SlideShare une entreprise Scribd logo
1  sur  17
Penetration Testing Services
www.dts-solution.com
Shah H Sheikh – Sr. Security Solutions Consultant
MEng CISSP CISA CISM CRISC CCSK
shah@dts-solution.com
Mohamed Bedewi – Penetration Testing Consultant
Network + CCNA MCSE Linux + RHCE Security + CEH PWB
mohamed@dts-solution.com
Introduction
Penetration Testing is the process of assessing the security of a computer
system by attacking it with the intention of finding security weaknesses,
potentially gaining access to it, it's functionality and data
There's several available methodologies to conduct a successful
penetration testing and there's no such thing called the right
methodology but if a team choose to improvise and not choosing any
then that might lead to:
(Incomplete Testing, Time Consumption, Waste of Efforts, Ineffective Testing)
There's no 100% secured system, a human made the system and a
human will break it!
Early in 1970's, Department of Defense (DOD) used penetration testing
to demonstrate the security weaknesses in computer systems and to
initiate the development of programs to create more secure systems.
Methodology
DTS - Methodology to Conduct
a Successful Penetration Testing
Information Team Tools
WhiteBox
BlackBox
Roles
Responsibilities
Information Gathering
Give me six hours to chop down a
tree and I will spend the first four
sharpening the axe
Abraham Lincoln
Information
The most important element of any successful penetration testing, without
the proper knowledge of your target you'll be just a skiddie who's firing
random attacks which will probably trigger all kinds of red-flags more than
doing any penetration!
White Box Penetration Testing:
is a penetration testing approach that uses the knowledge of the internals of
the target system to elaborate the test cases, it's non realistic attack but it
maximizes testing time and enable penetration testers to conduct deep
testing.
Black Box Penetration Testing:
is a penetration testing approach that requires no previous information and
usually takes the approach of an uninformed attacker, it simulates a very
realistic scenario but testing time can't be maximized in certain scenarios
and some area of the infrastructure might remain untested.
Initial Gathering
Information Gathering
Search Engines
Location Information
Employees Search
Financial Services
Job Postings
DNS Information
Network Range
Google Hacking
Whois Lookup
Deep Gathering
Information Gathering
Network Survey
You're blind and this
is your first phase
which is opening your
eyes to the system to
be tested, you will
have a network map
that you'll use to find
reachable systems
to be tested
Objectives
Domain Names
Server Names
IP Addresses
Network Map
ISP Information
Systems Owner
Services Owner
OS Identification
Every OS has special
characteristics and if
a comparison of
variations in OS
TCP/IP stack
implementation
behavior is made, a
remote OS can
be identified (TCP/IP
Fingerprinting)
Objectives
OS Type
System Type
Example
NMAP
Port Scanning
Each internet enabled
system has 65536
TCP and UDP ports,
the first 1023 ports
are called the well-
known ports, probing
ports on the transport
and network level can
reveal the running
services on
A computer system
Objectives
Open Ports
Closed Ports
Filtered Ports
Attack Surface
Depending on the last
three phases you can
perform banner
grabbing to identify
the installed services,
name and version
along with their
patch level
Objectives
Services Type
Application Type
Patch Level
Attack Vector
Example
Nessus
Only two things are infinite, the
universe and human stupidity, and
I'm not sure about the former
Albert Einstein
Local Gathering
Information Gathering
Dumpster Diving
Social Engineering
Tailgating
Old Hardware
Piggybacking
Company Tour
Reverse SE
Job Applying
Responsibilities:
A team of penetration testers is most effective and efficient when it's crew members
are elites and everyone knows exactly his role and responsibility during a pen-testing
process otherwise a distraction, waste of time and resources will arise.
Tools:
Every penetration tester has his own tools which he feels comfortable with and can
get the best out of during a pen-testing process, most penetration testers use tools to
automate the work, make their work most effective and to save time that's why a
good penetration tester doesn't know all the tools but he can make use of the one he
knows best!
Team
ATTAAAAAAAAAAAAAACK!
NOOOOOO STOP!
Even if you had the perfect payload to compromise a remote vulnerable
system there's a huge chances that your attack will be filtered and
detected because it's not the 90's anymore and there's probably IDS's,
IPS's, Firewalls, UTM's, Anti-Viruses, Anti-Malware, Anti-Rootkits, WAF's,
Honeybots and zillion of traps so if you did your information gathering
phase right, you already know about their presence and now it's time
for you to bypass them to deliver your payload and compromise the
remote system!
I am not going through bypassing security mechanisms for the sake of
time but you can always revert to our session on Evasion of
Infrastructure Security for a couple of hints!
Some Famous Attacks
Brute Forcing Sniffing MITM Hash Injection
DHCP Starvation Rogue DHCP ARP Poisoning DNS Poisoning
Spoofing Phishing Amplified DDOS Session Hijacking
XSS Session Fixation Directory Traversal Unvalidated Input
Parameter Tampering SQL Injection LDAP Injection File Injection
CSRF Buffer Overflow Cookie Poisoning Rogue AP
Routing Attacks VOIP Sniffing DOS Open Relay
Replay Attacks HTML Injection SNMP Attacks
SMB Attacks Evil Twin Worm Attacks Trojan Attacks
Virus Attacks Zeroday Attacks Malware Attacks Cryptanalysis
NTP Attacks
Documentation and Patching
After performing the penetration testing with successful exploitation,
compiling the results in an understandable format is the key element for
selling your hard work which no one will understand specially if it came as
pure technical (decision makers in any company are mostly non-technical
and if they couldn't understand your report then all your hard work is
wasted) that's why including Executive Summary and Management Summary
inside your report is a very good idea also in my opinion stating a deep
technical information about the security risk is not advisable since the target
in question is probably a high hack value and it probably invested in his
engineers good, if they knew too much about the vulnerabilities they will
probably patch them and they'll not use you in patching phase, which mean
in business terms Loss of Potential Business!
DTS Solution – Assessment Services
Security Assessment Services
 Penetration Testing and Vulnerability Assessment
 Black Box Ethical Testing
 Vulnerability Management
 Unified Communications Audit
 VoIP / UC / Tele-presence security
 SCADA Security Evaluation Toolkit
 Industrial Control Systems Security Readiness
 Mobile Network Security
 UMTS / LTE – GTP Scan / Spoofed TEID / SCTP Scan / APN bruteforce
 Fixed Mobile Convergence – SeGW and IMS Security
 Endpoint IP Discovery and Network Leakage Detection
 Rogue and Unknown Network Detection
 Backdoor connections (3G / xDSL / Rogue WiFi and leaking endpoints discovery and classification)
 Availability Assessment
 DDoS Protection – Botnet / Zombie Detection
 Web Portal Availability / DNS Server Protection – Protocol Fuzzing, DDoS attack simulation
 Core Network Security
 MPLS – MP-BGP and VRF Security (RT import and export analysis) / PE-CE security and label insertion
 VPLS – Spanning Tree, ARP poisoning, MAC spoofing
Thanks and Have a Good Day
Shah H Sheikh – Sr. Security Solutions Consultant
MEng CISSP CISA CISM CRISC CCSK
shah@dts-solution.com

