Ethical Hacking
1. Network Penetration Test: you would be testing a network environment for potential security vulnerabilities and threats. This test is divided into two categories: An external penetration test would involve testing the public IP addresses and an internal test, you can become part of an internal network and test that network. You may be provided VPN access to the network or would have to physically go to the work environment for the penetration test depending upon the engagement rules that were defined prior to conducting the test.
2. Web Application Penetration Test: this test is very common nowadays, since your application hosts critical data such as credit card numbers, usernames, and passwords; therefore this type of penetration test has become more common than the network penetration test.
3. Mobile Application Penetration Test: is the newest type of penetration test that has become common since almost every organization uses Android- and iOS-based mobile applications to provide services to its customers.
4. Social Engineering Penetration Test: A social engineering penetration test can be part of a network penetration test. In a social engineering penetration test the organization may ask you to attack its users. This is where you use speared phishing attacks and browser exploits to trick a user into doing things they did not intend to do.
5. Physical Penetration Test: A physical penetration test is rarely used. In a physical penetration test, you would be asked to walk into the organization’s building physically and test physical security controls such as locks and RFID mechanisms.