NETWORK PENETRATION TESTING

Similar documents
Introduction to Penetration Testing: Part One. Eugene Davis UAH Information Security Club February 21, 2013

TexSaw Penetration Te st in g

Basics of executing a penetration test

CSC 5930/9010 Offensive Security: OSINT

ETHICAL HACKING & COMPUTER FORENSIC SECURITY

Quick Lockdown Guide. Firmware 6.4

VULNERABILITY ASSESSMENT: SYSTEM AND NETWORK PENETRATION TESTING. Presented by: John O. Adeika Student ID:

Principles of ICT Systems and Data Security

Ethical Hacking Foundation Certification Training - Brochure

Application Security Approach

Hacker Academy Ltd COURSES CATALOGUE. Hacker Academy Ltd. LONDON UK

Certified Vulnerability Assessor

Advanced Ethical Hacking & Penetration Testing. Ethical Hacking

RiskSense Attack Surface Validation for Web Applications

MIS5206-Section Protecting Information Assets-Exam 1

CPTE: Certified Penetration Testing Engineer

Advanced Security Tester Course Outline

Curso: Ethical Hacking and Countermeasures

Nmap & Metasploit. Chun-Jen (James) Chung. Arizona State University

Term 2 Grade 12 -Project Task 2 Teachers Guidelines Ethical Hacking Picture 1 Picture 2

Module 1: Penetration Testing Planning and Scoping. Module 2: Basic Usage of Linux and its services

Penetration Testing and Fuzzing. John Slankas

CompTIA Security+ Malware. Threats and Vulnerabilities Vulnerability Management

Fundamentals of Information Systems Security Lesson 5 Auditing, Testing, and Monitoring

Penetration Testing and Team Overview

hidden vulnerabilities

n Explain penetration testing concepts n Explain vulnerability scanning concepts n Reconnaissance is the first step of performing a pen test

Scanning. Course Learning Outcomes for Unit III. Reading Assignment. Unit Lesson UNIT III STUDY GUIDE

Pearson: Certified Ethical Hacker Version 9. Course Outline. Pearson: Certified Ethical Hacker Version 9.

Terms, Methodology, Preparation, Obstacles, and Pitfalls. Vulnerability Assessment Course

Chapter 4. Network Security. Part I

Hacker Academy UK. Black Suits, White Hats!

Ethical Hacking and Countermeasures: Attack Phases, Second Edition. Chapter 1 Introduction to Ethical Hacking

A Model for Penetration Testing

Chapter 5: Vulnerability Analysis

Cybersecurity Today Avoid Becoming a News Headline

01/02/2014 SECURITY ASSESSMENT METHODOLOGIES SENSEPOST 2014 ALL RIGHTS RESERVED

Tiger Scheme QST/CTM Standard

ECCouncil Exam v8 Certified Ethical Hacker v8 Exam Version: 7.0 [ Total Questions: 357 ]

AURA ACADEMY Training With Expertised Faculty Call Us On For Free Demo

Ethical Hacking Basics Course

CYBERSECURITY PENETRATION TESTING - INTRODUCTION

Cross Platform Penetration Testing Suite

n Given a scenario, analyze and interpret output from n A SPAN has the ability to copy network traffic passing n Capacity planning for traffic

FIREWALL BEST PRACTICES TO BLOCK

ASSURANCE PENETRATION TESTING

Security Testing. - a requirement for a secure business. ISACA DAY in SOFIA. Gabriel Mihai Tanase, Director, Cyber Services KPMG in CEE

Assessment. automation: Deux ex Machina. Rube Goldberg Machine? 2005 LAS VEGAS

Coding for Penetration

J. A. Drew Hamilton, Jr., Ph.D. Director, Center for Cyber Innovation Professor, Computer Science & Engineering

Question No: 1 After running a packet analyzer on the network, a security analyst has noticed the following output:

Internet infrastructure

CompTIA Exam CAS-002 CompTIA Advanced Security Practitioner (CASP) Version: 6.0 [ Total Questions: 532 ]

Penetration testing using Kali Linux - Network Discovery

SECURITY & PRIVACY DOCUMENTATION

CISSP CEH PKI SECURITY + CEHv9: Certified Ethical Hacker. Upcoming Dates. Course Description. Course Outline

CASE STUDY. How 16 Penetration Tests Missed A Vulnerability Which Could ve Cost One Company Over $103 Million In PCI Fines

