Source : http://bit.ly/aJhhXz
There are important things to keep in mind regarding pen testing, including some steps to take to reach business goals:
- Define business objectives, not technical objectives. For example, test if the credit card database or the central enterprise resource planning (ERP) system is reachable and vulnerable. Pen testing firewalls is a lot less useful.
- The creation and use of pen testing checklists will allow you to test more thoroughly and find more vulnerabilities.
- Google hacking is a very quick way to query your web presence and find easy-to-exploit vulnerabilities and misconfigurations.
- Structured Query Language (SQL) injection vulnerabilities and misconfigured wireless networks continue to be the most common external perimeter breaching vectors.
- Cross-site scripting (XSS) is a common web vulnerability, but it poses different risk levels for different industries or systems. It almost never allows external access or system control.
- Create application and network diagrams; by understanding the underlying structure, you will be far better at reaching objectives.
- Always try easy-to-guess or default passwords, especially on shared users and system accounts; they are still very common.
- Sniffing is a great way to understand network traffic and can almost always obtain clear-text or easy-to-break passwords. Commonly used protocols, such as Simple Mail Transfer Protocol (SMTP), Simple Network Management Protocol (SNMP) or File Transfer Protocol (FTP), send clear-text passwords.
- Certain hacking techniques commonly disrupt system stability or network communications; in particular, man-in-the-middle techniques and buffer-overflow exploits should be avoided or tested only in controlled environments.
- In general, the more connected an application is, the easier it will be to hack. Databases, domain controllers and web sites are frequently easy targets.
- Always convert vulnerabilities into risks by determining asset value and probability of attack. There are many ways to scan for vulnerabilities. A pen tester is better poised to determine risk by understanding the complexity of the attack and the access level obtained.
- One of the main benefits of pen testing is creating a sense of urgency in the organization. Always take screenshots, screen videos or give live demonstrations of the findings. This will help advance the security awareness of everyone involved.