Step 4 - Covering Tracks
The final stage of penetration testing or ethical hacking is to check whether the ethical hacker can erase or cover the mark that has been created in earlier stages of the test.
At present, many successful security breaches are made but never detected. This includes cases where firewalls and vigilant log checking were in place. From this stage we can establish what attacks and exploits a hacker is able to cover up and which we can easily detect.
In order that the target company’s security engineer or network administrator cannot detect the evidence of attack, the hacker needs to delete logs files and replace system binaries with Trojans. The attacker can use automated scripts and automated tools for hiding attack evidence and also to create backdoors for further attack.