In this guide, our experts here at Hackfile are going to show you budding penetration testers or curious readers how to perform a basic pen test. This guide is similar to the How to conduct penetration testing guide we have done.
The aim of this article is to provide a beginner with the knowledge they need to dive right into pen testing and information security in general, along with other questions and answers from within the industry.
So let’s not digress and jump right into it.
what is pen testing and why is it important to perform?
Before we begin delving into how to perform a penetration test, it’s important to first at least try to understand what it actually is.
Cyber attacks against U.S. and other manufacturing industries throughout the world increase on a yearly basis, this fact has been well documented over recent years. It’s now more important than ever to undertake continues scans and tests in order to ensure that everything on your network box is controlled and functioning as planned.
Penetration testing is a controlled attack with the primary intention of spotting flaws and weaknesses within a network or any associated devices. Companies who already have a well-implemented security policy may also benefit from a pen test in order to ensure their security is up-to-scratch as the side-effects of a real hack can be dire. Penetration testing, which is also referred to as ethical hacking focusing on varying different aspects of the network from external network security testing, to mobile application security testing.
The primary reason why penetration testing is so important is the prevention of data loss associated with a successful cyber-attack against your system or network, these attacks can be detrimental to a businesses operation. When a data breach is experienced, the time increase costs; so if it takes your employee or employees an abnormal amount of time to contain the attack, it could be adding up the cost. Not to mention any possible fines from no longer having compliance, depending on how sensitive the data breached was.
Another reason why pen testing is crucial is to detect previously unknown vulnerabilities on a network. Network security is vital and ensuring that exploits aren’t present on your infrastructure requires thorough testing, from web application testing to software testing. Real hackers are ready and willing to exploit them, so it’s imperative to ensure they don’t have the ability to, by performing a security audit.
What are the benefits of a pen test?
There are plenty of benefits to performing a pen test on your network, some of them are as follows:
- Assists in the identification of vulnerabilities that would remain undetected if not for a pen test
- Assists in identifying real-time threats within network systems and applications
- Can help to discover new threats which could be exploited by a possible hacker or intruder
- Test the effectiveness of web firewalls
- Test cyber-defence setup and capabilities of a businesses network
This list is not exhaustive, the benefits go on endlessly the bigger your organization is or becomes.
How does someone perform a penetration test?
Performing a pen test comes in phases, we delve further into this in a different blog post but this will be short and sweet for the beginners.
The following phases are important to a penetration test:
- Information gathering: Testers pre-arrange with the client the scope for performing the penetration test
- Recon: This phase will require the tester to collect as much intel about the target server as possible.
- Vulnerability identification: Identify and document any vulnerabilities that have been found.
- Exploit and Test: The fun part, this is where you exploit identified vulnerabilities and try to gain access to the server.
- Reporting: Comprehensive reporting is created and given to the client.
- Re-testing (if required): Re-testing the target server to ensure vulnerabilities are no longer there.
There’s much more towards each phase listed above, with some being easy and some being extremely challenging. We recommend researching these phases and learning them as best as you can.
How to perform a penetration test
With penetration testing being an important aspect to a business, it’s important for pen testers to be able to perform both manual testing and automated testing. Experienced professionals use a combination of both manual and automated using standard tools.
how to do an automated pen test?
Firstly, an automated pen test cannot completely automate the whole process and human intervention will be required at some point during the automated pen test. There have been plenty of testing tools pop-up on the web over the years and a lot have compared them against human pen testers. The truth is that while these tools are amazing and improving rapidly, there’s still a need for a human tester.
Most of the penetration testing steps that are typically undergone through a manual penetration test are completed by either an agent or VM, effectively a simulation of the laptop and/or attack proxy plugging into the network. The automated bot will then perform the required recon within its own environment the same way a human would scan for vulnerabilities. This is where the pen testing bot will establish their area within an environment and filter through their findings, a lot like a typical vulnerability scanner bot.
What we mean by typical vulnerability scan bot, it’s the fact that most scanners will list a series of potential vulnerabilities that have been found, but with no actual context as to their exploitability and just simply scores them, they also don’t cater to false positives in a way that humans can manually.
