This article is posted under the “Ethical Hacking Student Guide Series”. So don’t forget to subscribe our blog to stay updated.

Penetration testing in simple words can be defined as the test on the live networks or servers directly by attacking by the trained ethical hacking professional person or network security administrator.

If you still cant get, let me make it simpler for you. Consider an organization having its employee working on certain software. It stores all database into some kind of “database server”. What will we do is just hire some ethical hacking trained person & he will directly conduct the test on the possible vulnerable areas of the system or network or the software.

Why Penetration Testing if we can do Vulnerability Assessments?

Well in vulnerability assessment we basically use the automated software which can be handled by unskilled employee. It scans for general vulnerabilities which are well known. But you have to consider those criminal hackers which are always looking for the newest security breaches or flaws on subjected systems. They always wish to do things in smarter way. And to detect such unique security holes we can better perform a penetration testing on network. Its worth, trust me.

Every ethical hacking student has to learn penetration testing as it is the most exciting & hardest thing to do in ethical hacking. If you want to learn hacking then you cant miss this part as it is one of the core exercises that ethical hacking professional have to perform.

We can simply find something which is known to all in vulnerability assessment, but something where you have to test your patience & knowledge is termed as penetration testing in your ethical hacking syllabus.

Classification of Penetration Testing

Penetration testing is basically classified according to the things that are known to ethical hackers. It is classified as follows

- White Box Testing
- Black Box Testing

In white box tests the ethical hacker physically sees all network & its previous data & updates. Means he knows everything then he performs testing.

In black box testing ethical hackers do complete attack without knowing even the operating stem on the networks. So black box test is real hard thing to do in ethical hacking.

You will get to know this more in upcoming posts here on Hackers Enigma, so just come back or click here to subscribe our ethical hacking blog.

Please don’t hesitate to ask any question here in comments; even you think it will be stupid to ask & even if you are a beginner & don’t know anything about this. I will answer all your doubts regarding it.
 

Steganography is method of hiding files in image files.

This is used mostly on a network so that files can be stored secretly. This method is very harmful for those where source codes of viruses and and programs can be stored. Also some secret file can also be stored and it can be any information about sytem and system weaknesses.

Following are the softwares used for setganography:

Steganography

1. Image Hide

2. Snow: Fioles are sored in white or blank spaces of any text files.

3. MP3stegno: Used for storing files in MP3 file format which is almost undetectable.

Prevention Measures Against Steganography:

We can use softwares for setecting such files and we can also tranck the stored content for the security of the system.

Stegdetect: This simple software detects such files stored on system or network.

Stegbreak: Used to crack the password of such files by Dictionary attack.