Ten Deadly Mistakes
Several deadly mistakes can wreak havoc on your ethical hacking outcomes and even your career. In this chapter, I discuss the potential pitfalls to be keenly aware of.
Not Getting Prior Approval
Getting documented approval in advance, such as an e-mail, an internal memo, or a formal contract for your ethical hacking efforts — whether it’s from management or from your client — is an absolute must. It’s your Get Out of Jail Free card.
Assuming That You Can Find All Vulnerabilities during Your Tests
So many security vulnerabilities exist — known and unknown — that you won’t find them all during your testing. Don’t make any guarantees that you’ll find all the security vulnerabilities in a system. You’ll be starting something that you can’t finish.
Stick to the following tenets:
Use good tools.
Get to know ...