Тестирование на проникновение
Embed This Widget
Add the script tag and a data attribute to embed this widget.
Embed via iframe for maximum compatibility.
<iframe src="https://ipfyi.com/iframe/glossary/penetration-testing/" width="420" height="400" frameborder="0" style="border:0;border-radius:10px;max-width:100%" loading="lazy"></iframe>Paste this URL in WordPress, Medium, or any oEmbed-compatible platform.
https://ipfyi.com/glossary/penetration-testing/Add a dynamic SVG badge to your README or docs.
[](https://ipfyi.com/glossary/penetration-testing/)Use the native HTML custom element.
Определение
Авторизованная имитация кибератаки на систему для оценки её защищённости и выявления уязвимостей до реальных злоумышленников. Пентест варьируется от автоматического сканирования уязвимостей до полноценных учений команды красных.
Phases of a Penetration Test
A penetration test (pentest) simulates a real-world attack under controlled conditions. The standard methodology follows five phases: reconnaissance (passive WHOISA query-and-response protocol for looking up registration information about domain names, IP addresses, and autonomous systems. WHOIS records include the registrant, registrar, name servers, and expiration dates. lookups, DNS enumeration, OSINT), scanning (port scanning, service fingerprinting via Open Port Checker), exploitation (attempting to compromise discovered vulnerabilities), post-exploitation (privilege escalation, lateral movement), and reporting (findings, evidence, remediation guidance).
Black Box vs. White Box vs. Gray Box
| Type | Tester Knowledge | Resembles |
|---|---|---|
| Black box | Zero internal info | External attacker |
| White box | Full source + architecture | Insider threat audit |
| Gray box | Partial (e.g., user creds) | Compromised employee |
Gray box testing is most common — it balances realism with efficiency. Red team engagements extend gray box testing with physical access, social engineering, and multi-week persistence simulations.
Tools and Scope Considerations
Common tools include Nmap (port scanning), Metasploit (exploitation), Burp Suite (WAFWeb Application Firewall. A security layer that filters, monitors, and blocks HTTP/HTTPS traffic to and from a web application, protecting against attacks like SQL injection, XSS, and CSRF at the application layer. bypass, SQL InjectionA code injection attack that inserts malicious SQL statements into application input fields to manipulate or extract data from a backend database. Prevented by parameterized queries and input validation., XSS), and BloodHound (Active Directory path analysis). Scope definition is critical — out-of-scope systems must be documented and respected. A CVECommon Vulnerabilities and Exposures. A standardized system of unique identifiers (e.g., CVE-2024-12345) for publicly known cybersecurity vulnerabilities, maintained by MITRE and used globally for vulnerability tracking and patching. scanner (Nessus, OpenVAS) complements manual testing by systematically checking known vulnerability signatures across the target surface.