Penetration testing, or often abbreviated to pentest, is a term used when someone is doing security testing of a system, application, or network usually can also be said as an activity where someone tries to simulate an attack that can be done against a particular organization / company network to find weaknesses that exist on the network system. The person who carries out this activity is called a penetration tester (abbreviated as pentester). Penetration Testing has official standards as a reference in its implementation.   

This testing activity is carried out to determine whether the security contained in the system or application has a gap so that it can be fixed immediately by patching or patching. This is done so that the security contained in a system or application being tested becomes stronger. In addition to testing, pentest services also document the level of security of the system or application to be tested for subsequent reports or reports to the company / customer.

Before conducting penetration testing, there will usually be a contract between the auditor / pentester and the company that wants the application or system to be tested. This in the context of law is a legal activity because a contract between the two parties has previously occurred.

arget general to perform penetration testing

  • Services that use internet connections (websites, VPN endpoints, e-mail infrastructure, extranets, etc.).
  • Internal systems or services that are on the network ( Active Directory Exchange , etc.). 
  • Ap likasi mobile (IOS and Android) web, and desktop.
  • Internal network.
  • Employee.

Why is pentest needed? Penetration tests are carried out to identify whether an application, computer system, or network has a security weakness. If a vulnerability is found and can be proven with some risk analysis, then you will have time to be able to fix the system before someone who is not responsible takes the opportunity of the vulnerability found. With a good security system, sensitive company data can be protected so that the company can avoid a number of losses.  

For example, it can be said that large companies that store sensitive data (such as banks) certainly do not want their networks to be broken by irresponsible people who can then take control of the network and cause huge losses. For this reason the company invested funds to strengthen its network system. One of the most effective methods is to do the pentest . By doing pentest , existing security gaps can be identified and thus can be corrected as soon as possible. A pentester simulates an attack that can be carried out, explains the risks that can occur, and make improvements to the system without damaging the company’s network infrastructure .       

What are the advantages of pentest?
The penetration testing technique has several advantages, including:


  • Can be done quickly with a little time so the price is cheap
  • The skills needed to perform pentest testing techniques are relatively lower when compared to testing techniques using source code checking
  • Direct testing is performed on the code used (exposed)

What method is used in conducting the pentest?

In conducting pentest there are 3 methods that can be used, including:

Black Box Testing

It is a test carried out based on application details, such as application appearance, functions contained in the application, as well as adjusting the flow of functions in the application to the business desired by the customer. This test is carried out without looking and testing the source code of the program in the application.

White Box Testing

It is a test carried out based on detailed procedures and the logic flow of a program code. In this method, the tester will look at the whole source code of a program to find bugs from the program code.

Gray Box Testing

It is a testing method derived from a combination of Black Box and White Box. Where the pentester tests the application based on specifications but uses how it works from within the application aka the source code program.

What are the steps involved in conducting penetration testing? 

Usually must use international penetration testing standards as a reference for the implementation of testing, including:

 1. Reconnaissance 

That is the stage where the pentester will collect initial data or some things needed for the client. After the data is collected, the pentester will be able to easily plan attacks better. This surveillance can be done in two ways , namely actively (directly touching the specified target) and passively (surveillance is done through an intermediary).

 2. Scanning 

At this stage an application is needed as a technical tool to collect various advanced data on the targets that we have set. At this stage the data sought is more general, namely regarding the system they have.

  3. Gaining Access 

In this phase, the pentester needs to gain access to take control of one or more network devices to further extract data from the target, to then use the device to launch attacks on other targets.

  4. Maintaining Access 

That is the stage where the pentester will make some of the steps needed to remain in the target environment with the aim of collecting as much data as possible. In this phase, the attacker must remain in a state of silence so that it cannot be caught while using the host environment.

  5. Covering Tracks 

That is the final stage where the pentester will cover the track thereby forcing the attacker to take the steps needed to clear all resemblance when it is detected. Any changes that have been made, increased authorization and more. Everything must be returned in a state of non-recognition (not recognized) by a host network administrator.

Other stages of Penetration Testing

Penetration Testing has a standard (PTES) that is used as a reference in its implementation which is divided into several stages: 

  •  Pre-engagement Interactions

The stage where a pentester explains pentest activities that will be carried out to the client (company). Here a pentester must be able to explain the activities to be carried out and the final objectives to be achieved.        

  •  Intelligence Gathering

The stage where a pentester tries to gather as much information about the target company that can be obtained by various methods and various media. Things that need to be used as a basis for gathering information are: the characteristics of network systems, the workings of network systems, and the methods of attack that can be used.  

  • Threat Modeling

The stage where a pentester looks for vulnerabilities based on information gathered in the previous stage. At this stage a pentester not only seeks security holes, but also determines the most effective loopholes to use.    

  • Vulnerability Analysis

The stage where a pentester combines information about an existing security hole with an attack method that can be carried out to carry out the most effective attack.  

  • Exploitation

The stage where a pentester attacks the target. However this stage is mostly done by brute force method without having the element of precision. A pente ster only professionals will perform exploitation when she knows for sure if the attack carried out will be successful or not. But of course there are unexpected possibilities in the target security system.        

However, before carrying out an attack, the pentester must know that the target has a security hole that can be used. Carrying out attacks blindly and hoping for success is not a productive method. A professional pentester always perfects his analysis first before carrying out an effective attack.     

  • Post Exploitation

The stage where a pentester manages to enter the target network system and then analyzes the existing infrastructure. At this stage a pentester studies the parts in the system and determines the most critical part for the target (company). Here a pentester must be able to connect all parts of the existing system to explain the impact of the greatest attack / loss that can occur on the target (company).        

  • Reporting

Reporting is the most important part in pentest activities . A pentester uses a report (report) to explain to the company about the pentesting done such as : what is done, how to do it, the risks that can occur and most importantly is a way to improve the system.        

Penetration Testing Type 

There are two types of pentest types , namely : overt and covert Overt pentest is done with the knowledge of the company. Covert pentest is done without the knowledge of the company. Both types of pentest have strengths and weaknesses with each other.           

  •   Overt Penetration Testing

At overt pentest , a pentester works together with the company’s IT team to look for as many security holes as possible. One of the advantages is the pentester knows the network system information in detail and can carry out attacks without worrying about being blocked. One disadvantage is not being able to test the response of the company’s IT team in the event of an actual attack. When the amount of time in pentest activities is limited, it is more effective to use the overt type .        

  •   Covert Penetration Testing

In the covert pentest , a pentester carries out pentest activities without the knowledge of the company. This means that this test is used to test the response of the company’s IT team in the event of an actual attack. Covert tests require more time and greater skill than overt tests . Most professional pentesters recommend covert tests rather than overt tests because they actually simulate an attack that can occur. In the covert test , a pentester will not try to find as many security holes as possible, but will only find the easiest way to get into the system, without being detected.                   

Well, that’s about pentesting activities . With the development of technology, the security element becomes an important point that must be considered. The more sensitive the data owned by the company, then it will be stronger also a security system that should be used. If anyone is interested in becoming a pentester , then networking and programming technical skills are needed. In addition we must have a strong analysis to be able to look for system weaknesses. Maybe it looks very difficult to be a pentester , but like the famous quote : ” no pain no gain ”          

The scope of the pentest audit is according to levels :

Level 1: General Vulnerability Scanning

At this level we collect as much information as possible, identify all possible weaknesses and verify those weaknesses. At this level we will provide important weaknesses that are found during the assessment process but not to the stage of penetration. This level is suitable for customers who have a need only to check security globally and repeatedly / routinely.  

Level 1 audit has the following stages of work :

  1.  Footprinting, looking for as much information as possible about the target
  2.  Port scanning
  3.  Service identification and enumeration
  4.  Vulnerability scanning
  5.  Comprehensive report on the details obtained from these stages

Level 2: Penetration Testing

This audit includes all stages at level 1 plus several more processes. From the results obtained from level 1 audit, we will penetrate to prove that the weakness is valid and we provide PoC (Proof of Concept). The advantage of a level 2 audit is that customers will get more detailed and realistic security information.

Level 2 audits have the following scope :

  1.  Footprinting, looking for as much information as possible about the target
  2.  Port scanning
  3.  Service identification and enumeration
  4.  Vulnerability scanning
  5.  Penetration Testing
    •   Vulnerability exploitation
    •   CVSS Scoring (calculation of the level of risk resulting from the weaknesses obtained)
  6.  Comprehensive report on the details obtained from these stages

Level 3: Full Penetration Testing

This audit covers all the stages at level 2 plus a few more processes in the penetration testing section. From the results obtained from the level 2 audit, a further exploitation process will be carried out. The advantage of a level 3 audit is that it can help validate your company’s security policy.

Level 2 audits have the following scope :

  1.  Footprinting, looking for as much information as possible about the target
  2.  Port scanning
  3.  Service identification and enumeration
  4.  Vulnerability scanning
  5.  Penetration Testing
    • Vulnerability exploitation
    • Brute forcing
    • Password cracking
    • Privilege escalation
    • Gaining root
    • CVSS Scoring
  6. Comprehensive report on the detais obtained from these stages

Penetration Testing Vectors

The security vector variants to be tested at the time of penetration are:

  1.  Business logic
  2.  SQL injection
  3.  XSS
  4.  File Inclusion
  5.  File upload
  6.  Directory Traversal
  7.  Access database found
  8.  Access Admin Page found
  9.  Apache exploit
  10.  Application Error Message
  11.  File Manager Script Exploit
  12.  Code Execution
  13.  Clickjacking
  14.  CSRF Information Disclosure
  15.  Tampering file
  16.  Weak Password
  17.  Host Header Attack
  18.  Git Repository Found
  19.  LDAP Injection
  20.  PHPinfo Page Found
  21.  Data Backup Found

0/5 (0 Reviews)


Please enter your comment!
Please enter your name here