Vulnerability assessment or say vulnerability testing, tests the software for checking the security risk in a network. Vulnerability is a type of weakness or fault in a network. If hackers find it, they can easily exploit the network for getting unauthorized access to the resources.
VAPT concept consist of two things i.e. vulnerability assessment and another one is penetration testing.
What is Vulnerability Assessment?
Vulnerability assessment is the regular checking of a network. It finds a loophole/Vulnerabilities in a network and tells the administration according to their ranking of risks. So that they can patch it and save themselves from a big attack. It is important for each and every organization if they want to safeguard themselves from hackers.
In this process network, we scan the application and operating system in order to find out the vulnerabilities which occur due to inappropriate software design, fault in authentication, insecure login code, etc…. which can lead to the hacks.
Also, Read | What are VLANs, What they actually do?
VAPT (Vulnerability Assessment and Penetration testing) process
1 Goal and Objective: It defines the steps of doing the assessment which includes goals and objectives.
2 Scope: While doing the analysis scope should be clear than only assessment will be done nicely.
• Black Box testing: This is an outside network testing without having any prior knowledge of the inner network.
• White Box testing: The testing is an inside network testing having prior knowledge of the network. Basically, employees of the company do it.
• Grey Box testing: It is the combination of black and white box testing. Testing can be done from outside or inside the network but the hacker has knowledge of the inner network.
3. Information gathering: In information gathering, hacker collects all the information about the target before hacking it. For eg, we are hacking a company breaking olds so we collect its IP address, Operating system version, Network, etc….
4. Vulnerability detection: This is a process which scans the network with the help of different tools. They scan the network and find vulnerabilities.
5. Information Analysis and Planning: In this section analysis takes place of the identified vulnerabilities and then team patches it for the safety of the IT environment.
Penetration Testing methods
Internal testing is performed by the inner network. Employee’s credentials are responsible for this testing.
Most probably employees do these kinds of things because they got blackmailed by the blackmailers. Blackmailers tell the employee to attach some pen drive or put malicious code in the network given by them so that they can access the company data from outside the network. Internal testing is done when hacker is unable to get access to data from external testing.
External testing is done from outside the network. It is done through the things which are accessible to the general public like websites, Domain name server, Email, Mobile application, and many more things.
The goal of this testing is also the same as internal testing to gain access to the data of the company.
In this testing both hacker and security team work together and keep each other appraised with their actions. This is a very important exercise which helps the security team with real-time hacks.
Vulnerability Assessment and Penetration testing process Tools
There are a lot of tools in the market for vulnerability assessment and penetration testing But I will tell you the best tools which a Tester should use for most accurate and fast results.
- BurpSuite (the best tool I had ever used for PT)
There are two most important terms for a Pentester while testing which is: False positive and false negative
False-positive is when a vulnerability actually does not exist but pen tester reports that by mistake. A false negative is when vulnerability actually exists but pen tester fails to examine that vulnerability.
False-positive can be dangerous for pen tester career whether false negative is dangerous for company career as well as pen tester career because pen tester will give report to the company which shows that there is no vulnerability in company network but when attack happen in future then it will ruin company data and company will throughout pen tester from the company.
Generally, automated tools give false positive as well as false-negative results. So let’s talk about automated and manual tools.
Also, Read | How To Hack Wifi Just In 5 Minutes
Automated V/s Manual tools
Automated tools are made by some company and public use it for testing, but the manual testing is the testing used by normal public by their own methods. So as we all know manual testing is the best approach because it doesn’t have any limitation user can use it in any way. Hence manual testing is the most used approach.
Automated tools are pre-made so they have limited characteristics like almost every automated tools check for Signatures and behaviors and by knowing this hacker can write a code which can not be tested by these automated tools and bypass these tools easily.
Steps For VAPT
- mention Vulnerability
- Perform attack manually
- analyze the result of the attack
- Perform attacks on the basis of prior results (to test it properly)
- Gather results to create a customized attack
- performs attacks further on the same vulnerability
- Repeat steps for each vulnerability