The pentest is a method that consists of analyzing a target by putting oneself in the shoes of a malicious hacker, or cyberpirate. This target can be an IP, an application, a web server, a connected device or an entire network.
Let's take an example, you own a beautiful home and you've placed a fairly substantial device to ensure its security. On the front of the house, you've gone all out: armored door, cameras, ... Except that at the back of the house, you forgot that there was a simple door with a padlock . The consultant would have quickly found the flaw: "flimsy" back door
The consultant (called a "pentester") analyzes the target in stages:
- Recognition phase:
we look globally at what we are going to have to test.
- Mapping and enumeration phase:
we go into a little more detail about each item found on the previous phase.
- Vulnerability search phase:
we rack our brains to find the flaw.
we check if the flaw can be exploited. Example: we find a key with an address on it (flaw). On teste la clé à l'adresse définie (exploitation)
- Elevation of privileges:
We have returned, now we try to access the entire system.
We keep an open door to avoid remaking the previous steps.
- propagation / side displacements:
We have compromised a device, we are now trying to access the others (if there is).
At the end of the Pentst, we erase all traces.
- Report presentation:
The report is written to the applicant.
When we perform a pentest, we turn into Sherlock Holmes looking for clues. Let's say we find a key that is hidden in the doghouse outside the house . This one opens the garage door. Searching the garage, we find a new key that allows us to enter the house. Sometimes it's a chain of actions that achieves the goal.