Open in app

Sign in

Write

Sign in

Pentesting Fundamentals

Hiteshverma
1 min readFeb 27, 2024

--

Task 2 Penetration Testing Ethics

You are given permission to perform a security audit on an organisation; what type of hacker would you be?

Ans: White Hat

You attack an organisation and steal their data, what type of hacker would you be?

Ans: black hat

What document defines how a penetration testing engagement should be carried out?

Ans: Rules of Engagement

Task 3 Penetration Testing Methodologies

What stage of penetration testing involves using publicly available information?

Ans: Information Gathering

If you wanted to use a framework for pentesting telecommunications, what framework would you use? Note: We’re looking for the acronym here and not the full name.

Ans: OSSTMM

What framework focuses on the testing of web applications?

Ans: OWASP

Task 4 Black box, White box, Grey box Penetration Testing

You are asked to test an application but are not given access to its source code — what testing process is this?

Ans: Black Box

You are asked to test a website, and you are given access to the source code — what testing process is this?

Ans: White Box

Practical: ACME Penetration Test

Ans: THM{PENTEST_COMPLETE}

Sign up to discover human stories that deepen your understanding of the world.

Free

Distraction-free reading. No ads.

Organize your knowledge with lists and highlights.

Tell your story. Find your audience.

Membership

Read member-only stories

Support writers you read most

Earn money for your writing

Listen to audio narrations

Read offline with the Medium app

--

--

Hiteshverma
Hiteshverma

Written by Hiteshverma

4 Followers
6 Following

Cybersecurity learner.

No responses yet

Write a response

What are your thoughts?

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams