A pentester is a gifted and passionate programmer, able to understand a program and locate its flaws. A pentester is someone who uses creative DIY aimed at improving the functioning of a system, which is why he uses several tools and methods.
In this article, we will list some basic methods of working a pentester:
Collecting target information
Pentesters first look for vulnerabilities, that is to say vulnerabilities that are harmful to the security of the system, in protocols, operating systems and software.
The first step of the pentester is to collect as much information as possible about a person or a computer network and about a machine and applications running on it.
Here is the data that a pentester tries to collect first:
- IP addressing,
- Phone numbers
- Email addresses
- OS
- Software installed on the victim's machine
- Domain names,
- Network protocols,
- Activated services,
- Server architecture.
- Etc ..
For this, a pentester uses two techniques:
- Interact directly with the target to gather information. For example, use the Nmap tool to scan the victim's network.
- Collect information on the target from social networks and search engines.
Identify the weak point of the target
Once the pentester has collected all the information on the target, the next step is to identify a weak point allowing him to access it. This is usually accomplished by scanning the network with tools like N-Stealth and Nmap.
The goal is to find vulnerabilities on the target's system. This part of the process usually takes place slowly, sometimes for days, as attackers search for vulnerabilities.
Here are some tools for identifying vulnerabilities:
- Vulnerability scanner (Messus; SAINT; N-Stealth)
- Specialized websites (SecurityFocus; Insecure.org)
- Frame analyzer or "Sniffer" (Winpcap; Windump; TCPDump; SSLDump; NeoTrace-Ettercap; Netstat).
Access and exploitation of the weak point
Now that the weak points of the target system are identified, the next step in the cyber attack is to access them.
The exploitation of a vulnerability is done either by a malicious program or a shell script, often compiled on the target machine, for privilege extension, system error, etc. You will need certain human qualities to successfully exploit loopholes: patience, perseverance and discretion. This is a stage where you will have to make the best use of your computer skills, and I am weighing my words.
Take full control
The hacker gained unrestricted access to the entire target network. Then comes the maintenance to be able to come back when he wants. To do this, hackers can secretly install malicious programs that allow them to come back as often as they want.
Cleaning
Usually, when the attacker has obtained a sufficient level of control over the network, he erases all traces of his passage by deleting all the files created, and correcting the logs.