What is VAPT? Vulnerability assessment and penetration testing (VAPT) is a phenomenon in which the IT environment systems such as computers and networks are scanned to identify the presence of vulnerabilities associated with them. As per the information provided by the latest survey more than 80% of websites are vulnerable, especially those which are created by using any engine such as WordPress, BlogSpot, etc. leading to the leak of sensitive corporate information and data such as passwords, credit card info, etc.
Black hats are concentrating their efforts on web-based applications — shopping carts, forms, login pages, dynamic content, etc. Accessible 24/7 from anywhere in the world, insecure web applications provide easy access to backend corporate databases.
So let’s get back on the topic VAPT. Now we are going to explain vulnerability assessment and penetration testing (VAPT) in the form of the cycle: –
First of all, let you introduce with the very initial step of VAPT which is often preferred as modes of testing which are categorized into three parts:-
White Box Testing: White box testing refers to the phenomena of performing the test from within the network with the prior knowledge of the system architecture and the systems. This is also referred to as internal testing.
Black Box Testing: it refers to testing from an external network with no prior knowledge of the internal networks and systems.
Gray Box Testing: Grey box testing is the process of testing from an external or internal network, with knowledge of the internal networks and systems. It is a combination of black box testing and white box testing.
INFORMATION GATHERING IN VAPT
Information Gathering is a method of collecting information about the network or the system you are testing. Such as IP address, OS Version, etc. This applies to all the modes of testing as mentioned above.
VULNERABILITY DETECTION IN VAPT
In this phenomena many tools such as vulnerability scanners, network scanners, etc. are used to find the associated vulnerability in that particular network mode,
INFORMATION ANALYSIS AND PENETRATION TESTING IN VAPT
This process is used to analyze the identified vulnerabilities, related to the information gathered from the IT environment systems and networks to apply a plan for penetrating into the network and system by the process of Penetration Testing. In penetration testing process, the target systems are attacked and infiltrated using the method applied in the earlier process.
PRIVILEGE ESCALATION IN VAPT
After the successful penetration into the system, privilege escalation technique is used to identify and escalate access to gain higher privileges, such as registry/root access or administrative privileges to that particular it environment system or network.
RESULT ANALYSIS AND CLEANUP IN VAPT
At last in this process, the cause analysis is performed as a result of a satisfactory compromise of the network leading to penetration testing and providing suitable recommendations to make the system secure by plugging the holes in the system. Vulnerability assessment and penetration testing involve compromising the system, and as the result of this process, some of the files may be altered. This process ensures that the system is brought back to the original state, before the testing, by cleaning up or restoring the data and files used on the target machines.
- Now as you got aware about the basics of processes involved in vulnerability assessment and penetration testing let’s move on some VAPTtools which are required at every step to performVAPT successfully: –
Web Application Attack and Audit Framework [ VAPT Tools ]
W3af is an incredibly powerful and flexible framework for finding and exploiting web application vulnerabilities. It is easy to use and features a lot of web assessment and exploitation plugins.
-> Considerably increased performance by implementing gzip encoding
-> Enhanced embedded bug report system using Trac’s XMLRPC
-> Fixed hundreds of bugs * Fixed critical bug in auto-update feature
-> Enhanced integration with other tools (bug fixed and added more info to the file)
Acunetix Web Vulnerability Scanner
Acunetix Web Vulnerability Scanner includes many innovative features which are mentioned below:
- AcuSensor Technology
- An automatic client script analyzer is allowing for security testing of Ajax and Web 2.0 applications.
- Industries’ most advanced and in-depth SQL injection and Cross site scripting testing.
- Advanced penetration testing tools, such as the HTTP Editor and the HTTP Fuzzer.
- Visual macro recorder makes testing web forms and password protected areas easy
- Support for pages with CAPTCHA, single sign-on, and Two Factor authentication mechanisms.
- Extensive reporting facilities including VISA PCI compliance reports.
- Multi-threaded and lightning fast scanner crawls hundreds of thousands of pages with ease.
- Intelligent crawler detects web server type and application language.
- Acunetix crawls and analyzes websites including flash content, SOAP, and AJAX.
- Port scans a web server and runs security checks against network services running on the server.
OWASP Zed Attack Proxy (ZAP)
The OWASP Zed Attack Proxy (ZAP) is a simple use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a broad range of security experience and as such is ideal for developers and functional testers who are new to penetration testing as well as being a useful addition to an experienced pen tester’s toolbox.
Included ZAP’s features:
- Intercepting Proxy
- Automated Scanner
- Passive scanner
- Brute Force scanner
- Port scanner
- Dynamic SSL certificates
- Beanshell integration
WebSploit Is an Open Source Project For Scan And Analysis Remote System From Vulnerability
Description and features: –
- Autopwn — Used From Metasploit For Scan and Exploit Target Service
- map — Scan, Crawler Target Used From Metasploit wmap plugin
- format infector — inject reverse & bind payload into the file format
- PHPMyAdmin — Search Target PHPMyAdmin login page
- fi — Scan, Bypass local file inclusion Vulnerability & can be bypass some WAF
- apache users — search server username directory (if use from apache webserver)
- Dir Bruter — brute target list with wordlist
- admin finder — search admin & login page of the target
- MLITM Attack — Man Left In The Middle, XSS Phishing Attack
- MITM — Man In The Middle Attack
- Java Applet Attack — Java Signed Applet Attack
- MFOD Attack Vector — Middle Finger Of Doom Attack Vector
- USB Infection Attack — Create Executable Backdoor for Infect USB for Windows
Also, there are a lot of tools associated with VAPT .we will introduce you to them in our next part of the VAPTArticle with their detailed and explained step by step tutorial. So, for now, enjoy this and feel free to comment if you have any queries related to this article..!