SlideShare une entreprise Scribd logo

Summarizing the five phases of penetration testing

Télécharger en tant que PPTX, PDF
Madhn Rj
Madhn Rj

The Information About Cyber Security Awareness For More Information:- http://www.madhnw0rm.com/

Présentations et discours publics
1  sur  6
Summarizing The Five Phases of Penetration Testing
Phase 1 | Reconnaissance Reconnaissance is the act of gathering preliminary data or intelligence on your target. The data is gathered in order to better plan for your attack. Reconnaissance can be performed actively (meaning that you are directly touching the target) or passively (meaning that your recon is being performed through an intermediary).
Phase 2 | Scanning The phase of scanning requires the application of technical tools to gather further intelligence on your target, but in this case, the intel being sought is more commonly about the systems that they have in place. A good example would be the use of a vulnerability scanner on a target network.
Phase 3 | Gaining Access Phase 3 gaining access requires taking control of one or more network devices in order to either extract data from the target, or to use that device to then launch attacks on other targets.
Phase 4 | Maintaining Access Maintaining access requires taking the steps involved in being able to be persistently within the target environment in order to gather as much data as possible. The attacker must remain stealthy in this phase, so as to not get caught while using the host environment.
Phase 5 | Covering Tracks The final phase of covering tracks simply means that the attacker must take the steps necessary to remove all semblance of detection. Any changes that were made, authorizations that were escalated etc. all must return to a state of non-recognition by the host network’s administrators.

Recommandé

Threat Intelligence + Secuirity Monitoring
Threat Intelligence + Secuirity MonitoringThreat Intelligence + Secuirity Monitoring
Threat Intelligence + Secuirity Monitoring
Talha Riaz
 
Penetration testing
Penetration testingPenetration testing
Penetration testing
Nameen Singh
 
Module 1 Introduction
Module 1 IntroductionModule 1 Introduction
Module 1 Introduction
leminhvuong
 
Ch19
Ch19Ch19
Ch19
Joe Christensen
 
Network Security Layers
Network Security LayersNetwork Security Layers
Network Security Layers
natarafonseca
 
Cyber Incident Response Proposed Strategies
Cyber Incident Response Proposed StrategiesCyber Incident Response Proposed Strategies
Cyber Incident Response Proposed Strategies
Dam Frank
 
Cyber intrusion
Cyber intrusionCyber intrusion
Cyber intrusion
Kishor Datta Gupta
 
Computer System Security Unit 1 Part 2
Computer System Security Unit 1 Part 2Computer System Security Unit 1 Part 2
Computer System Security Unit 1 Part 2
SURBHI SAROHA
 

Recommandé

Threat Intelligence + Secuirity Monitoring
Threat Intelligence + Secuirity MonitoringThreat Intelligence + Secuirity Monitoring
Threat Intelligence + Secuirity Monitoring
Talha Riaz
 
Penetration testing
Penetration testingPenetration testing
Penetration testing
Nameen Singh
 
Module 1 Introduction
Module 1 IntroductionModule 1 Introduction
Module 1 Introduction
leminhvuong
 
Ch19
Ch19Ch19
Ch19
Joe Christensen
 
Network Security Layers
Network Security LayersNetwork Security Layers
Network Security Layers
natarafonseca
 
Cyber Incident Response Proposed Strategies
Cyber Incident Response Proposed StrategiesCyber Incident Response Proposed Strategies
Cyber Incident Response Proposed Strategies
Dam Frank
 
Cyber intrusion
Cyber intrusionCyber intrusion
Cyber intrusion
Kishor Datta Gupta
 
Computer System Security Unit 1 Part 2
Computer System Security Unit 1 Part 2Computer System Security Unit 1 Part 2
Computer System Security Unit 1 Part 2
SURBHI SAROHA
 
[PDF] Penetration Testing: A Hands-On Introduction to Hacking
[PDF] Penetration Testing: A Hands-On Introduction to Hacking[PDF] Penetration Testing: A Hands-On Introduction to Hacking
[PDF] Penetration Testing: A Hands-On Introduction to Hacking
ubew4tg34
 
Nice network intrusion detection and countermeasure
Nice network intrusion detection and countermeasureNice network intrusion detection and countermeasure
Nice network intrusion detection and countermeasure
IEEEFINALYEARPROJECTS
 
Intrusion detection
Intrusion detectionIntrusion detection
Intrusion detection
Programmer
 