Contenu connexe

Tendances

Incident Response: Validation, Containment & Forensics
 Incident Response: Validation, Containment & Forensics Incident Response: Validation, Containment & Forensics
Incident Response: Validation, Containment & ForensicsPriyanka Aash
 
From IT to IoT: Bridging the Growing Cybersecurity Divide
From IT to IoT: Bridging the Growing Cybersecurity DivideFrom IT to IoT: Bridging the Growing Cybersecurity Divide
From IT to IoT: Bridging the Growing Cybersecurity DividePriyanka Aash
 
Detect Unknown Threats, Reduce Dwell Time, Accelerate Response
Detect Unknown Threats, Reduce Dwell Time, Accelerate ResponseDetect Unknown Threats, Reduce Dwell Time, Accelerate Response
Detect Unknown Threats, Reduce Dwell Time, Accelerate ResponseRahul Neel Mani
 
DTS Solution - Software Defined Security v1.0
DTS Solution - Software Defined Security v1.0DTS Solution - Software Defined Security v1.0
DTS Solution - Software Defined Security v1.0Shah Sheikh
 
Hardware Security on Vehicles
Hardware Security on VehiclesHardware Security on Vehicles
Hardware Security on VehiclesPriyanka Aash
 
Chris Haley - Understanding Attackers' Use of Covert Communications
Chris Haley - Understanding Attackers' Use of Covert CommunicationsChris Haley - Understanding Attackers' Use of Covert Communications
Chris Haley - Understanding Attackers' Use of Covert Communicationscentralohioissa
 
Top Tactics For Endpoint Security
Top Tactics For Endpoint SecurityTop Tactics For Endpoint Security
Top Tactics For Endpoint SecurityBen Rothke
 
SCADA Security Webinar
SCADA Security WebinarSCADA Security Webinar
SCADA Security WebinarAVEVA
 
Cyber Attack Survival: Are You Ready?
Cyber Attack Survival:  Are You Ready?Cyber Attack Survival:  Are You Ready?
Cyber Attack Survival: Are You Ready?Radware
 
Bulding Soc In Changing Threat Landscapefinal
Bulding Soc In Changing Threat LandscapefinalBulding Soc In Changing Threat Landscapefinal
Bulding Soc In Changing Threat LandscapefinalMahmoud Yassin
 
Building a Cyber Security Operations Center for SCADA/ICS Environments
Building a Cyber Security Operations Center for SCADA/ICS EnvironmentsBuilding a Cyber Security Operations Center for SCADA/ICS Environments
Building a Cyber Security Operations Center for SCADA/ICS EnvironmentsShah Sheikh
 
Offensive cyber security engineer updated
Offensive cyber security engineer updatedOffensive cyber security engineer updated
Offensive cyber security engineer updatedInfosecTrain
 
Practical Enterprise Security Architecture
Practical Enterprise Security Architecture  Practical Enterprise Security Architecture
Practical Enterprise Security Architecture Priyanka Aash
 
Understanding Application Threat Modelling & Architecture
 Understanding Application Threat Modelling & Architecture Understanding Application Threat Modelling & Architecture
Understanding Application Threat Modelling & ArchitecturePriyanka Aash
 
Overview of Google’s BeyondCorp Approach to Security
 Overview of Google’s BeyondCorp Approach to Security Overview of Google’s BeyondCorp Approach to Security
Overview of Google’s BeyondCorp Approach to SecurityPriyanka Aash
 
Persistence is Key: Advanced Persistent Threats
Persistence is Key: Advanced Persistent ThreatsPersistence is Key: Advanced Persistent Threats
Persistence is Key: Advanced Persistent ThreatsSameer Thadani
 
Addressing the cyber kill chain
Addressing the cyber kill chainAddressing the cyber kill chain
Addressing the cyber kill chainSymantec Brasil
 
Webinar - Reducing the Risk of a Cyber Attack on Utilities
Webinar - Reducing the Risk of a Cyber Attack on UtilitiesWebinar - Reducing the Risk of a Cyber Attack on Utilities
Webinar - Reducing the Risk of a Cyber Attack on UtilitiesWPICPE
 
ICS Network Security Monitoring (NSM)
ICS Network Security Monitoring (NSM)ICS Network Security Monitoring (NSM)
ICS Network Security Monitoring (NSM)Digital Bond
 

Tendances (20)

Incident Response: Validation, Containment & Forensics
 Incident Response: Validation, Containment & Forensics Incident Response: Validation, Containment & Forensics
Incident Response: Validation, Containment & Forensics
 
From IT to IoT: Bridging the Growing Cybersecurity Divide
From IT to IoT: Bridging the Growing Cybersecurity DivideFrom IT to IoT: Bridging the Growing Cybersecurity Divide
From IT to IoT: Bridging the Growing Cybersecurity Divide
 
