Chapter 4

Penetrate and Exploit

IN THIS CHAPTER

Bullet Getting into the mind of a hacker

Bullet Taking a deeper look at attack vectors and how to thwart attacks

Bullet Demystifying encryption

Bullet Running Metasploit to find exposed vectors

Penetrate and exploit might sound like the title of an intense video game where you have to break into an enemy’s fortress and expose their weakness to the world. What that means in the context of pen testing isn’t too far off from that and is also intense. Penetration involves the attempt (perhaps successful, perhaps not) to circumvent or break through security barriers, to access a company’s data, for instance. An exploit is when an intruder successfully penetrates the barriers and then takes advantage of a system’s vulnerability.

A good part of your day as a pen tester is to think like a hacker. Where can they penetrate your systems? What information can they exploit for their own gain? This can sometimes take creative thinking!

I also discuss attack vectors in this chapter. They can be confusing to new pen testers because the bad guy hackers often know where to start ...

Get Penetration Testing For Dummies now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial