Penetration Testing

Penetration Testing Introduction

A penetration test is sometimes referred to as a pen test. It is a cyberattack that is simulated against your PC system to see if there are any exploitable vulnerabilities. In web application security, a pen test is usually used to increase a WAF (web application firewall).

Penetration testing sometimes involves an attempted breaching of several application systems such as frontend/backend servers and application protocol interfaces (APIs) to check for susceptibilities; for instance, unsensitized inputs which are at risk of code injection attacks. The insights that a penetration test provides can be helpful in patching the detected vulnerabilities and enhancing your WAF security policies.

The process of pen testing can be divided into five stages: Planning and Reconnaissance determines the scope and goals of the test are defined, including the method of testing to be used and the systems that should be addressed. Intelligence is gathered (e.g. domain names, network, mail server) to help understand a target better and any potential vulnerabilities. The second step involves understanding how a target application will behave when different intrusion attempts are made.

This is achieved using: Static analysis: an application’s code is inspected to make a rough guess on its behavior when it is running. The tools can entirely scan a code in one pass. Dynamic analysis: the application’s code is inspected in a running state. This method of scanning is more practical, since it gives a real-time view of how an application performs.

Gaining Access, such as web application attacks such as backdoors, SQL injection and cross-site scripting are used to unravel the vulnerabilities of the target. Testers try exploiting these susceptibilities, usually by stealing data, escalating privileges, intercepting traffic, and other actions to understand how much damage they can cause.

Maintaining access aims at seeing whether the susceptibility can be used to maintain a presence in the target—and maybe give the bad actor enough time to access in-depth data. The idea here is to imitate advanced threats that are persistent; they stay in a system for a long time, so they can access an organization’s sensitive data. The findings of the penetration test are made into a report detailing:

The uncovered vulnerabilities

Any sensitive data that the bad actor accessed

The length of time that the tester managed to remain in the system without being detected.

The security personnel analyse this information to help them configure the WAF settings of an enterprise and apply any other security solutions in order to patch the uncovered susceptibilities and prevent any future attacks. External pen tests are carried out on the company’s assets that can be seen on the internet such as company website, web application, email, etc.

An internal test simulates an attack by a malevolent insider. The only information the tester is given is the enterprise’s name is called Blind Testing. The security personnel will, then, see how an actual attack would play out. Double Blind Testing, the security personnel are not notified of the attack. In Targeted Testing, the security personnel and the tester work together, notifying each other on their movements. 

What Is Social Engineering?

Manipulating someone so they can reveal confidential information is what is referred to as social engineering. The perpetrators could be seeking any kind of information, but they mostly go for login credentials and bank information.

How a Social Engineering Attack Looks Like

Email from a Friend

A criminal can socially engineer or hack one person’s email password and gain access to their contact list and probably their social networking contacts. The attacker then sends out an email to the victim’s contacts or posts a message on their social media page. 

These messages usually:

Contain a link: thinking that the email is coming from a friend, you may not think twice about clicking on it. When you do this, the criminal can gain control of your computer by installing malicious software.

Contain a download: it could be a picture, document or video with a virus embedded. 

Email from Another Trusted Party

A phishing attack is a type of a social engineering attack. It imitates a trusted party and manipulates you with a logical reason to give up sensitive data or your login credentials. These messages use a compelling pretext or story to:

Ask for help urgently: they tell a sob story and ask for some money.

Make a phishing attempt: you may receive an email or message that seems to come from your bank or another legitimate source. Ask for a donation for a charitable fundraiser: they take advantage of your kindness and generosity. Ask you to verify your credentials: they include a link that directs you to a fake site that looks real.

Tell you that you are the winner of some lottery or something similar: they ask for personal financial information so they can “send” you the money. Pose as your coworker or boss: they may ask you to give them an update on some project then ask for confidential information.

Baiting Scenarios

These schemes are aware of the things that people want and they use those as bait. They are packaged as amazing deals (and there is usually a good rating to show you that the seller is trustworthy). Taking this bait may see you lose control over your computer or worse, lose all the money in your bank account.

Response to a Query You Never Asked

The attacker may pretend to have a solution to a question that you asked. They usually pose as companies used by millions of people. They send this message to as many people as possible. Those that do not use the services of that company will ignore the message but those that are customers are likely to take the bait. This type of social engineering attack is carried out by criminals who are out to wreak havoc. They hack the victim’s account (most likely a social media account) and cause drama.

Do Not Be a Victim

Tips to Remember

Slow down even when the message seems urgent.

Research the facts.

Do not follow the link. Use a search engine to look for the real site.

Email hijacking is common.

Avoid suspicious downloads.

Foreigners’ offers are not real.

How to Protect Yourself

Delete requests asking for passwords and financial information.

Ignore requests for help.

Spam filters should be set to high.

Secure your electronic devices.

Leave a Reply