Detect Unknown Threats, Reduce Dwell Time, Accelerate Response
Detect Unknown Threats, Reduce Dwell Time, Accelerate ResponseDetect Unknown Threats, Reduce Dwell Time, Accelerate Response
Detect Unknown Threats, Reduce Dwell Time, Accelerate Response
 
DTS Solution - Software Defined Security v1.0
DTS Solution - Software Defined Security v1.0DTS Solution - Software Defined Security v1.0
DTS Solution - Software Defined Security v1.0
 
Hardware Security on Vehicles
Hardware Security on VehiclesHardware Security on Vehicles
Hardware Security on Vehicles
 
Chris Haley - Understanding Attackers' Use of Covert Communications
Chris Haley - Understanding Attackers' Use of Covert CommunicationsChris Haley - Understanding Attackers' Use of Covert Communications
Chris Haley - Understanding Attackers' Use of Covert Communications
 
Top Tactics For Endpoint Security
Top Tactics For Endpoint SecurityTop Tactics For Endpoint Security
Top Tactics For Endpoint Security
 
SCADA Security Webinar
SCADA Security WebinarSCADA Security Webinar
SCADA Security Webinar
 
Cyber Attack Survival: Are You Ready?
Cyber Attack Survival:  Are You Ready?Cyber Attack Survival:  Are You Ready?
Cyber Attack Survival: Are You Ready?
 
Bulding Soc In Changing Threat Landscapefinal
Bulding Soc In Changing Threat LandscapefinalBulding Soc In Changing Threat Landscapefinal
Bulding Soc In Changing Threat Landscapefinal
 
Building a Cyber Security Operations Center for SCADA/ICS Environments
Building a Cyber Security Operations Center for SCADA/ICS EnvironmentsBuilding a Cyber Security Operations Center for SCADA/ICS Environments
Building a Cyber Security Operations Center for SCADA/ICS Environments
 
Offensive cyber security engineer updated
Offensive cyber security engineer updatedOffensive cyber security engineer updated
Offensive cyber security engineer updated
 
Practical Enterprise Security Architecture
Practical Enterprise Security Architecture  Practical Enterprise Security Architecture
Practical Enterprise Security Architecture
 
Understanding Application Threat Modelling & Architecture
 Understanding Application Threat Modelling & Architecture Understanding Application Threat Modelling & Architecture
Understanding Application Threat Modelling & Architecture
 
Overview of Google’s BeyondCorp Approach to Security
 Overview of Google’s BeyondCorp Approach to Security Overview of Google’s BeyondCorp Approach to Security
Overview of Google’s BeyondCorp Approach to Security
 
Persistence is Key: Advanced Persistent Threats
Persistence is Key: Advanced Persistent ThreatsPersistence is Key: Advanced Persistent Threats
Persistence is Key: Advanced Persistent Threats
 
Addressing the cyber kill chain
Addressing the cyber kill chainAddressing the cyber kill chain
Addressing the cyber kill chain
 
Webinar - Reducing the Risk of a Cyber Attack on Utilities
Webinar - Reducing the Risk of a Cyber Attack on UtilitiesWebinar - Reducing the Risk of a Cyber Attack on Utilities
Webinar - Reducing the Risk of a Cyber Attack on Utilities
 
RSA Anatomy of an Attack
RSA Anatomy of an AttackRSA Anatomy of an Attack
RSA Anatomy of an Attack
 
ICS Network Security Monitoring (NSM)
ICS Network Security Monitoring (NSM)ICS Network Security Monitoring (NSM)
ICS Network Security Monitoring (NSM)
 

En vedette

DTS Solution - SCADA Security Solutions
DTS Solution - SCADA Security SolutionsDTS Solution - SCADA Security Solutions
DTS Solution - SCADA Security SolutionsShah Sheikh
 
Mr. Vivek Ramachandran - Advanced Wi-­Fi Security Penetration Testing
Mr. Vivek Ramachandran - Advanced Wi-­Fi Security Penetration TestingMr. Vivek Ramachandran - Advanced Wi-­Fi Security Penetration Testing
Mr. Vivek Ramachandran - Advanced Wi-­Fi Security Penetration Testingnooralmousa
 
Effective Human Detection & Tracking Security Using Machine Vision
Effective Human Detection & Tracking Security Using Machine VisionEffective Human Detection & Tracking Security Using Machine Vision
Effective Human Detection & Tracking Security Using Machine Visionmarshallbutler
 
DTS Solution - Crypto Flow Segmentation addressing NESA IAF and ISO27001 comp...
DTS Solution - Crypto Flow Segmentation addressing NESA IAF and ISO27001 comp...DTS Solution - Crypto Flow Segmentation addressing NESA IAF and ISO27001 comp...
DTS Solution - Crypto Flow Segmentation addressing NESA IAF and ISO27001 comp...Shah Sheikh
 
10 Google Analytics Features You Need to Know
10 Google Analytics Features You Need to Know10 Google Analytics Features You Need to Know
10 Google Analytics Features You Need to KnowFeng Liu
 
NetWatcher crowdsourcing
NetWatcher crowdsourcingNetWatcher crowdsourcing
NetWatcher crowdsourcingScott Suhy
 
DSS ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...
DSS   ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...DSS   ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...
DSS ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...Andris Soroka
 
陳國益 3D 列印技術簡介 Kuo-Yi Chen, 3D print technology
陳國益 3D 列印技術簡介 Kuo-Yi Chen, 3D print technology陳國益 3D 列印技術簡介 Kuo-Yi Chen, 3D print technology
陳國益 3D 列印技術簡介 Kuo-Yi Chen, 3D print technologyKuo-Yi Chen
 
Big data-analytics-trends-2016
Big data-analytics-trends-2016Big data-analytics-trends-2016
Big data-analytics-trends-2016Aureus Analytics
 
IBM QRadar Security Intelligence Overview
IBM QRadar Security Intelligence OverviewIBM QRadar Security Intelligence Overview
IBM QRadar Security Intelligence OverviewCamilo Fandiño Gómez
 
