Difficulty: Info
Access: Free
Expected Time: ~20–30 minutes
Overview
This introductory room teaches the foundational concepts and ethical framework behind penetration testing (“pentesting”). You’ll learn what pentesting is, the importance of ethics and scope, methodological stages, testing scopes (black, grey, white box), and a practical walkthrough simulating a pentest engagement.
Task 1: What Is Penetration Testing?
Penetration testing is the ethical, authorized attempt to find vulnerabilities in systems by mimicking the methods of malicious attackers. It’s akin to a security audit carried out with permission to help strengthen security.
(No answer required)
Task 2: Penetration Testing Ethics
Before starting any pentest, you and the client define a Rules of Engagement (ROE) that outlines:
Permission – Legal authorization to conduct the test
Scope – What targets and services are allowed
Rules – Technical boundaries, such as prohibited actions
Types of Hackers
Hacker Type | Description |
|---|---|
White Hat | Ethical pentesters working with authorization |
Grey Hat | Sometimes beneficial but may breach laws or ethics |
Black Hat | Malicious actors with harmful intent |
Sample Questions & Answers
Given permission to audit → White Hat
Theft of data without consent → Black Hat
Document defining scope and permission → Rules of Engagement
Task 3: Penetration Testing Methodologies
A pentest methodology typically follows these stages:
Information Gathering – Collecting public data (OSINT)
Enumeration/Scanning – Identifying live hosts, services
Exploitation – Using vulnerabilities to gain access
Privilege Escalation – Expanding access horizontally or vertically
Post-Exploitation – Pivoting, cleanup, reporting
Pentesting Frameworks
Framework | Focus | Pros | Cons |
|---|---|---|---|
OSSTMM | Networks, telecoms, systems | Very comprehensive | Dense, complex |
OWASP | Web applications | Easy, actively maintained | No formal accreditation |
NIST CSF | Organizational security posture | Widely used, detailed | General-purpose, not pentest-focused |
NCSC CAF | Critical infrastructure & national frameworks | Government-endorsed | Niche, slower adoption |
Sample Answers
Public info stage → Information Gathering
Framework for telecom pentesting → OSSTMM
Framework for web apps → OWASP
Task 4: Testing Scopes – Box Types
Scopes define what’s known during testing:
Black‑Box: No internal knowledge, simulates external attacker
Grey‑Box: Limited internal insight, more informed than Black‑Box
White‑Box: Full source/config access, detailed internal testing
Sample Q&A
No source code → Black Box
Full source code → White Box
Task 5: Practical – ACME Penetration Test
Simulated engagement walkthrough—apply all methodology learned to “ACME” infrastructure.
Upon completion, you receive the flag:
Flag: THM{PENTEST_COMPLETE}
Summary Table
Task | Topic | Key Outcome |
|---|---|---|
1 | What is Pentesting | Understanding ethical pentesting |
2 | Ethics & ROE | Authorized, scoped hacking |
3 | Methodologies | From recon to reporting |
4 | Box Types | Testing with different knowledge levels |
5 | Practical | Simulated audit → |
Final Thoughts
This room lays the conceptual groundwork for real-world offensive security. By exploring ethics, structured testing methods, and hands-on simulation, you’re better prepared for more technical pentesting challenges.
Tips
Focus on the why behind each stage—not just the steps.
Use the ROE concept in every future pentesting task.
Understand how different testing scopes affect strategy and preparation.
