A penetration test or PenTest is testing computer systems for vulnerabilities and miss-configurations. These vulnerabilities are actually used to break into these systems. A penetration test normally takes place for legitimate reasons, with the permission of the owners.
The person performing a penetration test can be called a penetration tester or pentester or white hat hacker.
There can be various types of penetration testing: white box penetration testing or black box penetration testing. White box penetration testing often occur if you suspect your own staff. For black box penetration test is more based on a hacker from outside who have no prior knowledge of confidential information about an organization.
In Penetration testing world other names are also used such as; ethical hacking, legal hacking, hacking test, security scanning, vulnerability assessment, and various combinations of these terms. The terms are more or less the same.
The difference between a penetration test and a security audit (security control) is that no attempt is made at a security audit to actually
break it but only potential vulnerabilities are identified. In a penetration test vulnerabilities are used to break in.
In this way, we can validate the vulnerabilities found in a security audit if they can be exploited or not.
It is important to secure your website properly. It happens daily that hackers attempt to hack websites. If there is a leak in the security of this website, criminals will try to get in your website. Through a penetration test of your website we map the weaknesses and vulnerabilities of the Website. Every page and function of your website is extensively tested for errors. There is a difference between a penetration test and an audit or security control, no attempt is made with a penetration test in order to break in, it only serves to identify risks.