The evolving threats and the challenges of the modern CISO
The evolving threats and the challenges of the modern CISOThe evolving threats and the challenges of the modern CISO
The evolving threats and the challenges of the modern CISOisc2-hellenic
 
The Evolution of Cyber Attacks
The Evolution of Cyber AttacksThe Evolution of Cyber Attacks
The Evolution of Cyber AttacksVenafi
 
2 Marketing Plan - Marketing Strategy & Objectives by www.marketingPlanNOW.com
2 Marketing Plan - Marketing Strategy & Objectives by www.marketingPlanNOW.com2 Marketing Plan - Marketing Strategy & Objectives by www.marketingPlanNOW.com
2 Marketing Plan - Marketing Strategy & Objectives by www.marketingPlanNOW.comwww.marketingPlanMODE.com
 
DTS Solution - Wireless Security Protocols / PenTesting
DTS Solution - Wireless Security Protocols / PenTesting DTS Solution - Wireless Security Protocols / PenTesting
DTS Solution - Wireless Security Protocols / PenTesting Shah Sheikh
 

En vedette (18)

DTS Solution - SCADA Security Solutions
DTS Solution - SCADA Security SolutionsDTS Solution - SCADA Security Solutions
DTS Solution - SCADA Security Solutions
 
Mr. Vivek Ramachandran - Advanced Wi-­Fi Security Penetration Testing
Mr. Vivek Ramachandran - Advanced Wi-­Fi Security Penetration TestingMr. Vivek Ramachandran - Advanced Wi-­Fi Security Penetration Testing
Mr. Vivek Ramachandran - Advanced Wi-­Fi Security Penetration Testing
 
Smart Sourcing in China
Smart Sourcing in ChinaSmart Sourcing in China
Smart Sourcing in China
 
Effective Human Detection & Tracking Security Using Machine Vision
Effective Human Detection & Tracking Security Using Machine VisionEffective Human Detection & Tracking Security Using Machine Vision
Effective Human Detection & Tracking Security Using Machine Vision
 
Mar 20 presentation #2
Mar 20 presentation #2Mar 20 presentation #2
Mar 20 presentation #2
 
DTS Solution - Crypto Flow Segmentation addressing NESA IAF and ISO27001 comp...
DTS Solution - Crypto Flow Segmentation addressing NESA IAF and ISO27001 comp...DTS Solution - Crypto Flow Segmentation addressing NESA IAF and ISO27001 comp...
DTS Solution - Crypto Flow Segmentation addressing NESA IAF and ISO27001 comp...
 
10 Google Analytics Features You Need to Know
10 Google Analytics Features You Need to Know10 Google Analytics Features You Need to Know
10 Google Analytics Features You Need to Know
 
NetWatcher crowdsourcing
NetWatcher crowdsourcingNetWatcher crowdsourcing
NetWatcher crowdsourcing
 
DSS ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...
DSS   ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...DSS   ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...
DSS ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...
 
陳國益 3D 列印技術簡介 Kuo-Yi Chen, 3D print technology
陳國益 3D 列印技術簡介 Kuo-Yi Chen, 3D print technology陳國益 3D 列印技術簡介 Kuo-Yi Chen, 3D print technology
陳國益 3D 列印技術簡介 Kuo-Yi Chen, 3D print technology
 
Logs & Visualizations at Twitter
Logs & Visualizations at TwitterLogs & Visualizations at Twitter
Logs & Visualizations at Twitter
 
Big data-analytics-trends-2016
Big data-analytics-trends-2016Big data-analytics-trends-2016
Big data-analytics-trends-2016
 
IBM QRadar Security Intelligence Overview
IBM QRadar Security Intelligence OverviewIBM QRadar Security Intelligence Overview
IBM QRadar Security Intelligence Overview
 
IBM Security QRadar
 IBM Security QRadar IBM Security QRadar
IBM Security QRadar
 
The evolving threats and the challenges of the modern CISO
The evolving threats and the challenges of the modern CISOThe evolving threats and the challenges of the modern CISO
The evolving threats and the challenges of the modern CISO
 
The Evolution of Cyber Attacks
The Evolution of Cyber AttacksThe Evolution of Cyber Attacks
The Evolution of Cyber Attacks
 
2 Marketing Plan - Marketing Strategy & Objectives by www.marketingPlanNOW.com
2 Marketing Plan - Marketing Strategy & Objectives by www.marketingPlanNOW.com2 Marketing Plan - Marketing Strategy & Objectives by www.marketingPlanNOW.com
2 Marketing Plan - Marketing Strategy & Objectives by www.marketingPlanNOW.com
 
DTS Solution - Wireless Security Protocols / PenTesting
DTS Solution - Wireless Security Protocols / PenTesting DTS Solution - Wireless Security Protocols / PenTesting
DTS Solution - Wireless Security Protocols / PenTesting
 

Similaire à DTS Solution - Penetration Testing Services v1.0

Vulnerability Ass... Penetrate What?
Vulnerability Ass... Penetrate What?Vulnerability Ass... Penetrate What?
Vulnerability Ass... Penetrate What?Jorge Orchilles
 
Introduction To Ethical Hacking
Introduction To Ethical HackingIntroduction To Ethical Hacking
Introduction To Ethical HackingRaghav Bisht
 
Vulnerability Assessment and Penetration Testing Framework by Falgun Rathod
Vulnerability Assessment and Penetration Testing Framework by Falgun RathodVulnerability Assessment and Penetration Testing Framework by Falgun Rathod
Vulnerability Assessment and Penetration Testing Framework by Falgun RathodFalgun Rathod
 
Is3110 Lab 5 Essay
Is3110 Lab 5 EssayIs3110 Lab 5 Essay
Is3110 Lab 5 EssayTammy Davis
 
What is Penetration Testing?
What is Penetration Testing?What is Penetration Testing?
What is Penetration Testing?Rapid7
 
Attackers May Depend On Social Engineering To Gain...
Attackers May Depend On Social Engineering To Gain...Attackers May Depend On Social Engineering To Gain...
Attackers May Depend On Social Engineering To Gain...Tiffany Sandoval
 
Ethical hacking/ Penetration Testing
Ethical hacking/ Penetration TestingEthical hacking/ Penetration Testing
Ethical hacking/ Penetration TestingANURAG CHAKRABORTY
 
Ethical hacking-guide-infosec
Ethical hacking-guide-infosecEthical hacking-guide-infosec
Ethical hacking-guide-infosecCMR WORLD TECH
 
Ethical hacking-guide-infosec
Ethical hacking-guide-infosecEthical hacking-guide-infosec
Ethical hacking-guide-infosecErfan Mallick
 
Firewalls in cryptography
Firewalls in cryptographyFirewalls in cryptography
Firewalls in cryptographyT7Unknown
 
ethical-hacking-guide
ethical-hacking-guideethical-hacking-guide
ethical-hacking-guideMatt Ford
 
13. Neville Varnham - PeopleSoft Cyber Security
13. Neville Varnham - PeopleSoft Cyber Security13. Neville Varnham - PeopleSoft Cyber Security
13. Neville Varnham - PeopleSoft Cyber SecurityCedar Consulting
 
Intrusion_Detection_By_loay_elbasyouni
Intrusion_Detection_By_loay_elbasyouniIntrusion_Detection_By_loay_elbasyouni
Intrusion_Detection_By_loay_elbasyouniLoay Elbasyouni
 
Certified Ethical Hacking
Certified Ethical HackingCertified Ethical Hacking
Certified Ethical HackingJennifer Wood
 
01_Metasploit - The Elixir of Network Security
01_Metasploit - The Elixir of Network Security01_Metasploit - The Elixir of Network Security
01_Metasploit - The Elixir of Network SecurityHarish Chaudhary
 
Sp Security 101 Primer 2 1
Sp Security 101 Primer 2 1Sp Security 101 Primer 2 1
Sp Security 101 Primer 2 1Barry Greene
 
Penetration testing
Penetration testing Penetration testing
Penetration testing PTC
 

Similaire à DTS Solution - Penetration Testing Services v1.0 (20)

Vulnerability Ass... Penetrate What?
Vulnerability Ass... Penetrate What?Vulnerability Ass... Penetrate What?
Vulnerability Ass... Penetrate What?
 
Introduction To Ethical Hacking
Introduction To Ethical HackingIntroduction To Ethical Hacking
Introduction To Ethical Hacking
 
Vulnerability Assessment and Penetration Testing Framework by Falgun Rathod
Vulnerability Assessment and Penetration Testing Framework by Falgun RathodVulnerability Assessment and Penetration Testing Framework by Falgun Rathod
Vulnerability Assessment and Penetration Testing Framework by Falgun Rathod
 
Is3110 Lab 5 Essay
Is3110 Lab 5 EssayIs3110 Lab 5 Essay
Is3110 Lab 5 Essay
 
Super1
Super1Super1
Super1
 
What is Penetration Testing?
What is Penetration Testing?What is Penetration Testing?
What is Penetration Testing?
 
Attackers May Depend On Social Engineering To Gain...
Attackers May Depend On Social Engineering To Gain...Attackers May Depend On Social Engineering To Gain...
Attackers May Depend On Social Engineering To Gain...
 
Ethical hacking/ Penetration Testing
Ethical hacking/ Penetration TestingEthical hacking/ Penetration Testing
Ethical hacking/ Penetration Testing
 
Ethical hacking-guide-infosec
Ethical hacking-guide-infosecEthical hacking-guide-infosec
Ethical hacking-guide-infosec
 
Ethical hacking-guide-infosec
Ethical hacking-guide-infosecEthical hacking-guide-infosec
Ethical hacking-guide-infosec
 
Firewalls in cryptography
Firewalls in cryptographyFirewalls in cryptography
Firewalls in cryptography
 
ethical-hacking-guide
ethical-hacking-guideethical-hacking-guide
ethical-hacking-guide
 
13. Neville Varnham - PeopleSoft Cyber Security
13. Neville Varnham - PeopleSoft Cyber Security13. Neville Varnham - PeopleSoft Cyber Security
13. Neville Varnham - PeopleSoft Cyber Security
 
Intrusion_Detection_By_loay_elbasyouni
Intrusion_Detection_By_loay_elbasyouniIntrusion_Detection_By_loay_elbasyouni
Intrusion_Detection_By_loay_elbasyouni
 
Certified Ethical Hacking
Certified Ethical HackingCertified Ethical Hacking
Certified Ethical Hacking
 
01_Metasploit - The Elixir of Network Security
01_Metasploit - The Elixir of Network Security01_Metasploit - The Elixir of Network Security
01_Metasploit - The Elixir of Network Security
 
Sp Security 101 Primer 2 1
Sp Security 101 Primer 2 1Sp Security 101 Primer 2 1
Sp Security 101 Primer 2 1
 
Web application Testing
Web application TestingWeb application Testing
Web application Testing
 
Cybersecurity - Jim Butterworth
Cybersecurity - Jim ButterworthCybersecurity - Jim Butterworth
Cybersecurity - Jim Butterworth
 
Penetration testing
Penetration testing Penetration testing
Penetration testing
 

Plus de Shah Sheikh

ISACA 2019 Amman Chapter - Shah Sheikh - Cyber Resilience
ISACA 2019 Amman Chapter - Shah Sheikh - Cyber ResilienceISACA 2019 Amman Chapter - Shah Sheikh - Cyber Resilience
ISACA 2019 Amman Chapter - Shah Sheikh - Cyber ResilienceShah Sheikh
 
DTS Solution - Company Presentation
DTS Solution - Company PresentationDTS Solution - Company Presentation
DTS Solution - Company PresentationShah Sheikh
 
DTS Solution - Company Presentation
DTS Solution - Company PresentationDTS Solution - Company Presentation
DTS Solution - Company PresentationShah Sheikh
 
