Pentesting
Contents
Pentesting is short for Penetration Testing.
It is an authorised attack onto a system (both computer and physical systems) to discover security risks and vulnerabilities.
Stages
- Recon
- Planning
- Exploitation
- Post-exploitation (establishing persistance to the system)
Tools
There are penetration testing tools and frameworks to help perform penetration attacks
- Metasploit - Pentest framework for like literally everything
- Burp - Website pentest framework
- Wireshark - Network packet analyser
- Nmap - IP and port scanner
- Kali / Parrot / etcetera… - Operating System with pentest tools pre-installed
- Gobuster - URI directory list crawler