What Is Pentesting In Hacking World Full Tutorial 2020 By Arain Tricks.
⚠️ This Post Only For Educational Purpose ⚠️
Penetration Testing steps:-
1. Reconnaissance or Information Gathering :
Gathering information about a system or a server to better understand how a target works and its potential vulnerabilities.
2. Scanning :
Scanning the server network to know know which OS it uses and what ports are open to use the convenient exploit for it.
3. Gaining Access :
In this stage the hacker exploits the vulnerability he found in the server so he can gain access to the server, most of times when the hacker gains access to a system or a server
he gains the access as a user and not as a admin or a root, so the hackers uses an attack called "Privilege Escalation" i will talk about it in next threads, with this attack the hacker
exploits the kernel of the system so he gains access to the root or the admin of the server so he can do a lot of actions and take full control of the server.
4.Maintaining access:
In this stage the hacker deploys a backdoor or also known in linux as rootkit so he can gain access in another time or letting other hackers gain access.
5. Analysis :
This stage is important to white hat hackers so they submit a report to the company they pentested about the vulnerabilities they found and tactics and methods they used
to gain access to their system.
Tools and OS used for pentesting:-
1. Linux or Debian based distributions:
Kali Linux, Debian, Ubuntu, Parrot OS, Arch Linux, etc...
2. Information Gathering Tools:
Maltego, whois, crt.sh(website), etc...
3. Scanning Tools:
NMAP, Zanmap(GUI of NMAP), wafw00f, etc...
4. Exploiting Tools:
Metasploit Framework, SQLmap, Hydra, etc...
5.Reporting Tools:
Dradis, Metagoofil, Cherry, etc...
Always remeber that no system is safe, don't get fooled by firewalls, every security can get bypassed because they are made by human brains and humans aren't robots.
0 Please Share a Your Opinion.: