SlideShare a Scribd company logo

Network penetration testing

Imaginea
Imaginea
Technology
1 of 15
© Copyright 2011. Pramati Technologies Private Limited. All trade names and trade marks are owned by their respective owners. Information Security Group (ISG) Network Penetration Testing reachus@imaginea.com
© Copyright 2011. Pramati Technologies Private Limited. All trade names and trade marks are owned by their respective owners. Network Penetration Testing Overview The contemporary way of working with networks as well as connecting with 3rd parties has left a lot of firms exposed to malicious attacks and with vulnerable areas that they aren't even conscious of yet. Network penetration testing uncovers network weaknesses prior to a malicious hacker. Network penetration testing includes testing from an external network and an internal network.
Open Ports/ Services, Open Ports and Services , OS Hacker targets in a Packet Sniffing fingerprinting Router Vulnerabilities exploits Liberal Access Control typical network ARP spoofing, Cryptography Lists(ACL) Denial of Service infrastructure Hardware, Firmware, Software Denial of Service Hardware, Firmware, Software specific vulnerabilities specific vulnerabilities Switch Open Ports and Services User Authentication , Authorization issues, Cryptography Remote code execution, File Web Server Upload, XSS Server misconfiguration exploits Denial of Service Hardware, Firmware, Software specific vulnerabilities App Server Open Ports and Services Hacker Authentication , Authorization issues, Cryptography Buffer Overflows Denial of Service DBMS misconfiguration exploits Hardware, Firmware, Software specific vulnerabilities DB Server
© Copyright 2011. Pramati Technologies Private Limited. All trade names and trade marks are owned by their respective owners. Penetration Testing Methodology Step 1 • Information Gathering Step 2 • Analysis and Planning Step 3 • Vulnerability Identification Step 4 • Exploitation Step 5 • Risk Analysis and Remediation Suggestion Step 6 • Reporting
© Copyright 2011. Pramati Technologies Private Limited. All trade names and trade marks are owned by their respective owners. Information Gathering Template Information Required Data Organization Name Network diagram with details of the major network components (router, gateway, firewall, servers, user machines) and their communication paths Specify timings in which testing can be performed Note: Network penetration testing could increase network traffic considerably Specify timings for testing Denial of Service attacks and other applicable attacks Note: DOS attacks could increase network traffic significantly and may bring the network down Specify if there are any restrictions on testing some critical systems in the network. Provide access to one of the internal IP’s in the organization Scope of the Test: Specify all IP addresses of the systems to be tested from external and internal networks. Target machine IP address Purpose of the Specify whether the IP address is accessible to public network or limited to machine (Router, organization's internal network Gateway, server etc) (Eg: 196.0.0.1, Public IP) (Eg: Router)
© Copyright 2011. Pramati Technologies Private Limited. All trade names and trade marks are owned by their respective owners. Analysis and Planning Analysis Verification of given information Client communication for clarifications (if any) Understanding the network topology and communication mechanisms Identification of critical network components and corresponding vulnerabilities to be tested Planning Test modularization based on target machines or vulnerability focus areas Plan for external and internal network testing Plan for manual security testing phase Plan for automation testing phase Plan for exploitation phase Plan for risk analysis and reporting phases Time estimates for each of the phases
© Copyright 2011. Pramati Technologies Private Limited. All trade names and trade marks are owned by their respective owners. Vulnerability Identification Focus Areas Open ports and services Input Validation Cross Site Scripting OS fingerprinting Buffer Overflow File Upload Authentication Remote Command Authentication Bypass Execution Weak passwords Default usernames/ passwords enabled Cryptography Plain text passwords stored in database/ files Weak Encryption Weak Key Authorization WEP key used for wireless encryption Privilege Escalation Gaining Access ARP Spoofing Packet Sniffing
© Copyright 2011. Pramati Technologies Private Limited. All trade names and trade marks are owned by their respective owners. Vulnerability Identification Focus Areas Information Leakage System Configuration Sensitive Data Revealed Unpatched software and resulting vulnerabilities Liberal Access Control Lists Denial of Service Published vulnerabilities specific to SYN flood OS/Software/Service UDP flood ICMP flood ARP Spoofing Ping to Death Distributed Denial of Service Note: This is not exhaustive list of vulnerabilities. More vulnerabilities will be added to the list based on the the technology/requirement/latest threats.
© Copyright 2011. Pramati Technologies Private Limited. All trade names and trade marks are owned by their respective owners. Vulnerability Identification Vulnerability Testing Phases Automatic scanning of target machines using tools and analysis of the results for false positives Port and Services scanning OS fingerprinting Vulnerability Scanning Password cracking/ brute force Exhaustive manual penetration testing of each target machine and vulnerability focus areas Packet sniffing Cryptography issues Published vulnerabilities specific to the target machine/OS/Software/Service Default usernames/passwords enabled Identification of list of network vulnerabilities from manual and automation testing results
© Copyright 2011. Pramati Technologies Private Limited. All trade names and trade marks are owned by their respective owners. Vulnerability Identification Tools Backtrack5: Open Source Linux based OS which contains penetration testing toolkit will be used for network penetration testing. Open source Perl scripts will be used for DOS attacks. Common toolkits: Tool Purpose Nmap Port Scanning, OS fingerprinting Nessus, Nsauditor Network vulnerability scanner Cain and Abel, John the Ripper, THC Hydra Password cracking tools ADMSnmp To check default community strings IKE-Scan To detect VPN server and version SMTPScan To obtain SMTP server and version Note: More tools will be added to the list based on the technology or need or latest advancements.
© Copyright 2011. Pramati Technologies Private Limited. All trade names and trade marks are owned by their respective owners. Exploitation Attacks will be performed on application machines without causing much damage to the application resources and infrastructure. This phase is required in network penetration testing to identify certain vulnerabilities in the target machines. Such as Denial of Service Escalation of privileges Gaining access Man In The Middle(MITM) network traffic ARP spoofing WEP cracking Published exploit scripts specific to OS/Software/Service Note: This is not exhaustive list of vulnerabilities. More vulnerabilities will be added to the list based on the requirement.
© Copyright 2011. Pramati Technologies Private Limited. All trade names and trade marks are owned by their respective owners. Exploitation Exploitation Toolkits Tool Purpose UDP Flood Denial of Service attack using UDP packet flood SYN Flood Denial of Service attack using SYN packet flood Ping to Death Denial of Service Denial of Service using ICMP packet flood in Smurf6 broadcast network. Cisco Global Exploiter Exploit published cisco vulnerabilities Metasploit Framework, Core Impact Exploitation tool Wireshark Network packet sniffing Aircrack-ng, Airodump-ng, Airmon-ng, Wireless packet sniffing WEP Key cracking Aireplay-ng De- authentication of a client Denial of service attacks ARPSpoof ARP spoofing Note: This is not exhaustive list of vulnerabilities. More vulnerabilities will be added to the list based on the requirement.
© Copyright 2011. Pramati Technologies Private Limited. All trade names and trade marks are owned by their respective owners. Risk Analysis and Remediation Suggestion Risk Analysis Estimation of the Likelihood of attack Estimation of the Impact of a successful attack Evaluate overall RISK of the vulnerability Risk = Likelihood * Impact OWASP Risk Rating Methodology is used as a guidance. Ref: https://www.owasp.org/index.php/OWASP_Risk_Rating_Methodology Remediation Suggestion Remediation measures will be suggested for each vulnerability identified. Priority for remediation will be suggested based on the risk rating of the vulnerability
© Copyright 2011. Pramati Technologies Private Limited. All trade names and trade marks are owned by their respective owners. Report Template Brief summary of the Network Brief description of the network includes critical components in the network, type of communication used, public IPs available etc. Network Security Summary report Brief description of the overall security status and the list of major security vulnerabilities identified. Vulnerability details for each identified vulnerability: Vulnerability Classification and Name Description of the vulnerability Vulnerability details Remediation Suggestions Vulnerability Risk Rating (Likelihood, Impact, Overall Risk)
© Copyright 2011. Pramati Technologies Private Limited. All trade names and trade marks are owned by their respective owners. Security as a Service http://www.imaginea.com reachus@imaginea.com

