current position:Home>Penetration test: see how "moral hackers" conduct simulated attacks
Penetration test: see how "moral hackers" conduct simulated attacks
2022-02-03 00:41:22 【Code stay up late to knock】
Preface :
Penetration testing means that security professionals with the permission of the system owner , The process of simulating an attack on a network or computer system to evaluate its security . however , Even though it is “ simulation ” attack , But penetration testers will also use all the tools and technologies of attackers in the real world on the target system , It's just that they don't use the loopholes they find or the information they get for profit , Instead, report the results to the owner , To help it improve system security .
Because penetration testers follow the same attack strategy as malicious hackers , So they are sometimes called “ Moral hackers ” or “ White hat hacker ”. Penetration testing can be performed by teams or independent hackers , They may be internal employees of the target company , It may also work independently or for a security company that provides professional penetration testing services .
In a broad sense , Penetration testing works in exactly the same way as really trying to destroy organizational systems . The penetration tester first checks and identifies the hosts associated with the target organization 、 Port and network services . And then , They will study potential vulnerabilities in this attack surface , This step requires a deeper understanding of the target system 、 More detailed detection . Last , They will try to break through the boundaries of their targets and access protected data or control their systems .
Of course , The details of penetration testing and real-world attacks can be very different . But it should be noted that , The tester must agree in advance with the target organization on the exact type of test to be carried out and the scope of the simulated attack , In order to avoid uncontrollable damage to the user system .
Type of penetration test
Application security company Contrast Security The penetration test types are divided into the following categories :
External penetration test . In this way , The penetration test team will evaluate the target network infrastructure from a remote location , They don't have any information about the internal topology of the target network , Completely simulate the external attackers in the real network environment , Adopt popular attack technologies and tools , Organized 、 Gradually infiltrate and invade the target organization step by step , Reveal some known or unknown security vulnerabilities in the target network , And assess whether these vulnerabilities can be exploited to gain control or cause loss of business assets .
Internal penetration test . The team conducting internal testing will be able to learn all the internal and underlying knowledge about the target environment , Therefore, the penetration tester can find and verify the more serious security vulnerabilities in the system at the least cost . Internal tests revealed disgruntled employees 、 How do malicious contractors or cross-border super hackers invade the system .
Blind measurement (blind test). Blind test simulates the attack from the attacker “ real ” attack . The penetration tester will not receive any information about the organization's network or system , This forces them to rely on publicly available information or information collected by their own skills .
“ Double blind ” test (double-blind test). The double-blind test also simulates the real attack of the target organization , But in this type of test ,IT And security personnel are unaware of the fact that penetration testing is being carried out , To ensure the real security situation of the testing company .
Targeted testing . Targeted testing , Sometimes it's also called “ Light on test ”, Refers to the of penetration testers and target organizations IT People simulate in specific scenarios that focus on specific aspects of the network infrastructure “ Confrontation game ”. Targeted testing usually requires less time or effort than other options , However, it cannot provide a complete view of the system security situation .
Penetration test steps
Although different types of penetration tests have their own uniqueness , But the penetration test developed by industry experts implements the standard (PTES) Summarizes the seven main steps involved in most penetration testing scenarios :
Pre action negotiation : The scope and objectives of any penetration test should be determined in advance by the tester and the target organization , It is best to determine in writing .
Intelligence gathering : The tester should first scout the target to collect as much information as possible , This process may include gathering open source intelligence or publicly available information about the target organization .
Threat modeling : At this stage , Penetration testers should model the capabilities and motivations of potential real attackers , And try to determine which targets in the target organization may attract the attention of attackers .
Vulnerability analysis : When conducting formal penetration test , This may be the core of most people's thinking , That is, analyze whether there are security vulnerabilities in the infrastructure of the target organization that allow hackers to invade .
Exploit : At this stage , Penetration testers use the vulnerabilities they find to enter the target organization's system , And steal data . The goal of this step is not just to break through their borders , Instead, bypass active defense measures and stay undetected for as long as possible .
Post exploit : In this phase , The penetration tester will try to maintain control of the damaged system , And determine their value . For the relationship between penetration testers and their customers , This can be a particularly delicate stage . At this stage , Here's the important thing , The first stage “ Pre action negotiation ” Generate a well-defined set of basic rules , To protect customers and ensure that critical services are not adversely affected by testing .
The report : Last , The tester must provide the customer with a comprehensive and detailed report on risks and vulnerabilities . In the process , The communication skills needed to clearly convey this information are undoubtedly more important .
