Background. HSBC DOD VA Masters in Computer Science Somerset Recon. Avid CTF Competitor

Similar documents
Professional Penetration Testing Techniques and Vulnerability Assessment ...

Adobe Systems Incorporated

HackMiami Web Application Scanner 2013 PwnOff

Using Free Tools To Test Web Application Security

Penetration Testing //Vulnerability Assessment //Remedy

NEXPOSE ENTERPRISE METASPLOIT PRO. Effective Vulnerability Management and validation. March 2015

Security Testing for Web Applications and Network Resources. (Banking).

New Zealand Company Six full time technical staff Offices in Auckland and Wellington

Conducting Web Application Pentests. From Scoping to Report For Education Purposes Only

Application Security Testing. Erez Metula (CISSP), Founder Application Security Expert

Penetration testing & Ethical Hacking. Security Week 2014

BUILDING AN OFFENSIVE SECURITY PROGRAM BUILDING AN OFFENSIVE SECURITY PROGRAM

PCI-DSS Penetration Testing

Securing Your Web Application against security vulnerabilities. Ong Khai Wei, IT Specialist, Development Tools (Rational) IBM Software Group

Threat Modeling: The Art of Identifying, Assessing, and Mitigating security threats

Web Application Report

The Roles of Software Testing & QA in Security Testing

Learn Ethical Hacking, Become a Pentester

KASPERSKY SECURITY INTELLIGENCE SERVICES. EXPERT SERVICES.

Rational AppScan & Ounce Products

The purpose of this report is to educate our prospective clients about capabilities of Hackers Locked.

EC-Council CAST CENTER FOR ADVANCED SECURITY TRAINING. CAST 619 Advanced SQLi Attacks and Countermeasures. Make The Difference CAST.

Healthcare Information Security Governance and Public Safety II

Learning objectives for today s session

Connectivity to Polycom RealPresence Platform Source Data

Demystifying Penetration Testing for the Enterprise. Presented by Pravesh Gaonjur

(WAPT) Web Application Penetration Testing

Black Box versus White Box: Different App Testing Strategies John B. Dickson, CISSP

ITEC441- IS Security. Chapter 15 Performing a Penetration Test

Application Security Testing

Web Application Penetration Testing

Security-as-a-Service (Sec-aaS) Framework. Service Introduction

The Nexpose Expert System

Overview of the Penetration Test Implementation and Service. Peter Kanters

Why The Security You Bought Yesterday, Won t Save You Today

Penetration Testing. I.T. Security Specialists. Penetration Testing 1

Security Testing. Vulnerability Assessment vs Penetration Testing. Gabriel Mihai Tanase, Director KPMG Romania. 29 October 2014

Patch and Vulnerability Management Program

Penetration Testing. Presented by

Application security testing: Protecting your application and data

Network and Security Controls

Security Frameworks. An Enterprise Approach to Security. Robert Belka Frazier, CISSP

! Resident of Kauai, Hawaii

Vulnerability and Threat Management and Prevention

METHODS TO TEST WEB APPLICATION SCANNERS

Comparing the Effectiveness of Penetration Testing and Static Code Analysis

Web application testing

Cyber R &D Research Roundtable

PENTEST. Pentest Services. VoIP & Web.

Creating Stronger, Safer, Web Facing Code. JPL IT Security Mary Rivera June 17, 2011

ETHICAL HACKING APPLICATIO WIRELESS110 00NETWORK APPLICATION MOBILE MOBILE0001

Integrating Application Security into the Mobile Software Development Lifecycle. WhiteHat Security Paper

Penetration Testing in Romania

Network Test Labs (NTL) Software Testing Services for igaming

Kerem Kocaer 2010/04/14

SECURITY FIRST: AN ESSENTIAL GUIDE TO PENETRATION TESTING

Earth vs. The Giant Spider: Amazingly True Stories of Real Penetration Tests

What is Penetration Testing?

Penetration Testing Report. Client: xxxxxx Date: 19 th April 2014

NETWORK PENETRATION TESTING

A Network Administrator s Guide to Web App Security

IBM Rational AppScan: Application security and risk management

COURSE NAME: INFORMATION SECURITY INTERNSHIP PROGRAM

Experiences from Educating Practitioners in Vulnerability Analysis

Top 20 Critical Security Controls

Vulnerability Assessment and Penetration Testing

Penetration: from Application down to OS

Protecting Your Organisation from Targeted Cyber Intrusion

Introduction to network penetration testing

Armitage. Part 1. Author : r45c4l Mail : infosecpirate@gmail.com.

Complete Web Application Security. Phase1-Building Web Application Security into Your Development Process

Information Security Services

HP WebInspect Tutorial

Cyber Essentials PLUS. Common Test Specification

Penetration Testing Services. Demonstrate Real-World Risk

IBM Rational AppScan: enhancing Web application security and regulatory compliance.

INTRODUCTION: PENETRATION TEST A BUSINESS PERSPECTIVE:

Spigit, Inc. Web Application Vulnerability Assessment/Penetration Test. Prepared By: Accuvant LABS

Goal Oriented Pentesting Getting the most value out of Penetration Testing

2014 Entry Form (Complete one for each entry.) Fill out the entry name exactly as you want it listed in the program.

After reviewing all the questions, the most common and relevant questions were chosen and the answers are below:

Cenzic Product Guide. Cloud, Mobile and Web Application Security

ABC LTD EXTERNAL WEBSITE AND INFRASTRUCTURE IT HEALTH CHECK (ITHC) / PENETRATION TEST

Potential Targets - Field Devices

Microsemi Security Center of Excellence

Secrets of Vulnerability Scanning: Nessus, Nmap and More. Ron Bowes - Researcher, Tenable Network Security

About Effective Penetration Testing Methodology

Host Hardening. Presented by. Douglas Couch & Nathan Heck Security Analysts for ITaP 1

CRYPTUS DIPLOMA IN IT SECURITY

Transcription:

Penetration Testing

Background HSBC DOD VA Masters in Computer Science Somerset Recon Avid CTF Competitor

Table Of Contents 0. Information Security Risks 1. Why Pentest 2. Pentest Methodology/Process 3. Types Of Pentests 4. Pentest Tips, Tricks and Examples 5. Making Hackers Lives More Difficult 6. Get More Value Out Of Pentests 7. Questions

Information Security Risks

Information Security Risks

Information Security Risks Ukraine Blackout

Pentest Methodology/Process Pre-Engagement NDA, Rules of Engagment, Contract, Documentation Information Gathering and Reconnaissance Enumeration Vulnerability Analysis Exploitation Post Exploitation Reporting Retest

Why Pentest? Mitigate Risk Legal and Compliance PCI-DSS HIPPA GLBA FISMA/NIST Validate/Invalidate Security Controls Find and Mitigate Vulnerabilities Prevent compromise Make it more difficult for hackers

Whitebox Greybox Blackbox Internal Assessment External Assessment

Nework Web Mobile Device Wireless Red Team

Nework

Nework (Information Gathering)

Nework (Enumeration)

Nework (Vulenrability Analysis)

Nework (Exploitation)

Nework (Post Exploitation)

Web (Information Gathering)

Web (Enumeration/Vulnerability Analysis) https://victim.com/?id=yoyo https://victim.com/?id=yoyo><a https://victim.com/?id=' https://victim.com/?id='%2b' https://victim.com/?id='--

Web (Enumeration/Vulnerability Analysis)

Web (Exploitation)

Mobile (Information Gathering)

Mobile (Enumeration/Vulnerability Analysis)

Mobile (Exploitation)

Device (Information Gathering)

Device (Enumeration/Vulnerability Analysis)

Device (Exploitation)

Red Team (Information Gathering)

Read Team (Exploitation)

Read Team (Post Exploitation)

Wireless

Wireless

Pentest Tips and Tricks What are the most common passwords?

Pentest Tips and Tricks What are the most common passwords? 123456 password 12345678 qwerty 12345 123456789

Pentest Tips and Tricks Antivirus Bypass IDS/IPS/WAF Bypass NAC/WiFi/Proxy

Pentest Tips and Tricks Automation Nessus Nexpose Web Inspect IBM Appscan NTO Spider Acunetix Burp Suite Pro

Pentest Tips and Tricks Manual Pentest Automated Scan Try not to burn yourself with the soldering iron

Pentest Tips and Tricks Client-Side Exploitation Scope Social Engineering Screenshots Take them immediately Be careful when performing authenticated attacks or scans Eliminate false positives Document mitigations

Pentest Tips and Tricks Social Engineering Nobody can resist pizza Emergency Helpdesk Leveraging relationships CallerID Spoofing Spring Break 2016

Pentest Tips and Tricks Reporting Vulnerability description Vulnerability risk ratings Steps to reproduce Screenshots Impact Mitigations

Making Hackers Lives More Difficult Updated Software Segregated Networks (VLANS/Firewall rules) Hardened OS configurations Microsoft Enhanced Mitigation Experience Toolkit (EMET) Secure Software Development Lifecycles Browser Hardening (NoScript, Scriptno, Adblock Plus, Java and flash are uninstalled) Application Whitelisting Firmware/chip protections Hardware debugging is disabled

Get More Value Out Of Pentest Give more information to the testers Network diagrams External and internal network access 2 of every types of account Directory listings Sourcecode Web services documentation Development build of mobile application and production build Look for signs of highly skilled testers Nessus or Nexpose is not the only tool in their arsenal Manual testing Testers have additional skills/experience (exploit development, reverse engineering, software development, network, systems administration,

Get More Value Out Of Pentest Pentest on non production systems Development QA Pre-production Provide technical assistance to testers if needed System goes down Account gets locked out or expires Answer questions (e.g. Should user X be able to get to data Y? Is anyone using this service?) Embedded device fails

Get More Value Out Of Pentest How much do pentests cost? $125-$400 per hour per tester Typical engagements Web: 4-6 days Network: 4-10 days Mobile: 5-10 days Device/IoT: 7-15 Red Team: 4-10 Be careful of vulnerability scans that charge by IP address

Questions???

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information