I just wanted to give you an overview how one can be a Penetration Tester with a little guide on how to do Penetration Testing. I’m not gonna talk about career opportunities here since I do believe that a security enthusiast will always be passionate about information security, having a sense of how networks works and systems works. So, this article will shed some light for Quality Assurance, Test Automation engineers, enthusiasts who have a dream to start their journey to becoming a Penetration Tester.
Penetration Testing is a practice of testing a system, network, or Web application to find out the vulnerabilities where an attacker could exploit or sift through a loop hole in the system. Most of the organizations hire penetration testers to be a part their internal security teams, where they can test products or systems for exploitable security flaws and assure security.
How to Do Penetration Testing
Often people ask me how to start with. I know, this is the hardest of all as it is quite tricky to find the source to kick off from the basics. Although there exists tons of books and other sources which will teach you how to perform penetration testing and web application testing I will start with a few cornerstones and essential skills required if you want to know how to do penetration testing. I know it would be bit uncertain when you start reading but to set realistic expectations of what one would expect from a security analyst to my solitary view. Don’t be discouraged if you don’t have all the essential skills which I’ve listed here but rather pop the hood by learning them.
Networking Knowledge
One should gain knowledge on Networking Concepts. When I say networking concepts, it’s not just learning the protocols or OSI model. One should learn or get familiar with routers and switches, how the system, load balancers, firewalls, caching servers works. Since we may use many tools or an operating system to test the network security & audits. For example Wireshark, Network Security Toolkit .There are quite many books, vlogs, blogs out there for you to start with. I will share essential topics to learn in the next post soon.
Learn Programming
I would say, programming is something that you should not neglect. I can assume novice face but to overcome stumbling blocks you need to learn programming. Maybe you can start with C, C++, HTML, Javascript, Python, Java, C#. Choose any one initially. Don’t be jack of all trades. I would suggest, if you are a wannabe of web application penetration tester then you must know HTML, Javascript, C/Java/C# language. Having said that, you can learn from Youtube or some other sources.
Linux Fundamentals
If you really would like to love whatever you do, then you must learn Linux Fundamentals. It’s not only fun but also very important in this field. We often use Linux operating systems. Moreover operating systems like Kali linux, Backtrack, Parrot Security OS are linux based. It’s not so hard to learn linux commands. In fact I have learnt from Tecmint and other few sites. And also I would suggest to practise on linux OS rather than Windows. You can find many e-books with simple a google search.
Good knowledge on Databases & APIs
For a web application penetration tester this is one of the essential skills required. So better learn MySql or SQL server. To test for SQL injections or enumerate databases you need to be adept in Structured Query Language. You need to know HTTP basic concepts like Request, Response, GET, POST etc…To know more about SQL injections click here.
Security Concepts, Methodologies & Technologies
Just by learning the above mentioned skill and diving into the system to break things might not help. Of course, if you’re doing so then you shouldn’t be called as White Hat Hacker neither security analyst. As a Penetration tester you should know the process to be followed to conduct testing. You need to adopt methodology like Open Web Application Security Project (OWASP), Information Systems Security Assessment Framework (ISSAF). As a web application penetration tester, you need to know OWASP Top 10 vulnerabilities, SANS top 25 cwe. We will talk about that in other post of web application penetration testing. Having said that, one should always eager to know latest technologies, remedies, vulnerabilities etc.. I would say, just keep on updating yourself.
Build your own Pentesting Testing Lab
Just watching tons of videos or reading blogs doesn’t help you. Pull your socks to practice, you need to setup an environment on a virtual box, VMware which would be safe to test the dummy vulnerable applications. It would be fun when you start off with Kali linux or Parrot Security OS since it has many applications in-built. But keep in mind, you need to secure your own network first of all, don’t bat an eye. Install VMware, install operating systems like kali linux or parrot sec os with iso files. Just Learn By Doing.
Get familiar with Penetration testing tools
I won’t say, just using tools we can perform penetration testing. Many tools may give you false-positives. So I would say, do not rely on specific tool to learn how to do penetration testing. For web application penetration testing you may find lot of tools in the market. Tools like NMAP, Nessus, Openvas, Burpsuite, OWASP-ZAP, SQLMap, Nikto, Xsser, Metasploit many more helps you in vulnerability assessment in no time. But before employing the tools, you must know the above mentioned concepts.
I don’t want you to get crammed. Not only the above mentioned skills, to excel and to be a security expert you need to learn lot more concepts like Cloud Computing, Threat Modeling, Wireless network security, Mobile Penetration Testing, Cryptography, Malware Analysis, Reverse Engineering, Network Monitoring, Forensics. Learning languages like BASH, Ruby, Perl, Assembly makes you an expert.
Change your Mindset
*Always accept the challenge
*Should have patience, don’t give up easily
*Do not get disappointed when you’ve lesser skills
*Think more robust solutions, think out of box, thinks for possible ways
*By learning how a hacker thinks and acts, you will protect yourself from attacks
*Always keep learning something new, try to code, try to build own exploits
*Get notified about trending vulnerabilities, virus, trojans, malwares etc..
*Promote security awareness in the company
*Do not practise on the applications which you have no rights
*Do not threaten people, you’re not a hacker
*Remember again that Penetration testing is not ‘hacking’
*Don’t just do it for the sake of doing it or for certifications
*Analyse security breaches to determine their root cause
I hope this guide on how to do penetration testing helps you and gets you off on the right start to explore the area more.