Skip to main content

An overview of vulnerability assessment and penetration testing techniques

Abstract

All Internet facing systems and applications carry security risks. Security professionals across the globe generally address these security risks by Vulnerability Assessment and Penetration Testing (VAPT). The VAPT is an offensive way of defending the cyber assets of an organization. It consists of two major parts, namely Vulnerability Assessment (VA) and Penetration Testing (PT). Vulnerability assessment, includes the use of various automated tools and manual testing techniques to determine the security posture of the target system. In this step all the breach points and loopholes are found. These breach points/loopholes if found by an attacker can lead to heavy data loss and fraudulent intrusion activities. In Penetration testing the tester simulates the activities of a malicious attacker who tries to exploit the vulnerabilities of the target system. In this step the identified set of vulnerabilities in VA is used as input vector. This process of VAPT helps in assessing the effectiveness of the security measures that are present on the target system. In this paper we have described the entire process of VAPT, along with all the methodologies, models and standards. A shortlisted set of efficient and popular open source/free tools which are useful in conducting VAPT and the required list of precautions is given. A case study of a VAPT test conducted on a bank system using the shortlisted tools is also discussed.

This is a preview of subscription content, access via your institution.

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11
Fig. 12
Fig. 13
Fig. 14
Fig. 15

References

  1. 1.

    Tiller, J.S.: CISO’s Guide to Penetration Testing. CRC Press Publication, Boca Raton

  2. 2.

    The Canadian Institute of Chartered Accountants Information Technology Advisory Committee, Using an Ethical Hacking Technique to assess Information security Risk, Toronto. http://www.cica.ca/research-and-guidance/documents/it-advisory-committee/item12038.pdf. Accessed 03 Oct 2013

  3. 3.

    Xiong, P., Peyton, L.: A model driven penetration test framework for web applications. In: IEEE 8th Annual International Conference on Privacy, Security and Trust (2010)

  4. 4.

    Liu, B., Shi, L., Cai, Z.: Software vulnerability discovery techniques: a survey. In: IEEE 4th International Conference on Multimedia Information Networking and Security (2012)

  5. 5.

    Duan, B., Zhang, Y., Gu, D.: An easy to deploy penetration testing platform. In: IEEE 9th International Conference for young Computer Scientists (2008)

  6. 6.

    Dr. Geer, D., Harthorne, J.: Penetration testing: a duet. In: IEEE Proceedings of 18th Annual Computer Security Application Conference, ACSAC’02 (2002)

  7. 7.

    Sparks, S., Embleton, S., Cunningham, R., Zou, C.: Automated vulnerability analysis: leveraging control flow for evolutionary input crafting. In: IEEE 23rd Annual Computer Security Applications Conference (2007)

  8. 8.

    Open Web Application Security Project. OWASP Top 10 Project. http://www.owasp.org/index.php/category:OWASP_Top_Ten_Project. Accessed 03 Oct 2013

  9. 9.

    Turpe, S., Eichler, J.: Testing production systems safely: common precautions in penetration testing. In: IEEE Academy Industrial Conference (2009)

  10. 10.

    Halfold, W., Choudhary, S., Orso, A.: Penetration testing with improved input vector identification. In: IEEE International Conference on Software Testing Verification and Validation (2009)

  11. 11.

    Austin, A., Williams, L.: One technique is not enough: a comparison of vulnerability discovery techniques. In: IEEE International Symposium on Empirical Software Engineering and Measurement (2011)

  12. 12.

    The MITRE Corporation, Common Weakness Enumeration. http://www.cwe.mitre.org/. Accessed 03 Oct 2013

  13. 13.

    SANS Institute. SANS Top 25 Software Errors. http://www.sans.org/top25-software-errors/. Accessed 03 Oct 2013

  14. 14.

    Institute for Security and Open Methodologies. Open Source Security Testing Methodology Manual. http://www.isecom.org/mirror/OSSTMM.3.pdf. Accessed 03 Oct 2013

  15. 15.

    Payment Card Industry Security Standards. Payment Card Industry Data Security Standard. http://www.pcisecuritystandards.org/documents/pci_dss_v2.pdf. Accessed 03 Oct 2013

  16. 16.

    Open Web Application Security Project. OWASP Testing Guide. http://www.owasp.org/images/5/56/OWASP_Testing_Guide_v3.pdf. Accessed 03 Oct 2013

  17. 17.

    International Organization for Standardization. IEC/ISO 27001:2013. http://www.iso.org/iso/home/store/catalogue_ics/catalogue_detail_ics.htm?csnumber=54534. Accessed 03 Oct 2013

  18. 18.

    LanFang, W., HaiZhou, K.: A research of behavior based penetration testing model of the network. In: IEEE International Conference on Industrial Control and Electronics Engineering (2012)

  19. 19.

    iVolution Security Technologies. Benefits of Penetration Testing. http://www.ivolutionsecurity.com/pen_testing/benefits.php. Accessed 03 Oct 2013

  20. 20.

    Antunes, N., Vieira, M.: Benchmarking vulnerability detection tools for web services. In: IEEE International Conference on Web Services (2010)

  21. 21.

    White Hat Statistics Report’ 2013. https://www.whitehatsec.com. Accessed 03 Oct 2013

  22. 22.

    Shah, S.: Vulnerability assessment and penetration testing (VAPT) techniques for cyber defence. IET-NCACNS’ SGGS, Nanded (2013)

  23. 23.

    Shah, S., Mehtre, B.M.: A modern approach to cyber security analysis using vulnerability assessment and penetration testing. In: NCRTCST’ 2013, Hyderabad, India

  24. 24.

    Shah, S., Mehtre, B.M.: School of Computer and Information Sciences, University of Hyderabad, Hyderabad, India. In: 2013 IEEE International Conference on Computational Intelligence and Computing Research (ICCIC)

  25. 25.

    McDermott, J.P.: Attack net penetration testing. In: Proceedings of the 2000 Workshop on New Security Paradigms. ACM Press, New York (2001)

Download references

Author information

Affiliations

Authors

Corresponding author

Correspondence to Sugandh Shah.

Rights and permissions

Reprints and Permissions

About this article

Verify currency and authenticity via CrossMark

Cite this article

Shah, S., Mehtre, B.M. An overview of vulnerability assessment and penetration testing techniques. J Comput Virol Hack Tech 11, 27–49 (2015). https://doi.org/10.1007/s11416-014-0231-x

Download citation

Keywords

  • Vulnerability Assessment
  • Target System
  • Penetration Test
  • Test Target
  • Security Flaw