PKF Avant Edge. Penetration Testing. Stevie Heong CISSP, CISA, CISM, CGEIT, CCNP



Similar documents
WHITE PAPER. An Introduction to Network- Vulnerability Testing

Build Your Own Security Lab

ITEC441- IS Security. Chapter 15 Performing a Penetration Test

An Introduction to Network Vulnerability Testing

PTSv2 in pills: The Best First for Beginners who want to become Penetration Testers. Self-paced, online, flexible access

Demystifying Penetration Testing for the Enterprise. Presented by Pravesh Gaonjur

McAfee Certified Assessment Specialist Network

Kerem Kocaer 2010/04/14

CYBERTRON NETWORK SOLUTIONS

NETWORK PENETRATION TESTING

Certified Ethical Hacker (CEH)

Penetration Testing with Kali Linux

COURSE NAME: INFORMATION SECURITY INTERNSHIP PROGRAM

Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs

The purpose of this report is to educate our prospective clients about capabilities of Hackers Locked.

SCOPING QUESTIONNAIRE FOR PENETRATION TESTING

Professional Penetration Testing Techniques and Vulnerability Assessment ...

Aiming at Higher Network Security Levels Through Extensive PENETRATION TESTING. Anestis Bechtsoudis. abechtsoudis (at) ieee.

Penetration Testing. Presented by

Penetration Testing. NTS330 Unit 1 Penetration V1.0. February 20, Juan Ortega. Juan Ortega, juaorteg@uat.edu. 1 Juan Ortega, juaorteg@uat.

CRYPTUS DIPLOMA IN IT SECURITY

SONDRA SCHNEIDER JOHN NUNES

Computer Forensics Training - Digital Forensics and Electronic Discovery (Mile2)

Certified Ethical Hacker Exam Version Comparison. Version Comparison

If you know the enemy and know yourself, you need not fear the result of a hundred battles.

ensuring security the way how we do it

Vulnerability Assessment and Penetration Testing

Nessus. A short review of the Nessus computer network vulnerability analysing tool. Authors: Henrik Andersson Johannes Gumbel Martin Andersson

Course Title: Course Description: Course Key Objective: Fee & Duration:

National Cyber League Certified Ethical Hacker (CEH) TM Syllabus

Audience. Pre-Requisites

Penetration Testing Service. By Comsec Information Security Consulting

New Zealand Company Six full time technical staff Offices in Auckland and Wellington

National Cyber League Certified Ethical Hacker (CEH) TM Syllabus

locuz.com Professional Services Security Audit Services

Client logo placeholder XXX REPORT. Page 1 of 37

Vulnerability Assessment and Penetration Testing. CC Faculty ALTTC, Ghaziabad

About Effective Penetration Testing Methodology

Penetration Testing. Security Testing

Demystifying Penetration Testing


Radware s Behavioral Server Cracking Protection

Ethical Hacking Course Layout

Course Duration: 80Hrs. Course Fee: INR (Certification Lab Exam Cost 2 Attempts)

Application Security Testing

!!!!!!!!!!!!!!!!!!!!!!

CEH Version8 Course Outline

NETWORK PENETRATION TESTS FOR EHR MANAGEMENT SOLUTIONS PROVIDER

EC-Council Certified Security Analyst (ECSA)

Redhawk Network Security, LLC Layton Ave., Suite One, Bend, OR

Security Certifications. Presentatie SecCert 101 Jordy Kersten MSc., ISC2 Ass., CEH, OSCP

Recon and Mapping Tools and Exploitation Tools in SamuraiWTF Report section Nick Robbins

INFORMATION SECURITY TESTING

Information Security. Training

Learn Ethical Hacking, Become a Pentester

Some Tools for Computer Security Incident Response Team (CSIRT)

Security Awareness For Server Administrators. State of Illinois Central Management Services Security and Compliance Solutions

Penetration Testing. I.T. Security Specialists. Penetration Testing 1

June 2014 WMLUG Meeting Kali Linux

External Supplier Control Requirements

The Security Development Life Cycle

Attack and Penetration Testing 101

How to break in. Tecniche avanzate di pen testing in ambito Web Application, Internal Network and Social Engineering

Scoping Questionnaire for Penetration Testing

Vinny Hoxha Vinny Hoxha 12/08/2009

Penetration Testing. What Is a Penetration Testing?