DTS Solution - Red Team - Penetration Testing
DTS Solution - Red Team - Penetration TestingDTS Solution - Red Team - Penetration Testing
DTS Solution - Red Team - Penetration TestingShah Sheikh
 
DTS Solution - Cyber Security Services Portfolio
DTS Solution - Cyber Security Services PortfolioDTS Solution - Cyber Security Services Portfolio
DTS Solution - Cyber Security Services PortfolioShah Sheikh
 
DTS Solution - Yehia Mamdouh - Release your pet worm on your infrastructure....
DTS Solution - Yehia Mamdouh - Release your pet worm on your infrastructure....DTS Solution - Yehia Mamdouh - Release your pet worm on your infrastructure....
DTS Solution - Yehia Mamdouh - Release your pet worm on your infrastructure....Shah Sheikh
 
Yehia Mamdouh @ DTS Solution - The Gentleman Thief
Yehia Mamdouh @ DTS Solution - The Gentleman ThiefYehia Mamdouh @ DTS Solution - The Gentleman Thief
Yehia Mamdouh @ DTS Solution - The Gentleman ThiefShah Sheikh
 
DefCamp - Mohamed Bedewi - Building a Weaponized Honeypot
DefCamp - Mohamed Bedewi - Building a Weaponized HoneypotDefCamp - Mohamed Bedewi - Building a Weaponized Honeypot
DefCamp - Mohamed Bedewi - Building a Weaponized HoneypotShah Sheikh
 
BalCcon 2015 - DTS Solution - Attacking the Unknown by Mohamed Bedewi
BalCcon 2015 - DTS Solution - Attacking the Unknown by Mohamed BedewiBalCcon 2015 - DTS Solution - Attacking the Unknown by Mohamed Bedewi
BalCcon 2015 - DTS Solution - Attacking the Unknown by Mohamed BedewiShah Sheikh
 
DTS Solution - Hacking ATM Machines - The Italian Job Way
DTS Solution - Hacking ATM Machines - The Italian Job WayDTS Solution - Hacking ATM Machines - The Italian Job Way
DTS Solution - Hacking ATM Machines - The Italian Job WayShah Sheikh
 
DTS Solution - Outsourcing Outlook Dubai 2015
DTS Solution - Outsourcing Outlook Dubai 2015DTS Solution - Outsourcing Outlook Dubai 2015
DTS Solution - Outsourcing Outlook Dubai 2015Shah Sheikh
 
National Oil Company Conference 2014 - Evolving Cyber Security - A Wake Up Ca...
National Oil Company Conference 2014 - Evolving Cyber Security - A Wake Up Ca...National Oil Company Conference 2014 - Evolving Cyber Security - A Wake Up Ca...
National Oil Company Conference 2014 - Evolving Cyber Security - A Wake Up Ca...Shah Sheikh
 
ISACA Journal Publication - Does your Cloud have a Secure Lining? Shah Sheikh
ISACA Journal Publication - Does your Cloud have a Secure Lining? Shah SheikhISACA Journal Publication - Does your Cloud have a Secure Lining? Shah Sheikh
ISACA Journal Publication - Does your Cloud have a Secure Lining? Shah SheikhShah Sheikh
 
PT-DTS SCADA Security using MaxPatrol
PT-DTS SCADA Security using MaxPatrolPT-DTS SCADA Security using MaxPatrol
PT-DTS SCADA Security using MaxPatrolShah Sheikh
 
DTS Solution - Building a SOC (Security Operations Center)
DTS Solution - Building a SOC (Security Operations Center)DTS Solution - Building a SOC (Security Operations Center)
DTS Solution - Building a SOC (Security Operations Center)Shah Sheikh
 
SeGW Whitepaper from Radisys
SeGW Whitepaper from RadisysSeGW Whitepaper from Radisys
SeGW Whitepaper from RadisysShah Sheikh
 

Plus de Shah Sheikh (16)

ISACA 2019 Amman Chapter - Shah Sheikh - Cyber Resilience
ISACA 2019 Amman Chapter - Shah Sheikh - Cyber ResilienceISACA 2019 Amman Chapter - Shah Sheikh - Cyber Resilience
ISACA 2019 Amman Chapter - Shah Sheikh - Cyber Resilience
 
DTS Solution - Company Presentation
DTS Solution - Company PresentationDTS Solution - Company Presentation
DTS Solution - Company Presentation
 
DTS Solution - Company Presentation
DTS Solution - Company PresentationDTS Solution - Company Presentation
DTS Solution - Company Presentation
 
DTS Solution - Red Team - Penetration Testing
DTS Solution - Red Team - Penetration TestingDTS Solution - Red Team - Penetration Testing
DTS Solution - Red Team - Penetration Testing
 
DTS Solution - Cyber Security Services Portfolio
DTS Solution - Cyber Security Services PortfolioDTS Solution - Cyber Security Services Portfolio
DTS Solution - Cyber Security Services Portfolio
 
DTS Solution - Yehia Mamdouh - Release your pet worm on your infrastructure....
DTS Solution - Yehia Mamdouh - Release your pet worm on your infrastructure....DTS Solution - Yehia Mamdouh - Release your pet worm on your infrastructure....
DTS Solution - Yehia Mamdouh - Release your pet worm on your infrastructure....
 