Recommended

Networking and penetration testing
Networking and penetration testingNetworking and penetration testing
Networking and penetration testingMohit Belwal
 
NETWORK PENETRATION TESTING
NETWORK PENETRATION TESTINGNETWORK PENETRATION TESTING
NETWORK PENETRATION TESTINGEr Vivek Rana
 
Penetration testing
Penetration testing Penetration testing
Penetration testing PTC
 
Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...
Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...
Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...Edureka!
 
Understanding Penetration Testing & its Benefits for Organization
Understanding Penetration Testing & its Benefits for OrganizationUnderstanding Penetration Testing & its Benefits for Organization
Understanding Penetration Testing & its Benefits for OrganizationPECB
 
VAPT - Vulnerability Assessment & Penetration Testing
VAPT - Vulnerability Assessment & Penetration Testing VAPT - Vulnerability Assessment & Penetration Testing
VAPT - Vulnerability Assessment & Penetration Testing Netpluz Asia Pte Ltd
 
Penetration Testing
Penetration TestingPenetration Testing
Penetration TestingMayank Singh
 
Cybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for ExecutivesCybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for ExecutivesKrist Davood - Principal - CIO
 

Recommended

Networking and penetration testing
Networking and penetration testingNetworking and penetration testing
Networking and penetration testingMohit Belwal
 
NETWORK PENETRATION TESTING
NETWORK PENETRATION TESTINGNETWORK PENETRATION TESTING
NETWORK PENETRATION TESTINGEr Vivek Rana
 
Penetration testing
Penetration testing Penetration testing
Penetration testing PTC
 
Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...
Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...
Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...Edureka!
 
Understanding Penetration Testing & its Benefits for Organization
Understanding Penetration Testing & its Benefits for OrganizationUnderstanding Penetration Testing & its Benefits for Organization
Understanding Penetration Testing & its Benefits for OrganizationPECB
 
VAPT - Vulnerability Assessment & Penetration Testing
VAPT - Vulnerability Assessment & Penetration Testing VAPT - Vulnerability Assessment & Penetration Testing
VAPT - Vulnerability Assessment & Penetration Testing Netpluz Asia Pte Ltd
 
Penetration Testing
Penetration TestingPenetration Testing
Penetration TestingMayank Singh
 
Cybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for ExecutivesCybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for ExecutivesKrist Davood - Principal - CIO
 
Social engineering presentation
Social engineering presentationSocial engineering presentation
Social engineering presentationpooja_doshi
 
Introduction to penetration testing
Introduction to penetration testingIntroduction to penetration testing
Introduction to penetration testingAmine SAIGHI
 
Module 1Introduction to cyber security.pptx
Module 1Introduction to cyber security.pptxModule 1Introduction to cyber security.pptx
Module 1Introduction to cyber security.pptxSkippedltd
 
Using MITRE PRE-ATTACK and ATTACK in Cybercrime Education and Research
Using MITRE PRE-ATTACK and ATTACK in Cybercrime Education and ResearchUsing MITRE PRE-ATTACK and ATTACK in Cybercrime Education and Research
Using MITRE PRE-ATTACK and ATTACK in Cybercrime Education and ResearchMITRE - ATT&CKcon
 
Penetration Security Testing
Penetration Security TestingPenetration Security Testing
Penetration Security TestingSanjulika Rastogi
 
Botnet Detection Techniques
Botnet Detection TechniquesBotnet Detection Techniques
Botnet Detection TechniquesTeam Firefly
 
