In a recent Market Report on Penetration Testing, it was revealed that the next 7 years will see real growth in this area. CRIBB Cyber Security’s Patrick Carolan is one person who has been talking about Pen Testing in this manner, pointing out that it is definitely one to look out for. With the release of said report, we felt it was high time to sit down with Patrick for a deeper look…
Patrick, what is penetration testing?
Pen testing, sometimes referred to as ‘ethical hacking’, is the practice of testing for security vulnerabilities that could be used to exploit a computer system, network or web application. It is essentially an authorised, simulated attack designed to identify key areas of weakness within a system which can then be improved.
How is penetration testing carried out?
You can use software applications to automate testing or it can be performed manually. Penetration Testing has different formats depending upon your requirements, be they internal, external office infrastructures or website or software applications.
What types of test are there?
CRIBB Cyber Security has access to some very talented test consultants who can offer an absolute wealth of pen testing solutions, including assessment services, compliance, risk and audit plus also computer forensics and incident response.
What are the most common types of Pen tests?
I’d say there were four: Internal, external / perimeter, software and web applications. Internal and external are fairly self-explanatory I think, and include hardware and Wi-Fi, whilst software and web apps are also pretty straightforward terms.
How long does a typical penetration test take to complete?
I’d say that typically they will last for a minimum of 3 days.
What are the most common tools used to carry out Penetration tests?
Kali Linux, Metasploit, Nmap, THC Hydra, Nessus and Wire Shark.
Why do we need penetration testing?
I would recommend regular testing for many reasons; you need to develop robust controls for instance, and for that you need to know exactly what hardware and software weaknesses you have. You also need to know the same of your people, and when you do have those controls in place it provides assurance across the entire organisation. Speaking of people, it is people who build applications and human error is something that regularly proves to be a challenge no matter what best practices are adopted. Applications are often targeted and so testing them regularly is important.
Kali Linux – Aimed at advanced Penetration Testing and Security Auditing, this contains several hundred forensic and hacking tools that are designed to perform information security tasks such as Penetration Testing, Computer Forensics, Security research and Reverse Engineering
Metasploit – An essential tool for many attackers and defenders, Metasploit is a free penetration testing framework that simplifies hacking
Nmap – At heart an open-source port-scan tool, Nmap is free and used by Network administrators for vulnerability scanning and network discovery. Essentially, it can identify devices running on systems, find available hosts and the services they offer, discover open ports and detect security risks
THC Hydra – A brute force, pen testing ‘password cracking’ tool. Essentially, Hydra sends a relentless number of passwords at a login to try to gain access
Nessus – A proprietary vulnerability scanner, Nessus scans a computer and raises an alert upon the discovery of any vulnerabilities which could be exploited by hackers
Wireshark – A free network protocol analyser that is ideal for security professionals and systems administrators. Wireshark allows the user to analyse traffic in real-time, and is regarded as being a very robust tool for network troubleshooting
Social Engineering – Within information security this is the psychological manipulation of people into providing confidential information or performing actions
The Kali Linux platform is a favourite amongst those who are particularly IT security-minded, as it is a free, downloadable operating system that has all the tools required for those working within the security sector. Tuition is readily available via YouTube, thus compounding the security threat, as Kali can be used both offensively and defensively by those with a good operational knowledge of systems.