Cyber Security Tutorial

Cyber Security Overview Cyber Security Introduction Cyber Crime Cyber Space Cyber Criminals Cyber Law Cyber Attackers Types of Hackers Functions of Cyber Security Method to Improve Data Security Cyber security frameworks Importance of Cyber Security Types of Cyber Security Cyber Security Fundamentals Applications of cyber security Cyber security in education sector Cyber security in health care industry Cyber security tools Cyber security policies Types of security policies Characteristics of cyber security policies Digital signature Cyber Security Standards NIST- National Institute of Standard and technology Information Technology Act ISO - International Standard for Organization ISO certification PCI DSS Standard FINRA Difference between Information Security and Cyber Security Cyber Security Vulnerability Elements of vulnerability management Social Engineering Vulnerability Assessment Vulnerability management Types of cyber security vulnerabilities Identification of security vulnerability Types of social engineering attacks Penetration Testing Penetration Testing Tools Types of penetration testing Process of Penetration Testing What is Phishing Elements of cyber security Difference between Spoofing and Phishing Difference between Network Security and Cyber Security Difference between Ethical Hacking & Cyber Security Role of artificial engineering in cyber security Cyber Forensics Definition Cyber Security job qualifications Cyber Security Prerequisites Cyber Security Identity and Access Management What is Cyber Forensics Different Types of Cybercrime Different types of cybercrime Tunneling Techniques in Cyber Security

Penetration Testing
2022-07-18 01:29:19

Penetration Testing

Introduction

When software or a system is designed, it is not fully secured as human creates it, and human is a mannequin of mistakes. In the cyber industry, no device, system or software is vulnerability free. Finding the vulnerability to improve the quality of the product is a necessity. Therefore ethical hackers use testing tools to find them, and penetration testing is one of the tools of cyber security to finding exploitable vulnerabilities.  

Penetration testing or pen testing is one of the types of cyber security testing techniques utilized to evaluate the security of an IT infrastructure which helps users stay ahead of hackers.

Pen test validates the end-user adherence to security policies and efficiency of systems defence mechanism. This is performed using automated and manual testing technologies on the systematically compromised servers, mobile devices, endpoints, web applications, wireless networks, network devices and other potential exposure points. Penetration testers, also known as ethical hackers, test the test servers, web applications, mobile devices, networks, and other potential entry points to find vulnerabilities/weaknesses instead of checking the doors and windows of the system. The vulnerabilities or security flaws can be present in different areas like login methods, end users' risky behaviours, operating systems, application flaws, services and system configurations settings etc.

“Penetration testing is utilize to identify and test all the system, server and software security vulnerabilities.”  Penetration test reports show how strong the existing defence system or measures are employed on the system to prevent any security breaches. It also recommends some countermeasures to reduce the risk of the system being hacked. Penetration testing checks or find out the vulnerabilities in the system caused due various reasons like (cause of vulnerabilities)

  • Human errors
  • Connectivity
  • Complexity
  • Design and development error
  • User input
  • Communication
  • Lack of staff training
  • Poor system configurations
  • Password
  • Management etc.

Why is penetration testing essential?

Penetration testing evaluates a system's ability to protect its application, endpoints, network and user from internal or external threats. Because of these reasons, penetration is essential:-

  • To ensure authorized control only
  • Protection of the security controls of the system
  • Calculate the magnitude of the attack on the potential business
  • It provides a detailed identification of how an intruder may attack the system through a white-hat attack
  • It protects the original data by supporting the system in avoiding black hat hackers' attack
  • It gives various reasons to invest in the security aspect of technology
  • Enable to detect of vulnerabilities/ weakness/ weak areas of the system which an intruder can attack to gain the computer's data and features
  • To fulfil the security compliance in an organization

Note: Penetration testing is unavoidable due to massive and dangerous cyber-attacks. It is required to test at regular intervals of time to protect the system against security breaches.

Example of attack: WannaCry ransomware attack started in May 2017 and locked more than 2 lakh computers worldwide. This attack affects large organizations worldwide, and attackers demand ransom payments from the Bitcoin cryptocurrency instead of releasing the system error-free.

When to perform penetration testing?

For security measures and securing the functioning of a system, penetration testing is an essential feature which should be performed whenever:-

  • Office is relocated
  • User setup a new policy/user program
  • Security systems attacked by attacker discovers new threats
  • New infrastructure is added to the network
  • A new system is updated, or new software is installed

What is tested in penetration testing?

