Cyber Security Tutorial

Cyber Security Overview Cyber Security Introduction Cyber Crime Cyber Space Cyber Criminals Cyber Law Cyber Attackers Types of Hackers Functions of Cyber Security Method to Improve Data Security Cyber security frameworks Importance of Cyber Security Types of Cyber Security Cyber Security Fundamentals Applications of cyber security Cyber security in education sector Cyber security in health care industry Cyber security tools Cyber security policies Types of security policies Characteristics of cyber security policies Digital signature Cyber Security Standards NIST- National Institute of Standard and technology Information Technology Act ISO - International Standard for Organization ISO certification PCI DSS Standard FINRA Difference between Information Security and Cyber Security Cyber Security Vulnerability Elements of vulnerability management Social Engineering Vulnerability Assessment Vulnerability management Types of cyber security vulnerabilities Identification of security vulnerability Types of social engineering attacks Penetration Testing Penetration Testing Tools Types of penetration testing Process of Penetration Testing What is Phishing Elements of cyber security Difference between Spoofing and Phishing Difference between Network Security and Cyber Security Difference between Ethical Hacking & Cyber Security Role of artificial engineering in cyber security Cyber Forensics Definition Cyber Security job qualifications Cyber Security Prerequisites Cyber Security Identity and Access Management What is Cyber Forensics Different Types of Cybercrime Different types of cybercrime Tunneling Techniques in Cyber Security

Types of penetration testing
2022-07-28 00:30:58

Types of penetration testing

Penetration testing is the collection of techniques utilized to resolve the various issues of the system and test, analyses and give a solution. So, understanding penetration testing is incomplete without learning about the several types of penetration testing.

In the cyber industry, for providing cyber security in different aspects like network, web application, mobile application, cloud storage, database, and client security, these types of penetration testing are there:

Types of penetration testing

Network security testing

This penetration testing is to find the vulnerabilities or weaknesses in the network infrastructure anywhere (on-premise or cloud environments like Azure and AWS penetration testing). This test is required to protect the data and security of your application. It is crucial with many areas like encryption, outdated security patches and configurations, which are tested and checked. Network security testing is divided into two parts:

  1. External Pentest – This attack is done by an outsider having access to the internet with no previous knowledge of the internet. An outsider tries to exploit the vulnerabilities from outside and break into the system to access internal data and the system.
  2. Internal Pentest
    This testing is concerned with testing the application in an internal environment, i.e. within the organization. But external threats are riskier than internal ones because internal security breaches result from a breach in the external security protocols. To get into the organization, the attacker first breaches the outer layer and holds its presence already within the network.
    List of already done network pentests:
    • DNS footprinting
    • SSH attacks
    • Tests on proxy servers
    • Testing routers
    • Firewall bypasses
    • Evasion of IPS/IDS
    • Scanning and testing open ports

Physical penetration testing

Physical penetration testing can determine whether attackers can gain unauthorized access to the server room, which can serve as an entry point into the corporate network. This penetration is required to detect the vulnerabilities and issues in physical assets like cameras, sensors, barriers, barriers and others that may lead to a breach. It also takes care of how the organization deals with physical security threats such as tailgating, social engineering, badge cloning and many more. In the end, these can generate a report to the organization with information about discovered physical security flaws and remediation suggestions.

Mobile application penetration testing

This testing discovers mobile application vulnerabilities but doesn't include mobile API and servers. Mobile application penetration testing uses these tests:-

Static analysisIt is used to reverse engineer to extract elements like metadata and source code.
Dynamic analysisDynamic analysis is done during the runtime of the application. The tester finds the vulnerabilities by extracting data from the RAM or bypassing controls.

Client-side penetration testing

It's simply the testing done on client devices like web browsers and workstations to detect software vulnerabilities because these can easily exploit the client's device. These kinds of attacks are identified in client-side pentest:-

  • HTML injections
  • Malware infections
  • Cross-site scripting attacks (XSS)
  • Clickjacking attacks
  • Form hijacking

Social engineering

Social engineering attacks result from unwanted advantages of human psychology taken by attacks. Hackers exploit human nature to break security breaches and access the system. In social engineering penetration testing, the tester manipulates human nature and coaxes individuals to reveal sensitive information. This information is useful for planning further attacks and penetrating the system. A list of some social engineering attacks are:

  1. Eavesdropping
  2. Tailgating
  3. Dumpster diving
  4. Phishing attacks
  5. Masquerading attackers as vendors, colleagues and contractors
  6. Bluesnarfing