Yehia Mamdouh @ DTS Solution - The Gentleman Thief
Yehia Mamdouh @ DTS Solution - The Gentleman ThiefYehia Mamdouh @ DTS Solution - The Gentleman Thief
Yehia Mamdouh @ DTS Solution - The Gentleman Thief
 
DefCamp - Mohamed Bedewi - Building a Weaponized Honeypot
DefCamp - Mohamed Bedewi - Building a Weaponized HoneypotDefCamp - Mohamed Bedewi - Building a Weaponized Honeypot
DefCamp - Mohamed Bedewi - Building a Weaponized Honeypot
 
BalCcon 2015 - DTS Solution - Attacking the Unknown by Mohamed Bedewi
BalCcon 2015 - DTS Solution - Attacking the Unknown by Mohamed BedewiBalCcon 2015 - DTS Solution - Attacking the Unknown by Mohamed Bedewi
BalCcon 2015 - DTS Solution - Attacking the Unknown by Mohamed Bedewi
 
DTS Solution - Hacking ATM Machines - The Italian Job Way
DTS Solution - Hacking ATM Machines - The Italian Job WayDTS Solution - Hacking ATM Machines - The Italian Job Way
DTS Solution - Hacking ATM Machines - The Italian Job Way
 
DTS Solution - Outsourcing Outlook Dubai 2015
DTS Solution - Outsourcing Outlook Dubai 2015DTS Solution - Outsourcing Outlook Dubai 2015
DTS Solution - Outsourcing Outlook Dubai 2015
 
National Oil Company Conference 2014 - Evolving Cyber Security - A Wake Up Ca...
National Oil Company Conference 2014 - Evolving Cyber Security - A Wake Up Ca...National Oil Company Conference 2014 - Evolving Cyber Security - A Wake Up Ca...
National Oil Company Conference 2014 - Evolving Cyber Security - A Wake Up Ca...
 
ISACA Journal Publication - Does your Cloud have a Secure Lining? Shah Sheikh
ISACA Journal Publication - Does your Cloud have a Secure Lining? Shah SheikhISACA Journal Publication - Does your Cloud have a Secure Lining? Shah Sheikh
ISACA Journal Publication - Does your Cloud have a Secure Lining? Shah Sheikh
 
PT-DTS SCADA Security using MaxPatrol
PT-DTS SCADA Security using MaxPatrolPT-DTS SCADA Security using MaxPatrol
PT-DTS SCADA Security using MaxPatrol
 
DTS Solution - Building a SOC (Security Operations Center)
DTS Solution - Building a SOC (Security Operations Center)DTS Solution - Building a SOC (Security Operations Center)
DTS Solution - Building a SOC (Security Operations Center)
 
SeGW Whitepaper from Radisys
SeGW Whitepaper from RadisysSeGW Whitepaper from Radisys
SeGW Whitepaper from Radisys
 

Dernier

UiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation DevelopersUiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation DevelopersUiPathCommunity
 
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...DianaGray10
 
Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.YounusS2
 
NIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 WorkshopNIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 WorkshopBachir Benyammi
 
Cybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptxCybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptxGDSC PJATK
 
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCostKubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCostMatt Ray
 
COMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a WebsiteCOMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a Websitedgelyza
 
Comparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and IstioComparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and IstioChristian Posta
 
Igniting Next Level Productivity with AI-Infused Data Integration Workflows
Igniting Next Level Productivity with AI-Infused Data Integration WorkflowsIgniting Next Level Productivity with AI-Infused Data Integration Workflows
Igniting Next Level Productivity with AI-Infused Data Integration WorkflowsSafe Software
 
UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6DianaGray10
 
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...Will Schroeder
 
Computer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and HazardsComputer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and HazardsSeth Reyes
 
Machine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdfMachine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdfAijun Zhang
 
Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™Adtran
 
Designing A Time bound resource download URL
Designing A Time bound resource download URLDesigning A Time bound resource download URL
Designing A Time bound resource download URLRuncy Oommen
 
Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024D Cloud Solutions
 
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve DecarbonizationUsing IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve DecarbonizationIES VE
 
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdfJamie (Taka) Wang
 
AI You Can Trust - Ensuring Success with Data Integrity Webinar
AI You Can Trust - Ensuring Success with Data Integrity WebinarAI You Can Trust - Ensuring Success with Data Integrity Webinar
AI You Can Trust - Ensuring Success with Data Integrity WebinarPrecisely
 

Dernier (20)

UiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation DevelopersUiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation Developers
 
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
 
Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.
 
NIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 WorkshopNIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 Workshop
 
Cybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptxCybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptx
 
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCostKubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
 
COMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a WebsiteCOMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a Website
 
Comparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and IstioComparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and Istio
 
Igniting Next Level Productivity with AI-Infused Data Integration Workflows
Igniting Next Level Productivity with AI-Infused Data Integration WorkflowsIgniting Next Level Productivity with AI-Infused Data Integration Workflows
Igniting Next Level Productivity with AI-Infused Data Integration Workflows
 
UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6
 
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
 
Computer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and HazardsComputer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and Hazards
 
201610817 - edge part1
201610817 - edge part1201610817 - edge part1
201610817 - edge part1
 
Machine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdfMachine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdf
 
Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™
 
Designing A Time bound resource download URL
Designing A Time bound resource download URLDesigning A Time bound resource download URL
Designing A Time bound resource download URL
 
Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024
 
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve DecarbonizationUsing IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
 
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
 
AI You Can Trust - Ensuring Success with Data Integrity Webinar
AI You Can Trust - Ensuring Success with Data Integrity WebinarAI You Can Trust - Ensuring Success with Data Integrity Webinar
AI You Can Trust - Ensuring Success with Data Integrity Webinar
 

