What is Penetration Testing / Ethical Hacking?
The National Cyber Security Centre defines penetration testing as:
“A method for gaining assurance in the security of an IT system by attempting to breach some or all of that system’s security, using the same tools and techniques as an adversary might.”
Read more here
Brief history of Pentesting
Starting back in 1967, the US Department of Defense started testing for security vulnerabilities in computer systems. These were the first pentesters. From there, pentesting has evolved to what it is today.
Read more here
Pentesting Assessment Types
There are 3 main types of pentesting assessments that detail the amount of information shared with the pentester. These are black box, white box and grey box assessments.
Read more here
Types of Pentesting
This includes internal and external network testing, social engineering, physical testing, wireless testing and application testing.
Read more here
Types of Hackers
This includes hackers that have permission to test a system, those trying to crack a system to do harm and much more in between.
Read more here
Stages of a Pentest
There are 5 stages of a pentest – reconnaissance, scanning, vulnerability assessment exploitation and reporting.
Read more here
Areas of Pentesting
The top 6 areas of pentesting are networks, web applications, mobile applications, client side applications, wireless networks and social engineering.
Read more here