There Are several Types of Penetration Testing, however , the following are the ones most commonly performed.
Types of Penetration Testing
- Network Penetration Testing
- Web Application Penetration Testing
- Mobile Application Penetration Testing
- Social Engineering Penetration Testing
- Physical Penetration Testing
Network Penetration Testing
In-network Penetration Testing, you would be testing a network environment for potential security vulnerabilities and threats. This test is divide into two categories external and internal Penetration Testing.
External Penetration Testing would involve testing the public IP address, whereas, in an internal test, you can become part of an internal network and test that network. You may be provided VPN access to the network we would have to physically go to the work environment for the penetration testing depending upon the engagement rules that were defined prior to conducting the testing.
Web Application Penetration Testing
Web Application Penetration testing is very common nowadays, since your application host critical data such as credit card number, username, and password; therefore this type of penetration test has become more common than network penetration testing
Mobile Application Penetration Testing
Mobile Application Penetration testing is the newest type of penetration testing that has become common since almost every organization uses Android- and IOS-based mobile Applications to provide services to its customers. Therefore, organizations want to make sure that their mobile applications are secure enough for users to rely on when providing personal information when using such applications.
Social Engineering Penetration Testing
Social engineering penetration testing can be part of network penetration testing. In a social engineering penetration test, the organization may ask you to attack its users. This where your use a speared phishing attack and browser exploits to trick a user into doing things they did not intend to do. Remote testing where phishing techniques are used to steal confidential information through electronic means.
Physical Penetration Testing
Physical Penetration Test is what you would rarely be doing in your career as a penetration tester. In a Physical penetration test. you would be asked to walk into the organization’s building physically and test physical security controls such as locks and RFID mechanisms.