DTS Solution - Penetration Testing Services v1.0

  • 1. Penetration Testing Services www.dts-solution.com Shah H Sheikh – Sr. Security Solutions Consultant MEng CISSP CISA CISM CRISC CCSK shah@dts-solution.com Mohamed Bedewi – Penetration Testing Consultant Network + CCNA MCSE Linux + RHCE Security + CEH PWB mohamed@dts-solution.com
  • 2. Introduction Penetration Testing is the process of assessing the security of a computer system by attacking it with the intention of finding security weaknesses, potentially gaining access to it, it's functionality and data There's several available methodologies to conduct a successful penetration testing and there's no such thing called the right methodology but if a team choose to improvise and not choosing any then that might lead to: (Incomplete Testing, Time Consumption, Waste of Efforts, Ineffective Testing) There's no 100% secured system, a human made the system and a human will break it! Early in 1970's, Department of Defense (DOD) used penetration testing to demonstrate the security weaknesses in computer systems and to initiate the development of programs to create more secure systems.
  • 3. Methodology DTS - Methodology to Conduct a Successful Penetration Testing Information Team Tools WhiteBox BlackBox Roles Responsibilities Information Gathering
  • 4. Give me six hours to chop down a tree and I will spend the first four sharpening the axe Abraham Lincoln
  • 5. Information The most important element of any successful penetration testing, without the proper knowledge of your target you'll be just a skiddie who's firing random attacks which will probably trigger all kinds of red-flags more than doing any penetration! White Box Penetration Testing: is a penetration testing approach that uses the knowledge of the internals of the target system to elaborate the test cases, it's non realistic attack but it maximizes testing time and enable penetration testers to conduct deep testing. Black Box Penetration Testing: is a penetration testing approach that requires no previous information and usually takes the approach of an uninformed attacker, it simulates a very realistic scenario but testing time can't be maximized in certain scenarios and some area of the infrastructure might remain untested.
  • 6. Initial Gathering Information Gathering Search Engines Location Information Employees Search Financial Services Job Postings DNS Information Network Range Google Hacking Whois Lookup
  • 7. Deep Gathering Information Gathering Network Survey You're blind and this is your first phase which is opening your eyes to the system to be tested, you will have a network map that you'll use to find reachable systems to be tested Objectives Domain Names Server Names IP Addresses Network Map ISP Information Systems Owner Services Owner OS Identification Every OS has special characteristics and if a comparison of variations in OS TCP/IP stack implementation behavior is made, a remote OS can be identified (TCP/IP Fingerprinting) Objectives OS Type System Type Example NMAP Port Scanning Each internet enabled system has 65536 TCP and UDP ports, the first 1023 ports are called the well- known ports, probing ports on the transport and network level can reveal the running services on A computer system Objectives Open Ports Closed Ports Filtered Ports Attack Surface Depending on the last three phases you can perform banner grabbing to identify the installed services, name and version along with their patch level Objectives Services Type Application Type Patch Level Attack Vector Example Nessus
  • 8. Only two things are infinite, the universe and human stupidity, and I'm not sure about the former Albert Einstein
  • 9. Local Gathering Information Gathering Dumpster Diving Social Engineering Tailgating Old Hardware Piggybacking Company Tour Reverse SE Job Applying
  • 10. Responsibilities: A team of penetration testers is most effective and efficient when it's crew members are elites and everyone knows exactly his role and responsibility during a pen-testing process otherwise a distraction, waste of time and resources will arise. Tools: Every penetration tester has his own tools which he feels comfortable with and can get the best out of during a pen-testing process, most penetration testers use tools to automate the work, make their work most effective and to save time that's why a good penetration tester doesn't know all the tools but he can make use of the one he knows best! Team
  • 12. NOOOOOO STOP! Even if you had the perfect payload to compromise a remote vulnerable system there's a huge chances that your attack will be filtered and detected because it's not the 90's anymore and there's probably IDS's, IPS's, Firewalls, UTM's, Anti-Viruses, Anti-Malware, Anti-Rootkits, WAF's, Honeybots and zillion of traps so if you did your information gathering phase right, you already know about their presence and now it's time for you to bypass them to deliver your payload and compromise the remote system! I am not going through bypassing security mechanisms for the sake of time but you can always revert to our session on Evasion of Infrastructure Security for a couple of hints!
  • 13. Some Famous Attacks Brute Forcing Sniffing MITM Hash Injection DHCP Starvation Rogue DHCP ARP Poisoning DNS Poisoning Spoofing Phishing Amplified DDOS Session Hijacking XSS Session Fixation Directory Traversal Unvalidated Input Parameter Tampering SQL Injection LDAP Injection File Injection CSRF Buffer Overflow Cookie Poisoning Rogue AP Routing Attacks VOIP Sniffing DOS Open Relay Replay Attacks HTML Injection SNMP Attacks SMB Attacks Evil Twin Worm Attacks Trojan Attacks Virus Attacks Zeroday Attacks Malware Attacks Cryptanalysis NTP Attacks
  • 14. Documentation and Patching After performing the penetration testing with successful exploitation, compiling the results in an understandable format is the key element for selling your hard work which no one will understand specially if it came as pure technical (decision makers in any company are mostly non-technical and if they couldn't understand your report then all your hard work is wasted) that's why including Executive Summary and Management Summary inside your report is a very good idea also in my opinion stating a deep technical information about the security risk is not advisable since the target in question is probably a high hack value and it probably invested in his engineers good, if they knew too much about the vulnerabilities they will probably patch them and they'll not use you in patching phase, which mean in business terms Loss of Potential Business!
  • 15. DTS Solution – Assessment Services Security Assessment Services  Penetration Testing and Vulnerability Assessment  Black Box Ethical Testing  Vulnerability Management  Unified Communications Audit  VoIP / UC / Tele-presence security  SCADA Security Evaluation Toolkit  Industrial Control Systems Security Readiness  Mobile Network Security  UMTS / LTE – GTP Scan / Spoofed TEID / SCTP Scan / APN bruteforce  Fixed Mobile Convergence – SeGW and IMS Security  Endpoint IP Discovery and Network Leakage Detection  Rogue and Unknown Network Detection  Backdoor connections (3G / xDSL / Rogue WiFi and leaking endpoints discovery and classification)  Availability Assessment  DDoS Protection – Botnet / Zombie Detection  Web Portal Availability / DNS Server Protection – Protocol Fuzzing, DDoS attack simulation  Core Network Security  MPLS – MP-BGP and VRF Security (RT import and export analysis) / PE-CE security and label insertion  VPLS – Spanning Tree, ARP poisoning, MAC spoofing
  • 16. Thanks and Have a Good Day
  • 17. Shah H Sheikh – Sr. Security Solutions Consultant MEng CISSP CISA CISM CRISC CCSK shah@dts-solution.com