Network Security Audit. Vulnerability Assessment (VA)

a) Encryption is enabled on the access point. b) The conference room network is on a separate virtual local area network (VLAN)

SENSITIVE AUSTRALIAN SPORTS COMMISSION ATHLETE MANAGEMENT SYSTEM (AMS) SMARTBASE SECURITY TEST PLAN. Final. Version 1.0

Telecom Testing and Security Certification. A.K.MITTAL DDG (TTSC) Department of Telecommunication Ministry of Communication & IT

Venue. Dates. Certified Ethical Hacker (CEH) boot camp. Inovatec College. Nairobi Kenya (exact hotel name to be confirmed

Penetration Testing //Vulnerability Assessment //Remedy

Ethical Hacking and Information Security. Foundation of Information Security. Detailed Module. Duration. Lecture with Hands On Session: 90 Hours

Bust a cap in a web app with OWASP ZAP

ETHICAL HACKING APPLICATIO WIRELESS110 00NETWORK APPLICATION MOBILE MOBILE0001

Web App Security Audit Services

Introduction to Penetration Testing Graham Weston

Security Testing. Vulnerability Assessment vs Penetration Testing. Gabriel Mihai Tanase, Director KPMG Romania. 29 October 2014

Penetration Testing in Romania

ETHICAL HACKING. By REAL TIME FACULTY

INTRODUCTION: PENETRATION TEST A BUSINESS PERSPECTIVE:

IDS 4.0 Roadshow. Module 1- IDS Technology Overview. 2003, Cisco Systems, Inc. All rights reserved. IDS Roadshow

Web Application Threats and Vulnerabilities Web Server Hacking and Web Application Vulnerability

Network Attacks and Defenses

Secure Web Applications. The front line defense

DEFENSE THROUGHOUT THE VULNERABILITY LIFE CYCLE WITH ALERT LOGIC THREAT AND LOG MANAGER

Information Security Services

GUIDE TO INFORMATION SECURITY TESTING AND ASSESSMENT

A Systems Engineering Approach to Developing Cyber Security Professionals

Cyber Essentials. Test Specification

IDS and Penetration Testing Lab ISA 674

Penetration testing & Ethical Hacking. Security Week 2014

A Decision Maker s Guide to Securing an IT Infrastructure

Rapid Vulnerability Assessment Report

ABC LTD EXTERNAL WEBSITE AND INFRASTRUCTURE IT HEALTH CHECK (ITHC) / PENETRATION TEST

CSSIA CompTIA Security+ Domain. Network Security. Network Security. Network Security. Network Security. Network Security

Transcription:

PKF Avant Edge Penetration Testing Stevie Heong CISSP, CISA, CISM, CGEIT, CCNP

What is Penetration Testing (PenTest)? A way to identify vulnerabilities that exists in a system/network that has existing security measures in place Answers the questions on whether your IT security is strong enough Attacking methods conducted by trusted individuals, that are used similarly by hostile hackers PenTest done in stages: Discover, Analyse, Validate, Exploit and Report. PenTest is a snapshot of a company s security posture with specific time frame PenTest is NOT a full security audit or a compliance audit, although it might be used in one, for example ISO27001 implementation PenTest is used to either a) Increase upper management awareness of security issues b) Test intrusion detection and response capabilities c) Assist management in decision making process to prioritise critical fixes

Consequences of PenTest Improper Pentest can cause: a) Network congestion b) Systems outages and downtime c) DDOS on web applications d) Blockage of legitimate traffic e) Total destruction of data f) Management panic g) Technical Crisis h) Brand Dilution i) Customer complaints j) Business Continuity Problems Vital to have management consent before proceeding! Vital to set RoE (Rules of Engagement)

Types of PenTest Black Box Penetration Testing zero-knowledge testing Tester need to acquire the knowledge and penetrate. Benefits: Acquire knowledge using tools or Social Engineering techniques Publicly available information may be given to the penetration tester, Black box testing is intended to closely replicate the attack made by an outsider without any information of the system. This kind of testing will give an insight of the robustness of the security when under attack by script kiddies

Types of PenTest White Box Penetration Testing complete-knowledge testing Testers are given full information about the target system they are supposed to attack. Information includes, Benefits:» Technology overviews,» Data flow diagrams» Code snippets» More.. reveals more vulnerabilities and may be faster. compared to replicate an attack from a criminal hacker that knows the company infrastructure very well. This hacker may be an employee of the company itself, doing an internal attack

