Master the art of ethical hacking with penetration testing

Maybe you are now done with risk assessment and apply remedy to all of the vulnerabilities identified. However, you should not stop there since you still need to validate all of the assessment using penetration testing to your network and systems. 


What is Penetration testing?

Network and system Penetration testing is process done to identify security vulnerabilities inside the system and application by using malicious technique intentionally to evaluate the response and security.

By doing this pen test you will be able to identify vulnerabilities inside your system and network. The process itself is done by simulating cyber attacks since it can help in identifying vulnerabilities that would be harder to find inside the network using other method.

PenTest Process Steps by Steps

Penetration testing is usually done after you have completed the vulnerability assessment process and apply all of the needed remedies. The reason is because the company want to further test on the security of the system and network. Here are the steps by steps that you need to do if you want to do a successful pen test to your system and network.

Gather information and discussion with client step

Before you can do the pen test the first thing that you need to do is to have discussion with your client. This is important since you need to know the goal of the penetration test and what your client want from you as the pen tester.

Through this discussion you will be able to determine which testing method that you can apply in the project. There are a few main test methods that you can use such as:

  • Black box test method
    In this method, the test itself is performed as realistic as possible to be as close as possible to a real hacker. Thus, you will only be given as minimal or sometimes no internal knowledge at all about the network or system that you will be testing
    However, this test method is actually the quickest to do since you can use tools to identify and then exploit the vulnerabilities that you found in the network. But you need to remember that if you cannot breach the perimeter of the network using this test method, then if there are internal vulnerabilities then they would remain unidentified.
  • Gray box text method
    In this method the test is performed from the point of view of the system or network users. So, you will be given access into the network or system and sometimes even given elevated privileges. 
    This test method goal is to focus more on the security assessment of the network so you will also be given some information about internal and external vulnerabilities of the system and network. 
  • White box test method
    In this method the test is performed from the point of view of the system or network IS users or the IT of the system or network. So, you will be given access into the network or system architecture documentation and even source code.
    This test method usually takes the most time and the most challenging since you will be dealing with huge amount of data which need to be review so you can identify the vulnerabilities. 
    As you can see, there are various pen test method that you can use so you need to determine which method that is more suitable for the project. You need to let your client know about the specific benefits of all of those methods so you can determine the type based on the goal of the client.

Once you know which penetration testing method that you will use then you should also discuss the time and date for the test. Decide whether the test should be done during the company’s business hour or at night after the business is close or even during the weekend. You should discuss it further with your client and decide it based on their business schedule.

Do not forget that you need to decide if the test will be done on testing or staging environment or on production environment. You should also ask if your client want you to exploit the vulnerabilities that you found or they just want you to identify it and then report it. 

Do not forget that you also need to get all of the documentation about the information needed for the pen test from your client.

Reconnaissance step

During this step you need to employ network scanners and port scanners to the system and network that you want to test. That way, you will get the complete network view as well as the connected device and other vulnerabilities that exist in the system.

The goal of this step is to see the location of the vulnerabilities so you cab use those vulnerabilities and exploit it in later step. 

Depends on your client but you may also use social engineering pen test method during this step to manipulate someone to give you confidential information that you can use to get access into the network easier. 

Discovery step

In this step you will be finding information that you seek using the method in the previous step. Then you can use information that you find to find various paths that you can use to breach into the network. 

This discover is the key point that can be the start of the exploit test that you can do in the next step. So, it is important to analyze every information that you found and determine which paths that you will use later on. Remember to discover multiple paths as usually you need to exploit multiple of them before you can finally gain access. 

Performing the pen test step

Once all information is gathered and paths are discovered then it is time for you to perform the pen test into the network using the vulnerabilities identified before. You can use various tools that can help to run script to exploit the network or even create your own script that you code from scratch. 

Usually pen tester start by exploiting the easiest vulnerabilities or the most critical vulnerabilities that they found in the network. But most of the time, you will need to test multiple vulnerabilities until you can get access into the network successfully. 

Still, the information itself is important to note when you can present the result later on so your client can know which points on the network that are weak and strong. 

Post-exploitation step

This step is done to help determining value of the network as well as maintaining control of the access so it can be used later on. During this penetration testing step, you will be using new information and vulnerabilities that you gain through the previous step and determine the advantage that you can get from them and how it can be used to penetrate deeper into the network. 

Furthermore, through this process you also want to make sure that you will be able to continuously access into the system even when your initial entry point has been disabled. Once that is done, then you can find more information inside the system such as passwords, certificates and keys as well as many other ways that you can use to elevate your network privilege. 

Since this step is actually penetrate very deep into the network you need to make sure that your client actually allows you to do this step during your discussion. Especially since you can get sensitive information through this step which can leave the network fragile and become too risky for the business owner. So, make sure you have permissions to do this step from the client before you do it. 

Sending Report and recommendation for remediation steps

Remember that you need to send report that fully specified everything that you do during the penetration test to your client. Everything need to be written in detail including the process, the identified vulnerabilities and the evidence that you have collected during the test.

You should also create risk analyst for each of the vulnerabilities that you found and break them down in detail. That way, your client can understand the risk that comes from the vulnerabilities that you found which will be helpful for them to make appropriate decision later on. 

Then you need to give recommendation for how the remediation can be done to mitigate the vulnerabilities that you found during penetration testing. There are various remediations that can be done such as updating and patching the system and network as well as creating security policies to address internal vulnerabilities. 

Successful PenTest

One thing that you need to note as pentester is that a successful test does not mean that you should successfully breach the system and network. Even if you are not able to breach into the system and network it is still considered as successful test. 

The reason is because the test itself can help to validate that the security measures that are used in the system and network. That way the client can make sure that their security measures is sufficient enough in preventing, detecting and deterring cyberattack. 


It is important to secure the network and system by identifying vulnerabilities inside the network. That is why, you need to do penetration testing that can help to find and exploit vulnerabilities to test the security.

Tags: penetration testing, penetration testing method, penetration testing technique, penetration testing steps, successful penetration testing,