Penetration Testing Overview

Flashcards covering key concepts in penetration testing, definitions, and methodologies.

Penetration Testing

The process of testing a system, network, or application to identify vulnerabilities that an attacker could exploit.

Black Box Testing

A testing approach where the tester has no prior knowledge of the internal workings of the system or application.

Gray Box Testing

A testing method that combines elements of both black box and white box testing, where the tester has some knowledge of the internal structure.

White Box Testing

A testing technique where the tester has full knowledge of the internal structures and workings of the application or system being tested.

OSINT

Open Source Intelligence; information gathered from publicly available sources for intelligence purposes.

Rules of Engagement (ROE)

Agreements that define how a penetration test is to be conducted, including what is permissible and with what limitations.

Vulnerability Database

A repository of known vulnerabilities, often used by security professionals to identify issues within systems and applications.

Exfiltration

The unauthorized transfer of data from a computer or network.

Threat Modeling

The process of identifying and prioritizing potential threats to a system based on gathered intelligence.

Social Engineering

Manipulative tactics used to trick individuals into giving up confidential information.