Author Topic: Penetration Testing Process  (Read 1641 times)

janiali

  • Administrator
  • Newbie
  • *****
  • Posts: 10
    • View Profile
Penetration Testing Process
« on: January 29, 2024, 04:51:45 PM »
Penetration testing involves the following five stages:

Plan – start by defining the aim and scope of a test. To better understand the target, you should collect intelligence about how it functions and any possible weaknesses.

Scan – use static or dynamic analysis to scan the network. This informs pentesters how the application responds to various threats.

Gain access – locate vulnerabilities in the target application using pentesting strategies such as cross-site scripting and SQL injection.

Maintain access – check the ability of a cybercriminal to maintain a persistent presence through an exploited vulnerability or to gain deeper access.

Analyse – assess the outcome of the penetration test with a report detailing the exploited vulnerabilities, the sensitive data accessed, and how long it took the system to respond to the pentester’s infiltration.