Pentesting- General How-To's Tools Practice Sites Scripts Links New Interesting Exploit Code
Definition
What is Penetration Testing?
The art of penetration testing (pentest) involves the
analysis of existing system architectures and their underlying hardware and
software functions to determine if they can be manipulated to perform in a
manner not originally intended by their developers and operators.
If a piece of software is poorly written and its code bounds not
properly sanitized and registers set, then it may be possible to introduce
instability. This instability
could be for the purposes of crashing the application and its host or to
inject new commands, functions, or processes designed to provide illicit
access to the application or underlying host.
Penetration Testing is considered an offensive operation and is the
sexier cousin of the Certified Ethical Hacker (CEH), which is strictly
focused on defensive measures.
In a mature organization, both the functions of the CEH and Pentester are
integrated as part of the overall software lifecycle and would be conducted
both during the development stage and prior to release into production as
part of the overall organizational risk reduction strategy.
How does it differ from Hacking?
A penetration test is conducted between the legal owner
of the system or application and the contracted penetration tester(s).
A typical pentest conforms to Rules of Engagement that define the
scope, level, back-out triggers, and report procedures involved in the
testing. Penetration testing is
a form of Computer Systems Engineering and Security Analysis and like all
other scientific testing must be documented using a process consistent with
established scientific methods.
The testing goal is to identify system weaknesses prior to their
exploitation by unknown actors.
Hacking is conducted in a similar manner, although
traditionally lacks a scientific documentation methodology, has no
pre-established Rules of Engagement between the system owner and the
hacker(s), and is conducted without legal permission.
In some countries, simply probing a perimeter for open ports could be
illegal. Hacking is
traditionally performed for one of 6 reasons:
·
Nation-State purposes (either officially
sponsored or passively supported 3rd parties)
·
Espionage (Industrial or other)
·
Hacktivism (Based on a shared ideal or
geo-political position)
·
Cyber-Terrorism (as part of an organization
or lone-wolf)
·
Theft or Unauthorized Exposure of Government,
Corporate, or personal information
·
Technical curiosity, research, and education
(without the system owners written permission)