Starting on with Penetration Testing!

Welcome People!

Today is the day we will start with our very basics on "Penetration Testing" aka "PT" before we even move on to practicals/tutorials or even on what's PT, this PAGE is not for people looking for how to hack facebook/instagram accounts so please don't bother wasting your time, we will be learning about the art of "Exploitation" and put it to use.

So What does this fancy "Penetration Testing" means?

Well honestly i have seen some most hilarious answers from general public who don't know what's PT and trust me I always end up shocked how can they actually go to such a level and but not google it, the thing what the definition tells us isn't much of a use PT is basically testing how much things can hold on to and when they break and how they are likely to break think of it like people in Architecture school they build things and they mess up and learn at what point or weight something breaks, security is nothing different we test the limits and break them once they are broken we try to fix it up. For those who like big words and fancy definitions "Penetration testing (also called pen testing) is the practice of testing a computer system, network or Web application to find vulnerabilities that an attacker could exploit."

Now if you found this page i don't think i need to ask or tell you the motive behind learning it, for some it might be curiosity which is the case of mine let's talk about an average industry people get outta college and try to land jobs as "Developers" or "Software Engineers" you'd be shocked to know many of them don't even know more than 3 job titles in the IT sector which is the reality of the education system but our motive here to learn about PT.

SO let's get straight to it! When you are trying to make something what are the things you look for ingredients right? to start with you will need LOTS AND LOTS for persistence because nobody will be handing out nothing in security industry for starters and unfortunately fake it till you make it won't work here either! so be open to lots of attempts and trying harder feels, another thing I'd like to point to is www.google.com REALLY is useful so please don't be shy to use it in the first place, so now that in your mind let's talk about prerequisite that's nothing really you don't need to be a code master to be able to exploit things rather creativity comes handy, one thing you need for sure is basic knowledge on how stuff works computers here mostly,but don't be discouraged if you don't know 15 languages and still want to start, I started with C/C++ on fundamental level myself and it's possible to be good at what you want just needs lot of work now to the most important part "Attitude" you need that killer instinct and ability to learn if you don't have those this field will be a tough path for you learn even from a shitty "How to hack facebook" video if necessary.

Now with all this in your mind let's get to it.

How to attack/hack/exploit?

You need tools for this and we break entire process in 5 stages in general.

Reconnaissance 

This is where you get information about your target maybe via social media,google or maybe by physically being with target this is really essential to plan further stages better the recon better the results.

Scanning

This is the stage where you need tools to gain more and more intel on the target this is where you use vulnerability scanners and stuff we will be starting most of the attacks on this level initially.

Gaining Access

This is the place where you finally work out the scanning and recon result to get inside the system and become the "root" or required user to initiate the "privilege escalation" .

Maintaining Access

Once you are inside the system you need to gain the data to be used, and this whole process should be stealthy so that you can maintain the access to the and the target doesn't even know what's going on in the background.

Cover Your Tracks

Finally once the execution is over we will be doing a cover of tracks so that it's not traceable back to you what you did and this is the part where most of the people fail and end up getting caught if they are doing something wrong so I don't think it's necessary to tell you it's kinda important.

With this information inside your brain we will be targeting our very first machine in coming post and I will demonstrate each and every step to get you started with your first attack!

Thank You!