Posted In:Definitions Archives - Pentest Geek
Penetration Testing: What It Is
Penetration testing is an offensive security exercise conducted by an organization with the intent to uncover security weaknesses and ultimately help strengthen their defense mechanisms, threat detection capabilities and response times. Traditionally, penetration testing is performed by an independent third-party with little to no upfront knowledge of their target organization. This is done to imitate an adversary who is targeting the organization with nefarious intent.
SOCKS Proxy: Definition
A Socket Secure Proxy (SOCKS Proxy) is a Layer 5 tunnel usually implemented via SSH which allows a user to forward TCP traffic through an encrypted tunnel to a destination server. This causes the packet’s source IP Address to appear as if it was originating from the proxy server or Jump Box rather than the user’s machine.
In above example, the proxy server is acting as the Man In The Middle. A SOCKS Proxy can be especially useful during a penetration test when you need to obey the Rules Of Engagement and ensure that all testing traffic originates from a designated source IP or range of IPs.
Man In The Middle Definition:
The term “Man In The Middle” (MiTM) refers to a network layer attack vector used to capture credentials, session tokens and other sensitive information that an attacker could leverage to gain unauthorized access to systems and data.
The underlying concept of a man in the middle attack is quite simple. An attacker places themselves directly in between the communication stream of a victim machine and their default gateway (usually a router or switch). This can be accomplished physically by placing a small device such as a “Drop Box” in between the victim and the gateway. Or virtually by sending spoofed Address Resolution Protocol (ARP) broadcasts to the victim and gateway causing them to update their ARP tables to point to the attacker’s machine.
Follow Pentest Geek
- Recovering Passwords From Hibernated Windows Machines
- How To Install Metasploit Framework Ubuntu 14.04
- How to Install Nmap From Source
- Another Lap Around Microsoft LAPS
- Credential Harvesting via MiTM – Burp Suite Tutorial
- Forensics and Incident Response
- Information Gathering
- Penetration Testing Tutorials
- Web Applications