In the penetration testing following should be tested:-

  • End-user behaviour
  • Hardware
  • Network
  • Software of the system (services, operating system, applications)
  • Network

Penetration testing benefits

Penetration testing is helpful in several ways:

  • To find weakness/ exploitable vulnerability in the system by analyzing the IT infrastructure
    Every organization use penetration testing to evaluate internal and external network security and web applications. This process tells what security controls are necessary to provide a level of security to the organization required to protect its people and assets. By identifying and prioritizing these risks, an organization can find weaknesses in the system, anticipate risks and prevent potential malicious attacks.
  • For determining the robustness of controls
    Every industry has to maintain a competitive environment, and penetration testing allows this competitive advantage by determining the robustness of controls on IT infrastructure security.  
  • It supports various compliance (PCI DSS, HIPPA, GDPR) with security regulations and data control.
    Penetration testing handles the security obligations and the compliance mandated by regulations and company standards like ISO 27001, HIPPA, FIMSA and PCI DSS. These tests help maintain your dedication to information security and avoid heavy fines associated with non-compliance.
  • Provide quantitative and qualitative examples of budget priorities and current security portion for an organization
    Penetration testing saves the millions of dollars of organization applied to customer protection programs, loss in sales, IT remediation, legal fees and discouraged customers by preventing the system. It helps maintain the organization's current position and standard by securing its current security portion. It's a proactive way of protecting the brand and reputation by preventing a breach's financial losses and providing quantitative and qualitative budget priorities.

    Other benefits are:
  • Pen testing is required to meet the regularity requirement of security measures in an organization
  • To manage the vulnerabilities intelligently
  • To avoid and reduce the cost of network downtime
  • Helpful in maintaining and preserving customer loyalty and the corporate image of an organization
  • Boost up the confidence of the user in the security strategy
  • It discovers the security strengths and also verifies the working of the existing security program
  • Required to ensure the security in financial sectors like a stock trading exchange and banks who want to secure their data
  • To renew the security of already hacked software to ensure the organization that no threat is still present in the system and to avoid future hacks. 

Penetration testing disadvantages

Some side effects of penetration testing are downtime, increased cost, corruption and data loss. In all the cases, penetration testing couldn't be able to find all the vulnerabilities in the system. The reason behind this is the time, scope, budget, and skills of penetration testers.

Strategies of penetration testing

External testing – This kind of testing has a clear motive of gaining access and extracting valuable data by targeting company assets that are visible on the internet, like the company website, the domain name server (DNS), email and the web application itself. These are the external attacks (procedures performed outside the organization) on the organization’s network perimeter, for example, extranet or internet.   

Internal testing – This is internal testing of the organization system to understand the following points:

  • What could happen if the network perimeter were successfully penetrated.
  • What an authorized user can do to penetrate the specific information resources within the organization network.

The tester simulates a malicious attack by having internal access to the application behind the firewall. This is not stimulating a rogue employee; instead, it can be an affected employee whose credentials were stolen due to a phishing attack. So, internal testing can be done by a tester inside the organization to prevent the company from threats or attacks.

Double-blind testing- It’s the upper level of blind testing. Only a few people in the organization are aware of the testing. The IT and security staff are "blind" to planning the testing because they are not informed or notified beforehand of the testing. Double-blind testing help an organization:

  • To test the security monitoring and incident identification program
  • To test the response and escalation procedures

But this security team can’t shore up their defences before an attempted breach.

Blind testing – In this type of testing, the tester only has the name of the targeted enterprise, which gives the security team a real-time look at how an actual application assault would occur. Here testers try to stimulate the actions of a real hacker, but they have little or little information about the organization. The testing team collects information about the target from publicly available information like domain name registry, corporate website, etc., and conducts the penetration tests.

Targeted testing - In this testing, penetration testing and the IT team work together due to, which is also known as the lights-turned- approach. This testing provides real-time feedback to a security team from a hacker's point of view, including information regarding the target, network design and testing activities. Rather it requires less time and effort than blind testing, but it doesn't provide a proper report of an organization's security vulnerabilities, and response capabilities like other testing strategies do.

Tools used in testing

  1. Application scanner
  2. Vulnerability scanner
  3. Port scanner
  4. Web application assessment proxies

Approaches to penetration testing

Penetration testers use three approaches based on the type of weakness and information available for penetration testing. These approaches are:

   a)  White box     b) Black box        c) Grey box

White boxBlack boxGrey box
White box testing is the in-depth testing of the system and attaining all the possible information. In this testing, the testers have the internal knowledge and complete access to the system. Tester has all the knowledge about the system, including code quality, IP address schema, OS detail and internal design. It gives the tester a complete picture of security, due to which pentest can be identified even remotely located vulnerabilities.This approach is the closest to a real-world attack; testers are responsible for collecting information about the target system or network. It is the opposite of white box testing, where testers o not have internal knowledge of the system and design the test as a uniformed attacker. This approach involves a high degree of technical skills, which is costly and has a longer duration than the white-box approach. An external hacker does an  attack after gaining illegitimate access to an organization's network infrastructure documents.It is a combination of white box and grey box testing, in which the tester has partial knowledge of the system. In this approach, the tester has a more focused area of attack with a limited amount of knowledge, and they avoid any trial and error method of attack.