Selcouth Cyber Security Services Private Limited

Penetration Testing

Background

What is a Penetration Test?

A penetration test, also known as a pen test, is a simulated cyber attack against your computer system to check for exploitable vulnerabilities

Pen testing can involve the attempted breaching of any number of application systems, (e.g., application protocol interfaces (APIs), frontend/backend servers) to uncover vulnerabilities, such as unsanitized inputs that are susceptible to code injection attacks.


Penetration Testing Methods

External Testing

External penetration tests target the assets of a company that are visible on the internet, e.g. the web application itself, the company website, cloud integrations and services.

Internal Testing

In an internal test, a tester will assess  the assets of a company that are inside the company, e.g internal web portals, databases and middleware, wireless devices and internal network.


Types of Penetration Tests

Web Application & Mobile Application Penetration Testing

In a web application penetration test, we assess the resilience of the application by checking for remotely exploitable vulnerabilities, flaws in the application architecture, design and implementation, assessing the controls of  user access, privilege levels, development and delivery, and overall design of the applications. This allows for a complete threat profile of a web application’s environment.

These Penetration Tests are designed around the following well known security assessment guides such as:

  • OWASP Top 10 (Open Web Application Security Project)
  • Threat Modeling processes such as STRIDE
  • OWASP Mobile Security Testing Guide (MSTG)
  • OWASP API Security Project

Network Penetration Testing

In a network penetration test, the process includes identifying the targets, fingerprinting and reconnaissance, identification of vulnerabilities and lastly exploitation.

The exploitation of these vulnerabilities is based upon whether it was pre-emptively decided to be included in  the engagement. Limited exploitation is always taken care of, so as to not cause possible issues from such exploitation methods.

Automated Port Scanning and Exposure Identification

For large and very large networks, periodically scanning a large range of IP addresses, determine what ports are open, and attempt to identify the service running on those ports and their state of exploitability is a must. Conducting such automations allows bigger organizations to easily identify newly added assets, evaluate exposure towards known vulnerabilities and lead a step further towards cyber resiliency.


Approach to Penetration Testing

The White Box Approach

In white box approach, both the tester and the organization work together and keep each other appraised of their movements. This is a valuable training exercise that provides a security team with real-time feedback from a hacker’s point of view.

The Grey Box Approach

In a grey box approach, the organization works with the tester to understand the application’s workflow and relevant information and necessary accesses to test a variety of test cases. The tester is not divulged information of the underlining architecture and network.

The Black Box Approach

In a black box approach, the tester is only given the name of the enterprise that’s being targeted. This gives organization a real look into how an actual application assault would take place.