Penetration Testing or ethical hacking is an exercise that attempts to simulate the techniques adopted by an attacker to compromise your systems. It helps to highlight those vulnerabilities which could be exploited by a remote unauthorized attacker. NII's penetration testing service is a highly creative, out-of-the-box engagement, and often results in new vulnerabilities being discovered or a new tool being developed from such an exercise. Visit the following links to get a better insight of our penetration testing related research activities:

• Sample report from a penetration testing exercise we carried out for a large enterprise
• Advisories of security vulnerabilities we discover - some of them during routine penetration tests
• Security testing tools that we have developed
• Articles that have appeared in various publications, again highlighting our innovative approach
• Presentations we have made at various security forums, especially on application security

A penetration testing exercise can be structured in various ways:

A penetration test could focus exclusively on your web applications. This could be done at various levels

Black-box testing:
Here, we only know the URL of the website. Enumeration of technologies, mapping of the website, identification of fault injection points, determining input validation vulnerabilities, or logical security vulnerabilities, and the OWASP top 10 attacks are all part of this exercise.

Grey-box testing:
Often enough, a web application involves authentication and authorization components. In order to be able to test these, we request for a dummy user account with the least level of privileges within the application. Using this account, we are able to log in and test for various flaws in the authentication scheme, as well as attempt to escalate our privileges and bypass authorization restrictions. Read our list of advisories here

This type of a penetration test involves identifying the targets through Google searches, WHOIS, DNS queries, etc. Fingerprinting and identifying vulnerabilities. Exploitation of these vulnerabilities depends on whether it is part of the engagement or not. Limited exploitation is always done in terms of password guessing, directory traversals, file uploads, etc. However, stronger exploitation such as Denial of Service attacks, Buffer Overflow exploits, etc., are carried out only if the possible fallouts from such exploitation are accepted prior to the engagement.

In large and very large networks, the number of public IP addresses, and the ports exposed on these IP addresses can vary on a daily basis. What is required is an automated way to periodically scan a large range of IP addresses, determine what ports are open, and attempt to identify the service running on those ports. What is even more important is to produce trending analyses reports, which show new IP addresses or new ports that have appeared since the last scan was run. NII offers a secure portal to its customers, where they can log in, enter their ranges, run the scans, view the reports and compare with previous scans.