DevLeague Coding Bootcamp
DevLeague is a Full Stack Coding Bootcamp
Penetration Testing or pentesting is the act of simulating an attack on infrastructure to determine the extent of damage or access to protected resources an attacker would have if they were to successfully find and exploit those vulnerabilites.
It is important to remember that pentesting goes beyond the scope of a vulnerability assessment of identifying where vulnerabilities exist in a system, but the actual exploitation of those vulnerabilities as well.
Most successful attacks carried out on people and organizations are not zero day exploits or recently discovered vulnerabilities.
As our systems, applications and connectivity get more complex it becomes challenging to ensure that all factors have been considered.
Translation: Many of these attacks could have been avoided.
Pentesting allows organizations to find and fix those vulnerabilities before an attacker does.
"A pen tester is thorough in their work for the customer. Hackers just discover what is necessary to accomplish their goal."
Internal Pen Testing
External Pen Testing
1. Pre-Engagement
2. Information Gathering
3. Threat Modeling
4. Vulnerability Analysis
5. Exploitation
6. Post-Exploitation
7. Reporting
OSINT(Open Source Intelligence)
1. Reconnaissance
2. Scanning and Enumeration
3. Getting Access
4. Maintaining Access
5. Covering Tracks
By DevLeague Coding Bootcamp
Introduction to pen testing and ethical hacking concepts.