Penetration Testing
Penetration Testing
"Pentest, also known as Penetration Testing, is the process of approaching target systems from a hacker's perspective, attempting all technically feasible methods to breach them and gain control of the systems. Within the scope of Penetration Testing, systems undergo a comprehensive examination by analyzing the risks and potential damages that vulnerabilities could cause, along with identifying the points attackers could access.
During the process, our penetration testing experts act like real hackers, uncovering all vulnerabilities, risks, and points of accessibility in various systems. Given the diverse methods and variables involved in these security tests, they should be conducted by specialists.
There are three types of Penetration Testing: White Box, Black Box, and Grey Box."
PENETRATION TESTING METHODOLOGY
In general, we can list the steps and methodology applied in a Pentest as follows:
• Scope Definition (Scope)
• Information Gathering (Reconnaissance, Discovery)
• Discovery and Scanning (Enumeration)
• Vulnerability Scanning and Analysis (Vulnerability Scanning)
• Exploitation (Exploitation)
• Privilege Escalation, Propagation (Post Exploitation)
• Information and Document Gathering (Post Exploitation)
• Covering Tracks (Clearing Tracks)
• Reporting (Reporting)