Henry Dalziel | Certified Ethical Hacker, EC Council, General Hacking Posts, Information Security Careers | March 17, 2013
Many of our new students here at Concise Courses that are interested in information security training ask us to define what exactly penetration testing is.
Here is our best answer!
Penetration testing, often just referred to as “pentesting”,“pen testing”, “ethical hacking” or even “security testing” is the process and methodology of attacking your own or your clients’ IT networks, computer and systems. The principles of these pentesting attack methodologies is executed in the same way a hacker would scan and attack networks. The person whom actually carries out the security testing is called a penetration tester or pentester.
The fundamental difference between a professional penetration tester and a hacker (in the criminal sense) is that the former has permission, the latter will be performing illegal actions that can, and often do, result in criminal convictions. Bottom like, to scan and attack a computer network you need permission!
We tell our students and especially those that contact us by live chat that to better understand penetration testing, it is vital to firstly appreciate basic security concepts of vulnerabilities, exploits, and executing payloads. Do you agree with our definition? Let us know in the comments below! Also, we have short courses on wifi penetration testing (cracking) and nmap scanning that you might be interested in.