Cyber Security in Manufacturing
Cyber Security in ManufacturingCyber Security in Manufacturing
Cyber Security in ManufacturingCentraComm
 
Penetration testing reporting and methodology
Penetration testing reporting and methodologyPenetration testing reporting and methodology
Penetration testing reporting and methodologyRashad Aliyev
 
Vulnerability and Assessment Penetration Testing
Vulnerability and Assessment Penetration TestingVulnerability and Assessment Penetration Testing
Vulnerability and Assessment Penetration TestingYvonne Marambanyika
 
Course on Ehtical Hacking - Introduction
Course on Ehtical Hacking - IntroductionCourse on Ehtical Hacking - Introduction
Course on Ehtical Hacking - IntroductionBharat Thakkar
 
Network security
Network security Network security
Network security Madhumithah Ilango
 
Cyber Security Awareness Session for Executives and Non-IT professionals
Cyber Security Awareness Session for Executives and Non-IT professionalsCyber Security Awareness Session for Executives and Non-IT professionals
Cyber Security Awareness Session for Executives and Non-IT professionalsKrishna Srikanth Manda
 
Wannacry
WannacryWannacry
WannacryGunther Clauwaert
 
Network Penetration Testing
Network Penetration TestingNetwork Penetration Testing
Network Penetration TestingMohammed Adam
 
Penetration testing in wireless network
Penetration testing in wireless networkPenetration testing in wireless network
Penetration testing in wireless networkHadi Fadlallah
 
Tracking Noisy Behavior and Risk-Based Alerting with ATT&CK
Tracking Noisy Behavior and Risk-Based Alerting with ATT&CKTracking Noisy Behavior and Risk-Based Alerting with ATT&CK
Tracking Noisy Behavior and Risk-Based Alerting with ATT&CKMITRE ATT&CK
 
Cyber Security PPT - 2023.pptx
Cyber Security PPT - 2023.pptxCyber Security PPT - 2023.pptx
Cyber Security PPT - 2023.pptxChandanChandu928137
 
Ethical Hacking n VAPT presentation by Suvrat jain
Ethical Hacking n VAPT presentation by Suvrat jainEthical Hacking n VAPT presentation by Suvrat jain
Ethical Hacking n VAPT presentation by Suvrat jainSuvrat Jain
 
Cyber Security Incident Response
Cyber Security Incident ResponseCyber Security Incident Response
Cyber Security Incident ResponsePECB
 
Vapt pci dss methodology ppt v1.0
Vapt pci dss methodology ppt v1.0Vapt pci dss methodology ppt v1.0
Vapt pci dss methodology ppt v1.0Network Intelligence India
 
Thick Application Penetration Testing: Crash Course
Thick Application Penetration Testing: Crash CourseThick Application Penetration Testing: Crash Course
Thick Application Penetration Testing: Crash CourseScott Sutherland
 
Pentesting
PentestingPentesting
PentestingHenrik Jacobsen
 

More Related Content

What's hot

Social engineering presentation
Social engineering presentationSocial engineering presentation
Social engineering presentationpooja_doshi
 
Introduction to penetration testing
Introduction to penetration testingIntroduction to penetration testing
Introduction to penetration testingAmine SAIGHI
 
Module 1Introduction to cyber security.pptx
Module 1Introduction to cyber security.pptxModule 1Introduction to cyber security.pptx
Module 1Introduction to cyber security.pptxSkippedltd
 
Using MITRE PRE-ATTACK and ATTACK in Cybercrime Education and Research
Using MITRE PRE-ATTACK and ATTACK in Cybercrime Education and ResearchUsing MITRE PRE-ATTACK and ATTACK in Cybercrime Education and Research
Using MITRE PRE-ATTACK and ATTACK in Cybercrime Education and ResearchMITRE - ATT&CKcon
 
Penetration Security Testing
Penetration Security TestingPenetration Security Testing
Penetration Security TestingSanjulika Rastogi
 
Botnet Detection Techniques
Botnet Detection TechniquesBotnet Detection Techniques
Botnet Detection TechniquesTeam Firefly
 
Cyber Security in Manufacturing
Cyber Security in ManufacturingCyber Security in Manufacturing
Cyber Security in ManufacturingCentraComm
 
Penetration testing reporting and methodology
Penetration testing reporting and methodologyPenetration testing reporting and methodology
Penetration testing reporting and methodologyRashad Aliyev
 
Vulnerability and Assessment Penetration Testing
Vulnerability and Assessment Penetration TestingVulnerability and Assessment Penetration Testing
Vulnerability and Assessment Penetration TestingYvonne Marambanyika
 
Course on Ehtical Hacking - Introduction
Course on Ehtical Hacking - IntroductionCourse on Ehtical Hacking - Introduction
Course on Ehtical Hacking - IntroductionBharat Thakkar
 
Cyber Security Awareness Session for Executives and Non-IT professionals
Cyber Security Awareness Session for Executives and Non-IT professionalsCyber Security Awareness Session for Executives and Non-IT professionals
Cyber Security Awareness Session for Executives and Non-IT professionalsKrishna Srikanth Manda
 
Network Penetration Testing
Network Penetration TestingNetwork Penetration Testing
Network Penetration TestingMohammed Adam
 
Penetration testing in wireless network
Penetration testing in wireless networkPenetration testing in wireless network
Penetration testing in wireless networkHadi Fadlallah
 
Tracking Noisy Behavior and Risk-Based Alerting with ATT&CK
Tracking Noisy Behavior and Risk-Based Alerting with ATT&CKTracking Noisy Behavior and Risk-Based Alerting with ATT&CK
Tracking Noisy Behavior and Risk-Based Alerting with ATT&CKMITRE ATT&CK
 
Ethical Hacking n VAPT presentation by Suvrat jain
Ethical Hacking n VAPT presentation by Suvrat jainEthical Hacking n VAPT presentation by Suvrat jain
Ethical Hacking n VAPT presentation by Suvrat jainSuvrat Jain
 
