What is Penetration Testing and Pen Test Distribution? Full Info

Security of system or network by exploiting vulnerabilities. This will determine whether unauthorized or malicious activity is possible in a system. Vulnerability uncovered through the Pen Testing will be presented to the system's owner.


Why Penetration Testing?

  • Pentetration testing can identify the vulnerabilities that is not identified by an automated vulnerability scanners.
  • Determining the feasibility of a particular set of attack vectors
  • Determining the Critical Vulerabilities .
  • Assessing the magnitude of potential business and operational impacts of successful attacks
  • Testing the ability of network defenders to successfully detect and respond to the attacks
  • Testing stability of the system against the DDOS attack.



White Box vs Black Box vs Grey Box Testing:
Penetration testing can be performed in different ways. The methods can be classified into three types based on the knowledge about the System being tested.

White Box:
In white box testing, Pen Tester know everything about the system such as source code,network diagrams, ip addressing info.

White box testing simulates what might happen during an "inside jobs" or after a "leak" of sensitive information, where the attacker(malicious insider) has access to source code, network layouts, and possibly even some passwords.

Black Box:
Pen Tester test the system without prior knowledge about the system. This method is also known as Blind Testing . Black box testing simulates an attack from someone who is unfamiliar(malicious outsiders) with the system.

Grey Box:
In this method, Pen Tester partially know about the system.

Web application penetration testing:
This testing will be used to find the following web application vulnersation:

  • SQL Injection
  • XSS(Cross site Scripting)
  • buffer overflow
  • Clickjacking
  • DDOS
Penetration Testing Tool:
Penetration Testing tools are used as part of a penetration test to automate certain tasks, improve testing efficiency, and discover issues that might be difficult to find using manual analysis techniques alone. 

As a Penetration Tester, you will need lot of Penetration testing tools to test the Security of system. Searching ,downloading and installing the required software may take time. You can use a Penetration Testing Distribution instead.

What is Pen Testing Distribution?
Penetration Testing Distribution is an open source operating system (Derived from Linux/BSD) that combines all required application for testing the security of system. It is specially developed forSecurity Professionals(Pen Testers/EthicalHackers/Forensic Officers...)
Eg: Backtrack 5 Linux .

What is the advantage of Penetration Testing Distribution?
All Required application for security test are gathered in a single Operating system. You don't need to search for application, Save your time. Penetration Testing Distribution are open source and free to use. You can install in pen drive and bring it anywhere. 

Note : If you find any problem then please comment below.

Share on Google Plus

About Unknown

This is a short description in the author block about the author. You edit it by entering text in the "Biographical Info" field in the user admin panel.

0 comments :

Post a Comment