what i do?

Am an Information Risk Consultant and Penetration Tester, i specialize mostly in penetrating secure networks/computer systems where i simulate an organized professional attack against your organization, where after that a detailed report with weakness and exploited vectors are summarized. This will help you gain control over your infrastructures security and maximize your protection.

Tuesday, January 27, 2009

A perfect pentest example

1. Information Gathering Phase (find the company's website,
emails, employees (and their blogs etc) and anything else related)
2. Network Discovery Phase (find the internal and external
network(s) of the company if possible, with help from the
information above)
3. Service Discovery Phase (find all services belonging to the
company thus the versions, ftp, http and so on.)
4. Vulnerability Match Phase (see if it is possible to find any
holes directly in the applications.)
5. HTTP-Vulnerability Phase (check out all http-services belonging
to the company, check for everything ranging from SQL injection to
XSS)
6. Gaining Access (see if it is possible to gain full or partially
access to their systems. Social Engineering might work.)
7. Escalation of Privileges (if partial access was gained,
escalate privileges in order to gain root.)
8. System/Network Browsing (find other nodes on the network if
possible, if so begin from service discovery phase or information
gathering phase.)
9. Gaining Internal Access (if it was possible to gain internal
access, then the job is almost done. If not, we will need to do it
here. This could be achieved with XSS, Trojans, Eavesdropping,
Phishing or by Cracking the wireless network if they have such.
Even Social Engineering can work in this phase))
10. Backdooring Phase (put a rootkit or w/e i like, as long as it
isn't detectable. This isn't necessary for most companies.)
11. Removal of Traces (if needed, then remove all traces possible.)


All they best

/Chuks

No comments: