1-What is penetration testing?

Penetration testing is part of a comprehensive information security audit. During the audit, most organizational and technical measures to ensure information security are analysed. Security system settings are reviewed, the presence of vulnerabilities in devices, system and user software are revealed, and the system’s response to traditional tricks such as targeted phishing and sometimes physical access by unauthorized personnel is examined. These checks work together to discover weaknesses in an organization’s information security system.

2- Why should a penetration test be conducted?

The Penetration Test is primarily used to increase the level of protection of information assets. For example, the presence of outdated operating systems in a bank, application software, security tools, the use of standard or dictionary passwords, and the absence of restrictions between subnets of the local network provide information about the actual level of information protection.

3- What tools are used in penetration testing?

Many different operating systems and tools can be used in penetration testing, some of which are listed below…

– dnsenum

– dnsmap

– dnsrecon

– dnstracer

– dnswalk

– FindDomains

– HostMap

– Urlcrazy

– theHarvester

– Nmap

– OpenVAS

– Wireshark

– tcpdump

– Metasploit Framework (MSF)

– Kali Linux

– THC Hydra

– Cain and Abel

– Zed Application Proxy

– Intercepter NG……etc

4-What does the Penetration Test Report contain?

– The guide’s summary explains what can happen if found vulnerabilities are exploited.

– List of vulnerabilities identified by Common Vulnerability Scoring System (CVSS)

– List of compromised IPs and accounts – technical description of how the vulnerabilities can be exploited.

– Recommendations for remediating the vulnerabilities – list of software and hardware tools and actions required by the organization.

5-What are the requirements for an organization conducting Penetration Testing?

– First and foremost, the people performing penetration testing should be competent individuals in their field. This applies to organizations that will be performing penetration testing as well as employees of system integrators.

– Organizations can perform penetration testing on their own if they have the necessary tools and expertise. However, the regulations recommend mandatory participation of an external contractor to perform penetration testing.

6-What are the methods for penetration testing?

Some methods of Turkish and foreign standards are listed below:

– NIST SP800-115

– The PCI security standards (PCI DSS) 3.0

– PTES (Penetration Testing Execution Standard) technical regulation

7- How is a penetration test performed?

Penetration testing can be performed using the “White”, “Gray” or “Black” box method depending on the information provided by the client about the system being tested. Our firm usually performs gray box penetration testing in cases where the systems under test have incomplete information.

8-What are the phases of Penetration Testing?

The “zero phase” of testing is gathering information about the company’s information systems, operating systems, software, protocols, and network equipment.

The first phase is external testing of the company’s online public services. The list of resources, testing time and criticality of resources were discussed in advance. Then an internal test is performed. This involves modelling the actions of an external attacker (or an internal attacker with minimal privileges) who has already penetrated the company’s internal network. For example, in the case of a bank, remote access is performed from the contractor’s IP address to Central Bank on the bank’s network. The third stage is to manually review the security vulnerabilities and generate a report. Some critical vulnerabilities may be addressed during the company’s testing. If agreed with the client, the testing can also be done using social engineering methods.

9-What is the difference between penetration testing and vulnerability assessment?

Both techniques have the same goal of securing the software product, but they have different workflows. Penetration testing is a real-time review performed manually or using automation tools; the system and corresponding component are exposed to simulated malicious attacks to identify vulnerabilities.

10-How often should you perform a penetration test?

The field of information technology is very dynamic, software and hardware are constantly updated, remote services are connected, new employees arrive, the structure of the company changes. The results of the penetration test will not be valid over time, so they should be repeated through planning.