Types of Penetration testing, Penetration testing is a method of evaluating the security of an information system or network by simulating an attack to find out vulnerabilities that an attacker could exploit. Penetration test (or “pen-testing”) exposes the gaps in the security model of an organization and helps organizations reach a balance between technical prowess and business functionality from the perspective of potential security breaches. This can help in disaster recovery and business continuity planning.
It simulates methods used by intruders to gain unauthorized access to an organization’s networked systems and then compromise them and involves using proprietary and open-source tools to conduct the test. Apart from automated techniques, penetration testing involves manual techniques for conducting targeted testing on specific systems to ensure that there are no security flaws that previously might have gone undetected. In the context of penetration testing, the tester is limited by resources; namely, time, skilled resources, and access to equipment as outlined in the penetration testing agreement.
Related Product:- EC-Council Security Analyst v10 | ECSA
A penetration test or pen test is an intentionally planned attack on a software or hardware system seeking to reveal the inherent security flaws which will violate system integrity and end up compromising user’s confidential data. During this post, we are discussing differing kinds of penetration tests so you recognize what to hide. You can also learn the related blog of ECSA v10 (EC-Council Security Analyst v10) for more knowledge.
Types of Penetration Testing is a part EC-Council Security Analyst(ECSA) training you learn the cyber security attacks and their impact.
Types of Penetration Testing
The types of penetration testing depend on the amount of information the pen-testing team is given about the organization, prior to the test. One can conduct any of the pen testing types either externally (conducted against Internet-facing hosts) or internally (conducted against hosts inside the organization’s internal network). If we want a complete test, then testing both externally and internally is a must. The three types of penetration testing are as follows
Black-box Testing (Zero-Knowledge Testing)
In order to simulate real world attacks, pen-testers can choose to undertake black-box testing (or zero knowledge testing, with no information or assistance from the client), and map the network while enumerating services, shared file systems, and operating systems discreetly. Additionally, the pen-tester can perform “war dialing” (scanning and dialing a list of phone numbers) to detect listening modems, and “war driving” (physically driving around an area to find wireless networks) to discover vulnerable access points, provided these activities are legal and within the scope of the project.
In black-box testing, the pen-testers have only the company name. The tester thereafter uses fingerprinting methods to acquire information about the inputs and the expected outputs but is not aware of the internal workings of a system. Testers carry out this test after extensive research of the target organization. Black-box testing simulates an external attacker. Designing test cases are difficult without clear and concise specifications, but it is done once the specifications are complete. This test simulates the process of a real hacker. Black-box testing (also known as “functional testing”) is time-consuming and expensive.
What Are two types of penetration testing?
Blind testing :- In the blind testing, the pen-tester has limited information or knows nothing about the target, but the target is informed of an audit scope (what, how, and when the pen-tester will be testing) prior to performing the test. Blind testing simulates the actions and procedures of a real hacker. The pen-testing team attempts to gather as much information as possible about the target organization from the Internet (company’s website, domain name registry, online discussion board, USENET, etc.) and other publicly accessible sources. Pen testers start audit of the target organization’s security based on the collected information. Tough, blind testing provides a lot of inside information (such as Internet access points, directly accessible networks, publicly available confidential /proprietary information, etc.) about the organization that may have been otherwise not known, but it is more time consuming and expensive, as a lot of effort is involved to research the target. Example: Certified Ethical hacking, war-gaming, etc.
Double-blind :- In double-blind testing (also known as ‘zero-knowledge testing”), neither the pen-tester knows about the target nor the target is informed of an audit scope (what, how, and when the pen-tester will test) prior to test execution. In other words, both parties are blind to the test. Most of the security assessments today are based on double-blind testing strategy, as it validates the presence of vulnerabilities that can be exploited and the ability of the target’s individuals, processes, and tools to recognize and react appropriately to the penetration attempts made. Example: Black-box auditing, penetration testing, etc.
White-Box Testing (Complete-Knowledge Testing)
The organization may give complete information about its network to the pen-testers if it wants to assess its security against a specific kind of attack or a specific target. The information provided can include network-topology documents, asset inventory, and valuation information.
Typically, an organization would opt for this when it wants a complete audit of its security. It is critical to note that despite all this, information security is an ongoing process and penetration testing gives a snapshot of the security posture of an organization at any given point in time. Security professionals may perform white-box testing with or without the knowledge of IT staff. The top management must approve the test if it does not involve the organization’s IT staff.
Also Read:- Top 10 Most Common Types of Cyber Attacks
Organizations generally provide the following information for white-box testing:
Company infrastructure:- This includes information related to the different departments of an organization. Penetration testers have the Information related to hardware, software, and controls in an organization.