AvantEdge PenTest Methodology We use the OSSTMM (Open-Source Security Testing Methodology Manual) methodology: Human security Testing Physical Security Testing Wireless Security Testing Telecoms Security Testing Data Networks security Testing Discovery Discovery Discovery Discovery Discovery Analysis Analysis Analysis Analysis Analysis Validation Validation Validation Validation Validation Exploitation Exploitation Exploitation Exploitation Exploitation Reporting Reporting Reporting Reporting Reporting

Discovery Phase We can either discover the IP addresses or be provided the IP address range for the network to be reviewed by us. Examples of Network IP Addresses: 192.***.***.157 192.***.***.24 192.***.***.25 192.***.***.26 192.***.***.27 We will use the our security tools to identify live services on the tested host on this subnet. These tools are designed to identify live systems, as well as services being offered by those systems.

Analysis Phase As a follow-up to the information gathered, we will then use the security tools like Nessus and Metaspoilt to perform checks for known vulnerabilities on the external network. These tools are security-scanning tools that check for thousands and thousands of different known vulnerabilities on networked systems. For instance, the Nessus tool performs extensive checks for vulnerabilities based upon predefined attack signature criteria. All tests are then complemented with additional manual checks performed by our certified PenTest engineers to ensure accuracy of the results.

Validation Phase In this phase, we will manually verify the outputs of all security tools to determine if any results are inconsistent and warranted additional examination and review. Outputs from the various tools used will be compared and crosschecked for accuracy. False positives and duplicate entries will be removed from the Investigation results. Vulnerabilities that could be neither confirmed nor disputed are categorized separately for follow-up checks and review. Those vulnerabilities that could not be tested and confirmed without endangering the systems on which they exist are noted as well.

Exploitation Phase This is where the rubber meets the road. We will perform exploitation attempts against any external network host exhibiting vulnerability symptoms. These attempts include numerous manual exploitation attempts, information gathering and password guessing for well-known accounts using techniques developed and tested in our lab environment. All attacks are designed to limit the danger to services on the systems in order to prevent disruption of service during the testing.

Reporting Phase Organize Data/related results for Management Reporting Consolidation of Information gathered Analysis and Extraction of General conclusions Recommendations. Overall Structure of our report as follows: Executive summary Summary of any successful penetration scenarios Detailed listing of all information gathered during penetration testing Detailed listing of all vulnerabilities found Description of all vulnerabilities found Suggestions and techniques to resolve vulnerabilities found

Tools and Methodologies As professional security consultants, we only employ methodologies that are internationally recognised to ensure that every penetration testing activity is governed by acceptable rules and regulations: Guidelines OSSTMM :The Open Source Security Testing Methodology Manual. OWASP :Open Web Application Security Project. Tools NMAP,Nikito,John,CAIN&Able and many more. Whopix Tigertools (Commercial Tool) Metasploit. ExploitTree. Core Impact (Commercial Tool)

Partial List of What Hackers Can Do Whois Discovery MX records for email servers Nslookup and attempt zone transfers NMAP ping sweep and intense scanning Traceroute for hops vulnerabilities SMTP exploits : EHLO, send message for phishing etc Find vulnerabilities Netcat, Nessus, Metasploit Exploit and attack: brute force, sniffers, password crackers etc Obtain banners, ascertain systems SNMP string exploits Install rootkits, trojans and malware Remove logs and clean up tracks War Driving Crack WEP (Wepcrack, airsnort etc) Web Page crawl and internet trawling Review SSL/TLS Identify Authentication methods, AD SQL injection Buffer overflow XSS Input limitation HTTP headers Hidden content, info leaks (robot.txt etc) Crack sessions Lockout mechanisms And Thousands more

Qualifications of Our Security Specialists

FOR MORE INFORMATION Will YOU become a target for hackers? It is not a matter of IF, but WHEN. Contact us for our Penetration Testing Services today! PKF AvantEdge Penetration Testing Service Email: avantedge@pkfmalaysia.com Web: http://www.pkfmalaysia.com Address: Level 33, Menara 1MK, Kompleks 1 Mont Kiara, No.1, Jalan Kiara, Mont Kiara 50480 Kuala Lumpur Telephone: +6019 278 8629 (Mr Stevie Heong) +6016 213 2186 (Mr CB Chan) Facsimile: +603 6201 8880

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information