The 3 Types Of Penetration Testing And Where To Apply Them
The type of penetration test you want to carry out depends on the scope of your operation. The scope in turn depends on what level of intrusion you are trying to test your app, machine or software against. Sometimes, finding vulnerability in a particular system that holds client details is enough, so it is important when completing cyber security training, to know which penetration testing you might want to specialize in.
Here are the three types of penetrations tests that you should focus on in your ethical hacking training:
Denial Of Service (Dos)
Denial of service testing is the type of test in which the hacker attempts to find specific weaknesses in a system by using the target’s resources to a level that the software in question stops responding to legitimate requests. The testing can be done both by using automated tools and manually testing by different attacks. DoS can be specified into different types of attacks such as software exploits or attacks by flooding. When pentesting through by DoS, the decisions regarding it can be used to carry out an extensive testing exercise, which would depend on the relative importance of the processing activities, availability of information systems and continued availability.
Important types of DoS are listed below:
As said in the beginning description, these types of attacks involve overloading the systems resources to a level that they stop responding.
Similar to resource overload, this attack involves sending a large amount of data typically through network requests with the intention of flooding the target and making it unresponsive for some time. The test can be performed through Internet Control Message Protocol (ICMP). These are commonly known as “smurf” attacks. User Datagram Protocol (UDP) also known as “fraggle” attacks are also for the same purpose.
Half Open Syn Attack
This sort of attack involves opening numerous TCP connections on the test subject so the legitimate connections are blocked and don’t start.
These attacks attempt to crash the test subject by breaking the IP header standards. They are carried out by:
Oversized packets also known as the ping of death causes the packet header to appear much more full of data than it actually is.
Also known as the teardrop attack sends packets overlapped and fragmented which are under the required length.
Ip Source Address Spoofing
Also known as the land attack causes a system to create a TCP connection on its own.
Malformed Udp Packet Header
Also known as the UDP bomb where the UDP headers show an incorrect length.
Authorized Security Testing
With more businesses taking their dealings online, most businesses opt towards web-based applications to facilitate their clients and customers, however with companies providing access to partners inside the intranet, can produce new vulnerabilities. By this, the firewall, and other security monitoring systems can be compromised.
Application security testing is mainly used to evaluate the control over the applications. These include eon-line financial applications, electronic commerce servers, internet front to legacy system and distributed applications.
Topics that must be evaluated include the encryption of data in an app to protect the user’s data, user authentication process, and internet user’s session with the host app and cookie usage.
Some important components of application testing:
This process involves the analysis of every aspect of the application’s code to makes sure any infiltrator might not be able to have access to any sensitive information. For example, a password authentication app may contain names, taste comments and clear text passwords which will give a hacker a lot of information regarding the app.
This involves the testing of the systems which are responsible for maintenance and initiation of user sessions. It requires:
- The testing of login fields and their input validation. Bad characters or overlong inputs tend to produce results that are unpredictable.
- Cookie security as they can be stolen which can allow unauthorized users to use legitimate sessions.
- Lockout testing means testing of the timeout and intruder lockout parameters in the application to ensure legitimate session are not hijacked.
When you will opt for cyber security training, your training sessions will include your training with these three types of testing and their variants. With so many apps available today that hold sensitive data such as personal information and credit card numbers, organizations are looking for individuals that can help them secure this data and make them a legitimately trusted app.