Efficacy of unconventional penetration testing practices

Abstract

The financial and confidential cost of cyberattack has presented a sig-nificant loss to the organization and government where the privacy of worthless information has become vulnerable to cyber threat. In terms of efforts implemen-ted to avoid this risk, the cyberattack continues to evolve, making the cybersecur-ity systems weekend. This has necessitated the importance of comprehensive penetration testing, assessment techniques, and tools to analyze and present the currently available unconventional penetration techniques and tactics to test and examine their key features and role in supporting cybersecurity and measure their effectiveness. The importance of cyberspace and its value make it an eminent tar-get for attackers to exploit any vulnerability they may encounter in the respective system. Due to the cybersecurity risks, robust security measures need to be put in place to protect the system in question. Penetration testing is one such security measure that aims to uncover the security vulnerabilities in the system. Due to the dynamic aspect of cyberspace and technology, advanced or more unusual penetration testing mechanisms need to be employed to deal with the emerging vulnerabilities and security threats in cyberspace. This research explores and uti-lizes the conventional and unconventional penetration testing methods and iden-tifies the study's main objectives to improve the current penetration testing techniques to increase security effectiveness and efficiency. It also calculates vulnerabilities and risks based on Common Vulnerability Scoring System (CVSS) scores and their impact on confidentiality, integrity, and availability. It proposes a Wi-Fi penetration testing approach based on Kali Linux. It also highlights the conventional and unconventional penetration testing approaches and justifies the essence of penetration testing over cyberattack cases. Due to the dynamic changes in technology, the conventional penetration testing method does not seem to be efficient to achieve its goal.