From Zero to your first Penetration Test
--
Are you looking to get into Penetration Testing, Ethical Hacking, or Red Teaming? If the answer is yes, then this article is definitely for you!
What is a Penetration Test?
A Penetration Test, or commonly named “Pentest”, is the process of evaluating the security weaknesses of an organization’s assets, using similar methodologies to the ones used by real attackers.
Penetration Test = Vulnerability Assessment?
The answer is clearly, NO!
A Pentest is not equal to a Vulnerability Assessment, and a lot of people tend to confuse the terms. From my experience, I have encountered clients that requested a Penetration Test, but in reality, they wanted a Vulnerability Assessment, or vice-versa. So, it is very important for you, as a Security Expert, to explain the differences between those two terms.
Vulnerability Assessment:
- Covers a decent amount of security issues
- Exposes low-hanging fruits and probably some risky issues
- The quality of results depends on the scanners used
- Automated around 90%, and manual work around 10%
Penetration Test:
- Covers most of the vulnerabilities
- Exposes issues ranging from low severity to critical ones
- The quality of results depends on the expertise of the pentesting team
- Automated around 10%, and manual work around 90%
Types of Pentests
There are various types of pentests, and you must get familiar with all of them, but it is recommended to choose one that you will excel into, and become very comfortable with.
Web Applications Penetration Testing:
- OWASP Top 10
- Business Logic Vulnerabilities
- Default/Weak Credentials
- API Testing
- WebSockets Testing
- Sensitive Information Exposure
- Tokens/Keys Security
- MFA/2FA/OTP Bypass
