If you are working with web projects, you have to ensure the security of your sites. If you publish your site without Pentest, you risk a lot. These risks can make your site vulnerable and cause your information to be stolen by malicious people.
What do you need to do in this situation?
By putting your site into pentest vehicles and by doing pentests, you can test your site and see how confident your projects will travel on the internet.
Pentest concept; Penetration (Test) is a concept formed by the combination of the test (test) bias. All the contents of a system yada are attacked by aggressive people (yada robots), both software; Both hardware and tested by testing; Are those that are made during software or hardware delivery in the safest manner that the end user will use.
Kali Linux provides us with all the facilities we can use during the pentest phase.
These tests include;
- External testing
- Internal testing
- Blind testing
- Double blind testing
They are usually attacked from outside to control internal services and to cause damage. In these attacks, information is usually collected together with the targets to be attacked. Using this information later; Infiltration attacks are done. If one of these attacks is successful, the infiltration will be done externally.
These attacks are usually internal. Internal services are the whole of information used to infiltrate external sources. First, the information obtained in the internal network is used to infiltrate internal systems, and depending on what is needed afterwards, the attacker may use internal resources for external resources.
It is a test using some strategies and simulators. Using these simulators, the pentest process is performed on the target systems and the results are reported and the information is collected. Virtualization of the re-tests related to the vulnerabilities that occur afterwards ensures that system security vulnerabilities are minimized.
Double blind testing
In addition to blind tests, it is a monitor-based monitoring of strategies and simulators and is a method used to avoid security problems that may arise in the future.
In the next article, we will examine the pentest tools and do a sample blind test. See you next article.