Book Image

Kali Linux 2 - Assuring Security by Penetration Testing - Third Edition

By : Gerard Johansen, Lee Allen, Tedi Heriyanto, Shakeel Ali
Book Image

Kali Linux 2 - Assuring Security by Penetration Testing - Third Edition

By: Gerard Johansen, Lee Allen, Tedi Heriyanto, Shakeel Ali

Overview of this book

Kali Linux is a comprehensive penetration testing platform with advanced tools to identify, detect, and exploit the vulnerabilities uncovered in the target network environment. With Kali Linux, you can apply appropriate testing methodology with defined business objectives and a scheduled test plan, resulting in a successful penetration testing project engagement. Kali Linux – Assuring Security by Penetration Testing is a fully focused, structured book providing guidance on developing practical penetration testing skills by demonstrating cutting-edge hacker tools and techniques with a coherent, step-by-step approach. This book offers you all of the essential lab preparation and testing procedures that reflect real-world attack scenarios from a business perspective, in today's digital age.
Table of Contents (24 chapters)
Kali Linux 2 – Assuring Security by Penetration Testing Third Edition
Credits
Disclaimer
About the Authors
About the Reviewer
www.PacktPub.com
Preface
Index

Types of penetration testing


Although there are different types of penetration testing, the three most general approaches accepted in the information security industry are black box, white box and grey box penetration tests. Each of these has distinct advantages and penetration testers should have a clear idea of each.

Black box testing

A black box penetration test mimics as closely as possible a real world attack. In this type of testing, the penetration tester has no knowledge of the system architecture, software, hardware, or any internal workings that are under assessment. In this way, the black box penetration test is conducted in much the same way that a threat actor would attack the system. This means that the penetration tester will ensure that all possible vulnerabilities are identified, that targets are properly enumerated, and all potential attack vectors are used to compromise the system.

Black box testing is very time consuming and expensive. There is also the potential to cause...