A day in the life of a Penetration Tester

A day in the life of a Penetration Tester

I am a Security Consultant for Intex IT, as a Consultant I conduct ISO 27001 internal audits, Penetration Testing, assess organisations for Cyber Essentials Certification and of course Cyber Security Training.

Arrival at Client site:

On a typical day, I visit our client site, as previously arranged,  I arrive at 9.00am;  I enter the reception area and ask to see the IT Manager, once my  appointment has been verified I sign in, given a visitors badge.

IT Manager arrives escorts me to the meeting room.  He asks me if I require refreshments I decline at this stage as I am keen to start. I have a test plan and methodology.  We go over the scope and test plan to verify their requirements and assets of the organisation that is to be tested. I am conducting network penetration testing (white box) –   network schema and minimum credentials are issued to me to log into the network.

A desk has been assigned me; I sit, login and start work.  I commence by looking at my test plan and scan for vulnerabilities that could compromise the network.

Vulnerability Assessment:

I use a combination of manual and automated tools, the manual tools help to identify vulnerabilities that the automated tools have missed. I run a vulnerability scan on the network and review the findings.  I check and verify vulnerabilities by researching various sites such as NVD, CVS and CVSS.  I document and populate my report as I go.

I typically look out for lacks of updates, patching of software, firewall vulnerabilities, poor network configurations and security issues – anything that may affect the availability and integrity of the network.

10.30am

I check the results of the scan.  The IT Manger pops in ask if all is well I respond by stating I will get back to him  and ask for the coffee initially offered.

12.30pm

I start to feel hungry grab lunch and eat in front of my laptop.

 

Exploitation:

After lunch I start the exploitation, this where the fun begins. I conduct a simulated attack on the discovered vulnerabilities.

Exploitation may include:

  • Capture and break hashed passwords,
  • Getting access to data
  • Verify passwords a per company policy
  • Examine error messages
  • Privilege escalation, covering my tracks.
  • Other area of interest, servers, printers, printers, open ports

I am basically checking if the security controls are fit for purpose.  I am mindful that the network is not affected in anyway – more documentation and screen shots for the final report.

 4.30pm

 Closing Meeting

 I meet with the IT Manager and give a brief synopsis of my findings. He listens and asks questions on remediation and recommendations.  I explain that this will be in the final report.  We wrap up the meeting, I am escorted out of the reception and I sign out.

Report Writing

5.30pm

I arrived back at the office to submit my draft report and recommendations typically take 1 – 2 days depending on the scope and prepare to complete report the next day.

Tools:

Some of my favorite tools;

Metasploit: Used to stimulate attacks.

 https://www.metasploit.com/

Nmap: Security Scanner

https://nmap.org/

Burpsuite: Web Vulnerability Scanner

https://portswigger.net/burp

Nessus Vulnerability Scanner

https://www.tenable.com/products/nessus/nessus-professional

 

Get in touch with our learning experts to talk about how we can help.

Contact Us