{"id":2230,"date":"2019-12-18T09:32:38","date_gmt":"2019-12-18T07:32:38","guid":{"rendered":"https:\/\/10guards.com\/?p=2230"},"modified":"2022-06-12T10:15:57","modified_gmt":"2022-06-12T08:15:57","slug":"pentest-under-the-white-hood","status":"publish","type":"post","link":"https:\/\/10guards.com\/it\/blog\/2019\/12\/18\/pentest-under-the-white-hood\/","title":{"rendered":"Pentest: Under The White Hood"},"content":{"rendered":"

Ci spiace, ma questo articolo \u00e8 disponibile soltanto in en<\/a>, ru<\/a> e ua<\/a>.<\/p>

Since the service of penetration testing has emerged, clients got used to naming it a different way such as pen test, pentest or even paintest. A penetration testing is a simulation of a real cyberattack in certain conditions, provided below. The target is to find a way to access the company\u2019s or person\u2019s assets (funds, critical data, etc.)<\/p>\n

The key difference between a penetration test and a real hacker attack is restrictions.<\/p>\n

Law. All activities are approved and permitted by the client. Black hat hackers do not ask for any permissions.<\/p>\n

Time. Black hat hackers are not pressed for time, they can follow the \u201cvictim\u201d for years, finding the so-called security holes, vulnerabilities in systems they use, sending bunches of phishing messages. White hat or ethical hackers stick to deadlines, with time limits up to a couple of weeks.<\/p>\n

Budget. Black hat hackers may invest heavily in different tools, notorious cyber weapons, including exploits (0-day, malicious viruses, available on black markets). Ethical hackers are acting within the clients\u2019 budgets.<\/p>\n

Penetration depth. Black hat hackers feel free to target any systems, which they are able to breach. Ethical hackers honor the contracts, namely, they target the systems enlisted by the client.<\/p>\n

\"\"<\/span><\/p>\n

To compensate for limitations ethical hackers are granted some \u201cbenefits\u201d:<\/p>\n

The total amount of information available and the client\u2019s involvement. In terms of penetration testing, it is known as a white, gray, and black box. The white box is a method where a penetration tester has full knowledge of infrastructure, processes, systems (even source code review) being attacked and the client staff is aware of testing. The black box is a method when a penetration tester has no knowledge or a low level of knowledge about systems being attacked (organization name, website, etc.) Besides, only certain people among the client\u2019s staff are aware of a penetration test, commonly top managers.<\/p>\n

Over time, classical penetration testing has no longer satisfied clients \u2013 ethical hackers would discover one or a range of vulnerabilities, got the required access, and completed the project. Clients wanted ethical hackers to find as many vulnerabilities as possible or even all of them. So, a new service appeared \u2013 a cybersecurity audit, often miscalled a penetration test, but in fact, penetrationS<\/strong> test would be correct.<\/p>\n

As crowdsourcing became popular, bug bounty programs emerged all over the world, where: clients \u2013 large companies, contractors \u2013 ethical hackers. Idea \u2013 a client places a bid for testing a company or a product, including limitations and rewards for vulnerabilities found (depending on severity level), an ethical hacker looks for vulnerabilities and gets a reward, if successful. There is also another kind of bug bounty \u2013 bug bash, a time-limited event as a part of a large conference. But there are disadvantages:<\/p>\n

A hacker is not always motivated to disclose the vulnerability to the product owner, as he can sell it for a better price on the darknet or to organizations that use vulnerabilities to create cyberweapons. There are companies selling vulnerabilities to intelligence agencies, such as French Vupen, Italian Hacking Team, Israeli Celebrite, etc.<\/p>\n

Product developers can conspire with bug hunters to intentionally leave security holes in the product, easily \u201cfound\u201d by the right hacker, and then they share rewards\u2026<\/p>\n

\u2013 Is it possible to make penetration testing cheaper? Can\u2019t you just scan our resources automatically for vulnerabilities and give us a report?<\/p>\n

\u2013 Yes, we can!<\/p>\n

So, a vulnerability scanning service emerged, which is often provided as penetration testing, being just a small part of it.<\/p>\n

Finally, what is penetration testing and how is it performed?<\/p>\n

Reconnaissance. A passive part \u2013 information search from open sources (OSINT), which is invisible to the client. An active part \u2013 using specialized tools for scanning the client\u2019s resources, that can be detected by intrusion detection systems.<\/p>\n

Analysis of data received from the previous stage and planning future attack scenarios.<\/p>\n

Attempting attacks planned at the previous stage. Attacks are held under restrictions and supervised by the client to avoid critical system’s service interruption.<\/p>\n

Penetration testing results are provided as a multi-layered report, including information both for business and technical minds. A perfect penetration testing practice means assessment of applications business logic and vulnerabilities\u2019 impact on a company\u2019s business processes.<\/p>\n

Penetration testing may cover a full range of technologies \u2013 network, web, mobile, desktop applications, IoT, operating technologies (OT, ICS, SCADA), etc. Hacking may also include internal penetration testing (when an attacker is present inside the organization\u2019s network), social engineering as well as physical intrusion using technology (ID card cloning, etc.), and sometimes bypassing mechanical door locks (lock picking).<\/p>\n

Penetration testing market is growing and expected to reach $3.2 billion by 2023 due to the increase of connected devices worldwide, web and cloud-based business applications, the growing need for IoT and BYOD security.<\/p>\n

 <\/p>\n

\"\"<\/span><\/p>","protected":false},"excerpt":{"rendered":"

Ci spiace, ma questo articolo \u00e8 disponibile soltanto in en, ru e ua.Since the service of penetration testing has emerged, clients got used to naming it a different way such as pen test, pentest or even paintest. A penetration testing is a simulation of a real cyberattack in certain conditions, provided below. The target is […]<\/p>\n","protected":false},"author":7,"featured_media":2229,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[7],"tags":[],"class_list":["post-2230","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-articles"],"aioseo_notices":[],"jetpack_featured_media_url":"https:\/\/10guards.com\/wp-content\/uploads\/pentest-illustrations_DDoS-2-\u043a\u043e\u043f\u0438\u044f.png","_links":{"self":[{"href":"https:\/\/10guards.com\/it\/wp-json\/wp\/v2\/posts\/2230","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/10guards.com\/it\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/10guards.com\/it\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/10guards.com\/it\/wp-json\/wp\/v2\/users\/7"}],"replies":[{"embeddable":true,"href":"https:\/\/10guards.com\/it\/wp-json\/wp\/v2\/comments?post=2230"}],"version-history":[{"count":62,"href":"https:\/\/10guards.com\/it\/wp-json\/wp\/v2\/posts\/2230\/revisions"}],"predecessor-version":[{"id":4140,"href":"https:\/\/10guards.com\/it\/wp-json\/wp\/v2\/posts\/2230\/revisions\/4140"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/10guards.com\/it\/wp-json\/wp\/v2\/media\/2229"}],"wp:attachment":[{"href":"https:\/\/10guards.com\/it\/wp-json\/wp\/v2\/media?parent=2230"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/10guards.com\/it\/wp-json\/wp\/v2\/categories?post=2230"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/10guards.com\/it\/wp-json\/wp\/v2\/tags?post=2230"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}