Network type:- The network-type information could be regarding the organization’s LAN and the topology used to connect the systems. It could also be information regarding access to remote networks or the Internet.
Current security implementations:- Current security implementations are the various security measures adopted by an organization to safeguard vital information against any kind of damage or theft.
IP address firewall/IDS details:- This information includes details of the IP addresses
An organization uses, the firewalls used to protect data from unauthorized users, and other important technical details about the network. Organizations generally provide the firewall and IDS policies to the penetration tester.
Company policies:- An organization may provide business continuity and IT security
Policies to the pen testers, depending on the nature of the test. Security policies, legal policies, and labor policies can all be useful to the penetration tester.
Grey-Box Testing (Partial-Knowledge Testing)
grey-box testing combines the methodologies of both black-box and white-box testing. It is the most common approach to test the vulnerabilities that an attacker can find and exploit. In certain cases, organizations would prefer to provide the pen-testers with partial knowledge or information that hackers could find, such as the domain-name server. This information can also include an organization’s publicly perceived asset and vulnerabilities. The pen-testers may also interact with system and network administrators.
Grey-box pen testing provides a full system inspection, from both the developer’s and a malicious attacker’s perspectives. It is a simulation of a systematic attack by outside intruders or malicious insiders with limited access privileges, are two ways to perform the above mentioned penetration tests:
Announced testing is an attempt to compromise systems on the client’s network with the full cooperation and knowledge of the IT staff. This type of testing examines the existing security infrastructure for possible vulnerabilities.
Announced penetration testing helps a penetration tester in the following ways:
• A penetration tester can easily acquire a complete overview of the infrastructure of The organization.
• A penetration tester may be given the kind of physical access provided to different employees in the organization.
• A penetration tester may get a clearer picture of measures applied to information and system security of the organization.
Questions related to this topic
- What does a penetration tester need to know?
- What is the difference between penetration testing and security testing?
- What is the best penetration testing certification?
- What is penetration testing with example?
Learn advanced security techniques by ECSA
- Enterprise Information Security Architecture
- Vulnerability Assessments Top 8 Most Useful
- What Is Incident Response Orchestration?
- Types of Penetration Testing:
Learn CEH & Think like hacker
- What is Ethical Hacking? & Types of Hacking
- 5 Phases of Hacking
- 8 Most Common Types of Hacker Motivations
- What are different types of attacks on a system
- Scope and Limitations of Ethical Hacking
- TEN Different Types Of Hackers
- What is the Foot-printing?
- Top 12 steps for Foot printing Penetration Testing
- Different types of tools with Email Foot printing
- What is “Anonymizer” & Types of Anonymizers
- Top DNS Interrogation Tools
- What is SNMP Enumeration?
- Top vulnerability scanning tools
- Information Security of Threat
- Foot printing tools:
- What is Enumeration?
- Network Security Controls
- What is Identity and Access Management?
- OWASP high TEN web application security risks
- Password Attacks
- Defend Against Key loggers
- Defend Against Spyware
- Covering Tracks
- Covering Track on Networks
- Everything You Need To Know About Sniffing – Part 1
- Everything You Need To Know About Sniffing – Part 2
- Learn more about GPS Spyware & Apparatuses
- Introduction of USB Spyware and It’s types
- 10 Types of Identity Theft You Should Know About
- Concepts of Denial-of-Service Attack & Distributed Denial of Service Attack
- Most Effective Ways to Overcome Impersonation on Social Networking Site’s Problem
- How Dynamic Host Configuration Protocol (DHCP) Works
- DHCP Request/Reply Messages
- DHCP Starvation Attack
- Rogue DHCP Server Attack
- IOS Switch Commands
- Web Server Concept
- Web Server Attacks
- Web Server Attack Tools
- Web Server Security Tools
- 6 Quick Methodology For Web Server Attack
- Learn Skills From Web Server Foot Printing / Banner Grapping
- The 10 Secrets You Will Never Know About Cyber Security And Its Important?
- Ways To Learn Finding Default Content Of Web Server Effectively
- How will Social Engineering be in the Future
- Understand The Background Of Top 9 Challenges IT Leaders Will Face In 2020 Now
- Learning Good Ways To Protect Yourself From Identity Theft
- Anti-phishing Tools Guide
This Blog Article is posted by
Infosavvy, 2nd Floor, Sai Niketan, Chandavalkar Road Opp. Gora Gandhi Hotel, Above Jumbo King, beside Speakwell Institute, Borivali West, Mumbai, Maharashtra 400092
Contact us – www.info-savvy.com