week 17
K1.17 The process of penetration testing within digital infrastructure:
Penetration testing is carried out in 5 key phases, each with a specific purpose and outcome:
Planning and Reconnaissance
What it is:
This phase defines the scope and goals of the test and gathers information to understand the target system.
Key Activities:
-
Agreeing the scope (e.g. test only web servers or full network)
-
Defining goals (e.g. find data access flaws, test firewall resilience)
-
Reconnaissance: Collecting publicly available information (e.g. WHOIS records, social media, IP ranges)
Example: The tester finds out which software versions are being used on the company’s web server.
Scanning
What it is:
The tester uses tools to scan systems for weaknesses and understand how they respond to different inputs.
Types of Scanning:
-
Static Analysis – Reviewing code or system structure without running it
-
Dynamic Analysis – Testing live systems while they’re operating
Example: Running a port scanner (like Nmap) to see which ports are open and what services are running on them.
Gaining Access
What it is:
This is the active phase of trying to exploit identified vulnerabilities to gain access to the system.
Techniques:
-
SQL Injection – inserting malicious SQL code to gain database access
-
Backdoors – using a hidden method to access a system
-
Cross-Site Scripting (XSS) or password cracking
Example: Exploiting a weak admin login form to access sensitive data.
Maintaining Access
What it is:
Once access is gained, the tester checks if they can stay inside the system undetected or move deeper.
Purpose:
To understand how long an attacker could remain without being noticed, and how much damage they could cause.
Example: Using a known vulnerability to create a user account with admin rights for future access.
Analysis and WAF Configuration
What it is:
This is the final phase, where results are analysed and reported to the organisation. Findings are used to strengthen defences.
Key Actions:
-
Compile a detailed report of vulnerabilities and how they were exploited
-
Recommend fixes
-
Update or reconfigure WAF (Web Application Firewall) settings to block future attacks
Example: The report shows SQL injection was possible – the WAF is updated to block similar patterns in input forms.
Pen Testing Example Table
| Phase | Activity | Tool/Technique Example |
|---|---|---|
| Planning | Define test scope, gather info | WHOIS, Shodan |
| Scanning | Probe systems for weaknesses | Nmap, Nessus, Nikto |
| Gaining Access | Exploit vulnerabilities | SQL injection, Metasploit |
| Maintaining Access | Remain undetected, escalate privileges | Install reverse shell, create user |
| Analysis & WAF Config | Report findings, apply patches/config changes | OWASP ZAP report, update firewall |
Plan Your Own Penetration Test
Scenario:
Your organisation has asked you to conduct a penetration test on a company website.
Your Task:
1. Write a step-by-step plan that includes each phase of the pen test.
2. For each step, list:
- One tool or technique you'd use
- What result you would expect
- How that result could help improve security
Extension:
Research a real pen testing tool (e.g. Kali Linux, Burp Suite) and summarise how it supports one of the test phases.
Using any of the tools found on Pen Test tools website explore any website for its vulnerabilitieshttps://pentest-tools.com/
Last Updated
2025-07-14 11:00:27
English and Maths
English
Maths
Stretch and Challenge
Stretch and Challenge
- Fast to implement
- Accessible by default
- No dependencies
Homework
Homework
Equality and Diversity Calendar
How to's
How 2's Coverage
Links to Learning Outcomes |
Links to Assessment criteria |
|
|---|---|---|
Files that support this week
Week 16←
PrevWeek 17←
PrevWeek 18←
Prev→
Next