Cyber Security Incident Response
Cyber Security Incident ResponseCyber Security Incident Response
Cyber Security Incident ResponsePECB
 

What's hot (20)

Social engineering presentation
Social engineering presentationSocial engineering presentation
Social engineering presentation
 
Introduction to penetration testing
Introduction to penetration testingIntroduction to penetration testing
Introduction to penetration testing
 
Module 1Introduction to cyber security.pptx
Module 1Introduction to cyber security.pptxModule 1Introduction to cyber security.pptx
Module 1Introduction to cyber security.pptx
 
Using MITRE PRE-ATTACK and ATTACK in Cybercrime Education and Research
Using MITRE PRE-ATTACK and ATTACK in Cybercrime Education and ResearchUsing MITRE PRE-ATTACK and ATTACK in Cybercrime Education and Research
Using MITRE PRE-ATTACK and ATTACK in Cybercrime Education and Research
 
Penetration Security Testing
Penetration Security TestingPenetration Security Testing
Penetration Security Testing
 
Botnet Detection Techniques
Botnet Detection TechniquesBotnet Detection Techniques
Botnet Detection Techniques
 
Cyber Security in Manufacturing
Cyber Security in ManufacturingCyber Security in Manufacturing
Cyber Security in Manufacturing
 
Penetration testing reporting and methodology
Penetration testing reporting and methodologyPenetration testing reporting and methodology
Penetration testing reporting and methodology
 
Vulnerability and Assessment Penetration Testing
Vulnerability and Assessment Penetration TestingVulnerability and Assessment Penetration Testing
Vulnerability and Assessment Penetration Testing
 
Course on Ehtical Hacking - Introduction
Course on Ehtical Hacking - IntroductionCourse on Ehtical Hacking - Introduction
Course on Ehtical Hacking - Introduction
 
Network security
Network security Network security
Network security
 
Cyber Security Awareness Session for Executives and Non-IT professionals
Cyber Security Awareness Session for Executives and Non-IT professionalsCyber Security Awareness Session for Executives and Non-IT professionals
Cyber Security Awareness Session for Executives and Non-IT professionals
 
Wannacry
WannacryWannacry
Wannacry
 
Network Penetration Testing
Network Penetration TestingNetwork Penetration Testing
Network Penetration Testing
 
Penetration testing in wireless network
Penetration testing in wireless networkPenetration testing in wireless network
Penetration testing in wireless network
 
Tracking Noisy Behavior and Risk-Based Alerting with ATT&CK
Tracking Noisy Behavior and Risk-Based Alerting with ATT&CKTracking Noisy Behavior and Risk-Based Alerting with ATT&CK
Tracking Noisy Behavior and Risk-Based Alerting with ATT&CK
 
Cyber Security PPT - 2023.pptx
Cyber Security PPT - 2023.pptxCyber Security PPT - 2023.pptx
Cyber Security PPT - 2023.pptx
 
Ethical Hacking n VAPT presentation by Suvrat jain
Ethical Hacking n VAPT presentation by Suvrat jainEthical Hacking n VAPT presentation by Suvrat jain
Ethical Hacking n VAPT presentation by Suvrat jain
 
Cyber Security Incident Response
Cyber Security Incident ResponseCyber Security Incident Response
Cyber Security Incident Response
 
Vapt pci dss methodology ppt v1.0
Vapt pci dss methodology ppt v1.0Vapt pci dss methodology ppt v1.0
Vapt pci dss methodology ppt v1.0
 

Viewers also liked

Thick Application Penetration Testing: Crash Course
Thick Application Penetration Testing: Crash CourseThick Application Penetration Testing: Crash Course
Thick Application Penetration Testing: Crash CourseScott Sutherland
 
Ceh v5 module 22 penetration testing
Ceh v5 module 22 penetration testingCeh v5 module 22 penetration testing
Ceh v5 module 22 penetration testingVi Tính Hoàng Nam
 
Physical Penetration Testing - RootedCON 2015
Physical Penetration Testing - RootedCON 2015Physical Penetration Testing - RootedCON 2015
Physical Penetration Testing - RootedCON 2015Hykeos
 
Vulnerability Scanning or Penetration Testing?
Vulnerability Scanning or Penetration Testing?Vulnerability Scanning or Penetration Testing?
Vulnerability Scanning or Penetration Testing?amiable_indian
 
Metasploit for Penetration Testing: Beginner Class
Metasploit for Penetration Testing: Beginner ClassMetasploit for Penetration Testing: Beginner Class
Metasploit for Penetration Testing: Beginner ClassGeorgia Weidman
 

Viewers also liked (7)

Thick Application Penetration Testing: Crash Course
Thick Application Penetration Testing: Crash CourseThick Application Penetration Testing: Crash Course
Thick Application Penetration Testing: Crash Course
 
Pentesting
PentestingPentesting
Pentesting
 
Ceh v5 module 22 penetration testing
Ceh v5 module 22 penetration testingCeh v5 module 22 penetration testing
Ceh v5 module 22 penetration testing
 
Physical Penetration Testing - RootedCON 2015
Physical Penetration Testing - RootedCON 2015Physical Penetration Testing - RootedCON 2015
Physical Penetration Testing - RootedCON 2015
 
Vulnerability Scanning or Penetration Testing?
Vulnerability Scanning or Penetration Testing?Vulnerability Scanning or Penetration Testing?
Vulnerability Scanning or Penetration Testing?
 
