Penetration Testing (Pen Test), Information Security Management, Pen Tests

Penetration Testing (Pen Test)

Penetration Testing or Pen Test is an advanced level computer skill used to test computer systems, networks and web applications for against vulnerabilities and exploits that an attacker can take advantage off. Pen Tests can be performed with the help of some automated software or also manually by some advanced skilled expert. Penetration Testing explores target, possible entry points, multiple ethical attempts to break in the code and get an unauthorized access into the system and finally generation of comprehensive report for the whole process.

Purpose of Penetration Testing is to find weakness in existing security systems, web applications and networks. It can also be used to test the compliance level of organization's security policies, employees' awareness and ability to respond to security breach.

Methods

  • Predefined Target Penetration
  • External Target Penetration
  • Internal Target Penetration
  • Blind Penetration/Testing

Stages

  • Planning the Attack
  • Scanning the Target
  • Gaining Access via vulnerable entry points
  • Maintaining access and continue attacking
  • In-Depth report of attack and found vulnerabilities.