steps of Penetration Testing: As we all know Penetration testing is a series of activities under taken to identify and exploit security vulnerabilities. It helps confirm the effectiveness or ineffectiveness of the security measures that have been implemented. This Article provides an overview of penetration testing. It's showing the steps of penetration testing and the strategies and the methodology of conducting penetration testing. The methodology of penetration testing includes three phases: test preparation, test and test analysis. The test phase involves the following steps: information gathering, vulnerability analysis, and vulnerability exploit.
What is the steps of Penetration Testing ?
Steps of Web Application Penetration Testing:
based on OWASP methodology.
- Introduction and Objectives
- Information Gathering
- Configuration and Deploy Management Testing
- Identity Management Testing
- Authentication Testing
- Authorization Testing
- Session Management Testing
- Data Validation Testing
- Error Handling
- Cryptography
- Business Logic Testing
- Client Side Testing
Steps of Network Penetration Testing:
- Information about the target system
- Scan target systems for services on offer
- Identify systems and applications
- Researching Vulnerabilities
- Exploiting vulnerabilities
Steps of Social Engeneering:
- Identify Target.
- Information Gathering.
- Developing Relationship.
- Exploitation.
- Execution.
Common Techniques of Social Engeneering
- Social Engineering by Phone
- Dumpster Diving
- On-line Social Engineering
- Persuasion
- Reverse Social Engineering
EmoticonEmoticon