Anatomy of a Penetration test

The Penetration test…

According to Wikipedia [1], A penetration test (pentest) is a software attack on a computer system that looks for security weaknesses, potentially gaining access to the computers features and data.


A penetration test classifies targets on a white to black scale; White meaning the tester or attacker has detailed information about the target system, and black meaning the tester or attacker has no target system information at all. The goals of a penetration test would ultimately be to determine whether a system is vulnerable to attack, are system defenses appropriately applied, and accurately report findings back to the system owner for analysis and remediation. The methodologies used in penetration tests are vast and every penetration tester likely has their own signature on the process when they apply it however speaking in basics the following methodology is likely true.

  1. Find an exploitable vulnerability.
  2. Design an attack around it.
  3. Test the attack.
  4. Deploy the attack.
  5. Harvest information & deploy root-kits.

In an article by [2] the author expresses the similarities that a penetration test has with commonly marketed assessments such as “Vulnerability Scans”, “Compliance Audits”, and “Security Assessments”. It is important to make the distinction that a penetration test goes much further in function than any of the latter mentioned assessments. Penetration tests not only assess possible vulnerabilities but also follow through with exploitation of those vulnerabilities in order to provide a real world risk factor as well as mitigations for those risks.

Penetration testers in the Flesh

Penetration tests are executed by well trained and certified professionals. These professionals essentially use malicious methodologies and tools to assess and exploit a customers systems or networks defined in their scope of penetration [3] in order to report detailed findings and risk mitigation recommendations to their clients.

Who are these people and why do they do it? Largely speaking it is my thinking that a Penetration Test becomes a Penetration Tester for several reasons. But one of the biggest reasons would likely be that technology is moving more rapid than ever before in today’s world! And with that rapidly moving and shifting landscape corporations and companies sometimes place consumers and end users at risk. Although I would like to think this is not done intentionally but rather done also as a side effect of the rapid growth of technology itself.


As mentioned previously the a penetration test has a multitude of value points. Not only is it an end to end in regards to vulnerability assessment, research, exploitation, reporting and mitigation but a business could also profit from completing regular penetration test as the output from such a test could assist governing parties of a given organization in critical business risk decisions in regards to new technologies as well as providing insight into the proper ways to utilize currently implemented technologies withing their business or organization.


Credits and Thanks

Wikipedia – an interesting article on Penetration Tests.

Forbes – an interesting article on Penetration Tests.