How Is Penetration Testing Done?

A penetration test is an effective method of simulating a cyber attack on your organisation in the hopes of identifying vulnerabilities that can be exploited by malicious actors. These penetration testers are commonly referred to as ethical hackers, they perform reconnaissance where they carry out a lot of hands-on research on your organisation in the hopes of formulating an attack strategy. They then through the manipulation of current vulnerabilities gain and maintain access to your organisation's systems as an actual hacker would do. The result of a penetration test is an extremely detailed report on how your system can fix its vulnerabilities and strengthen its defences against cyber attacks. 


What are the different types of penetration testing?

White Box Penetration Testing - During a white-box penetration test the tester is provided with full network and system information, this is usually done to save on cost and time taken with the overall test. 

Black Box Penetration Testing - On the other hand, during black-box penetration tests the tester is provided with no network and system information similar to an unprivileged user. This is done to simulate an authentic attack where the malicious attacker has no information on the network or system. 

Grey Box Penetration Testing - In a grey box penetration test, only limited information is shared with the tester. Usually this takes the form of login credentials. Grey box testing is useful to help understand the level of access a privileged user could gain and the potential damage they could cause.

External Penetration Testing - In an external test, the ethical hacker goes up against the company’s external-facing technology, such as their website and external network servers. Typically the hacker may be forced to conduct the hacker from a remote location and not even be allowed on the company premises. 

Internal Penetration Testing - In an internal test, the ethical hacker performs the test from the company’s internal network. This type of testing is a good way of simulating an attack that may come from within, e.g. from a disgruntled employee. 


How is a penetration test done? 

A typical penetration test is carried out in the following six stages: 

1. Reconnaissance - During the reconnaissance stage, a penetration tester the scope and the goal of the test, this includes what systems are going to be targeted and the tools that are going to be used. In this stage, the ethical hacker also collects information and data via public and private sources on the target to inform their attack strategy, for example, discovering possible vulnerabilities that can be exploited during the actual hack. The complexity of this stage may differ from company to company as well as the scope and objective of the penetration test. 

2. Scanning - This is where the ethical hacker utilises tools like open services, application security issues and open source vulnerabilities etc, to scan the company's website or system for weaknesses. This stage is used to understand how the target system will respond to intrusion attempts and how susceptible it is to attack. There are two distinct types of scanning: 


  • Static scanning - this is when the tool used scans and collects information in a single pass, by inspecting an application’s code to estimate how it would behave if it were running. 
  • Dynamic scanning - this is a more real-time form of scanning and is the process of inspecting an application’s code while it is running, hence providing a real-time view of how it would perform during an intrusion attempt. 

3. Gaining access - Hackers may access your company's networks to steal, change or delete data for financial gain or simply damage the reputation of your company. During this stage, the hacker conducting the Penetration Test will test each of these cases and must decide on the best tools and techniques to gain access to your organisation’s system, whether through a weakness, such as SQL injection, or through malware, social engineering, or something else.

4. Maintaining access - Once penetration testers gain access to your company’s network, their simulated attack must stay connected long enough to accomplish their goals: exfiltrating data, modifying it, or abusing functionality. The goal of a penetration test is to simulate the actual impact of a cyber attack if it is to happen. 

5. Analysis & reporting - As the final stage of the penetration test, it consists of analysing the results. The ethical hacker or penetration testing team detail the entire penetration testing process in a report, describing the vulnerabilities that were exploited, the sensitive information that was accessed, what was implemented correctly, the duration of the attack, as well as possible remediation methods. 

6. Re-Test - Once an organisation has implemented the remediations recommended in a penetration testing report it is a good choice to retest. A re-test can ensure that all vulnerabilities are patched. 

Why is penetration testing important?  

In today’s world, organisations are increasingly becoming dependent, continuously digitising their business operations and processes. The number of technology risks associated with this development is also increasing, which has left businesses vulnerable to malicious actors. One way to identify any weaknesses in your systems and networks is to conduct penetration testing regularly. Without conducting a penetration test, your business is left to react to a security incident, which can mean significant risk. By adopting a proactive approach, and conducting annual penetration tests, your organisation can stay one step ahead of cybercriminals by leaving no vulnerabilities un-patched that can be easily exploited. Penetration testing also helps your business comply with regulatory and compliance requirements, which if non-compliant, can open your business up to heavy fines or even loss of the right to operate. 

How can StickmanCyber help? 

Performing a penetration test can be a costly and daunting task for your organisation, giving someone permission and on some occasions, sensitive information to hack into your networks and systems can be risky. Even if the intention is to improve your security measures and identify vulnerabilities, mistakes can occur during testing. Not all penetration testing companies work with the same standards, increasing the inherent risk in carrying out a test on your organisation. This is why making sure the company providing the penetration test is highly accredited is important to your organisation. CREST accreditation is well established as a ‘stamp of approval’ for a high-quality penetration. 

StickmanCyber is CREST certified, deploy a CREST ANZ registered team to detect the vulnerabilities in your business systems. Get a comprehensive report with actionable steps to improve the security of your data and business assets. Get in touch with one of our expert consultants to get started today. 


Similar posts


Optus has been hit with a major cyber attack

In today’s world businesses around the world as well as in Australia, face increasingly sophisticated and innovative cybercriminals targeting what matters most to them; their money, data and reputation. Download our guide to learn everything you need to know about the Optus Data Breach, as well as the nine steps every business around the world and in Australia needs to take to avoid being next.