( ** Cyber Security Training: https://www.edureka.co/cybersecurity-certification-training ** )
This Edureka PPT on "Penetration Testing" will help you understand all about penetration testing, its methodologies, and tools. Below is the list of topics covered in this session:
What is Penetration Testing?
Phases of Penetration Testing
Penetration Testing Types
Penetration Testing Tools
How to perform Penetration Testing on Kali Linux?
Cyber Security Playlist: https://bit.ly/2N2jlNN
Cyber Security Blog Series: https://bit.ly/2AuULkP
Instagram: https://www.instagram.com/edureka_lea...
Facebook: https://www.facebook.com/edurekaIN/
Twitter: https://twitter.com/edurekain
LinkedIn: https://www.linkedin.com/company/edureka
4. Cybersecurity Certification Training www.edureka.co/cybersecurity-certification-training
Vulnerabilities
Design & implementation
Poor system configuration
Insecure network
System complexity
Human errors
Technology
5. Cybersecurity Certification Training www.edureka.co/cybersecurity-certification-training
What is Penetration Testing?
Penetration testing is an attempt to exploit the vulnerabilities to determine
whether unauthorized access or other malicious activity is possible
Discover
vulnerabilities
Test for security
compliance
Verify staff
awareness
Purpose
8. Cybersecurity Certification Training www.edureka.co/cybersecurity-certification-training
Project Management Phases
01
05
02
04
Planning
Phase
Output
Phase
Analysis
Phase
03
Execution
Phase
Scanning
phase
Activities involved in this phase
Defining goals & scope of a test
Gathering Intelligence
Deciding on testing methods to
be use
9. Cybersecurity Certification Training www.edureka.co/cybersecurity-certification-training
Project Management Phases
01
05
02
04
Planning
Phase
Output
Phase
Analysis
Phase
03
Execution
Phase
Scanning
phase
Mapping the attack vectors & identifying vulnerabilities
Static Analysis
Inspecting
application code
logic, functions etc
Dynamic Analysis
Inspecting
application code in
running state
Dynamic Analysis
Inspecting
application code in
running state
10. Cybersecurity Certification Training www.edureka.co/cybersecurity-certification-training
Project Management Phases
01
05
02
04
Planning
Phase
Output
Phase
Analysis
Phase
03
Execution
Phase
Scanning
phase
Crucial phase where actual damage is done
PEN
TESTING
11. Cybersecurity Certification Training www.edureka.co/cybersecurity-certification-training
Project Management Phases
01
05
02
04
Planning
Phase
Output
Phase
Analysis
Phase
03
Execution
Phase
Scanning
phase
Activities involved in this phase
Collect the evidence of exploited
vulnerabilities
Categorize the risks to – Critical, High,
Medium & Low
Reporting results to executive
management
12. Cybersecurity Certification Training www.edureka.co/cybersecurity-certification-training
Project Management Phases
01
05
02
04
Planning
Phase
Output
Phase
Analysis
Phase
03
Execution
Phase
Scanning
phase
Results of penetration testing are complied into detailed report
Exploited
vulnerabilities
Summary
of test
Recommended
solutions
Risks
discovered
14. Cybersecurity Certification Training www.edureka.co/cybersecurity-certification-training
Penetration Testing Types
01
02 04
03 05Web
Application
Network
Services
Wireless
Social
Engineering
Client Side
15. Cybersecurity Certification Training www.edureka.co/cybersecurity-certification-training
Types of Penetration Testing
Black – Box
Testing
Grey – Box
Testing
White – Box
Testing
Zero Knowledge Some Knowledge Full Knowledge
TEST CASE - INPUT
TEST CASE - OUTPUT
18. Cybersecurity Certification Training www.edureka.co/cybersecurity-certification-training
Penetration Testing Tools
Why do we need penetration tools?
Saves time & effort
Accurate results
Advanced analysis
Automate manual tasks
Gather bulk data
Popular penetration tools