“Pentesting” is short for penetration testing, also known as ethical hacking. It’s a controlled and authorized process of simulating a cyber-attack on a computer system, network, or application to evaluate its security. You may also be interested in: Trends for Cryptography in Cyber Security
The goal of pentesting is to identify vulnerabilities and weaknesses in a system’s defenses that malicious actors could potentially exploit. This process helps organizations understand their security posture and take corrective measures to strengthen their security.
Today, with the increasing cyber attacks, pentesting has become essential for many cybersecurity companies that need to protect sensitive information.
In this blog, we’ll tell you more about pentesting and give you an inside perspective through an interview with one of our Expert Hackers.
Types of pentesting
Open Box Penetration Testing:
In an open box penetration test, the hacker is provided with some information about the target company’s security measures beforehand. This means they have a degree of insight into the system or network they are testing. This type of testing allows the pentester to focus their efforts on specific areas or vulnerabilities.
Closed Box Penetration Testing:
Closed box, also known as “blind” testing, is where the hacker is given very minimal information, usually just the name of the target company. They have little to no prior knowledge of the system, simulating a scenario where they must approach the testing with a clean slate, just as a real attacker might.
Covert Penetration Testing:
Covert, or “double-blind,” penetration testing is conducted in a way that almost nobody within the company is aware that the test is taking place. This includes IT and security professionals who would typically respond to an attack. In these cases, it’s critical for the hacker to have clear written documentation of the scope and other details to avoid any legal or operational issues.
External Penetration Testing:
During an external penetration test, the ethical hacker assesses the technology that’s accessible from outside the company. This typically includes the website and external network servers. In some cases, the hacker may not physically enter the company’s premises and instead conducts the test from a remote location or from a nearby parked vehicle.
Internal Penetration Testing:
In an internal penetration test, the ethical hacker operates from within the company’s internal network. This type of test is valuable for evaluating the potential damage a disgruntled employee could cause from behind the company’s firewall.
These different approaches allow penetration testers to adapt their strategies based on the level of access and prior knowledge they have about the system or network they are evaluating.
Interview with our expert hacker
How did you become interested in Pentesting?
Even when I was very young, I was very interested in computers, electronics, and machines in general. I’ve always had a strong obsession with understanding how things work. I used to ask my parents for permission to break and open anything I could learn more from – coffee makers, TV remotes… an endless list of things to study. Long before I had the technical ability to do pentesting on computers, I had already developed an interest in manipulating machines, sensors, and such.
What is it that you’re most passionate about when doing it?
It’s never repetitive; each time is completely different. Finding a new vulnerability, a “0-day”, is one of the strongest emotions a hacker can feel.
You defined Pentesting as a combination of art and technical knowledge. Could you tell me why you define it this way and in what moments you feel it that way?
Pentesting consists of two differentiated parts: The hunting for vulnerabilities and their subsequent exploitation. Both usually require an unusual mental process. The search for vulnerabilities is the most exciting process and requires having an “instinct” to know where they might be and a lot of creativity to come up with unconventional ideas that often become interesting attack vectors. I believe this is the fundamental part of pentesting and I don’t think it can be learned. In the exploitation, unconventional techniques are also often used.
Each vulnerability is a world of its own and you have to be an artist here too. It’s also a job that’s practically impossible to perform without motivation.
The process of hunting and exploitation is extremely psychologically demanding. Many times, it feels like you’re fighting against a wall. You can invest many hours, many nights for months without any kind of reward, finding nothing… until you do find it. That’s why I think it requires passion. It allows you to be immerse in the situation and keeps you focused and motivated.
What happens after a weakness is found?
Well, it depends.
If you are an independent hacker, once you have a PoC that shows the vulnerability is exploitable, you should look for a point of contact to report the vulnerability. There are many steps depending on the company’s vulnerability disclosure process. After the issue is fixed, you would then re-pentest the bugfix and receive a bounty for it. This process can take months.
Sometimes, if the company you assisted likes how you handled the situation, they may offer you a contract for future pentesting work.
If you find a weakness in some type of embedded device, it’s better to engage with a professional directly and define the goals.
However, if you are working for a company, you should report the weakness and present suggestions that can help reinforce the security system. Once the course of action is decided, the project moves on to other teams that will be responsible for implementing the suggestions and resolving the issue.
What are the things you see in the future of pentesting that are interesting for you?
I have a very traditional approach to pentesting. While there are new technologies like AI, for me, not much has really changed.
I’ve seen AI write code very quickly on demand, but you can almost always detect mistakes and bugs. Software development is mainly debugging, and having to deal with “a few bugs” code that you haven’t even written is not ideal. I’m not sure if you can benefit from this fast free code, since it involves a lot of work afterwards.
I think there will be interesting developments regarding AI and vulnerabilities in the future. We’ll have to wait and see!
Written by:
Víctor Martínez –Software security research engineer-