Now a day we are very concern about the security of our systems.
So, we need to perform Penetration Testing for our systems. Penetration testing is also
known as Pen Test. Penetration testing is the process to identify security
vulnerabilities in an application by evaluating the system or network with
various malicious techniques. Purpose of this test is to secure important data
from outsiders like hackers who can have unauthorized access to system. Once
vulnerability is identified it is used to exploit system in order to gain
access to sensitive information.
Penetration is
not the functional testing. In
Pentest our goal is to find security holes in the system. Below are some
generic test cases and not necessarily applicable for all applications.
- Check if web application is able to identify spam attacks on contact forms used in the website.
- Proxy server – Check if network traffic is monitored by proxy appliances. Proxy server makes it difficult for hackers to get internal details of the network thus protecting the system from external attacks.
- Spam email filters – Verify if incoming and outgoing email traffic is filtered and unsolicited emails are blocked. Many email clients come with in-build spam filters which needs to be configured as per your needs. These configuration rules can be applied on email headers, subject or body.
- Firewall – Make sure entire network or computers are protected with Firewall. Firewall can be a software or hardware to block unauthorized access to system. Firewall can prevent sending data outside the network without your permission.
- Try to exploit all servers, desktop systems, printers and network devices.
- Verify that all usernames and passwords are encrypted and transferred over secured connection like https.
- Verify information stored in website cookies. It should not be in readable format.
- Verify previously found vulnerabilities to check if the fix is working.
- Verify if there is no open port in network.
- Verify all telephone devices.
- Verify WIFI network security.
- Verify all HTTP methods. PUT and Delete methods should not be enabled on web server.
- Password should be at least 8 characters long containing at least one number and one special character.
- Username should not be like “admin” or “administrator”.
- Application login page should be locked upon few unsuccessful login attempts.
- Error messages should be generic and should not mention specific error details like “Invalid username” or “Invalid password”.
- Verify if special characters, html tags and scripts are handled properly as an input value.
- Internal system details should not be revealed in any of the error or alert messages.
- Custom error messages should be displayed to end user in case of web page crash.
- Verify use of registry entries. Sensitive information should not be kept in registry.
- All files must be scanned before uploading to server.
- Sensitive data should not be passed in urls while communicating with different internal modules of the web application.
- There should not be any hard coded username or password in the system.
- Verify all input fields with long input string with and without spaces.
- Verify if reset password functionality is secure.
- Verify application for SQL Injection.
- Verify application for Cross Site Scripting.
- Important input validations should be done at server side instead of JavaScript checks at client side.
- Critical resources in the system should be available to authorized persons and services only.
- All access logs should be maintained with proper access permissions.
- Verify user session ends upon log off.
- Verify that directory browsing is disabled on server.
- Verify that all applications and database versions are up to date.
- Verify url manipulation to check if web application is not showing any unwanted information.
- Verify memory leak and buffer overflow.
- Verify if incoming network traffic is scanned to find Trojan attacks.
- Verify if system is safe from Brute Force Attacks – a trial and error method to find sensitive information like passwords.
- Verify if system or network is secured from DoS (denial-of-service) attacks. Hacker can target network or single computer with continuous requests due to which resources on target system gets overloaded resulting in denial of service for legit requests.
These
are just the basic test scenarios to get started with Pentest. There are
hundreds of advanced penetration methods which can be done either manually or
with the help of automation tools.
Finally as a penetration tester
you should collect and log all vulnerabilities in the system. Don’t ignore any
scenario considering that it won’t be executed by end users.