In our last blog post, we identified the first three tools Pentesters need to know, which include various social media platforms for information gathering as well as Nmap and FPing for host / port scanning. In part two, we will continue to take a look at a few other key tools needed and when they should be used.
The Vulnerability Assessment phase is aimed at building a list of all vulnerabilities present on a target system. In this phase, you will have to carry out a vulnerability assessment for each and every target found in the previous step. You can complete a vulnerability assessment both manually or via automated tools.
Keep in mind, the purpose of a penetration test is to mimic the effects of a black hat hacker, which means you have to learn how to think like a cyber criminal. You have to understand your client’s infrastructure and the vulnerabilities that it presents in order to know exactly how to take advantage of them.
Tools used for performing vulnerability assessments:
- GFI LAN Guard
In the Exploitation phase, you will have to verify if all vulnerabilities really exist by exploiting all vulnerabilities found during your vulnerability assessment phase.
A penetration test is a cyclical process, only ending when there are no more systems and services, in scope, to exploit.
Remember: The goal of a penetration test is not to get root, it’s to find any and all vulnerabilities.
Tools used for exploiting vulnerabilities:
- John The Ripper
The Reporting phase is as important as the entire penetration test itself because it is your way to officially deliver and communicate your results with executives, IT staff, development teams, and other stakeholders.
Tools used for reporting:
- Microsoft Suite
- eLearnSecurity's Pentest Reporting Guide
More often than not, work done as a Pentester will be judged based on the quality of your report. Strong writing and presentation skills come in handy when reporting your findings. A complete pentest report must address the following key points:
- Techniques used
- Vulnerabilities found and exploited
- Exploits used
- Impact and risk analysis (for each vulnerability)
- Remediation tips
Want to be a Penetration Tester?
The INE Penetration Testing Professional Learning Path helps build strong foundations by giving theoretical lessons reinforced with practical exercises, covering topics such as system, network, web app, and wi-fi security.
Not a current INE subscriber? Try our training for free with an INE Starter Pass, granting you access to the entire Penetration Testing Student Learning Path as well as learning resources for Data Science, Networking, and Cloud!