Is pen testing software real or simulated?

Moderators: Elite Admin S, Elite Admin M

tejas43
Posts: 1
Joined: Wed Nov 25, 2020 4:01 pm

Is pen testing software real or simulated?

Postby tejas43 » Thu Nov 26, 2020 2:14 pm

I'm curious if pen testing software actually launches real versions of the malware and viruses in your target environment, or if they use some type of sandbox to safely test these things? In other words, could someone buy pen testing software and use it to actually hack into someone's system without their permission?

jerry.webb
Posts: 3
Joined: Fri Jun 19, 2020 10:44 pm

Re: Is pen testing software real or simulated?

Postby jerry.webb » Tue Feb 16, 2021 2:11 pm

We usually test in a Virtual Machine running on a PC - this way we can set the initial OS image up just in the same way as it would be on an end-user device and take a snapshot of it to use for tests for different customer configurations. We use Oracle Virtual Box or similar. I am not sure I understand the question about someone taking over your PC remotely? Using pen tester software we could take over a remote PC if there is a vulnerability in the software. The pen tester is looking for vulnerabilities that haven't been fixed in a VM rather than testing a take-over attempt. One cannot tell a real machine from a virtual machine easily.


Return to “Software Real”

Who is online

Users browsing this forum: No registered users and 3 guests