The world's leading penetration testing company
Penetration testing is a professional field in the technology industry , So far, integration has been resisted . let me put it another way , Many companies offer penetration testing services , Some of them are part of a larger product suite , Others specialize in ethical hacking . Let's introduce 5 A mainstream penetration testing company :
1. a1qa
a1qa Is a software testing company from Lakewood, Colorado , In its 17 In operation in , It has been delivered 1,500 Several successful projects and established 10 A center of excellence . It has been associated with 500 Many companies have established cooperation , From small businesses to wealth 500 Strong giant . The company's main customers include Adidas 、 Kaspersky Laboratory 、SAP、Yandex、Forex Club etc. .
a1qa Dedicated to the full cycle QA And test services , Including comprehensive safety penetration testing . Its expertise includes testing portals 、 Electronic Commerce 、 Media and e-learning platforms 、 Online applications such as games and online casinos , And line of business testing , for example CRM 、 Collaboration 、 Document management and financial system . The company also operates a special safety testing laboratory .
2. QA Mentor
2010 Founded in New York in QA Mentor Has successfully established a strong global influence , It has... All over the world 12 A test center . Its team consists of 300 A certified QA Composition of professionals , They succeeded in 870 Multiple projects , Including Amazon 、eBay、 Bosch 、HTC Projects such as . The company offers 30 Multiple testing services , This includes network security penetration testing .
QA Mentor stay Clutch、GoodFirms and Gartner And other research institutions , At present, they are all in the quadrant of industry leaders .
3. UnderDefense
UnderDefense Is a certified computer and network security company , On 2016 Founded in New York in . It provides a wide range of testing services , Special focus on safety penetration testing . The company has conducted hundreds of penetration tests , Include specific compliance tests 、 Application and wireless network penetration testing and social engineering security testing .UnderDefense I have been awarded many times Clutch The award for .
4. Iflexion
Iflexion Founded on 1999 year , Is a full cycle software development company . Now , The company has developed into a company with 850 A number of IT Professional enterprises . Its expertise covers a wide range of services from application development to testing .Iflexion Has worked with... From different industries 500 Many companies have established cooperation , Include PayPal、 philips 、 Adidas 、eBay、 Xerox 、Expedia、 KPMG et al .
5. KiwiQA
KiwiQA Founded on 2009 year , Is an international quality assurance and consulting company , Have more than 100 A team of professionals , It has been delivered 2,000 Multiple projects . Their software testing expertise covers Automation 、 Manual and innovative testing techniques . The company's security tests include ethical hacking 、 Network security penetration testing and vulnerability audit .KiwiQA By GoodFirms and Clutch named “ Top testing companies ”.
Penetration testing prospects
The fact proved that , Penetration testers are in great demand , And these jobs are not just in independent security companies , Large technology companies like Microsoft also have complete internal penetration testing teams .
From North Carolina State University IT The occupational sector survey found that , only 2020 Years have 16,000 There is a job gap . however , It should be noted that , The career trajectory of penetration testing and vulnerability analysts has many common skills , But vulnerability analysts focus on identifying security vulnerabilities in applications and systems during development or before deployment , Penetration testers detect active systems .
Like many highly demanding technical safety positions , Penetration testers can get a good salary .Infosec Institute A good overview of compensation and positions in various regions of the United States : Overall speaking , Most penetration testers expect a higher salary . This is obviously a job with great potential 、 Also very interesting work .
Penetration testing training and certification
The ethical hacking industry was founded by once unethical hackers , They are looking for a way to mainstream and legal ways , Let them use their skills to make money . As in many technical fields , The first generation of penetration testers were mainly self-taught . Although there are still people who develop skills in this way , But penetration testing has now become computer science or IT A common topic in college and online courses , Many hiring managers evaluate candidates , They will also want to have some formal training .
One of the best ways to prove that you've been developing penetration testing skills , Is to obtain some widely accepted certification in this field . The licensed training courses attached to these certificates are a good way to acquire or strengthen relevant skills :
EC-Council Certified Ethical hackers (CEH) And a licensed Penetration Tester (Master) (LPT);
IACRB Certified Penetration Tester (CPT)、 Certified Expert Penetration Tester (CEPT)、 Mobile and mobile authentication Web Application Penetration Tester (CMWAPT) And certified red team operations experts (CRTOP);
CompTIA Of PenTest+ ;
GIAC Penetration tester (GPEN) And vulnerability exploitation researchers and senior penetration testers (GXPN);
Offensive Security Certified experts 、 Wireless experts and senior penetration testers .
copyright notice
author[Code stay up late to knock],Please bring the original link to reprint, thank you.
https://en.fheadline.com/2022/02/202202030041205046.html
The sidebar is recommended
- Tencent's 9 apps are gradually restored and updated: including QQ music, enterprise wechat, etc
- Release of anti food waste work plan: it is forbidden to produce audio and video such as eating mostly and overeating
- [Jieju] many countries secretly help Taiwan build submarines? No one dares to admit it
- A fire in a building in Osaka, Japan, has caused 27 people's lung function to stop
- Pingdingshan youth help! Official latest response
- Why did Shanghai's "wanghong" community stop selling from "10000 people grabbing"?
