Perform a penetration testing aiming to demonstrate five phases of hacking. We evaluate the security posture of its infrastructure compared to current industry bestpractices that included an external penetration test. All testingperformed is based on the ISOEH Technical Guide to InformationSecurity Testing assessment and open source exploiting frameworksand tools.
An external penetration test emulates the role of an attacker attempting to gain access to aninternal network or system without internal resources or inside knowledge so we use somewell known opensource tools to that. They are following
- Kali Linux = pentesting distribution
- NMAP = network scanning and system information
- NESSUS = industrial standard network scanner
- METASPLOIT = exploiting the target system