Penetration Testing

Penetration Testing

Hello Friends, Today i am going to teach you what is Penetration Testing, types of penetration Testing, What is to be Tested 

What is Penetration Testing ?

A penetration test, also known as pen test is a legal attempts at gaining access to your protected computer system or network often conducted by a third party organisation.

The purpose of the test is to identify security vulnerabilities and them attempt to successfully exploit them in order to gain some form of access to the network or computer system.

Penetration tests are carried out by using manual or automated software to safely compromise server endpoint, web application, wireless network, network device, mobile device and other potential risk points. if a tester is able to successfully exploit the vulnerabilities on a target system. they may attempt to use the vulnerable system to launch further attacks ? exploits on other internal resources, by getting deeper access and information via privilege escalation.

 A pen tester will generated a detail reported about successful exploited security vulnerabilities via penetration testing. The generated reports is then given to network & security administrators of organization to take necessary remediation steps for enhancing security by security and patching vulnerabilities.

The main purpose f penetration testing is to verify the impact on the resources and operation of the network in case of any hacking and how to minimize the affect of the same

Types of Penetration Tests

Penetration test can be classified into various types.

1. Network Services test 

This is the most common type of penetration test, Used for finding target system on a network, Finding loopholes / vulnerabilities in the operating system and network services and later exploiting them remotely. Networking service penetration test is done from a remote location through the internet targeting the organization's perimeter network. Sometime these tests are done from the local network to assess the security of the internal network from the perspective of the internal user.

2.Client-side Test

This kind of penetration test is used ti find and exploit vulnerabilities on client-side application like web browser, media player, etc. On a target network.

3. Web application test

This kind pf penetration test is used to find security vulnerabilities in the web server, web based application and programs on a target network 

4. Remote dial-up war dial

This kind of penetration test is used to discover modems. It ites to get connected to the modem by password guessing or brute forcing the target network.

5. Wireless security test

This kind of penetration test is used to discover wireless access points with in range and finding and exploiting the security weakness of access points on a target network.

6. Social Engineering test

This kind of Penetration test is used to gather sensitive information such as a password or other important and confidential data directly from a user. This is old style conning, trying to fool users into revealing their personal information. this type of test may be conducted over the phone or email, targeting-organization users or employee and evaluating security procedures and process.

________________________________Thank You________________________________