A review of the typical pen testing process

Hello and welcome to this Ethical Hacking Tools with Python video. Here is what we're going to cover in this lesson. First, we want to understand what penetration testing is. Then we'll look into penetration testing methodologies. And then we take a closer look at the PTES methodology. So what is penetration testing? In his book, Python Penetration Testing for Developers, Christopher Duffy, a cybersecurity expert, defines it as follows: A penetration test is the practice of assessing an organization's security strategies ability to protect critical data from the actions of a malicious actor. More simply put, when you do a penetration test on a company, you assess the security of its assets. For example, a penetration test can include testing a company's website and seeing whether or not you can gain unauthorized access to sensitive information. Now, penetration tests can get much more sophisticated than simply assessing a website, but that's something we're not going to cover here. Okay. So you know what a pen test is, but how do you actually do it? Is there any method, strategy or standard to follow for conducting a penetration test? In fact, there are quite a few. So we have the open source Security Testing Methodology Manual or OSSTMM. We then have the Open Web Application Security Project or OWASP. For web applications, we also have the National Institute of Standards and Technology, the special publication 800-115, which is a technical guide to information security testing and assessment. We then have the penetration testing execution standard or PTES, and of course, there are many others. Now, out of all of these, we're going to look inside the PTES. The reason I go through this standard is because I want you to understand the level at which we're going to build our penetration testing and ethical hacking tools in the upcoming lesson. You need to see the big picture of how it all fits in. Okay, so PTES: Well, PTES has seven phases. Phase one is the pre-engagement interactions, which is like a preparation phase for the pen test. This is all about the documents, approvals and tools needed for the test. Then, there is intelligence gathering, which is all about gaining as much information as possible about the target from external sources like social media websites, Google, official records, and others. These often go under the umbrella of OSINT or open source intelligence. You need to understand that up to this phase, there has not been any active engagement on the target. Okay. The next phase or phase three is threat modeling, which is most often skipped in the typical pen test. Then there is vulnerability analysis where you discover and validate vulnerabilities. This is where there is a lot of active engagement with the target. This also encompasses information gathering. But now, like I said, it's an active information gathering process because you are interacting with the target. Phase five is exploitation. This is when you try to breach the security of the target on the system using the vulnerabilities that you previously identified and validated. Okay. Now the next phase is post-exploitation. So after breaching the system, you often look for ways to maintain control of the system for further exploitation and/or ongoing intelligence gathering. And finally, we have the reporting. This is where you document your entire process in an understandable manner by the client. Okay. So these are the seven phases according to the PTES methodology. Now it's time for a quick knowledge check. So the question is what is the main pen testing methodology discussed in this lesson? Is it a) OSSTMM, b) PTES or c) OWASP? OSSTMM and OWASP have only been mentioned briefly, while PTES is the one we focused on. So in this case, b) PTES is the right answer. Now here's another one. What phase of the PTES methodology involves active information gathering? Okay, so b) intelligence gathering is all about collecting information from external sources passively, and that's not the right answer. c) reporting deals with documenting the entire pen test, and that's also not the right answer, which leads to a) vulnerability assessment, which involves discovering and validating vulnerabilities, thus active engagement with the target. So a) is the right answer. Okay, so what have we learned today? We learned what a penetration test is. We mentioned a few of the various penetration testing methodologies and we took a closer look at the PTES methodology. In the next lesson, we begin building our first tool in Python for penetration testing. My name is Christian and I'm looking forward to seeing you in the next video.