Metasploit
MetasploitMetasploit
Metasploit
 
Metasploit for Penetration Testing: Beginner Class
Metasploit for Penetration Testing: Beginner ClassMetasploit for Penetration Testing: Beginner Class
Metasploit for Penetration Testing: Beginner Class
 

Similar to Network penetration testing

Web application penetration testing
Web application penetration testingWeb application penetration testing
Web application penetration testingImaginea
 
Bulding Soc In Changing Threat Landscapefinal
Bulding Soc In Changing Threat LandscapefinalBulding Soc In Changing Threat Landscapefinal
Bulding Soc In Changing Threat LandscapefinalMahmoud Yassin
 
The Cloud: A game changer to test, at scale and in production, SOA based web...
The Cloud: A game changer to test, at scale and in production, SOA based web...The Cloud: A game changer to test, at scale and in production, SOA based web...
The Cloud: A game changer to test, at scale and in production, SOA based web...Fred Beringer
 
Pawaa OCC Presentation
Pawaa OCC PresentationPawaa OCC Presentation
Pawaa OCC PresentationCloudComputing
 
Webinar issues we_find_slideshare
Webinar issues we_find_slideshareWebinar issues we_find_slideshare
Webinar issues we_find_slideshareSOASTA
 
[DSBW Spring 2009] Unit 08: WebApp Security
[DSBW Spring 2009] Unit 08: WebApp Security[DSBW Spring 2009] Unit 08: WebApp Security
[DSBW Spring 2009] Unit 08: WebApp SecurityCarles Farré
 
Crafting Super-Powered Risk Assessments by Digital Defense Inc & Veracode
Crafting Super-Powered Risk Assessments by Digital Defense Inc & VeracodeCrafting Super-Powered Risk Assessments by Digital Defense Inc & Veracode
Crafting Super-Powered Risk Assessments by Digital Defense Inc & VeracodeDigital Defense Inc
 
50357 a enu-module02
50357 a enu-module0250357 a enu-module02
50357 a enu-module02Bố Su
 
Rainer Baeder. Sudėtingos tikslinės ir ilgai išliekančios grėsmės
Rainer Baeder. Sudėtingos tikslinės ir ilgai išliekančios grėsmėsRainer Baeder. Sudėtingos tikslinės ir ilgai išliekančios grėsmės
Rainer Baeder. Sudėtingos tikslinės ir ilgai išliekančios grėsmėsTEO LT, AB
 
CYBER INTELLIGENCE & RESPONSE TECHNOLOGY
CYBER INTELLIGENCE & RESPONSE TECHNOLOGYCYBER INTELLIGENCE & RESPONSE TECHNOLOGY
CYBER INTELLIGENCE & RESPONSE TECHNOLOGYjmical
 
Pangolin Datasheet
Pangolin DatasheetPangolin Datasheet
Pangolin Datasheetmattotamhe
 
Intoto Linley Tech Utm Architecture Presentation
Intoto Linley Tech Utm Architecture PresentationIntoto Linley Tech Utm Architecture Presentation
Intoto Linley Tech Utm Architecture Presentationsaddepalli
 
CRENNO Technologies Network Consultancy & Session Border Controller Solut...
CRENNO Technologies Network Consultancy & Session Border Controller Solut...CRENNO Technologies Network Consultancy & Session Border Controller Solut...
CRENNO Technologies Network Consultancy & Session Border Controller Solut...Erol TOKALACOGLU
 
Security and Mobile Application Management with Worklight
Security and Mobile Application Management with WorklightSecurity and Mobile Application Management with Worklight
Security and Mobile Application Management with WorklightIBM WebSphereIndia
 
How to Choose A SOA Gateway from Layer 7
How to Choose A SOA Gateway from Layer 7How to Choose A SOA Gateway from Layer 7
How to Choose A SOA Gateway from Layer 7CA API Management
 
Check Point75 Makes3 D Security A Reality Q22011
Check Point75 Makes3 D Security A Reality Q22011Check Point75 Makes3 D Security A Reality Q22011
Check Point75 Makes3 D Security A Reality Q22011chaucheckpoint
 

Similar to Network penetration testing (20)

Web application penetration testing
Web application penetration testingWeb application penetration testing
Web application penetration testing
 
Bulding Soc In Changing Threat Landscapefinal
Bulding Soc In Changing Threat LandscapefinalBulding Soc In Changing Threat Landscapefinal
Bulding Soc In Changing Threat Landscapefinal
 
The Cloud: A game changer to test, at scale and in production, SOA based web...
The Cloud: A game changer to test, at scale and in production, SOA based web...The Cloud: A game changer to test, at scale and in production, SOA based web...
The Cloud: A game changer to test, at scale and in production, SOA based web...
 
Pawaa OCC Presentation
Pawaa OCC PresentationPawaa OCC Presentation
Pawaa OCC Presentation
 
S series presentation
S series presentationS series presentation
S series presentation
 
Hh 2012-mberman-sds2
Hh 2012-mberman-sds2Hh 2012-mberman-sds2
Hh 2012-mberman-sds2
 
Webinar issues we_find_slideshare
Webinar issues we_find_slideshareWebinar issues we_find_slideshare
Webinar issues we_find_slideshare
 
[DSBW Spring 2009] Unit 08: WebApp Security
[DSBW Spring 2009] Unit 08: WebApp Security[DSBW Spring 2009] Unit 08: WebApp Security
[DSBW Spring 2009] Unit 08: WebApp Security
 
Enterprise API Security & Data Loss Prevention - Intel
Enterprise API Security & Data Loss Prevention - IntelEnterprise API Security & Data Loss Prevention - Intel
Enterprise API Security & Data Loss Prevention - Intel
 
Crafting Super-Powered Risk Assessments by Digital Defense Inc & Veracode
Crafting Super-Powered Risk Assessments by Digital Defense Inc & VeracodeCrafting Super-Powered Risk Assessments by Digital Defense Inc & Veracode
Crafting Super-Powered Risk Assessments by Digital Defense Inc & Veracode
 
50357 a enu-module02
50357 a enu-module0250357 a enu-module02
50357 a enu-module02
 
