Penetration Testing - Hacking Bootcamp: Learn the Basics of Computer Hacking (2016)

Hacking Bootcamp: Learn the Basics of Computer Hacking (2016)

Chapter 5. Penetration Testing

Penetration Testing is a legal attempt to detect, probe and attack computer networks. Most of the time, this kind of test is initiated by the network owners. They want hackers to run exploits against the network being tested, so they can measure and improve its defenses.

When conducting a Penetration Test, you should look for weaknesses in the target and conduct POC (i.e. proof of concept) attacks. A POC attack is a hacking attack designed to prove a discovered weakness. Effective Penetration Tests always produce detailed suggestions for fixing the problems that were discovered during the procedure. Simply put, Penetration Testing protects networks and computers from future hacking attacks.

The Four-Step Model of Penetration Testing

Hackers divide Penetration Testing into four distinct steps. This approach helps them to identify the things they need to do at any point of the process. Let’s discuss each step:

Reconnaissance

During this step, the hacker needs to gather information about the target. It helps the hacker to identify the tools and programs that he needs to use. If the hacker wants to make sure that he will succeed, he must spend considerable time in the Reconnaissance step.

Scanning

This step has two parts, which are:

1. Port Scanning – You’ve learned about this topic in an earlier chapter. Basically, port scanning is the process of detecting the available ports in the target. Ports serve as communication lines – once you have detected and controlled it, you will be able to interact with the target network.

2. Vulnerability Scanning – In this process, you will search for existing vulnerabilities within the network. You’ll use the discovered ports (see above) to reach and exploit the vulnerabilities.

Exploitation

Since you have gathered information about the target, scanned the network’s ports and searched for existing vulnerabilities, you are now ready to conduct the“actual hacking.” This step involves various tools, codes and techniques (some of which have been discussed earlier). The main goal of this phase is to gain admin access over the network.

Maintaining Access

This is the last part of the 4-step model. Obviously, establishing admin access over the target isn’t enough. You have to maintain that access so you can conduct other attacks against the system and prove the existence of weaknesses. To accomplish this task, white hat hackers use backdoor programs and remote exploits.