AN OVERVIEW OF PENETRATION TESTING
1Aileen G. Bacudio, 1Xiaohong Yuan, 2Bei-Tseng Bill Chu, 1Monique Jones
1Dept. of Computer Science, North Carolina A&T State University, Greensboro, North Carolina, USA
2Dept. of Software and Information Systems, University of North Carolina at Charlotte,Charlotte, North Carolina, USA
ABSTRACT
Penetration testing is a series of activities undertaken to identify and exploit security vulnerabilities. It helps confirm the effectiveness or ineffectiveness of the security measures that have been implemented. This paper provides an overview of penetration testing. It discusses the benefits, the strategies and the methodology of conducting penetration testing. The methodology of penetration testing includes three phases: test preparation, test and test analysis. The test phase involves the following steps: information gathering, vulnerability analysis, and vulnerability exploit. This paper further illustrates how to apply this methodology to conduct penetration testing on two example web applications.
KEYWORDS
Security Testing, Vulnerability Assessment, Penetration Testing, Web Application Penetration Testing
Original Source Link : http://airccse.org/journal/nsa/1111nsa02.pdf
No comments:
Post a Comment