Penetration Testing
The Application Penetration Testing Methodology is a security testing used to analyze security from inside of an application environment. That created on OWASP mobile application security standard. The application penetration testing methodology focus on client-side safety, file system, hardware, and network security.
By performing the penetration tests, the company can find the vulnerabilities in the application and attack vectors before delivering an app to the user. So the company can change the design, code, and architecture before release.
Penetration Testing is divided into four stages:
Preparation – It is the first stage for pentester to acquire information that is important in knowing events that lead to the successful exploitation of applications.
Evaluation – The pentester evaluates to find the application and discovers impotent entry points and vulnerabilities that can exploit.
Exploitation – penetration tester trying to find the exploit to the vulnerabilities to take profit of the application in a manner not meant by the programmer initially didn’t expect.
Reporting – it’s involves reporting and presenting the discovered results in a manner that makes sense to management. That is also the stage that separates a penetration test from an attack.