[{"data":1,"prerenderedAt":80},["ShallowReactive",2],{"term-p\u002Fpenetration-testing":3,"related-p\u002Fpenetration-testing":60},{"id":4,"title":5,"acronym":6,"body":7,"category":40,"description":41,"difficulty":42,"extension":43,"letter":16,"meta":44,"navigation":45,"path":46,"related":47,"seo":54,"sitemap":55,"stem":58,"subcategory":6,"__hash__":59},"terms\u002Fterms\u002Fp\u002Fpenetration-testing.md","Penetration Testing",null,{"type":8,"value":9,"toc":33},"minimark",[10,15,19,23,26,30],[11,12,14],"h2",{"id":13},"eli5-the-vibe-check","ELI5 — The Vibe Check",[16,17,18],"p",{},"Penetration testing (pentesting) is hiring ethical hackers to try to break into your own systems before the real bad guys do. They use the same techniques as attackers but report findings instead of causing damage. It's like hiring a professional lockpicker to test all your locks and tell you which ones are weak.",[11,20,22],{"id":21},"real-talk","Real Talk",[16,24,25],{},"Penetration testing is an authorized simulated cyberattack on a system to identify exploitable vulnerabilities. It includes reconnaissance, vulnerability scanning, exploitation, and post-exploitation analysis. Types: black-box (no prior knowledge), white-box (full access), and grey-box. Results inform security remediation priorities.",[11,27,29],{"id":28},"when-youll-hear-this","When You'll Hear This",[16,31,32],{},"\"We hired a firm to do an annual penetration test before our SOC 2 audit.\" \u002F \"The pentest revealed an unauthenticated admin endpoint.\"",{"title":34,"searchDepth":35,"depth":35,"links":36},"",2,[37,38,39],{"id":13,"depth":35,"text":14},{"id":21,"depth":35,"text":22},{"id":28,"depth":35,"text":29},"security","Penetration testing (pentesting) is hiring ethical hackers to try to break into your own systems before the real bad guys do.","intermediate","md",{},true,"\u002Fterms\u002Fp\u002Fpenetration-testing",[48,49,50,51,52,53],"Pentest","Bug Bounty","Security Audit","Vulnerability","OWASP Top 10","Exploit",{"title":5,"description":41},{"changefreq":56,"priority":57},"weekly",0.7,"terms\u002Fp\u002Fpenetration-testing","7co5QlmMKAcdloAT66sllvEdYzemtCHNM9pEjIKYf20",[61,65,68,71,74,77],{"title":49,"path":62,"acronym":6,"category":40,"difficulty":63,"description":64},"\u002Fterms\u002Fb\u002Fbug-bounty","beginner","A bug bounty program pays ethical hackers to find security vulnerabilities in your product.",{"title":53,"path":66,"acronym":6,"category":40,"difficulty":63,"description":67},"\u002Fterms\u002Fe\u002Fexploit","An exploit is the actual tool or technique used to take advantage of a vulnerability.",{"title":52,"path":69,"acronym":6,"category":40,"difficulty":63,"description":70},"\u002Fterms\u002Fo\u002Fowasp-top-10","The OWASP Top 10 is the security industry's greatest hits of web vulnerabilities — the 10 most common, dangerous ways apps get hacked.",{"title":48,"path":72,"acronym":6,"category":40,"difficulty":42,"description":73},"\u002Fterms\u002Fp\u002Fpentest","Pentest is just short for penetration testing — the art of ethically hacking your own systems to find weaknesses.",{"title":50,"path":75,"acronym":6,"category":40,"difficulty":63,"description":76},"\u002Fterms\u002Fs\u002Fsecurity-audit","A security audit is a systematic review of your code, infrastructure, and processes to find security weaknesses.",{"title":51,"path":78,"acronym":6,"category":40,"difficulty":63,"description":79},"\u002Fterms\u002Fv\u002Fvulnerability","A vulnerability is a weakness in your code or system that a bad guy could exploit. Like a broken lock on a door.",1776518301454]