Penetration Testing Methods
1)
Internal testing
In this case, a tester simulates attacks by a ‘malicious insider.’ In this case,
the tester has access to the application as they can get behind the system's
firewall.
2)
External testing
Pen testers during an external testing target all company assets that can be
accessed on the internet. The goal of external testing is to access either
company domain name servers or company email to try and extract data
from these targets.
3)
Blind testing
In blind-testing, the tester is only presented with a company name. the tester
then has to act like a real hacker and try to maneuver their way into the
system. Organizations use this method to study real-time hacker activities.
4)
Double-blind testing
In this case, both the tester and the security personal goes in blind. The
tester only has a name to work with. The security personnel is also not
informed prior to the attack. The main aim is to study how fast the security
personnel will respond to an attack.
5)
Targeting testin g
In this case, the testers work hand in hand with the security personnel. the
testers update the security team of any movements they make within the
system so that the security tea, can counter with a secure move.
Penetration Testing Methodologies
1. Black-box penetration testing
In black-box testing, the pen tester in given no source code or any vital
information on the system. the tester lacks prior knowledge of the system,
and the testing relies entirely on their analysis of the systems and any
currently running programs. Testers have to utilize all available scanning
tools to try and identify any vulnerabilities. Black-box testing has proven to
be inefficient as testers ay end up not detecting any vulnerabilities for
failing to breach the security system.
2. Gray-box penetration testing
A grey-box tester, on the other hand, has some level of knowledge on the
network’s internal system. Gray-box testers are well-informed of the
systems architecture and documentation. A grey-box tester only has to
focus on systems that pose the greatest risk. Pen testers have to prioritize on
high-risk systems, instead of wasting time trying to understand the
information first.
3. White-box penetration testing
White-box testing is also known as open-box or auxiliary testing. Much like
gray-box testing, pen testers are provided with full information on the
system and any architectural documents. In this method, testers conduct
static code analysis as well as dynamic analysis. White-box penetration
allows testers to conduct both internal and external assessment of the
system. By combining both static and dynamic analysis, pen testers ensure
that they do not miss any vulnerable entry points that hackers can maneuver
their way into. white-box penetration is a more integrated target method as
it involves pen testers working together with developers to identify and fix
all vulnerabilities.
❖
Speed, Efficiency, and Coverage
Black-box testing is the fastest method in penetration testing when
compared to gray-box and white-box testing. One shortcoming with black-
box testing, however, is on the fact that testers have limited access to any
information pertaining to the system. the limited information lowers the
efficiency of the methodology as testers may end up missing some of the
essential vulnerabilities. Pen testers using black-box testing are bound to
miss some vulnerabilities as they have little to no information on high-risk
targets within the system.
Gray-box testing, on the other hand, provides wider coverage though slower
compared to black-box testing. When using gray-box testing, testers are
provided with substantial information on the system and its documentation.
With this information, testers can efficiently cover a wide area and
effectively analyze all potential vulnerabilities. Testers using gray-box can
effectively gain internal access to the network and identify all vulnerable
targets.
The most effective methodology is white-box penetration testing. White-
box testing is more sophisticated compared to gray-box testing and thus
much slower than the other two methodologies. The comprehensive data
that testers are presented with take time to analyze and understand, and thus
the penetration test itself will take longer with this method
Engagement and Accuracy
Out of the three methodologies, black-box testing is a more real-life method
as it emulates a real-life hacker. Much like hackers, testers using black-box
testing have no information on any architectural documentation. Black-box
testing is more of a blind testing method as testers have no prior knowledge
of the system. white-box and gray-box methodologies were specifically
designed to reduce engagement time for testers. Allowing testers access to
crucial documentation means they will know the areas to target. With
white-box testing, however, testers are still at risk of missing some
vulnerabilities as they have access to all the information. Testers may end
up overlooking crucial areas and missing vulnerabilities entirely. Gray-box
testing is more of a break-even point for the three methodologies. While
black-box testing offers no information, white-box testing offers testers all
crucial data. Gray-box testing, however, allows testers only limited access
to the system's data, simulating the period a hacker would take studying
their systems.
|
