Information is more susciptible than ever, and each technology advancement creates a new security issue that necessitates a new approach to solving the problem. Penetration testing is used to assess the security of an IT infrastructure by exposing its vulnerabilities in a safe manner. It also aids in acquiring access to the effectiveness of existing defense systems, tactics, and policies. The Penetration testing is carried out on a regular basis in order to detect and control risks to achieve ethics to be possessed by the testing crew involved in penetration test. This research uses a qualitative research methodology for investigating manual testing and automated testing. It further aims at critically investigation penetration testing and its importance with tools available for it.
KEYWORDS: IT Security, Penetration test, IT governance, Vulnerability assessment.