what i do?

Am an Information Risk Consultant and Penetration Tester, i specialize mostly in penetrating secure networks/computer systems where i simulate an organized professional attack against your organization, where after that a detailed report with weakness and exploited vectors are summarized. This will help you gain control over your infrastructures security and maximize your protection.

Wednesday, July 10, 2013

CREATIVITY DURING PT & VA

Most of the Pentesters testing Networks, Organizations and infrastructures fail due to lack of imagination and lack of adapting to the environment.

Take for example, there are organizations that use the Domain Controller Machines as Proxies Servers, so when doing an Internal Pentest with these companies, you will be working with Proxies to get to the Internet, so obviously they will give you a user-name and a password for the proxy, so that you can communicate and share information during the White Box Internal Pentest. so if you have those credentials, don't you try see if you can join the Domain, yeah, why not use a virtual box to do so. You might just find your self owning the whole Domain Network, or maybe a bunch of Domain Forests. Though Penetrating in Domain Controller environment requires past experience in maintain and developing one or two, when you were System Admin back in the day; adapting to the environment is vital, maybe Primal, as many would say fundamental.

So when i talked about tracking cars, we all know that some of these equipments are really expensive, but you can always adapt, get a normal car GPS, like the one below, these equipments show every route or direction a car is going, this is like 20k now in the market. When i bought my first, they were a little expensive.


   This is a very good way to know which route your target uses mostly, i know couples who have used these devices to burst their cheating spouse. So its just creativity, use what you have and you will make a good pentester out there. No need of buying CoreImpact if you can't afford it, you can always rewrite Metasploit according to your own needs.

Use what you have, manipulate what is there, adapt to what you see and surrounds you, every infrastructure can be broken into. Help them to defend it. Thats why you are there. You are not there to just run Burp, Beef, Nessus, MSF Auxiliary, Nmap, and other tools, that will make the client fancy you. Your job is to help them defend it.



3 comments:

Ss_Veritas said...

When applying offensive security you will use Burp, Beef, Nessus, MSF Auxiliary, Nmap, and other tools that will make the client fancy you,big question is,how do you advocate for a defensive mechanism? ie "Your job is to help them defend it",with what tools!!!

chuksjonia said...

Tools are not the means to defend, all is needed is to understand how and which tactics the bad boys are using, then you apply countermeasures to that.

Back in the days is when we relied on tools alot, These days its more about the mindset, since information security has fully evolved and its still growing and changing.

Ss_Veritas said...

Pareto rules:80/20 Principle.80% tools and 20 % strategy,the plague that befalls most security analysts.While recognizing that there is no need to re-invent the wheel,strive to adopt a 80% strategy and 20% tool oriented methodology.