Chapter 21
Ten Deadly Mistakes
Several deadly mistakes can wreak havoc on your ethical hacking outcomes and even your career. In this chapter, I discuss the potential pitfalls to be keenly aware of.
Not Getting Prior Approval
Getting documented approval in advance, such as an e-mail, an internal memo, or a formal contract for your ethical hacking efforts â whether itâs from management or from your client â is an absolute must. Itâs your Get Out of Jail Free card.
Allow no exceptions here â especially when youâre doing work for clients: Make sure you get a signed copy of this document for your files and for your lawyer.
Assuming That You Can Find All Vulnerabilities during Your Tests
So many security vulnerabilities exist â known and unknown â that you wonât find them all during your testing. Donât make any guarantees that youâll find all the security vulnerabilities in a system. Youâll be starting something that you canât finish.
If you did well studying probability and statistics in high school or college, you may consider putting together some confidence intervals to show what you truly expect to find.
Stick to the following tenets:
Be realistic.
Use ...
Get Hacking For Dummies, 4th Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
