Characteristics and types of Penetration testing in computer science
Penetration testing is therefore an activity that serves to discover and identify the problems of a given system. It is therefore an analysis carried out from inside or outside the system that allows us to detect the vulnerabilities that this analyzed area possesses and exploit its weaknesses. All IT infrastructure components, applications, network devices and physical security are evaluated. You can also think of penetration testing by trying to put yourself in the mind of a hacker. Techniques are used which this malevolent character could in turn exploit by simulating his behavior. In fact, in the most common terminology, all those who have no access to an IT infrastructure are defined as hackers. In fact, this is the biggest and greatest difference between a pentester and a hacker, both exploit the same methodologies and techniques to intervene in a system, but the pentesters are authorized people who cannot afford to destroy their client’s infrastructure. Also a very important difference between pentester and hacker is that the former must find all the vulnerabilities present in a system, not only those that allow it to have privileged access to the system.
There are two types of penetration testing: black-box testing and white-box testing. The main difference between these two types of approach is the amount of information that a penetration tester has on the systems to be tested.
Type of testing in which a real attack is simulated from the outside world, in fact it is also called “external test”. A tester, having no detailed information on the infrastructure, simulates what an attacker could do by exploiting the vulnerabilities detected. This determines if access to the system is possible, and if so, how much data can be compromised.
Also known as an “internal test”, the testers simulate an attack having complete knowledge of the infrastructure to be tested. In this way the testers with the owners can focus on a particular goal, thus verifying the integrity of the organizations.
The combination of these two types of penetration testing results in gray box testing. In this approach the testers are provided with some knowledge, saving time to discover publicly available information.
The penetration tests can be conducted as “blue teaming”, ie with the knowledge and consent of the organization’s IT staff or “red teaming”, that is, only with the knowledge and authorization of the upper management. Red teaming is more expensive and complex to manage, but it can provide a better indication of daily security, as system administrators are not aware of it.
Finally, it must be said that in addition to the classification between white-boxes and black-boxes the penetration tests also differ according to the type of penetration testing. In fact, network penetration testing, web application penetration testing and system penetration testing exist. The substantial difference between the various types of penetration testing are the objects to be examined.