Security Stream for Computer Science

6 MILLION AVERAGE PAY. CYBER Security. How many cyber security professionals will be added in 2019? for popular indursty positions are

Machine-Based Penetration Testing

Penetration Testing with Kali Linux

Introduction to Ethical Hacking. Chapter 1

CyberSecurity. Penetration Testing. Penetration Testing. Contact one of our specialists for more information CYBERSECURITY SERVICE DATASHEET

Web Application Penetration Testing

CyBot Suite. Machine-based Penetration Testing

Computer Network Vulnerabilities

The Rise of the Purple Team

Web Applications Penetration Testing

Specialized Security Services, Inc. REDUCE RISK WITH CONFIDENCE. s3security.com

Device Discovery for Vulnerability Assessment: Automating the Handoff

Pass4suresVCE. Pass4sures exam vce dumps for guaranteed success with high scores

Predictive malware response testing methodology. Contents. 1.0 Introduction. Methodology version 1.0; Created 17/01/2018

Evaluating Website Security with Penetration Testing Methodology

Defense-in-Depth Against Malicious Software. Speaker name Title Group Microsoft Corporation

All the Cool Kids Are Red Teaming Should You Be Drinking the Kool-aid Too?

Metasploit: The Penetration Tester's Guide PDF

Cyber Security Audit & Roadmap Business Process and

Machine-Based Penetration Testing

Training for the cyber professionals of tomorrow

Cyber Security & Ethical Hacking Training. Introduction to Cyber Security Introduction to Cyber Security. Linux Operating System and Networking: LINUX

Choosing the Right Security Assessment

RiskSense Attack Surface Validation for IoT Systems

Ethical Hacking : Methodology and techniques

Ethical Hacking and Countermeasures: Attack Phases, Second Edition. Chapter 2 Footprinting

ISDP 2018 Industry Skill Development Program In association with

ECCouncil Exam v9 Certified Ethical Hacker Exam V9 Version: 7.0 [ Total Questions: 125 ]

Speed Up Incident Response with Actionable Forensic Analytics

Business continuity management and cyber resiliency

ROBOCYBERWALL INC. External Penetration Test Report. September 13, 2017

How-to Guide: Tenable Nessus for Microsoft Azure. Last Updated: April 03, 2018

STUDENT LEARNING OUTCOMES Beacom College of Computer and Cyber Sciences

DoS Attacks Malicious Code Attacks Device Hardening Social Engineering The Network Security Wheel

STRENGTHENING INFOMATION SECURITY WITH VAPT

My name is Jesus Abelarde and I am Lead Systems Security Engineer for the MITRE Corporation. I currently work on multiple engineering domains that

Preventing Corporate Espionage: Investigations, Data Analyses and Business Intelligence

Security by Default: Enabling Transformation Through Cyber Resilience

Threat Centric Vulnerability Management

Hands-On Hacking Course Syllabus

Port Scanning A Brief Introduction

Ethical Hacker Foundation and Security Analysts Course Semester 2

Transcription:

NETWORK PENETRATION TESTING

LESS The Threat State Sponsored MORE Terrorism Espionage Criminal NOTE: Hackers increasingly showing more potential to cause greater damage MORE Hacker LESS Occurrence Damage

Current Scenario Millions of computers are infected with malware, while hundreds of thousands more are enslaved as botnets sending spam, launching DOS attacks and hosting dubious websites.

Penetration Testing A penetration test subjects a system to the real-world attacks selected and conducted by the testing personnel. The benefit of a penetration test is to identify the extent to which a system can be compromised before the attack is identified and assess the response mechanism s

Penetration Test A process of discovering weakness in computer infrastructure and network. It is a proactive testing Usually carried out By a team of Pen testers By organization to simulate a real attacks

Network Penetration Testing Pen Testing Blind Pen Testing Double Blind Pen Testing

Pentest Approach Penetration Test Approach Black Box Testing White Box Testing A test without prior knowledge of the infrastructure Simulate real life hacking activities Take longer time A test with complete knowledge of the infrastructure Can spot common errors very fast

Standard Operating Procedure 1. Get Management approval 2. Sign NDA (Non-Disclosure Agreement) 3. Establish POC (Point of Contact) 4. Defining Scope and Success Criteria 5. Schedule the activity (Normally during off working hours) 6. Attack and Reporting

Steps Involved Information Gathering Scanning and Enumeration Gaining Access Collecting Proof of Concept

Information Gathering First Step performed by any penetration tester.