Dissertation Proposal Abstract
Dissertation Proposal AbstractDissertation Proposal Abstract
Dissertation Proposal Abstract
Ruchika Mehresh
 
Data Mining and Intrusion Detection
Data Mining and Intrusion Detection Data Mining and Intrusion Detection
Data Mining and Intrusion Detection
amiable_indian
 
First Response - Session 11 - Incident Response [2004]
First Response - Session 11 - Incident Response [2004]First Response - Session 11 - Incident Response [2004]
First Response - Session 11 - Incident Response [2004]
Phil Huggins FBCS CITP
 
Cnsm2011
Cnsm2011Cnsm2011
Cnsm2011
j22fung
 
Ethical hacking introduction to ethical hacking
Ethical hacking introduction to ethical hackingEthical hacking introduction to ethical hacking
Ethical hacking introduction to ethical hacking
MissStevenson1
 
Ethical hacking introduction to ethical hacking
Ethical hacking introduction to ethical hackingEthical hacking introduction to ethical hacking
Ethical hacking introduction to ethical hacking
missstevenson01
 
What are the 3 Phases of Penetration Testing
What are the 3 Phases of Penetration TestingWhat are the 3 Phases of Penetration Testing
What are the 3 Phases of Penetration Testing
Cyber security professional services- Detox techno
 
What are the 3 Phases of Penetration Testing.pdf
What are the 3 Phases of Penetration Testing.pdfWhat are the 3 Phases of Penetration Testing.pdf
What are the 3 Phases of Penetration Testing.pdf
Cyber security professional services- Detox techno
 
Penetration testing overview
Penetration testing overviewPenetration testing overview
Penetration testing overview
Supriya G
 
Security protection On banking systems using ethical hacking.
Security protection On banking systems using ethical hacking.Security protection On banking systems using ethical hacking.
Security protection On banking systems using ethical hacking.
Rishabh Gupta
 
Cyber Incident Response Triage - CPX 360 Presentation
Cyber Incident Response Triage - CPX 360 PresentationCyber Incident Response Triage - CPX 360 Presentation
Cyber Incident Response Triage - CPX 360 Presentation
Infocyte
 
Penetration Testing.pptx
Penetration Testing.pptxPenetration Testing.pptx
Penetration Testing.pptx
Ananta Khare
 
Demystifying Penetration Testing: A Comprehensive Guide for Security Enhancement
Demystifying Penetration Testing: A Comprehensive Guide for Security EnhancementDemystifying Penetration Testing: A Comprehensive Guide for Security Enhancement
Demystifying Penetration Testing: A Comprehensive Guide for Security Enhancement
cyberprosocial
 
Cyber kill chain.docx
Cyber kill chain.docxCyber kill chain.docx
Cyber kill chain.docx
Kestone
 
The Art of Penetration Testing in Cybersecurity.
The Art of Penetration Testing in Cybersecurity.The Art of Penetration Testing in Cybersecurity.
The Art of Penetration Testing in Cybersecurity.
Expeed Software
 
What are the 5 Stages of Penetration.pdf
What are the 5 Stages of Penetration.pdfWhat are the 5 Stages of Penetration.pdf
What are the 5 Stages of Penetration.pdf
Bytecode Security
 
HACKERS ATTACK PROCESS
HACKERS ATTACK PROCESSHACKERS ATTACK PROCESS
HACKERS ATTACK PROCESS
UK Defence Cyber School
 
5 Different Phases of Ethical Hacking
5 Different Phases of Ethical Hacking5 Different Phases of Ethical Hacking
5 Different Phases of Ethical Hacking
INDIAN INSTITUTE OF ETHICAL HACKING & TECHNOLOGY
 
Itis pentest slides hyd
Itis pentest slides hydItis pentest slides hyd
Itis pentest slides hyd
Rama krishna
 

Contenu connexe

Tendances

[PDF] Penetration Testing: A Hands-On Introduction to Hacking
[PDF] Penetration Testing: A Hands-On Introduction to Hacking[PDF] Penetration Testing: A Hands-On Introduction to Hacking
[PDF] Penetration Testing: A Hands-On Introduction to Hacking
ubew4tg34
 

Tendances (7)

[PDF] Penetration Testing: A Hands-On Introduction to Hacking
[PDF] Penetration Testing: A Hands-On Introduction to Hacking[PDF] Penetration Testing: A Hands-On Introduction to Hacking
[PDF] Penetration Testing: A Hands-On Introduction to Hacking
 