Rainer Baeder. Sudėtingos tikslinės ir ilgai išliekančios grėsmės
Rainer Baeder. Sudėtingos tikslinės ir ilgai išliekančios grėsmėsRainer Baeder. Sudėtingos tikslinės ir ilgai išliekančios grėsmės
Rainer Baeder. Sudėtingos tikslinės ir ilgai išliekančios grėsmės
 
CYBER INTELLIGENCE & RESPONSE TECHNOLOGY
CYBER INTELLIGENCE & RESPONSE TECHNOLOGYCYBER INTELLIGENCE & RESPONSE TECHNOLOGY
CYBER INTELLIGENCE & RESPONSE TECHNOLOGY
 
Pangolin Datasheet
Pangolin DatasheetPangolin Datasheet
Pangolin Datasheet
 
Intoto Linley Tech Utm Architecture Presentation
Intoto Linley Tech Utm Architecture PresentationIntoto Linley Tech Utm Architecture Presentation
Intoto Linley Tech Utm Architecture Presentation
 
Unit 08: Security for Web Applications
Unit 08: Security for Web ApplicationsUnit 08: Security for Web Applications
Unit 08: Security for Web Applications
 
CRENNO Technologies Network Consultancy & Session Border Controller Solut...
CRENNO Technologies Network Consultancy & Session Border Controller Solut...CRENNO Technologies Network Consultancy & Session Border Controller Solut...
CRENNO Technologies Network Consultancy & Session Border Controller Solut...
 
Security and Mobile Application Management with Worklight
Security and Mobile Application Management with WorklightSecurity and Mobile Application Management with Worklight
Security and Mobile Application Management with Worklight
 
How to Choose A SOA Gateway from Layer 7
How to Choose A SOA Gateway from Layer 7How to Choose A SOA Gateway from Layer 7
How to Choose A SOA Gateway from Layer 7
 
Check Point75 Makes3 D Security A Reality Q22011
Check Point75 Makes3 D Security A Reality Q22011Check Point75 Makes3 D Security A Reality Q22011
Check Point75 Makes3 D Security A Reality Q22011
 

More from Imaginea

Require JS
Require JSRequire JS
Require JSImaginea
 
Scala and lift
Scala and liftScala and lift
Scala and liftImaginea
 
Imaginea Service Sheet - Performance Engineering
Imaginea Service Sheet - Performance EngineeringImaginea Service Sheet - Performance Engineering
Imaginea Service Sheet - Performance EngineeringImaginea
 
Imaginea Service Sheet - Interaction Design
Imaginea Service Sheet - Interaction DesignImaginea Service Sheet - Interaction Design
Imaginea Service Sheet - Interaction DesignImaginea
 
Imaginea - SugarCRM iPhone App - User Guide
Imaginea - SugarCRM iPhone App - User GuideImaginea - SugarCRM iPhone App - User Guide
Imaginea - SugarCRM iPhone App - User GuideImaginea
 
Offline Enterprise and Web Apps: Dekoh Approach
Offline Enterprise and Web Apps: Dekoh ApproachOffline Enterprise and Web Apps: Dekoh Approach
Offline Enterprise and Web Apps: Dekoh ApproachImaginea
 
Imaginea Scales Application using Amazon EC2
Imaginea Scales Application using Amazon EC2Imaginea Scales Application using Amazon EC2
Imaginea Scales Application using Amazon EC2Imaginea
 
Whitepaper Cloud Egovernance Imaginea
Whitepaper Cloud Egovernance ImagineaWhitepaper Cloud Egovernance Imaginea
Whitepaper Cloud Egovernance ImagineaImaginea
 
Imaginea - Ideas to Life - About Us
Imaginea - Ideas to Life - About UsImaginea - Ideas to Life - About Us
Imaginea - Ideas to Life - About UsImaginea
 
Imaginea_CloudComputing_Services
Imaginea_CloudComputing_ServicesImaginea_CloudComputing_Services
Imaginea_CloudComputing_ServicesImaginea
 
Imaginea_Product Engineering_Services
Imaginea_Product Engineering_ServicesImaginea_Product Engineering_Services
Imaginea_Product Engineering_ServicesImaginea
 
Scaling Databases On The Cloud
Scaling Databases On The CloudScaling Databases On The Cloud
Scaling Databases On The CloudImaginea
 
Imaginea Cloud Offerings
Imaginea Cloud OfferingsImaginea Cloud Offerings
Imaginea Cloud OfferingsImaginea
 
Soa Offerings
Soa OfferingsSoa Offerings
Soa OfferingsImaginea
 
Sharing on Dekoh - Our RIA Desktop Platform
Sharing on Dekoh - Our RIA Desktop PlatformSharing on Dekoh - Our RIA Desktop Platform
Sharing on Dekoh - Our RIA Desktop PlatformImaginea
 
Scaing databases on the cloud
Scaing databases on the cloudScaing databases on the cloud
Scaing databases on the cloudImaginea
 
Product QA - A test engineering perspective
Product QA - A test engineering perspectiveProduct QA - A test engineering perspective
Product QA - A test engineering perspectiveImaginea
 
Facebook Olympics
Facebook OlympicsFacebook Olympics
Facebook OlympicsImaginea
 
Process Guidelines V2
Process Guidelines V2Process Guidelines V2
Process Guidelines V2Imaginea
 
Migrating to Cloud - A Step by Step
Migrating to Cloud - A Step by Step Migrating to Cloud - A Step by Step
Migrating to Cloud - A Step by Step Imaginea
 

More from Imaginea (20)

Require JS
Require JSRequire JS
Require JS
 
Scala and lift
Scala and liftScala and lift
Scala and lift
 
Imaginea Service Sheet - Performance Engineering
Imaginea Service Sheet - Performance EngineeringImaginea Service Sheet - Performance Engineering
Imaginea Service Sheet - Performance Engineering
 
Imaginea Service Sheet - Interaction Design
Imaginea Service Sheet - Interaction DesignImaginea Service Sheet - Interaction Design
Imaginea Service Sheet - Interaction Design
 