Information Gathering Google Search Engine Old Site Archives Job portals Dumpster Diving Social Engineering DNS Names Mining Whois Expanding Arena of War

Google Search Engine Using Advanced Operators site filetype intitle inurl link

Google Search Engine 1 site:abc.com test 2 filetype:ppt test 3 intitle:login 4 inurl:admin 5 link:abc.com

Hunting archives www.archive.org/index.php

Dumpster Diving Dumpster diving is the practice of sifting through commercial or residential trash to find items that have been discarded by their owners, but which may be useful to the Dumpster diver

Social Engineering Social engineering is the art of manipulating people into performing actions or divulging confidential information.

Social Engineering A form of intrusion targeting the weakness in the non-technical aspects of system and people. Rely on in-built human vulnerabilities: Inexperience Unable to keep up with fast paced culture (IT) Not aware of value of information they possess Remain as greatest threat to any security system

DNS Mining Netcraft.com DNS Zone Transfer

DNS Mining Netcraft.com

DNS Mining DNS Zone Transfer Nslookup Set type=ns <Domain_Name> Server <Output_from_Above> ls d <Domain_Name> Demo

Whois Who is Gives information about a domain name and an Internet Protocol (IP) address.

Whois Web browser query for Who is database www.whois.net for a domain name

Whois Information from IP www.dnsstuff.com www.geektools.com/whois.php

Expanding Arena of War route-views3.routeviews.org www.netconfigs.com

Scanning and Enumeration Port Scanning Service Detection OS Fingerprinting

What is Nmap Nmap is an open source network reconnaissance tool developed by Gordon fyodor Lyon (http://www.insecure.org)

Basic uses of Nmap Nmap is used for: Host discovery Port scanning Service and version detection Operating system detection

Host Discovery To discover if a host is up or down sp flag for activating the host discovery option Nmap discovery run: nmap sp 192.168.1.*

Port Scanning What are ports? Ports are virtual access points of a host. For an attacker, these ports are the entry points into the host There are two types of ports: tcp and udp. Tcp ports: connection oriented protocol Udp ports: connectionless protocol

Port Scanning Nmap has 2 basic options for scanning tcp and udp ports: For TCP ports: -ss For UDP Ports: su Both the scans can be selected: Nmap ss su 192.168.1.7

Service and Version detection What is service and version detection? Nmap Service detection deals with detection of services running on ports Nmap sv flag: used for activating service detection Probing Command for Service detection: nmap ss sv 192.168.1.8

Operating system detection What is Operating system detection? Detection of operating system of remote host. Nmap O flag : activates OS detection option of Nmap. nmap ss O 192.168.1.8

Gaining Access Vulnerability Assessment Vulnerability Exploitation

Nessus (Vulnerability scanner)

Nessus Nessus is a free vulnerability scanner. Can be downloaded from http://www.nessus.org Can be registered for free

Basic usage of Nessus Host discovery Port scanning Enumeration Vulnerability assessment

Features of Nessus Based on client-server model Nessus client is used to connect to Nessus server which performs the actual scan Has a GUI as well as CLI

Using Nessus Nessus server is installed on localhost by default. Connection must be established to Nessus server using Nessus client to initiate scan

Using Nessus Target can be chosen as single IP or a range

Using Nessus

Selecting scan policies Comes with two pre-configured scan policies Can be further configured

Nessus Output Shows scan time Shows open ports Information gathered about target host Number of vulnerabilities detected in the remote host

Vulnerability Exploitation

Owning a box in 5 commands Metasploit Load db_sqlite3 db_create test.db db_nmap ip db_autopwn t p e md Sachin

Penetration through Databases

Real Time Case Study

Whois Route-views3.routeviews.org Netconfigs.com Scan Demo

AKSIT- KEY SERVICES Gap Analysis Network Architecture Review Vulnerability Assessment External Pen Testing Application Security Audit Physical Security Risk Assessment Formulation of Security Policies Information Security Training

Catch us @ Thank You Wg.Cdr Ashish Kumar Saxena (Retd.) ashish@aksitservices.co.in Ph: +91-9811943669 Sachin Kumar sachin.kumar@aksitservices.co.in

Thank you Thank you Head Office AKS Information Technology Services Pvt. Ltd. G-71, First Floor, Secor-63, Noida, UP 201301 Tel 91-120-4243669 WebSite - http://

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback