Let’s start with the few basic things we should know about penetration testing
What is Vulnerability?
Vulnerability is a flaw or loophole in the system which can take the process of the open attack.
It is a technique which ensures our system is secure
Vulnerability Assessment is a process of identifying, quantifying and reporting vulnerabilities
What is penetration testing?
It is a process in which pen tester exploit the vulnerability in any system and try to access the system. it includes scanning, exploiting, and report of the vulnerabilities
The major tool that can be used to identify the vulnerabilities is BURP SUITE
We can also download the free edition of Burp suite from the official website of burp suite
Burp Suite: Burp Suite is a java-based application that is used for penetration testing of web applications. It is the most popular tool among professional for penetration testing
There are some Tools which are offered by Burp :
Spider: It is used for crawling the website. The objective of spider is to get a list of endpoints so that vulnerabilities can be found
Proxy: This tab is used for Intercepting the request of any targeted website
Intruder: It is used for performing different Attacks like Brute force Attacks etc.
Repeater: It is used to repeat the request of any targeted website
Scanner: It is used for scanning the website
NOTE: Installation of Burp Suite will be described in the next blog.