Penetration testing

SECURITY PENETRATION TESTING

TEKNIS PELATIHAN KEAMANAN INFORMASI

AGENDA

SECURITY ASSESSMENT

VULNERABILITY ASSESSMENT

SECURITY AUDIT

PENETRATION TESTING

VA V.S PENTEST

PENTEST V.S SYSTEM AUDIT

AGENDA

PENETRATION TESTING

SCOPE (AREA)

LIMITATIONS

PENETRATION TESTING

METHODOLOGIES

WELL KNOWN STANDARD

SECURITY ASSESSMENT

IS A WAY TO VALIDATE/CHECK THE LEVEL OF SECURITY ON EVERY ASPECT OF IT INFRASTRUCTURE.

ALSO TO ENSURE THAT NECESSARY SECURITY CONTROLS ARE INTEGRATED INTO THE DESIGN AND IMPLEMENTATION.

TO PREPARE FOR BETTER ENHANCEMENT

SECURITY ASSESSMENT

VULNERABILITY ASSESSMENT

A VULNERABILITY ASSESSMENT IS USUALLY CARRIED OUT BY SECURITY VULNERABILITY SCANNER APPLICATION. MOST OF THE PRODUCT TEST TYPE OF OPERATING SYSTEM, APPLICATION, PATCH LEVEL, USER ACCOUNT AND ELSE.

VULNERABILITY SCANNER IDENTIFY COMMON SECURITY CONFIGURATION MISTAKES AND COMMON ATTACK

SECURITY ASSESSMENT

SECURITY AUDIT

MOST PART ARE CHECKLIST-BASED (CORPORATE SECURITY POLICICES OR REGULATION STANDARDS (ISO) OR PBI)

IMPORTANT FOR BEING COMPLIED WITH SECURITY POLICIES, LEGISLATION AND STANDARDS

E.G: IS THERE ANY BACKUPS? ANTIVIRUS?

SECURITY ASSESSMENT

PENETRATION TESTING

IS WHEN A “HACKER” DO THE ATTACKER WORK.

THE ONLY GOAL IS TO GET AS MUCH AS POSSIBLE AND AS DEEP AS POSSIBLE TO BREAK INTO THE SYSTEM.

VA V.S PENTEST

VULNERABILITY ASSESSMENT IDENTIFIES THE “POSSIBLE” VULNERABILITIES (ALSO FALSE POSITIVE)

PENETRATION TESTING VALIDATES THE VULNERABILITY

PENTEST V.S SECURITY AUDITS

SECURITY AUDITS IMPORTANT FOR BEING COMPLIED WITH SECURITY POLICIES, LEGISLATION AND STANDARDS

PENTEST COMPLEMENT SYSTEM AUDITS AND HELP TO FIX SECURITY THREAT BEFORE AN ATTACKER DISCOVERS IT

PENETRATION TESTING

CHECK SENSITIVE INFORMATION AVAILABLE

CHECK WHAT KIND OF PRIVILEGES PENTESTER GAIN

CHECK IF POSSIBLE TO ESCALATE PRIVILEGES

CHECK IF VULNERABILITY CAN LEAD TO MORE EXPLOITS (ANOTHER APPLICATION, SYSTEM, OR SERVER)

PENETRATION TESTING

TYPE OF PENETRATION TESTING:

BLACK BOX: 0 INFORMATION ABOUT THE SYSTEM, MAYBE ONLY THE IP/DOMAIN NAME. FULL ATTACKER PERSPECTIVE

GRAY BOX: PARTIAL INFORMATION ABOUT A SYSTEM, SIMULATE ATTACK BY EMPLOYEE, VENDORS.

WHITE BOX: SIGNIFICANT INFORMATION ABOUT A SYSTEM, SOURCE CODE/CONFIGURATION REVIEW.

PENETRATION TESTING

NETWORK INFRASTRUCTURE PENTEST

WIFI, VOIP, TELEPHONE

APPLICATION INFRASTRUCTURE PENTEST

WEB, MOBILE

SYSTEM INFRASTRUCTURE PENTEST

PHYSICAL SECURITY

SOCIAL ENGINEETING (PEOPLE)

PENETRATION TESTING

MOST LIMITATIONS

SKILLED

ACCESS TO EQUIPMENT

PENETRATION TESTING

METHODOLOGY

A GUIDELINE FOR SOLVING A PROBLEM, WITH SPECIFIC COMPONENTS SUCH AS PHASES, TASKS, METHODS, TECHNIQUES AND TOOLS

PENETRATION TESTING

WELL KNOWN STANDARD

PENETRATION TESTING

SOURCE: ISSAF

PENETRATION TESTING

INFORMATION GATHERING : USING ALL RESOURCES (INTERNET) TO FIND ALL THE INFORMATION ABOUT TARGET, USING TECHNICAL AND NON-TEHCNICAL METHODS

