Wednesday, August 3, 2011

Beauty Of The Baud: Manual vs Automated Penetration Testing


Penetration testing is the process in which a penetration tester generally a ethical hacker try to evaluate the security of a network or web server, pen tester use the techniques that usually used by the black hat hackers or crackers to break into the system, the main aim is to find the vulnerabilities and the ways that can be used by the black hat hackers to exploit the system and the network. 


In the process of penetration testing you can adopt both manual and automatic techniques to find the vulnerabilities but which technique is the best, effective, time consuming and reliable? these terms are based on some factor below is the quick discussion on both technique.
 
Manual Penetration Testing

As the name suggest that manual test is slow and time consuming process, manual penetration testing is usually a complex process that can only be done by the highly skilled and experienced information security analyst and engineers. In manual penetration testing you have to write your own exploits according to the situation and vulnerabilities, it takes time and a large team of penetration tester are required that usually unaffordable for the organizations.

In manual test a penetration tester must have to remember the changes that have been done on the process, report must be on hand written. It is very difficult to train a new pen tester because there is no any standardization. Risk factor is involve in the case.  

Automated Penetration Testing



Automatic tools are more efficient and provides reliable penetration testing, it is a fast and easy process that eliminate the chances of errors. The automatic tools are usually developed by the skilled information security analyst that can be used by a junior and even by the student, little training requires to learn all the tools and techniques.

In automatic process a penetration tester may use the public-ally  available exploits, these tools can be get from many sources like open source and commercial tools. Reports and the training are not the big deal in this case, the chances are that hacker are going to use automatic tools for their attacks.

Automatic tools like Metasploit, Nessus and OpenVAS has changed the way of penetration testing, backtrack is the Linux distribution and it contain the necessary tools that can help in the process of penetration testing, the latest version of backtrack is backtrack 5 and we have discussed different tutorial click here to learn.


There are the numerous discussion has been made before like:

Penetration Testing: Tips For Successful Test

How To Write A Penetration Testing Report

Penetration Testing vs Vulnerability Assessment


Note: If you want to learn more about Linux(Backtrack 5) and Windows based Penetration testing, you might want to subscribe our RSS feed and Email Subscription  or become our Facebook fan! You will get all the latest updates at both the places.
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)