Process of finding vulnerabilities, bugs in system is known as Penetration Testing .
So here we have to know all basic fundatmentals these technologies and working mechanism it. It means we need to have at least knowledge these fields and they function and then have to learn about vulnerabilities and how to find them and then report it to the owner of that app, website.
Becoming a penetration tester is a long journey where you have to do it gradually with focus. You need have broad knowledge in this field and have creative mind set because, you have to think like a programmer to understand programs. Having a great knowledge about vulnerabilities and how it can be triggered.
First of all need to learn how you are going to secure the companies. Basically companies are made for creating their products and selling them to customers, to increase the selling or to reach the customers easily they use internet. On the internet they can create their website, app or a software, so your work is to give security to that websites or apps. Let's get dipper into this.
How web-sites are developed?
- Web sites are made using programming languages such as HTML, JavaScript, PHP,etc. There are so many of them.
- There are two faces of website 1. Front end and 2. Back end .
- Front end is the front side of the website (which can be seen) it is made using HTML and CSS.
- Back end is like behind the scenes of that site which is (not visible) for normal users, back end can developed using JavaScript, PHP, Python, JAVA, etc.
- So basically assume that you made a website using HTML and PHP it's working perfectly now its working only on your computer but you wanna make it accessible others also so you need to upload it on the computer which is on the internet this process is known as hosting. For that you need to learn the linux and some basics of networking.
- Apps runs on smartphones and softwares are made for computers . Basically softwares/apps are like websites which are directly installed on your computer/mobile. Such as Facebook, Instagram, Youtube, these companies have their apps and websites also. So websites accessible through the internet and apps can be directly installed on the mobile.
- Apps/Softwares are also developed in the manner of Backend and Frontend.
- So many programming languages are used to develope app or softwares such as JAVA, C, C++, JavaScript, PHP, etc. Swift is used for building apps in iOS.
In pentesting there are also sub fields such as :
- Web app pentesting :
- In this field you just need to have knowledge about some programming languages such as PHP, Python, JavaScript, JAVA, SQL, etc. How to find vulnerabilities in websites and how bugs can be hunted.
- Android app pentesting :
- Here's also need to have knowledge about JAVA, C, C++, and android apps created using programming languages. How to find android apps bugs and reporting it to the owner of that app.
Comments
Post a Comment