Read 41 401 - jserpa-p/lisbon-ops-301n1_Reading GitHub Wiki

Reconnaissance

Penetration Testing

As a penetrator tester you aim to simulate an cyber attack against your computer system to check for exploitable vulnerabilities. Pen testing can involve the attempted breaching of any number of application systems to uncover vulnerabilities, such as unsanitized inputs that are susceptible to code injection attacks.

Penetration testing stages

  1. Planning and reconnaissance - In this initial stage, the penetration testing team collaborates with the client to define the objectives and scope of the test. They gather information about the target organization's systems and network architecture, using both passive and active techniques, to understand the potential attack surface.

  2. Scanning - During this phase, the testers use specialized tools to actively scan the target's systems and network for vulnerabilities. They identify open ports, services, and devices that could be potential entry points for attackers. There are 2 types of scanning: Static Analysis and Dynamic Analysis (The dynamic is more practical as it is done "live" and can catch real time events).

  3. Gaining Access - In this stage, the penetration testers attempt to exploit the identified vulnerabilities to gain unauthorized access to the target systems. By simulating real-world attacks, they demonstrate how a malicious hacker could breach the organization's defenses.

  4. Maintaining access - After gaining initial access, the testers try to maintain their foothold within the target's network. They may escalate privileges and move laterally to explore the extent of control they can obtain. This step mimics what attackers do to persist within a compromised system

  5. Analysis - The final stage involves analyzing the results of the penetration test and preparing a comprehensive report. The report includes details about the vulnerabilities found, the methods used to exploit them, and recommendations for strengthening the organization's security defenses.

Penetration testing and web application firewalls

Penetration testing helps discover a broader range of vulnerabilities, while web application firewalls provide an additional layer of protection by actively filtering and blocking malicious traffic. Together, they contribute to making web applications more robust and resistant to cyber threats.

Questions

How are the stages of a pen test very similar to those of the Cyber Kill Chain?

Both pen testing and the Cyber Kill Chain involve sequential stages in their respective contexts, but one is focused on improving security, while the other highlights the steps taken in a cyber attack.

Your manager has asked you to explain the benefits of a pentest to the company’s leadership. How would you lead this conversation?

A penetration test is a valuable investment in our company's security. It allows us to proactively identify and address vulnerabilities, reduce risk, comply with regulations, and build trust with our stakeholders. With cyber threats on the rise, a pentest is an essential tool for safeguarding our company's digital assets and reputation.