Penetration testing is a cyber security process that helps secure computer systems and networks and prevent cyber attacks from happening.
How? By pretending to be a hacker — a good hacker (or “white hat”) that is.
In this post, we explain what penetration testing is, why it’s important, common pen testing tools, and how to start learning the skill yourself. By the end of this article, you’ll have a solid understanding of this in-demand cybersecurity skill.
Disclosure: I’m a proud affiliate for some of the resources mentioned in this article. If you buy a product through my links on this page, I may get a small commission for referring you. Thanks.
Table of Contents
- What Is Penetration Testing?
- Why Is It Important?
- Pentesting v.s. Vulnerability Assessments
- Types of Pentesting
- Penetration Testing Tools
- Learning Resources
What Is Penetration Testing?
Also known as pen testing, pentests, or ethical hacking, penetration testing is a cybersecurity practice/exercise where a cyber attack is simulated against a computer system, application, mobile device, network, etc. to detect security vulnerabilities and weaknesses that a real hacker could exploit. Basically, the good guys mimic the bad guys.
Penetration testing is like checking to see if someone can break into your house, steal your bike/car, etc. by trying to do it yourself. Finding a security vulnerability in a system or software is like finding an unlocked window in the house; it allows the hacker (or burglar) to enter and steal information (or your TV).
Start coding now
Stop waiting and start learning! Get my 10 tips on teaching yourself how to code.
Why Is Pentesting Important?
Cyber attacks can be costly (the average cost of a cyber attack is $1.1 million), which makes penetration testing a very valuable skill to know.
Not only that, but cyber attacks dominate the media headlines, making cyber attacks costly on a business’s reputation too.
🔒 What are the benefits of pen testing?
Most companies need penetration testing to accomplish the following objectives:
- Detect and resolve hidden security vulnerabilities in their systems/networks/software
- Avoid future cyber attacks by updating security controls and understanding weaknesses
- Establish and maintain trust with customers/clients; build a strong reputation for safety and security
- Stay up and running with no downtime/loss of accessibility
- Stay legally compliant (e.g., when it comes to confidentiality, accessibility, etc.)
- Understand how their systems/networks stand up to different security attacks
- Prevent the theft of sensitive or valuable data/information
Any company that offers digital products or deals with sensitive information (their own or that of customers) can reap the benefits of penetration testing. These days, that’s just about every type of business!
💻 Should I learn to be a penetration tester?
Penetration testing is an ongoing process that needs to be performed often. That means it’s not a one-and done situation, but something companies need all the time. And as previously mentioned, there are a lot of businesses that need it. Penetration testing is actually required by the Payment Card Industry Data Security Standard for companies that store, process, or transmit cardholder data.
These factors make it an in-demand career with a high salary. The average penetration tester salary is $118,635/year in the US.
If you’ve ever been intrigued by the idea of ethical hacking and enjoy a good challenge, penetration tester could be a great tech career choice that pays well!
What Is the Difference Between Penetration Testing and Vulnerability Assessments?
Penetration testing shouldn’t be confused with vulnerability assessments/scans.
Vulnerability scans are typically an automated process, while pen testing is typically a manual process performed by penetration testers. A vulnerability assessment is more about scanning for previously discovered & known vulnerabilities in a system/network, while penetration tests uncover hidden threats that were not previously known.
Example: Vulnerability scans go up to a car just to check if it’s unlocked, while a penetration test goes up to a car, sees if it’s unlocked, and actually opens the door to see what else can happen (e.g., start the car and drive off, thereby stealing it).
Types of Penetration Testing
There are lots of types of penetration testing. Here are six common types of penetration testing: black-box, white-box, gray-box, double-blind, targeted, and social engineering. (Note: Some of these pentesting types go by different names depending on the organization)
Black-box testing is also called external penetration testing or blind testing.
In this type of penetration testing, the pen testers are given little to no information about a company’s infrastructure/systems/network before the test. They go in blind and see if they can breach the company’s defenses, thereby closely simulating a real-world cyber attack from an outsider. Can they get in and how far?
With a black-box pentest, the company’s IT staff will usually be made aware that the test attack is scheduled before it happens.
