Penetration Testing Miroslav Biňas (c) 2017 Introduction ● penetration test - is an authorized simulated attack on a computer system that looks for security weaknesses, potentially gaining access to the system's features and data ● also known as pen test www.cde.sk Types of Penetration Testing to Know ● internal testing ● external testing ● double-blind testing www.cde.sk Internal Testing ● goal - to simulate what would happen if a company's own employee attempted to carry out an attack from within ● many breaches occur from someone inside the company ● helps to identify weaknesses in second or third lines of defense (insider attack will bypass perimeter safeguards altogether) www.cde.sk External Testing ● probing application security as an external threat ● finding vulnerabilities in everything from firewall protection to domain name servers ● the most widely used form of penetration testing www.cde.sk Double-Blind Testing ● goal - to catch dev teams and IT staff by surprise ● in other types of penetration testing is everyone aware that the app's security is going to be probed, in this type only the bare minimum ● QA teams can determine how the organization and software will actually react in the event of a breach attempt www.cde.sk Automated Security Tools ● automated tools not fixing security vulnerabilities ○ effective in finding them ○ provide suggestions for fixing them ● many (non)free tools are available ● security Linux distributions - fully loaded od pen test tools ○ Kali Linux ○ Parrot Security OS ○ BackBox ○ BlackArch www.cde.sk Example of Automated Security Tools ● Nmap - port scanner ● Metasploit - vulnerability exploitation framework ● John the Ripper, Aircrack-ng - password cracker ● Kismet - packet sniffer ● sqlmap - detecting and exploiting SQL injection flaws tool www.cde.sk Questions? www.cde.sk.