Nice network intrusion detection and countermeasure
Nice network intrusion detection and countermeasureNice network intrusion detection and countermeasure
Nice network intrusion detection and countermeasure
 
Intrusion detection
Intrusion detectionIntrusion detection
Intrusion detection
 
Dissertation Proposal Abstract
Dissertation Proposal AbstractDissertation Proposal Abstract
Dissertation Proposal Abstract
 
Data Mining and Intrusion Detection
Data Mining and Intrusion Detection Data Mining and Intrusion Detection
Data Mining and Intrusion Detection
 
First Response - Session 11 - Incident Response [2004]
First Response - Session 11 - Incident Response [2004]First Response - Session 11 - Incident Response [2004]
First Response - Session 11 - Incident Response [2004]
 
Cnsm2011
Cnsm2011Cnsm2011
Cnsm2011
 

Similaire à Summarizing the five phases of penetration testing

An introduction to intrusion detection systems
An introduction to intrusion detection systemsAn introduction to intrusion detection systems
An introduction to intrusion detection systems
UltraUploader
 

Similaire à Summarizing the five phases of penetration testing (20)

Ethical hacking introduction to ethical hacking
Ethical hacking introduction to ethical hackingEthical hacking introduction to ethical hacking
Ethical hacking introduction to ethical hacking
 
Ethical hacking introduction to ethical hacking
Ethical hacking introduction to ethical hackingEthical hacking introduction to ethical hacking
Ethical hacking introduction to ethical hacking
 
What are the 3 Phases of Penetration Testing
What are the 3 Phases of Penetration TestingWhat are the 3 Phases of Penetration Testing
What are the 3 Phases of Penetration Testing
 
What are the 3 Phases of Penetration Testing.pdf
What are the 3 Phases of Penetration Testing.pdfWhat are the 3 Phases of Penetration Testing.pdf
What are the 3 Phases of Penetration Testing.pdf
 
Penetration testing overview
Penetration testing overviewPenetration testing overview
Penetration testing overview
 
Security protection On banking systems using ethical hacking.
Security protection On banking systems using ethical hacking.Security protection On banking systems using ethical hacking.
Security protection On banking systems using ethical hacking.
 
Cyber Incident Response Triage - CPX 360 Presentation
Cyber Incident Response Triage - CPX 360 PresentationCyber Incident Response Triage - CPX 360 Presentation
Cyber Incident Response Triage - CPX 360 Presentation
 
Penetration Testing.pptx
Penetration Testing.pptxPenetration Testing.pptx
Penetration Testing.pptx
 
Demystifying Penetration Testing: A Comprehensive Guide for Security Enhancement
Demystifying Penetration Testing: A Comprehensive Guide for Security EnhancementDemystifying Penetration Testing: A Comprehensive Guide for Security Enhancement
Demystifying Penetration Testing: A Comprehensive Guide for Security Enhancement
 
Cyber kill chain.docx
Cyber kill chain.docxCyber kill chain.docx
Cyber kill chain.docx
 
The Art of Penetration Testing in Cybersecurity.
The Art of Penetration Testing in Cybersecurity.The Art of Penetration Testing in Cybersecurity.
The Art of Penetration Testing in Cybersecurity.
 
What are the 5 Stages of Penetration.pdf
What are the 5 Stages of Penetration.pdfWhat are the 5 Stages of Penetration.pdf
What are the 5 Stages of Penetration.pdf
 
HACKERS ATTACK PROCESS
HACKERS ATTACK PROCESSHACKERS ATTACK PROCESS
HACKERS ATTACK PROCESS
 
5 Different Phases of Ethical Hacking
5 Different Phases of Ethical Hacking5 Different Phases of Ethical Hacking
5 Different Phases of Ethical Hacking
 
Itis pentest slides hyd
Itis pentest slides hydItis pentest slides hyd
Itis pentest slides hyd
 
An introduction to intrusion detection systems
An introduction to intrusion detection systemsAn introduction to intrusion detection systems
An introduction to intrusion detection systems
 
Iscsp apt
Iscsp aptIscsp apt
Iscsp apt
 
Y04405144148
Y04405144148Y04405144148
Y04405144148
 
Vapt life cycle
Vapt life cycleVapt life cycle
Vapt life cycle
 
Information security
Information securityInformation security
Information security
 

Dernier

ACM CHT Best Inspection Practices Kinben Innovation MIC Slideshare.pdf
ACM CHT Best Inspection Practices Kinben Innovation MIC Slideshare.pdfACM CHT Best Inspection Practices Kinben Innovation MIC Slideshare.pdf
ACM CHT Best Inspection Practices Kinben Innovation MIC Slideshare.pdf
Kinben Innovation Private Limited
 

Dernier (10)

Deciding The Topic of our Magazine.pptx.
Deciding The Topic of our Magazine.pptx.Deciding The Topic of our Magazine.pptx.
Deciding The Topic of our Magazine.pptx.
 
