In previous article we seen about “Estimation Guidelines For Testing“. Today we are concentrating on What is Penetration Testing and sample test cases for Penetration Testing?
What is Penetration Testing?
“Penetration Testing is also known as Pen Testing. Pen testing is the practice of testing a web application, computer system, Network to find vulnerabilities that an attacker could exploit.”
It is practical and accredited method to measure the security of an IT infrastructure. By securely trying to exploit application susceptibilities which comprises of Operating system service and application blemishes, inappropriate configurations, and also perilous end-user behavior. This kind of evaluations are also helpful in authenticating the efficiency of defensive methods and also end-users’ adherence to security strategies.
Details about any security susceptibilities collected using Penetration testing need to be characteristically combined and presented network systems managers to perform remedial measures.
What Are The Possible Causes Of Vulnerabilities?
- Defects that might be caused during design and development phase
- Improper system configuration
- Human errors
Advantages Of Penetration Testing:
- Intelligently take care of susceptibilities
- Reduces the cost associated with network down time
- Meet regulatory requirements and curb fines
- Ability to maintain positive image of the company
- Assess network efficiency
- Upgrading existing infrastructure might lead to vulnerabilities which can be identified by pen testing.
Automation tools can possibly discern any standard vulnerabilities that are often present in a system. Pen Test tools can be exploited to validate security ambiguities which might be present in an application like data encryption techniques and hard coded values like username and password. At times, these tools may trigger a security issue even if there is no such issue originally.
Qualities Of A Penetration Tester:
- Select a suitable set of tools to balance cost and benefits.
- Adhere to suitable procedures by adopting proper planning and implementation.
- State potential risks and findings clearly in the final report and offer methods to mitigate risks.
- Keep oneself updated at all times.
Some Of The Popular Penetration Testing Tools Are:
- Acunetix:
Download here: Acunetix download - Back Track:
Download here: Back Track download - BeEF:
Download here: BeEF download - Burpsuite:
Download here: Burp suite download - CORE Impact:
Download here: CORE Impact download - Cain & Abel:
Download here: Cain & Abel download - Canvas:
Download here: Canvas download - Dradis:
Download here: Dradis download - John The Ripper:
Download here: John the Ripper download - Metasploit:
Download here: Metasploit Download - Nessus:
Download here: Nessus download - Netsparker:
Download here: Netsparker download - Nmap:
Download here: Nmap download - Retina:
Download here: Retina download - Social Engineer Toolkit:
Download here: SET download - Sqlninja:
Download here: Sqlninja download - Sqlmap:
Download here: Sqlmap download - Wireshark:
Download here: Wireshark download - w3af:
Download here: w3af download - Zed Attack Proxy (ZAP):
Download here: ZAP download
Penetration Testing Test Cases:
- Track data transmitted across wire
- Track data stored in file
- Check for secret password saved by programmer in a secret file
- Check if error page and condition expose any data which might help hacker
- Check if binary file consist of any sensitive information
- Check URL for sensitive data
- Check if internal server contain sensitive information
- Check if the application returns more data than it is needed
- Check for multi stage elevation
- Check for weak discretionary ACL
- Check for buffer overflow
- Attempt to modify execution flow for instance serial key validation
- Try to identify insecure function call for insecure methods
- Make an attempt to overflow protocol, server name, file name, query string and file extension
- Check for canonicalization attacks like using /,\ to access roots or may be like using environment variable to denote path
- Check for DOS attack strategies like changing expected data types, repeat same action over and again, attempt to connect to server concurrently
- Check for XML injection attack like crashing XML parser, Xquery injection and XML external entity attack
- Check for format string attack
- Check for spoofing attack like changing MAC address and IP address
- Check for HTML script injection attacks
- Check for COM and ActiveX attacks
- Check for code disassembling like performing algorithm reversing, analysis of security updates and patching binaries
Different Penetration Testing Types:
COM and ActiveX attacks
ActiveX controls are often triggered on the system when a person performs web browsing and installs specific applications like media player. They are often regarded as a method to stretch browser features to perform actions that browser cannot usually perform through HTML. Therefore, they need to be tested rigorously so other website cannot the controls.
- Check for SITELOCK
- Check for error Handling mechanism – Tester can identify potential defects that may reveal any relevant information
- Check for Overflows
Managed Code Vulnerability
Most of the applications these days still relies upon unmanaged code which is regarded as a serious threat.
- Check for UNSAFE block
- Check for APTCA assemblies.
- Check for Asserts- In most of the cases, an assert can be called using a partially trusted code.
HTML Script Injection attacks
This can occur in either of the two ways:
- Cross site scripting
- Persisted XSS (script injection)
Common scenarios that penetration tester should look into:
- Inject CR/LF – This is often regarded as an usual method which may result in HTTP content splitting attacks.
- Javascript:alert() or Vbscript:MsgBox()
Spoofing Attack
Targeting the system stealthily on behalf of a 3rd individual and the hacker maintaining one’s own identity safe is termed as spoofing attack. Hence, spoofing may result in a verdict which is grounded on false details.
Spoofing IP address- In this method IP address is altered to conceal the hacker’s identity
Change MAC address- In this method, the hacker alters the MAC address
Change SMTP message- Hacker can get hold of all email related information
Weak Permissions
- Application should be checked properly for time-to-time that permissions are granted only to the right persons.
- Check if there is too much access on files and resources- If any individual who does not have enough authorization is allowed to view the resources, it could seriously affect the security of the application.
- Check for multistage elevation- Hackers frequently chain numerous susceptibilities to get hold of upper level access.
Over to you:
Have you worked on Penetration Testing if yes then please share your experience in the below comment.
One like on Facebook or a Google + is really appreciated!
Recommended Penetration Testing Books:
The Basics of Hacking and Penetration Testing Web Penetration Testing with Kali Linux Mastering Kali Linux for Advanced Penetration Testing
⇓ Subscribe Us ⇓
If you are not regular reader of this website then highly recommends you to Sign up for our free email newsletter!! Sign up just providing your email address below:
Happy Testing!!!