it and executing the application based on user action on the application.
  • Once vulnerabilities are found in the code, it is possible to attack the application and obtain information from the website or execute some functionality from the web application which is not supposed to be done. Probably one of the well-known lists of these vulnerabilities is provided by OWASP

Steps required doing Penetration Testing

  • Information Gathering: Information of the server is gathered like their domain and IP address, information like which ports are being used and which ports are closed and which services are being run on which operating systems, what applications and software they are running on the target system.
  • Vulnerability Assessment:  It includes identifying services running on Operating systems and applying known vulnerability on known services or finding ways to carry out attacks on those services.
  • Exploitation: Once we know the vulnerability, we go for exploitation. We may SSH or telnet the server and brute force the credentials with multiple numbers of guessed username or password to break the system or we may remote exploit the systemAn example of remote exploit is that if someone is using Windows XP Operating system which has not been patched, so outsiders run the vulnerability code as patching which compromises the system.
  • Post-Exploitation: Example of Post Exploitation is a Reverse shell. Reverse shell is a program that is used by attacking machine to target machine to get the connection with the target system and get the code or execute commands on the target system to gain confidential information.

Penetration Testing Skills

Map and Search

We need to understand the application, their request and response, what are the headers, understand the structure of the application and understand the response to a request for penetration testing.

Reissue and Diff

It is another skill which is required for Penetration Testing. It requires checking the response after giving similar request or request with different inputs number of times. Talking in Layman language, we check the output in response from for different inputs in request.server, for different inputs in the request. We check the change in output in response

Fuzzing

It is another skill required to do penetration testing. It is usually an automated process that usually inputs the same request multiple numbers of times or different inputs in the request to find out the corresponding response. 

It is very important and helps in breaking the system with the very large number of inputs. An example of this may be inputting false user name and password with very large number of data, so as to break the system, in case bombarded inputs matches the username and password. Input data is based on all permutation and combination of data. For example, if your username is known and the system says that Password should be of six characters.

Then Fuzzing processes use automated process for generating the different combination of six letter character or the password and check the response.

Automated scanning

It checks output response code for tons of false input provided to the request. And thus helps in finding out the weaker section of the web application that is prone to security threats.

It is important to know how and when to do in context with OWASP Top 10 vulnerabilities and give us the list of possible vulnerabilities in the application. Web Penetration tools have their scanner which performs this task.automatic scanning.

Automated scanning helps us find the vulnerabilities in the application which is Documentation: Last but not Least, documentation is an important skill and provide all the necessary description of the penetration testing and vulnerabilities found.

OWSAP (Open Web Application Security Project)

Let us discuss the things in more detail. When users send the request after using the web application, Penetration tester using Web Penetration tool intercepts the traffic. It acts as a man in the middle. It gets the request, modifies the inputs, resends it to the server and gets the response from the server. It can use fuzzing to send multiple numbers of data to check its response from the automated server.

There is automated scan facility in all the security tools which list all the possible areas or vulnerabilities detected by the tool in the application. These scanners form the most important part of the security tool and detect vulnerabilities in the application which is found in the list of OWASP top ten vulnerabilities.

The Open Web Application Security Project (OWASP) is an international non-profit making organization focused on improving the security of software, which releases the list of top ten vulnerabilities each year, based on the research for wich penetration testing needs to be done.

Overall, we can say that nowadays, It is quite important to do penetration testing to prevent access of business information to the hackers which may lead to destruction in terms of business value, as business data is highly confidential for any organization and should not be accessible to anyone except the authorized personnel.

About the author

arindam bandyopadhyay author

Arindam Bandyopadhyay is an automation tester with over 5 years of experience in software testing. While during the day he juggles between Eclipse and spreadsheets, at night he lets his fingers do the talking as he writes about anything and everything his paradoxical mind desires.

Leave a Reply

Your email address will not be published.