A day in the life of a Penetration Tester
I am a Security Consultant for Intex IT, as a Consultant I conduct ISO 27001 internal audits, Penetration Testing, assess organisations for Cyber Essentials Certification and of course Cyber Security Training.
Arrival at Client site:
On a typical day, I visit our client site, as previously arranged, I arrive at 9.00am; I enter the reception area and ask to see the IT Manager, once my appointment has been verified I sign in, given a visitors badge.
IT Manager arrives escorts me to the meeting room. He asks me if I require refreshments I decline at this stage as I am keen to start. I have a test plan and methodology. We go over the scope and test plan to verify their requirements and assets of the organisation that is to be tested. I am conducting network penetration testing (white box) – network schema and minimum credentials are issued to me to log into the network.
A desk has been assigned me; I sit, login and start work. I commence by looking at my test plan and scan for vulnerabilities that could compromise the network.
I use a combination of manual and automated tools, the manual tools help to identify vulnerabilities that the automated tools have missed. I run a vulnerability scan on the network and review the findings. I check and verify vulnerabilities by researching various sites such as NVD, CVS and CVSS. I document and populate my report as I go.
I typically look out for lacks of updates, patching of software, firewall vulnerabilities, poor network configurations and security issues – anything that may affect the availability and integrity of the network.
I check the results of the scan. The IT Manger pops in ask if all is well I respond by stating I will get back to him and ask for the coffee initially offered.
I start to feel hungry grab lunch and eat in front of my laptop.
After lunch I start the exploitation, this where the fun begins. I conduct a simulated attack on the discovered vulnerabilities.
Exploitation may include:
- Capture and break hashed passwords,
- Getting access to data
- Verify passwords a per company policy
- Examine error messages
- Privilege escalation, covering my tracks.
- Other area of interest, servers, printers, printers, open ports
I am basically checking if the security controls are fit for purpose. I am mindful that the network is not affected in anyway – more documentation and screen shots for the final report.
I meet with the IT Manager and give a brief synopsis of my findings. He listens and asks questions on remediation and recommendations. I explain that this will be in the final report. We wrap up the meeting, I am escorted out of the reception and I sign out.
I arrived back at the office to submit my draft report and recommendations typically take 1 – 2 days depending on the scope and prepare to complete report the next day.
Some of my favorite tools;
Metasploit: Used to stimulate attacks.
Nmap: Security Scanner
Burpsuite: Web Vulnerability Scanner
Nessus Vulnerability Scanner
Get in touch with our learning experts to talk about how we can help.