Penetration Testing

What is penetration testing?

Penetration testing is the evaluation of any computer system, whether it be a single device or a group of interconnected nodes, against any potential attacks from inside or outside, breaking the security.

Types of Penetration testing –

  • Password Attack (brute force, cain & abel, ophcrack)
  • Session management holes (cookiedigger)
  • Protocol and config management (SSL, Database, port scanning)
  • Info gathering (social engineering, phishing, fingerprinting)
  • Data validation and testing (cross site scripting, buffer overflow, SQL injection)
  • HTTP-Web monitoring
  • Denial of Service attacks
  • Web testing frameworks (w3af, websecurity)

 

(Post reference – The Open Web Application Security Project)

Advertisements