SOURCE: ISSAF

INFORMATION GATHERING

NON TECHNICAL

SEARCH COMPANY INFO ON SOCIAL NETWORK : LINKEDIN.COM, FACEBOOK

SEARCH KEY PERSONAL ACTIVITY: ADMINISTRATOR, PROGRAMMER

GOOGLE HACKING

HANDS ON

INFORMATION GATHERING VIA SOCIAL NETWORK

INFORMATION GATHERING VIA GOOGLE HACKING

INFORMATION GATHERING

TECHNICAL

USING DIG. NSLOOKUP, WHOIS TO FIND INFORMATION

HANDS ON

INFORMATION GATHERING USING DIG

INFORMATION GATHERING USING WHOIS

PENETRATION TESTING

NETWORK MAPPING: FOOTPRINT THE NETWORK AND RESOURCES THAT ALREADY GATHER FROM INFORMATION GATHERING. E.G: FIND LIVE HOST, PORT AND SERVICE, NETWORK PERIMETER, OS AND SERVICE FINGERPRINTING

SOURCE: ISSAF

NETWORK MAPPING

TOOLS: NMAP, TRACEROUTE, PING

MENCOBA NMAP, TRACEROUTE

SOURCE: ISSAF

HANDS ON

PENETRATION TESTING

VULNERABILITY IDENTIFICATION : IDENTIFY ALL SERVICES VULNERABILITY (BASED ON VERSION/BANNER), USING VULNERABILITY SCAN, IDENTIFY ATTACK PATH

TOOLS: NMAP, NESSUS

SOURCE: ISSAF

HANDS ON

NMAP -SV (DETECT OPEN PORT WITH SERVICE INFO (VERSION))

NMAP -O (DETECT POSSIBLE OS)

PENETRATION TESTING

PENETRATION: TRY TO GAIN UNAUTHORIZED ACCESS BY CIRCUMVENTING THE SECURITY MEASURES TO GET ACCESS,. E.G: FIND POC, CREATE TOOLS, TESTING

SOURCE: ISSAF

PENETRATION TESTING

GAINING ACCESS AND PRIVILEGES : GAINING LEAST PRIVILEGE BY DEFAULT USER OR PASSWORD, DEFAULT SETTINGS, PUBLIC SERVICES, TRY TO ESCALATE PRIVILEGES TO SUPERIOR LEVEL (ADMINISTRATOR/ROOT)

USING/CREATING EXPLOIT

OR METASPLOIT (FREE) , IMMUNITY CANVAS, CORE IMPACT

SOURCE: ISSAF

HANDS ON

USING METASPLOIT

USING LOCAL EXPLOIT TO GAIN HIGHER LEVEL PRIVILEGES

PENETRATION TESTING

ENUMERATING FURTHER: OBTAIN PASSWORD (PASSWORD FILE (/ETC/SHADOW, SAM), USER DATABASE), SNIFFING NETWORK, MAPPING INTERNAL NETWORK

SOURCE: ISSAF

HANDS ON

CRACKING PASSWORD FILE

PENETRATION TESTING

COMPROMISE REMOTE USERS/SITES: (IF POSSIBLE) TRY TO COMPROMISE REMOTE USER (VPN USERS) TO GET PRIVILEGE TO INTERNAL NETWORK

SOURCE: ISSAF

PENETRATION TESTING

MAINTAINING ACCESS: OFTEN NOT PERFORM

COVERING TRACKS: OFTEN NOT PERFORM

SOURCE: ISSAF

PENETRATION TESTING

VALUE IS ON THE REPORT

PENETRATION TESTING SERVICE LEVEL AGREEMENT

NON DISCLOSURE AGREEMENT

THERE ARE ALWAYS A RISK, E.G : SYSTEM DOWN/CRASH DURING PENTEST, SLOWDOWN NETWORK

Penetration testing

Technology

SAP Penetration Testing

Penetration Testing Presentation

Penetration Testing Network & Perimeter Testing

Penetration Testing Good

PENETRATION TESTING - Perspective Risk · PDF fileA PROVIDER OF PENETRATION TESTING SERVICES? ... Invariably, penetration testing means that the penetration testers will

Penetration testing Professional

Web Applications Penetration Testingcs1160315/WebPenetration... · 2018. 3. 3. · Penetration testing typically includes network penetration testing and application security testing

Android Penetration Testing

Project Penetration Testing

Penetration testing

Penetration Testing Methodologies Testing... · penetration testing, aiutando la comunità di sicurezza nella scelta del percorso migliore per il penetration testing. Il termine open

Scanning & Penetration Testing

Web Application Penetration Testing · Penetration Testing By: Frank Coburn & Haris Mahboob. Take Aways Overview of the web app penetration ... §Penetration testing vs vulnerability

Penetration Testing Report

Penetration Testing - ISACA

Writing a Penetration Testing Report - Abaxio · (Sample Penetration Testing Report Black Box Penetration Testing For GPEN.KM V1.0 Month dd th, ... Title Black Box Penetration Testing

Cone Penetration Testing

Application Penetration Testing

Internal Penetration Testing

Penetration Testing - University of Texas at Dallascsi.utdallas.edu/...Penetration_Testing...Slides.pdf · Penetration Testing. What is penetration testing? Attempt to bypass security