One of the best advantages of using a pen testing bot is you don’t need to wait days, or even weeks for a report that has been drafted up by a human pen-tester. With automation, there is continuous delivery which gives live results to the business wanting their network tested.
How to do a manual penetration test
The question is why would you want to perform a manual pen test? Especially when there’s automated options out there that does almost everything for you. The downfall of automated testing is that businesses may not be able to discover all of the vulnerability types that presently exist as they aren’t getting a live penetration test.
For example, if you’re struggling with authorisation issues they require manual testing and someone who is very skilled at what they do, the same also applies to business logic flaws.
Manual Pen testing step-by-step
Within cybersecurity, the techniques used within a manual pen test entirely depends on the project scope and what the businesses requirements are. Usually, the process is broken up into the following steps:
- Planning phase
- Discovery phase
- Attack phase
- Reporting phase
Pen test planning phase
The planning phase is straightforward, within this part of the process it is established what needs to be done and then the scope and strategy are then determined before the assignment is carried out. Things such as security policies and standards, as well as what can and cannot be attacked are usually outlined here.
Discovery phase of a pen test
Now comes the second phase of a manual pen test, the discovery process. This is usually classed as an important part of the process as without it, ethical hackers cannot go much further forward. Usually known as the reconnaissance phase, all that needs to be completed here is to gather as much information as possible about the system you’re planning to attack and any risks found. Once the information is collected such as relevant passwords etc, the scanning and probing part begins in which you are ready to perform a vulnerability assessment.
The attack phase is the attack phase, this is where all of the information gathered in the previous phase is then used and any identified vulnerabilities are then exploited and reported on. Any risk of a vulnerability left over also needs to be reported in case of future impact to the business.
It is now the penetration testers job to provide clear reports for the business before the project end date, in this report it is key to explaining what was discovered during the penetration tests and test execution as well as what exploits worked or didn’t work on the target machine.
What tools are used in manual penetration testing?
There are a wide variety of tools available from multiple sources that even complete beginners can use to feel like a real hacker and help with a penetration test. From vulnerability scanning and password cracking to other test tools. Some of the tools we have covered in a previous article showed the tools even expert professionals use to this day.
Typically most people will mention Metasploit or Kali linux here but not me.
One of the most important tools which is used for port scanning and even operating system detection is Nmap, which can also perform vulnerability assessments of all types. The next port of call is Nessus which is actually a common and traditional tool used in network vulnerability testing. Finally, there’s also Cain and Abel which is used for password recovery, wireless scanning and network sniffing, although WireShark is also a commonly used tool for network and data sniffing that allows specific tagging of packet data so you don’t have any data loss when hundreds of network packets are all coming in at once.
pen testing companies
Pen testing companies are popping up left, right and center these days but how do you know if a pen testing service provider is even good at what they do? This is a short list of some of the best penetration companies on a global scale:
- Indium Software
- BreachLock Inc
pen testing salary
According to data provided by PayScale from back in August of 2020 the average salary for a penetration tester within the United States sits firmly at $84,690 a year although, there are many factors that can affect the salary of professionals such as experience.
With the demand increasing for ethical hackers, it’s believed that this salary could even go up again by the end of 2021.
pen testing salary UK
Within the UK the starting salary for a junior pen tester is typically between £20,000 and £30,000 per annum. If a pen tester has enough experience, it can be expected to earn between £40,000 and £65,000 respectively, with it rising to onwards of £70,000 per annum for senior and team leader roles
how to become a pen tester
In this day and age, it isn’t too complicated to become a penetration tester. There are plenty of online courses available now for those who don’t wish to follow the university route to become a pen tester, with the right knowledge and a little bit of practical knowhow, it’s possible for anyone to become a penetration tester. We covered more about this topic in our how to become a pen tester yourself in 2021 article.
Pen testing is a wonderful process that can help uncover the truth behind systems security and whether they are truly as secure as you think. We hope that you have learned a little bit more about the process and the importance of testing
Connie has been working within the cyber security industry for almost 10 years now, specialising in penetration testing or more specifically web application pen testing. She believes that everyone online should have access to this information and strives to provide people with the knowledge they need to begin within the industry and for others to stay safe online.