Pentesting - Introduction

In the upcoming posts I’ll be writing about pentesting (Penetration testing or also known as a vulnerability assessment). We will be looking at the process that goes with a pentest. We will talk about vulnerabilities, exploits and reporting (pre- and post-exploitation). Hopefully I’m able to give you plenty of examples that will help you understand the process better.

Before we start I have to inform you that I’m not a certified pentester nor do I have any business experience regarding pentest. This is pure out of interest in this subject.

I’ll be sharing my personal knowledge and experience about pentesting. Also I’ll describe what I think is important before, during and after a pentest. In most posts (or video’s) people write how an exploit works or how to exploit a system. But before finding and exploiting a vulnerability you should already have performed a decent amount of research. Also reporting a vulnerability is a skill every pentester needs.

What can you expect in the upcoming blog posts? 1. Business Case: In this part we will talk about the moment where you and your client start talking about performing a pentest. What type of vulnerabilities tests are there? What type is best for you and your client? What are we testing? And what to do about the legal issues? 2. Information Gathering I think that the key to a good pentest is becoming an expert on the system you are attacking. You have to know the system better than the developer or system admin, or at least as close to this as possible. That is why understanding what you are dealing with is key to a pentest. 2. Vulnerability Assessment This is where stuff gets interesting. All the paperwork is done and now we get to do some fun stuff. How do we find vulnerabilities? What scanners can I use, and what should I do with all my scanning results? 3. Exploitation Of course after finding a vulnerability we need to exploit it. 4. Maintaining Access After we exploited a vulnerability we would like to maintain access for later research (further network/system penetration). In this part we will talk about the methodologies to maintain access to a system (backdoor, user-accounts, key logging). 5. Results: Of course this assessment has to have some useful results for your client. In this part we will look a couple of documents that show a customer in a good way what is wrong and how they can fix it.

Hope you enjoy the upcoming posts. Do you have any suggestions, tools, tips, documents or other stuff I can use? Just leave it in the comments.

Cheers, Ruben.