DAY 0 8 A Revelation 05-19-2024 PPT.pptx
DAY 0 8 A Revelation 05-19-2024 PPT.pptxDAY 0 8 A Revelation 05-19-2024 PPT.pptx
DAY 0 8 A Revelation 05-19-2024 PPT.pptx
 
Microsoft Fabric Analytics Engineer (DP-600) Exam Dumps 2024.pdf
Microsoft Fabric Analytics Engineer (DP-600) Exam Dumps 2024.pdfMicrosoft Fabric Analytics Engineer (DP-600) Exam Dumps 2024.pdf
Microsoft Fabric Analytics Engineer (DP-600) Exam Dumps 2024.pdf
 
2024-05-15-Surat Meetup-Hyperautomation.pptx
2024-05-15-Surat Meetup-Hyperautomation.pptx2024-05-15-Surat Meetup-Hyperautomation.pptx
2024-05-15-Surat Meetup-Hyperautomation.pptx
 
Understanding Poverty: A Community Questionnaire
Understanding Poverty: A Community QuestionnaireUnderstanding Poverty: A Community Questionnaire
Understanding Poverty: A Community Questionnaire
 
The Influence and Evolution of Mogul Press in Contemporary Public Relations.docx
The Influence and Evolution of Mogul Press in Contemporary Public Relations.docxThe Influence and Evolution of Mogul Press in Contemporary Public Relations.docx
The Influence and Evolution of Mogul Press in Contemporary Public Relations.docx
 
Databricks Machine Learning Associate Exam Dumps 2024.pdf
Databricks Machine Learning Associate Exam Dumps 2024.pdfDatabricks Machine Learning Associate Exam Dumps 2024.pdf
Databricks Machine Learning Associate Exam Dumps 2024.pdf
 
ACM CHT Best Inspection Practices Kinben Innovation MIC Slideshare.pdf
ACM CHT Best Inspection Practices Kinben Innovation MIC Slideshare.pdfACM CHT Best Inspection Practices Kinben Innovation MIC Slideshare.pdf
ACM CHT Best Inspection Practices Kinben Innovation MIC Slideshare.pdf
 
ServiceNow CIS-Discovery Exam Dumps 2024
ServiceNow CIS-Discovery Exam Dumps 2024ServiceNow CIS-Discovery Exam Dumps 2024
ServiceNow CIS-Discovery Exam Dumps 2024
 
Breathing in New Life_ Part 3 05 22 2024.pptx
Breathing in New Life_ Part 3 05 22 2024.pptxBreathing in New Life_ Part 3 05 22 2024.pptx
Breathing in New Life_ Part 3 05 22 2024.pptx
 

Summarizing the five phases of penetration testing

  • 1. Summarizing The Five Phases of Penetration Testing
  • 2. Phase 1 | Reconnaissance Reconnaissance is the act of gathering preliminary data or intelligence on your target. The data is gathered in order to better plan for your attack. Reconnaissance can be performed actively (meaning that you are directly touching the target) or passively (meaning that your recon is being performed through an intermediary).
  • 3. Phase 2 | Scanning The phase of scanning requires the application of technical tools to gather further intelligence on your target, but in this case, the intel being sought is more commonly about the systems that they have in place. A good example would be the use of a vulnerability scanner on a target network.
  • 4. Phase 3 | Gaining Access Phase 3 gaining access requires taking control of one or more network devices in order to either extract data from the target, or to use that device to then launch attacks on other targets.
  • 5. Phase 4 | Maintaining Access Maintaining access requires taking the steps involved in being able to be persistently within the target environment in order to gather as much data as possible. The attacker must remain stealthy in this phase, so as to not get caught while using the host environment.
  • 6. Phase 5 | Covering Tracks The final phase of covering tracks simply means that the attacker must take the steps necessary to remove all semblance of detection. Any changes that were made, authorizations that were escalated etc. all must return to a state of non-recognition by the host network’s administrators.