Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Mastering Kali Linux for Advanced Penetration Testing

You're reading from   Mastering Kali Linux for Advanced Penetration Testing Secure your network with Kali Linux 2019.1 – the ultimate white hat hackers' toolkit

Arrow left icon
Product type Paperback
Published in Jan 2019
Publisher Packt
ISBN-13 9781789340563
Length 548 pages
Edition 3rd Edition
Arrow right icon
Authors (2):
Arrow left icon
Robert Beggs Robert Beggs
Author Profile Icon Robert Beggs
Robert Beggs
Vijay Kumar Velu Vijay Kumar Velu
Author Profile Icon Vijay Kumar Velu
Vijay Kumar Velu
Arrow right icon
View More author details
Toc

Table of Contents (16) Chapters Close

Preface 1. Goal-Based Penetration Testing FREE CHAPTER 2. Open Source Intelligence and Passive Reconnaissance 3. Active Reconnaissance of External and Internal Networks 4. Vulnerability Assessment 5. Advanced Social Engineering and Physical Security 6. Wireless Attacks 7. Exploiting Web-Based Applications 8. Client-Side Exploitation 9. Bypassing Security Controls 10. Exploitation 11. Action on the Objective and Lateral Movement 12. Privilege Escalation 13. Command and Control 14. Embedded Devices and RFID Hacking 15. Other Books You May Enjoy

Misconceptions of vulnerability scanning, penetration testing, and red team exercises

In this section, we will discuss some misconceptions and limitations on traditional/classical vulnerability scanning, penetration testing, and red teaming exercises. Let's now understand the actual meaning of all of these three in simple terms and their limitations:

  • Vulnerability scanning (Vscan): It is a process of identifying vulnerabilities or security loopholes in a system or network. One of the misconceptions about Vscan is that it will let you know all of the known vulnerabilities; well, it's not true. Limitations with Vscan are only potential vulnerabilities and it purely depends on the type of scanner that one utilizes; it might also include lots of false positives and, to the business owner, there is no clear vision on whether they are relevant risks or not and which one will be utilized by the attackers first to gain access.
  • Penetration testing (Pentest): It is a process of safely exploiting vulnerabilities without much impact to the existing network or business. There is a lower number of false positives since the testers will try and simulate the exploit. Limitations with the pentest are only currently known, publicly available exploits and mostly these are project-focused testing. We often hear from pentesters during an assessment, "Yay! Got Root"—but we never question: What's next? This could be due to various reasons, such as the project limits you to report the high-risk issues immediately to the client or the client is interested in only one segment of the network and wants you to test that.
One of the misconceptions about the pentest is that it provides the full attacker view of the network and you are safe once you've done a penetration testing. Well, it isn't the case if attackers found a vulnerability in the business process of your secure app.
  • Red Team Exercise (RTE): It is a process of evaluating the effectiveness of an organization to defend against cyber threats and improve its security by any possible means; during an RTE, we can notice multiple ways of achieving project objectives and goals, such as complete coverage of activities with the defined project goal, including phishing, wireless, disk drops (USB, CD, and SSD), and physical penetration testing. The limitations with RTEs are time-bound, pre-defined scenarios and an assumed rather than real environment. Often, the RTE is run with a fully monitored mode for every technique and tactics are executed according to the procedure, but this isn't the case when a real attacker wants to achieve an objective.

Often, all three different testing methodologies refer to the term hack or compromise. We will hack your network and show you where your weaknesses are; but wait, does the client or business owner understand the term hack or compromise? How do we measure it? What are the criteria? And when do we know that the hack or compromise is complete? All the questions point to only one thing: what's the primary goal?

You have been reading a chapter from
Mastering Kali Linux for Advanced Penetration Testing - Third Edition
Published in: Jan 2019
Publisher: Packt
ISBN-13: 9781789340563
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime
Banner background image