Now that you know what penetration testing is, the next thing you’re probably wondering is how to do penetration testing. Read on to find out about each step.
Before you deploy a penetration test, you need to first establish what you wish to achieve. For example, do you want to make sure your website is secure? Or do you want to see if your workers understand how to avoid falling victim to phishing attacks?
The answer to what you wish to achieve will greatly affect what exactly is carried out for the pen test.
Next, you need to do research on your business’s system architecture, as well as other important information, such as data flow and infrastructure. The better you can understand how the processes and technology of your company are set up, the deeper you can delve into your penetration testing.
Research can be conducted on all sorts of venues and platforms, including the dark web. Essentially, you’re trying to leave no stone unturned regarding the information on these subjects.
Reconnaissance is similar to intelligence gathering. However, instead of researching concepts related to your processes and technology, you’re researching your own scoped environment.
Here, you’ll look into your systems and applications to learn more about what may potentially be a vulnerability, which you’ll build upon in the next step.
Now, you’ll confirm your suspicions by running vulnerability scanning tools on your scoped environment. It’s important that once you receive the report, you go through each one and make sure they’re actual vulnerabilities and not any anomalies or mistaken vulnerabilities.
An important additional step is after you’ve used these scanning tools, you should go through your scoped environment and try to identify any vulnerabilities manually.
As you can imagine, this step in how to perform penetration testing is the most time-consuming.
Exploitation (Actual Penetration Test)
Now that you’ve identified all the possible vulnerabilities possible, it’s time to try and hack your own system.
Remember the goals set out in the pre-engagement step? This is also where you try and reach them. This can be anything from doing website pen testing to exploiting vulnerabilities in any web applications your company may have.
If you’re successful in reaching, the goals set forth in the pre-engagement step, then you should go back to the intelligence-gathering phase and work your way up to exploitation to further pinpoint problem areas in this exploited system.
Once you’re satisfied with the exploitation step, you need to make sense of all the data you’ve gathered.
For example, you may have found a myriad of vulnerabilities in your company. However, not all are created equal, nor do you have the time and resources to tackle all of them at once. Because of this, you need to sort through all the vulnerabilities and prioritise them for your business.
In this step, you might determine that further retesting is needed for certain areas.
Conclusion and Summary
After prioritizing your company’s vulnerabilities for fixes, you may have to put all this information in a neater packet to present to other business stakeholders. It may be beneficial to group vulnerabilities by type (such as website or web application) and then the order of importance.