The specific attacks a pen test team chooses will depend on the target environment. However, there are common attacks that every chief information security officer (CISO) should worry about. These include:
- Social engineering, including phishing and malware distribution
- Injection attacks, including SQL injection, cross-site scripting (XSS), cross-site request forgery (XSRF), and directory traversal
- Denial of service (DoS)
- Session hijacking/man-in-the-middle attacks
- Credential reuse
- Brute forcing/password cracking
Many attack types use common techniques such as spoofing/impersonating, replaying authorized traffic in an unauthorized way, or exploiting software vulnerabilities. Most successful attacks today involve some level of social engineering, either through clicking trusted websites that have been compromised, or sending malicious code or links through email or social media. Private networks tend to have fewer security controls than the Internet, but they are harder for an outsider to access. You would have to find a way in. Common ways to gain access to a private network include:
- Installing socially engineered malware on an internal computer
- Breaking into a WAP or remote access server
- Physically planting a malicious device on the private network
- Colluding with an insider