What is Penetrating Testing ?
|
Well! Its being an long time of 3 weeks when I have not posted an single article on my blog due to my final exams of B.tech ECE but now my exams are over and get ready to write as much I can in my holidays. So therefore, today I am going to tell you about Penetrating Testing and its types properly. Penetration Testing is the act of evaluating the Security of system or network by exploiting vulnerabilities or is a method of evaluating the security of a computer system/network by simulating an attack from malicious outsiders and malicious insiders etc.. This will determine whether unauthorized or malicious activity is possible in a system or not.
Why Penetration Testing only ?
- Penetration testing can identify the vulnerabilities that is not identified by an automated vulnerability scanners.
- Determining the feasibility of a particular set of attack vectors
- Determining the Critical Vulnerabilities .
- Testing the ability of network defenders to successfully detect and respond to the attacks
- Testing stability of the system against the DDOS attack and many more.
White Box vs.. Black Box
Penetration testing can be performed in different ways as given below. The methods can be classified into three types based on the knowledge about the System being tested.
White Box:
In white box testing, Pen Tester know everything about the system such as source code,network diagrams, IP addressing info.
Black Box:
Black box testing assumes no prior knowledge of the infrastructure to be tested. The testers must first determine the location and extent of the systems before commencing their analysis.
Web application penetration testing :
This testing will be used to find the following web application vulnerabilities:
- SQL Injection
- XSS(Cross site Scripting)
- DDOS
- Clickjacking
- Buffer overflow
Penetration Testing tools are used as part of a penetration test to automate certain tasks, improve testing efficiency, and discover issues that might be difficult to find using manual analysis techniques alone.
As a Penetration Tester, you will need lot of Penetration testing tools to test the Security of system. Searching ,downloading and installing the required software may take time. You can use a Penetration Testing Distribution instead.
What is Pen Testing Distribution?
Penetration Testing Distribution is an open source Operating System(Derived from Linux/BSD) that combines all required application for testing the security of system. It is specially developed for Security Professionals(Pen Testers/EthicalHackers/Forensic Officers... e.g.. Backtrack 5 Linux .
What is the advantage of Penetration Testing Distribution?
All Required application for security test are gathered in a single Operating system. You don't need to search for application, Save your time. Penetration Testing Distribution are open source and free to use. You can install in pen drive and bring it anywhere.
Thanks !
Join me on Google+
|
Respected Readers :-
|
E njoyed this post very much – So why not you Subscribe to our regular Email Updates ! and stay connected with us forever .
0 comments :
Have any question? Feel free to Ask Below
Your feedback is always Precious to us.
I will try to answer all the queries as soon as possible.
Regards
karan chauhan