Tuesday, January 3, 2012

PenTest at Glance

What is Pentest ??
PenTest is the acronym for Penetration Test, 
Penetration Test itself is a method to evaluate the security of a computer or a network by simulating possible real attack performed by Black hackers or cracker.

So generally, Pentest is not a bad activity and have a good ethics. By simulating the attack performed by the black hackers, Pentester also try to attack the system using the ways that also will possibly used by the real black hackers or crackers. PenTest is more to the defensive purpose (because after attack the system and find the weak point of the system, pentester will inform the admin of the system to fix it).

Then, who is PenTester??
From the name i bet you already knew it. Pentester is the person behind the pentesting activity. A pentester is usually a White Hat hacker. These kind of person usually works in a certain instance working on Information Security. They usually works under the letter of agreement to not leaking any information found when they do a PenTest. But, a PenTester also could be a person from Grey Hat hacker or even Black Hat hacker.

According to Ethical Hacker Council, generally hacking or pentesting done by these life cycle :

1. Reconnaissance
> Information Gathering
   > Active Information Gathering
     Search for the information on the target is done directly by contact with the target, usually known as Social Engineering.
   > Passive Information Gathering
      Search for the information on the target is done indirectly with the target, usually done by searching all over the internet for information.

2. Scanning
> Vulnerability Scanning
   Searching any vulnerabilites on the target system to be attacked.

3. Gaining Access
> Attack the system to gain full access of it.

4. Maintaining Access
> After successfully gain access to the system, hacker usually will leave a backdoor on the system. The backdoor will be carefully hidden by the hacker. This backdoor will allow the hacker to access the system back anytime.

5. Clearing Tracks
> The last process is to delete all hacking tracks on the system. Like deleting system log or network traffic log.

This is ususal activity performed by the attacker. But, for the authorized Pentest activity, usually up to Gaining Access. After found each bug or weak point of the system, the Pentest is considered to be Completed.

Hope this article helps you to understand Pentest better..