Questions tagged [penetration-test]

An attempt to penetrate a system's security in an effort to evaluate the protections in place.

Penetration testing simulates an attack by a malicious party. It involves a scan and assessment of vulnerabilities, followed by exploitation of found vulnerabilities to gain further access. Using this approach will result in an understanding of the ability of an attacker to gain access to confidential information, affect data integrity or availability of a service and the respective impact. Each test should be approached using a consistent and complete methodology in a way that allows the tester to use their problem-solving abilities, the output from a range of tools and their own knowledge of networking and systems to find vulnerabilities that would/ could not be identified by automated tools. This approach looks at the depth of attack as compared to the Security Assessment approach that looks at the broader coverage.

Useful Resources:

Wikipedia

1261 questions

306

votes

7 answers

Is it normal for auditors to require all company passwords?

My company is currently engaged in a security audit framed as a pentest. They've requested all admin passwords for every one of our services and all source code of our software. They want logins for Google Apps, credit card processors, GitHub,…

penetration-test audit

asked Oct 25 '17 at 17:20

Zachary Iles

2,181
2
10
9

241

votes

12 answers

Is single quote filtering nonsense?

Penetration testers found out that we allow single quotes in submitted data fields, and want us to apply rules (input validation) to not allow them in any value. While I'm aware that single quotes are popular for SQL injection attacks, I strongly…

penetration-test sql-injection validation

asked Feb 04 '19 at 13:28

Peter Walser

1,781
2
11
9

179

votes

9 answers

Can webcams be turned on without the indicator light?

I've made a series of penetration tests in my network and one of the things I've tried was to record webcam and microphone. Recording an end-user's microphone seems to be a stealth thing, but what about the webcam? In my tests, the indicator is…

attacks penetration-test exploit

asked Sep 01 '11 at 16:33

user4610

132

votes

2 answers

What to do if caught in a physical pentest?

I've seen a lot of people talk about how to pentest and how NOT to get caught during engagements but have a hard time finding "How to behave when caught during a Red Team engagement". Red Teams are to simulate adversaries attacking systems. Many…

penetration-test physical

asked Nov 11 '19 at 11:45

ChocolateOverflow

3,452
4
17
34

121

votes

8 answers

Is it acceptable that a skilled professional pentester deletes or modifies sensitive data in production unintentionally during a pentest?

Today I experienced a situation where a person responsible for the security of a company required a pentesting company to withdraw a clause in the contract that says that: "during the pentest there exist the possibility to delete or modify…

penetration-test legal

asked Jul 17 '13 at 19:08

kinunt

2,759
2
23
30

votes

7 answers

How does hacking work?

I am specifically talking about web servers, running Unix. I have always been curious of how hackers get the entry point. I mean I don't see how a hacker can hack into the webpage when the only entry method they have into the server is a URL. I must…

penetration-test php unix

asked Jan 31 '12 at 18:31

user7360

votes

7 answers

Script Kiddies - how do they find my server IP?

I've set up a site on Digital Ocean without a domain yet, so there is only the IP. Despite telling no-one of its existence or advertising it, I get hundreds of notices from fail2ban that various IP's are trying to hack my SSL port or are looking for…

attacks penetration-test webserver brute-force

asked Feb 12 '16 at 12:53

microwth

2,101
2
14
19

votes

6 answers

Do actual penetration testers actually use tools like metasploit?

I've played around with metasploit simply as a hobby but am wondering if actual pentesters and/or hackers actually use metasploit to get into systems or do they write their own post exploitation modules or their own programs entirely? Reason I ask…

penetration-test metasploit

asked Jun 09 '14 at 07:09

shawn

votes

16 answers

What tools are available to assess the security of a web application?

What tools are available to assess the security of a web application? Please provide a small description of what the tool does. Update: More specifically, I'm looking for tools that assume no access to the source code (black box).

appsec web-application penetration-test tools web-scanners

asked Nov 11 '10 at 22:12

Olivier Lalonde

5,039
8
31
35

votes

6 answers

At what point does "hacking" become illegal? (US)

Hypothetical situation: before I hire a web development company I want to test their ability to design secure web apps by viewing their previous client's websites. Issue: this situation raises a big red flag: with regards to viewing a website, what…

penetration-test legal

asked Aug 17 '11 at 17:27

Moses

2,137
2
20
23

votes

4 answers

I think I accidentally DoS'd a website. What should I do?

I was browsing a website, and stumbled across a sample scheme for password-protecting web pages. The owner of the website specifically had a page that invited people to attempt to hack it. I wanted to give it a try, so I wrote up a quick python…

penetration-test webserver denial-of-service ethics

asked Apr 02 '12 at 00:31

Michael0x2a

votes

7 answers

Testing for HTTP TRACE method

How can I test for HTTP TRACE on my web-server? I need to train a Tester how to verify that the HTTP TRACE method is disabled. Ideally I need a script to paste into Firebug to initiate a https connection to return the web server response to a HTTP…

web-application appsec penetration-test http apache

asked Feb 27 '13 at 21:34

Andrew Russell

3,633
1
20
29

votes

13 answers

What makes it illegal to use the information learned by exploiting a bug?

According to news reports, arrests have already been made in relation to the Heartbleed bug. It sounds like this person managed to gain access to the website's database by capturing the credentials the app used to access the database. This person…

penetration-test legal

asked Apr 17 '14 at 08:52

Stephen Solis-Reyes

votes

9 answers

How should I tell school that they are vulnerable when I wasn't given permission to check?

I would like to report security weaknesses to my school in UK. I had managed to find security weaknesses without any exploits or other software or hardware. I had look at similar question however problem is that it is very likely to find out that it…

penetration-test legal disclosure grey-hat

asked Apr 11 '16 at 17:56

vakus

3,743
3
20
32

votes

5 answers

New XSS cheatsheet?

There is a great list of XSS vectors avaliable here: http://ha.ckers.org/xss.html, but It hasn't changed much lately (eg. latest FF version mentioned is 2.0). Is there any other list as good as this, but up to date?

penetration-test attacks xss appsec

asked Nov 12 '10 at 08:14

naugtur

1,095
2
12
15

2 3

…

83 84 Next