Imaginea - SugarCRM iPhone App - User Guide
Imaginea - SugarCRM iPhone App - User GuideImaginea - SugarCRM iPhone App - User Guide
Imaginea - SugarCRM iPhone App - User Guide
 
Offline Enterprise and Web Apps: Dekoh Approach
Offline Enterprise and Web Apps: Dekoh ApproachOffline Enterprise and Web Apps: Dekoh Approach
Offline Enterprise and Web Apps: Dekoh Approach
 
Imaginea Scales Application using Amazon EC2
Imaginea Scales Application using Amazon EC2Imaginea Scales Application using Amazon EC2
Imaginea Scales Application using Amazon EC2
 
Whitepaper Cloud Egovernance Imaginea
Whitepaper Cloud Egovernance ImagineaWhitepaper Cloud Egovernance Imaginea
Whitepaper Cloud Egovernance Imaginea
 
Imaginea - Ideas to Life - About Us
Imaginea - Ideas to Life - About UsImaginea - Ideas to Life - About Us
Imaginea - Ideas to Life - About Us
 
Imaginea_CloudComputing_Services
Imaginea_CloudComputing_ServicesImaginea_CloudComputing_Services
Imaginea_CloudComputing_Services
 
Imaginea_Product Engineering_Services
Imaginea_Product Engineering_ServicesImaginea_Product Engineering_Services
Imaginea_Product Engineering_Services
 
Scaling Databases On The Cloud
Scaling Databases On The CloudScaling Databases On The Cloud
Scaling Databases On The Cloud
 
Imaginea Cloud Offerings
Imaginea Cloud OfferingsImaginea Cloud Offerings
Imaginea Cloud Offerings
 
Soa Offerings
Soa OfferingsSoa Offerings
Soa Offerings
 
Sharing on Dekoh - Our RIA Desktop Platform
Sharing on Dekoh - Our RIA Desktop PlatformSharing on Dekoh - Our RIA Desktop Platform
Sharing on Dekoh - Our RIA Desktop Platform
 
Scaing databases on the cloud
Scaing databases on the cloudScaing databases on the cloud
Scaing databases on the cloud
 
Product QA - A test engineering perspective
Product QA - A test engineering perspectiveProduct QA - A test engineering perspective
Product QA - A test engineering perspective
 
Facebook Olympics
Facebook OlympicsFacebook Olympics
Facebook Olympics
 
Process Guidelines V2
Process Guidelines V2Process Guidelines V2
Process Guidelines V2
 
Migrating to Cloud - A Step by Step
Migrating to Cloud - A Step by Step Migrating to Cloud - A Step by Step
Migrating to Cloud - A Step by Step
 

Recently uploaded

Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Manik S Magar
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxLoriGlavin3
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersNicole Novielli
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxLoriGlavin3
 
Sample pptx for embedding into website for demo
Sample pptx for embedding into website for demoSample pptx for embedding into website for demo
Sample pptx for embedding into website for demoHarshalMandlekar2
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxLoriGlavin3
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfLoriGlavin3
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningLars Bell
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfMounikaPolabathina
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionDilum Bandara
 

Recently uploaded (20)

Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software Developers
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
 
Sample pptx for embedding into website for demo
Sample pptx for embedding into website for demoSample pptx for embedding into website for demo
Sample pptx for embedding into website for demo
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdf
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine Tuning
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdf
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
 