- Gaode map Lane level navigation adaptation oppo find n folding screen mobile phone
- Rivian's share price fell more than 11% after announcing its first financial report
- Suddenly lost contact! What kind of "Waterloo" has Wang Chaoyong, a 10 billion PE boss, experienced
- Alpha's smart city project was merged into Google's project, and the founder and CEO resigned
guess what you like
-
See unreasonable pressure again! The US Treasury will list eight Chinese science and technology enterprises in the "investment blacklist"
-
Autonomous vehicles hit pedestrians! Waymo clarified that the driver was driving manually
-
Reddit submitted an IPO application with a valuation of more than US $15 billion
-
The biggest acquisition in Oracle's history! It is said that it plans to buy Senna for us $30 billion
-
According to the industry chain news, Samsung has obtained the OEM order of Italian French semiconductor MCU for the next generation iPhone
-
US regulators investigate "buy before pay" service providers
-
Sources said that Facebook's acquisition of kustomer was approved by the European Union
-
Google joins hands with well-known female video creators to send her blessings
-
Openai taught gpt-3 how to surf the Internet, and the AI model of "omniscient and omnipotent" was launched
-
Shangtang is expected to restart its IPO next Monday, maintaining its target of $767 million
Random recommended
- This company makes AI technology and focuses on "people"
- AI's prediction of protein structure has reached the annual technological breakthrough of science and nature, and AI for science has infinite potential
- The Institute of automation of the Chinese Academy of Sciences and the Northern Institute of electronic equipment have proposed a multi input text face synthesis method, and the data code has been open source
- PKS "tens of thousands" ecological cooperation action plan will be released in late December
- Netease Ding Lei: the discussion and continuous exploration of the unknown world is the best moral character of mankind
- Micro step online selected in Gartner 2021 Global Threat Intelligence Market Guide
- Foreign media said that Japan had invited TSMC to invest and build a factory in 2019, but it was rejected
- Make a fortune in silence! This year, the share prices of these overseas upstream manufacturers far outperformed Tesla
- Why does Tesla stick to the pure visual route?
- Just a happy day! U.S. stock technology giants fell across the board, and they still can't escape the tightening storm of the federal reserve after all?
- Oracle plans to acquire Cerner, an electronic medical information company
- Can the mobile phone be used for a week without charging? Samsung and IBM launch new chip transistor
- Douban's recovery function was restored. It was suspended two weeks ago
- Rivian announced its first financial report after listing: a net loss of $1.233 billion in the third quarter, expanding year-on-year
- Cha Yan Yuese apologized for the salary dispute: managers will reflect and correct their misconduct and dereliction of duty
- India plans to spend $10 billion to attract semiconductor and display manufacturers
- Hungry? Upgrade the knight support system and improve the knight experience from five dimensions
- New value of quark app link from retrieval to ecological service
- US court approves US $460 million debt restructuring plan of Ruixing coffee
- Where is the next boundary of cloud services? Amazon cloud technology has sent cloud services into space
- CEO of cruise, GM's autonomous driving subsidiary, resigned
- Tearful eyes! Liu Yutan, thank you for coming
- Bona film applies for the trademark of shuimenqiao of Changjin Lake
- Convenience bee is accused of secretly photographing hundreds of thousands of pedestrian data
- Wangsu technology won the "China Patent Excellence Award"
- Tea Yan Yuese is exposed to salary civil strife, and the monthly salary of employees does not exceed 3000
- The divorce of the couple who are the actual controllers of saiteng shares involves the division of property of 3 billion yuan. The enterprise investigation shows that the profit in the first three quarters exceeded 100 million yuan
- The board of directors of Lianhua electronics approved US $2.7 billion in capital expenditure for the purchase of new equipment
- There are more than 570 companies in chayan Yuese commercial territory
- Join hands with Zeiss and other partners vivo 2021 vision + to convey "the joy of humanity" with images
- Enterprise investigation shows that China Post has added education consulting services to its business scope
- Nezha automobile will hold "New Year's tide play" on December 22
- one's fundamental views get totally twisted! Shanghai Baoma group's highly sought after "Disney celebrities" are sad at home
- Fairy's Thoughts on Friday (in memory of 2021)
- Hard core watch 488 Google called the NSO Pegasus vulnerability "the most technically complex vulnerability ever"
- Hungry? The application for the trademark of hungry meow was rejected
- He is only one meter tall, but he guards the health of more than 2000 people
- Shell once again responded to the muddy water short report: there are a lot of factual errors and lack of basic understanding of the industry
- Hikvision "supports", and the smart home ecology of fluorite network still needs to grow
- The second Ruixing coffee? Is it tenable for muddy water to short shells