White-box pen testing is also called internal penetration testing.
Unlike with a black-box test, white-box pen testers already have full knowledge of a company’s infrastructure/systems/network, including things like source code, IP addresses, protocols used, environment, etc.
This type of penetration testing mimics an insider cyber attack, because the pen tester is an authorized user with standard access privileges.
Grey-box penetration test
As the name suggests, grey-box penetration testing is a mix of black-box and white-box testing, where the pen tester has some knowledge or access to a system/server, but not full access/knowledge of the details.
This type of pentesting asks questions like: Can someone on the inside (such as a disgruntled employee) escalate their access privileges?
Similar to black-box testing (AKA blind testing), except that this time it’s a blind test on both sides. Only a few people at the company are made aware that a penetration test is being conducted. Double-blind pentests help assess the readiness of IT and security staff who will be responding to the attack.
In a targeted pentest, the company’s IT team and pen testers work together to uncover vulnerabilities. It’s commonly referred to as a “lights-on” test because everyone is aware of what’s happening, when the test starts/ends, etc.
Social engineering testing
Finally, this type focuses on the human element of cyber security at the company beyond just the security/IT team. In other words, where are an organization’s employees weakest? Will they click on a suspicious link in an email, for example? This kind of assessment can help inform the company’s training protocols.
Penetration Testing Tools
Below is a list of common pen testing tools. The most popular ones are often free and open source, so that pen testers can modify them.
- Kali Linux: A penetration testing platform with over 600 security utilities to help you perform security tests.
- Netsparker: Automated web application security scanner. Enables you to perform penetration tests on web applications.
- Wireshark: Used in penetration tests to identify what’s happening with a network and assess traffic for malicious activity.
- Metasploit: Penetration testing software with a database of exploits you can use to simulate cyber attacks.
- John the Ripper (JtR): An open-source password cracker. Pen testers use it to find password weaknesses in systems or databases.
- Nmap (Network Mapper): A tool for vulnerability scanning and network discovery.
- Aircrack-ng: A suite of tools to assess WiFi network security.
- hashcat: An advanced password recovery utility that cracks encrypted passwords (“hashes”) to recover those passwords.
- Burp Suite: Web vulnerability scanner. Used for penetration testing of web applications.
As a penetration tester, you’ll probably be using a mix of these tools depending on what your objective is.
Start coding now
Stop waiting and start learning! Get my 10 tips on teaching yourself how to code.
Where to Look for Penetration Testing Training
Whether you’d rather learn via penetration testing courses or books, here are a few great penetration testing training resources to get you started on your journey.
🖥️ Online penetration testing courses/programs
- Penetration Testing, Incident Response and Forensics on Coursera, offered by IBM: Learn the different phases of penetration testing, how to gather data for your penetration test and popular penetration testing tools.
- Web Application Penetration Testing on Pluralsight: Specifically about web application penetration testing — from preparing for a penetration test to common attacks on application inputs and various logic flaws.
- Hands-on: Complete Penetration Testing and Ethical Hacking on Udemy: Learn phishing, password cracking, network scanning, Metasploit framework, and more.
📚 Pentesting books
- Hacking: A Beginners’ Guide to Computer Hacking, Basic Security, Ethical Hacking and Penetration Testing: Teaches penetration testing techniques, common attacks and threats, how to hack an email address, and more.
- Penetration Testing: A Hands-On Introduction to Hacking: An intro to the core skills and techniques every pentester needs, covering tools like Wireshark, Nmap, and Burp Suite.
- The Basics of Hacking and Penetration Testing: Ethical Hacking and Penetration Testing Made Easy: Teaches all of the steps required to complete a penetration test from beginning to end.
Learn to Think Like a Criminal with Pen Testing!
Penetration testing is a critical part of every cyber security strategy.
Thinking like a cyber criminal can help uncover hidden vulnerabilities, flaws and weak points that could be exploited and cause damage to a company’s reputation, a big financial hit, and the theft of valuable or sensitive information.
As a professional penetration tester, you’ll be using your hacking skills for good, to protect companies you work for and their users.
➡️ Want to learn more about cybersecurity as a potential tech career? Check out this post.