Network penetration testing

  • 1. © Copyright 2011. Pramati Technologies Private Limited. All trade names and trade marks are owned by their respective owners. Information Security Group (ISG) Network Penetration Testing reachus@imaginea.com
  • 2. © Copyright 2011. Pramati Technologies Private Limited. All trade names and trade marks are owned by their respective owners. Network Penetration Testing Overview The contemporary way of working with networks as well as connecting with 3rd parties has left a lot of firms exposed to malicious attacks and with vulnerable areas that they aren't even conscious of yet. Network penetration testing uncovers network weaknesses prior to a malicious hacker. Network penetration testing includes testing from an external network and an internal network.
  • 3. Open Ports/ Services, Open Ports and Services , OS Hacker targets in a Packet Sniffing fingerprinting Router Vulnerabilities exploits Liberal Access Control typical network ARP spoofing, Cryptography Lists(ACL) Denial of Service infrastructure Hardware, Firmware, Software Denial of Service Hardware, Firmware, Software specific vulnerabilities specific vulnerabilities Switch Open Ports and Services User Authentication , Authorization issues, Cryptography Remote code execution, File Web Server Upload, XSS Server misconfiguration exploits Denial of Service Hardware, Firmware, Software specific vulnerabilities App Server Open Ports and Services Hacker Authentication , Authorization issues, Cryptography Buffer Overflows Denial of Service DBMS misconfiguration exploits Hardware, Firmware, Software specific vulnerabilities DB Server
  • 4. © Copyright 2011. Pramati Technologies Private Limited. All trade names and trade marks are owned by their respective owners. Penetration Testing Methodology Step 1 • Information Gathering Step 2 • Analysis and Planning Step 3 • Vulnerability Identification Step 4 • Exploitation Step 5 • Risk Analysis and Remediation Suggestion Step 6 • Reporting
  • 5. © Copyright 2011. Pramati Technologies Private Limited. All trade names and trade marks are owned by their respective owners. Information Gathering Template Information Required Data Organization Name Network diagram with details of the major network components (router, gateway, firewall, servers, user machines) and their communication paths Specify timings in which testing can be performed Note: Network penetration testing could increase network traffic considerably Specify timings for testing Denial of Service attacks and other applicable attacks Note: DOS attacks could increase network traffic significantly and may bring the network down Specify if there are any restrictions on testing some critical systems in the network. Provide access to one of the internal IP’s in the organization Scope of the Test: Specify all IP addresses of the systems to be tested from external and internal networks. Target machine IP address Purpose of the Specify whether the IP address is accessible to public network or limited to machine (Router, organization's internal network Gateway, server etc) (Eg: 196.0.0.1, Public IP) (Eg: Router)
  • 6. © Copyright 2011. Pramati Technologies Private Limited. All trade names and trade marks are owned by their respective owners. Analysis and Planning Analysis Verification of given information Client communication for clarifications (if any) Understanding the network topology and communication mechanisms Identification of critical network components and corresponding vulnerabilities to be tested Planning Test modularization based on target machines or vulnerability focus areas Plan for external and internal network testing Plan for manual security testing phase Plan for automation testing phase Plan for exploitation phase Plan for risk analysis and reporting phases Time estimates for each of the phases
  • 7. © Copyright 2011. Pramati Technologies Private Limited. All trade names and trade marks are owned by their respective owners. Vulnerability Identification Focus Areas Open ports and services Input Validation Cross Site Scripting OS fingerprinting Buffer Overflow File Upload Authentication Remote Command Authentication Bypass Execution Weak passwords Default usernames/ passwords enabled Cryptography Plain text passwords stored in database/ files Weak Encryption Weak Key Authorization WEP key used for wireless encryption Privilege Escalation Gaining Access ARP Spoofing Packet Sniffing
  • 8. © Copyright 2011. Pramati Technologies Private Limited. All trade names and trade marks are owned by their respective owners. Vulnerability Identification Focus Areas Information Leakage System Configuration Sensitive Data Revealed Unpatched software and resulting vulnerabilities Liberal Access Control Lists Denial of Service Published vulnerabilities specific to SYN flood OS/Software/Service UDP flood ICMP flood ARP Spoofing Ping to Death Distributed Denial of Service Note: This is not exhaustive list of vulnerabilities. More vulnerabilities will be added to the list based on the the technology/requirement/latest threats.
  • 9. © Copyright 2011. Pramati Technologies Private Limited. All trade names and trade marks are owned by their respective owners. Vulnerability Identification Vulnerability Testing Phases Automatic scanning of target machines using tools and analysis of the results for false positives Port and Services scanning OS fingerprinting Vulnerability Scanning Password cracking/ brute force Exhaustive manual penetration testing of each target machine and vulnerability focus areas Packet sniffing Cryptography issues Published vulnerabilities specific to the target machine/OS/Software/Service Default usernames/passwords enabled Identification of list of network vulnerabilities from manual and automation testing results
  • 10. © Copyright 2011. Pramati Technologies Private Limited. All trade names and trade marks are owned by their respective owners. Vulnerability Identification Tools Backtrack5: Open Source Linux based OS which contains penetration testing toolkit will be used for network penetration testing. Open source Perl scripts will be used for DOS attacks. Common toolkits: Tool Purpose Nmap Port Scanning, OS fingerprinting Nessus, Nsauditor Network vulnerability scanner Cain and Abel, John the Ripper, THC Hydra Password cracking tools ADMSnmp To check default community strings IKE-Scan To detect VPN server and version SMTPScan To obtain SMTP server and version Note: More tools will be added to the list based on the technology or need or latest advancements.
  • 11. © Copyright 2011. Pramati Technologies Private Limited. All trade names and trade marks are owned by their respective owners. Exploitation Attacks will be performed on application machines without causing much damage to the application resources and infrastructure. This phase is required in network penetration testing to identify certain vulnerabilities in the target machines. Such as Denial of Service Escalation of privileges Gaining access Man In The Middle(MITM) network traffic ARP spoofing WEP cracking Published exploit scripts specific to OS/Software/Service Note: This is not exhaustive list of vulnerabilities. More vulnerabilities will be added to the list based on the requirement.
  • 12. © Copyright 2011. Pramati Technologies Private Limited. All trade names and trade marks are owned by their respective owners. Exploitation Exploitation Toolkits Tool Purpose UDP Flood Denial of Service attack using UDP packet flood SYN Flood Denial of Service attack using SYN packet flood Ping to Death Denial of Service Denial of Service using ICMP packet flood in Smurf6 broadcast network. Cisco Global Exploiter Exploit published cisco vulnerabilities Metasploit Framework, Core Impact Exploitation tool Wireshark Network packet sniffing Aircrack-ng, Airodump-ng, Airmon-ng, Wireless packet sniffing WEP Key cracking Aireplay-ng De- authentication of a client Denial of service attacks ARPSpoof ARP spoofing Note: This is not exhaustive list of vulnerabilities. More vulnerabilities will be added to the list based on the requirement.
  • 13. © Copyright 2011. Pramati Technologies Private Limited. All trade names and trade marks are owned by their respective owners. Risk Analysis and Remediation Suggestion Risk Analysis Estimation of the Likelihood of attack Estimation of the Impact of a successful attack Evaluate overall RISK of the vulnerability Risk = Likelihood * Impact OWASP Risk Rating Methodology is used as a guidance. Ref: https://www.owasp.org/index.php/OWASP_Risk_Rating_Methodology Remediation Suggestion Remediation measures will be suggested for each vulnerability identified. Priority for remediation will be suggested based on the risk rating of the vulnerability
  • 14. © Copyright 2011. Pramati Technologies Private Limited. All trade names and trade marks are owned by their respective owners. Report Template Brief summary of the Network Brief description of the network includes critical components in the network, type of communication used, public IPs available etc. Network Security Summary report Brief description of the overall security status and the list of major security vulnerabilities identified. Vulnerability details for each identified vulnerability: Vulnerability Classification and Name Description of the vulnerability Vulnerability details Remediation Suggestions Vulnerability Risk Rating (Likelihood, Impact, Overall Risk)
  • 15. © Copyright 2011. Pramati Technologies Private Limited. All trade names and trade marks are owned by their respective owners. Security as a Service http://www.imaginea.com reachus@imaginea.com