Web application testing

The entire application (including business logic and custom-built functionalities) is tested to protect against data breaches and other attacks. This testing is required to uncover the security lapses in customer relationship platforms, websites, e-commerce platforms, content management systems and others. Web applications are the source of huge data, and with the rise in web applications, lots of data transmission takes place that becomes an easy target for cyber-attacks. Everyone (organization and individual) dealing with web apps regularly conduct this act to keep up with the latest attack methodologies and security flaws. Web application penetration testing is required for some of the following vulnerabilities:

  1. Misconfigured web servers
  2. Spoofing MAC address
  3. Wireless encryption
  4. Network traffic
  5. Cross-site scripting (XSS)
  6. Weak credentials
  7. Website database
  8. Distributed Denial of services attack – DDoS
  9. SQL/ code injection attack

Steps followed in the web application penetration testing process are:

  1. Surveillance: In this step, they gather information regarding the application, like resources and operating system (OS) used.
  2. Discovery: Detection of vulnerabilities
  3. Exploitation: For gaining unauthorized access to the application, it uses the detected vulnerabilities and its pools of data

Cloud security testing

The cloud environment is used to save the data and is different from traditional on-premises environments. Cloud used as a database platform shares security responsibilities with the organization; therefore, cloud pen testing requires specialized skills. Penetration testing uses these cloud testing specialized skills and experience to scrutinize different aspects of the cloud-like APIs, encryption, configurations, various databases, storage and security controls.

Embedded IoT devices

Embedded or IoT devices must need penetration testing because of their long life cycles, power constraints, remote locations, regulatory requirement and many more functionalities. It includes devices like oil rig equipment, medical devices, smart watches, automobiles, home appliances etc. In penetration testing, experts perform a thorough communication analysis and client/server analysis to identify defects that matter most to the relevant use case.

Penetration testing services

Penetration testing is provided in two types of services: manual and automatic.

Types of penetration testing

Manual penetration testing

A security consultancy or contractor can manually perform penetration testing. Hackers conduct systematic and extensive testing by agreeing on a specific scope with the client. During testing, ethical hacker attempts to breach the organization’s security, search for the vulnerabilities and after that, prepares a detailed report on them. The report depicts what the hacker has discovered and suggestions for remediation.

           Manual Test Pros            Manual Test Cons
Generic vulnerabilities are easy to discover via automated tools, but it used to uncover business logic vulnerabilities.

It can detect zero-day vulnerabilities.

It can stimulate complex attack campaigns, including multiple threat vectors.

The human testers use automated tools to combine automated scans with manual exploration and analysis.

Before generating the scanning report, the penetration tester validates or checks all the findings because false positive is not a concern in this case.
Each penetration test is required a high cost and large efforts

From the organization's point of view, setting up a penetration test is a complex process as it requires a detailed definition of scope, contracts and coordination with internal stakeholders

The test result depends on the tester's skills as an unskilled tester can miss important vulnerabilities and insights. The unskilled tester lacks relevant experience in the organization's industry or technology stack

Manual testing only performs the test on a quarterly or annual basis, which leaves the organization open to zero-day threats or vulnerabilities. This can affect the changes to production systems.

Automatic penetration testing

Penetration testing can be automatic, which provides a service of testing with the new model & known as PTaaS – penetration testing as a service. This service is for organizations, providing an automated platform for performing penetration testing on their system. PaaS services conduct the testing by using technologies like dynamic application security testing (DAST), automated vulnerability scanning and fuzzing without human intervention. Automatic testing does the same as it finds vulnerabilities and security weaknesses and attempts to exploit them. It gathers all the information about possible targets, identifies the potential entry points, tries to break in either actually or virtually, and makes a final report of all the findings to the organization's security team. This testing has variable moving parts, but still, it saves time and produces better penetration test results than manual testing. Automated penetration testing is an effective tool that reduces the high risk to the enterprise from real-world attacks and mitigates the vulnerabilities.

Automated testing ProsAutomated testing Cons
Automatic penetration testing makes testing procedures practical for companies without or with a security team.

It works with a flexible payment method and lower costs. It's most services include pay-per-use pricing and subscription too.

It is a self-service model, too, showing all the test details to the client. It provides a web interface to the client on which system and at which frequency the test is performed.

After testing automated report is generated that suits the organization's needs with specific compliance requirements.		As compared to manual testing, it has more hale positives

Can’t identify business logic vulnerabilities

The use of encryption in the testing system can complicate the use of PaaS services.

It makes the organization more responsible regarding testing as it determines the testing schedule and reviews finding independently.

To run automated penetration in the cloud environment, the cloud providers require permission to run them and limit the testing to a specific window time.