What is a PenTest?

Penetration testing, also known as ethical hacking or pen testing, is a security assessment technique that involves evaluating the security of a computer system, network, or application by simulating an attack from malicious outsiders (think hackers) or insiders. The goal of penetration testing is to identify vulnerabilities, weaknesses, and potential entry points that could be exploited by real attackers. The idea is we wish to secure our systems, networks and applications from hackers by learning how they might be able to gain a foothold in our network.

Penetration testing is typically conducted by skilled security professionals who employ a variety of methods, tools, and techniques to probe the target system. They attempt to exploit vulnerabilities and gain unauthorized access to systems, applications, or data to determine the effectiveness of existing security controls and to discover any potential weaknesses. This course will introduce you to these methods, some tools and techniques. To become a skill pentester you must keep practicing and refining your own skill set. 

The process usually involves several stages, including:

1. Planning and scoping: Gathering information about the target system or organization to identify potential vulnerabilities and attack vectors.

2. Information Gathering and Vulnerability Scanning: Conducting scans of network infrastructure, systems, and services to identify open ports, services, and potential vulnerabilities.

3. Attacking and Exploiting: Attempting to exploit identified vulnerabilities to gain unauthorized access, escalate privileges, or extract sensitive information. Once access is achieved, further exploration and attempts to maintain access or pivot to other systems may be performed to assess the impact of a successful attack.

4. Reporting and Communicating Results: Documenting the findings, vulnerabilities, and recommendations for improving security based on the results of the penetration testing.

Penetration testing helps organizations proactively identify security weaknesses and address them before malicious attackers can exploit them. It assists in validating the effectiveness of security measures, improving incident response capabilities, and ensuring compliance with security standards and regulations. Other regulatory compliance considerations are HIPPA, FERPA, SOX, GLBA and the GDRP.  

• HIPPA (Health Insurance Portability and Accountability Act): It is a federal law enacted in the United States in 1996 that aims to protect the privacy and security of individuals' personal health information (PHI) and sets standards for the electronic exchange of healthcare data.

• FERPA (Family Educational Rights and Privacy Act): It is a federal law in the United States that protects the privacy of student educational records. FERPA grants specific rights to parents and eligible students (those who are 18 years or older or attending a post-secondary institution) regarding the privacy and access to these records.

• SOX (Sarbanes-Oxley Act): officially known as the Public Company Accounting Reform and Investor Protection Act of 2002. It is a federal law enacted in the United States in response to accounting scandals and corporate frauds, such as the Enron and WorldCom cases. 

• GLBA (Gramm-Leach-Bliley Act): also known as the Financial Services Modernization Act of 1999. It is a United States federal law that governs the privacy and security of consumers' personal financial information held by financial institutions. 

• GDRP (General Data Protection Regulation): a comprehensive data protection law implemented in the European Union (EU) to enhance the privacy rights of individuals and regulate the processing of their personal data.