Professional Documents
Culture Documents
Module 1 - Solid Introduction To Penetration Testing PDF
Module 1 - Solid Introduction To Penetration Testing PDF
l.c
CODENAME: Samurai Skills
ai
Course
gm
1@
Module 1: Solid Introduction to
89
Penetration Testing
y6
Ninja-Sec.com
br
What is a Penetration Test?
om
A method of evaluating the security of a computer system or
l.c
network by simulating an attack from a malicious source that may
ai
involve active exploitation of security vulnerabilities. The process
involves an active analysis of the system for any potential
gm
vulnerabilities that may result from poor or improper system
configuration, known and/or unknown hardware or software flaws,
1@
or operational weaknesses in process or technical
countermeasures.
89
out of it?
br
Penetration Testing Services
om
Finding vulnerabilities in applications and protocols through custom
exploit development
l.c
A service where exploits and tools may need to be written on the fly
during the assessment.
ai
Identifying and exploiting code and business logic insecurities in web
gm
applications
Tricking someone into divulging sensitive information
1@
Testing the physical security protections of an organization
Cracking a network perimeter, exfiltration data and demonstrating
impact of successful penetrations.
89
Attempting to gain access to a system while evading security
monitoring capabilities
y6
om
We sometimes define a penetration tests by
l.c
the level of knowledge the tester will have of
ai
the infrastructure to be tested:
gm
White Box: Full prior knowledge
1@
Black Box: No knowledge
Grey Box or Crystal Box: Some variation in
89
between
y6
br
Another Current Approach to Definitions
om
A somewhat better approach is to define a penetration tests
by the technology and/or activity:
l.c
ai
Network Services penetration test
gm
Wireless Security penetration test
Web Application penetration test
1@
Social Engineering penetration test
Physical penetration test
89
Client Side penetration test
y6
om
National Board of Information Security
l.c
Examiners (NBISE)
ai
gm
Council for Registered Ethical Security Testers
(CREST) 1@
89
y6
om
Reconnaissance
l.c
Scanning
ai
Exploitation
gm
Reporting
1@
89
y6
br
What Are Penetration Testing Goals ?
om
Independently assess a system from the viewpoint of a
malicious attacker, whether a malicious insider or an
l.c
uninformed outsider.
ai
gm
determining business impact from a successful attack.
Test information security detection and response
1@
capabilities in ways only an actual cyber-attack can.
Test a system with active exploitation tools and
89
techniques, validating both technical and non-technical
y6
vulnerabilities.
br
What are Goals of this course?
om
we made our course to provide you with the
ability to conduct an effective hands on penetration
l.c
test
ai
we are focusing on medium level penetration test
gm
(NS|PT)
1@
we have another course that focusing on
Advanced level penetration test (NS|APT)
89
Scenarios
Vulnerability Assessment Vs. Penetration Testing
om
Both Are Different dont Mix!
l.c
Vulnerability Assessment : just find and report
ai
Vulnerabilities in a system network with out
gm
trying to exploit these vulnerabilities
1@
Penetration Testing : Finding and Exploiting these
89
vulnerabilities and take advantage of them to
going deeper on system or network and gain
y6
om
Vulnerability is a flaw or weakness in a system
l.c
that an attacker can exploit it to gain more
ai
power on the system
gm
1@
Exploit is a piece of code or a technique that
can be used by an attacker to take advantage
89
of a vulnerability
y6
br
Types of Vulnerabilities and Exploits
om
Vulnerabilities types :
Network Service Vulnerabilities
l.c
Web Application Vulnerabilities
ai
Mobile Application Vulnerabilities
Local Service Vulnerabilities
gm
System Vulnerabilities
Human Vulnerabilities
Physical Vulnerabilities1@
89
Exploits Types :
Remote Exploit
y6
Local Exploit
br
Dos Exploit
Exploits and tools sources for Penetration Testers
om
http://www.exploit-db.com
l.c
http://www.securityfocus.com
ai
http://packetstormsecurity.org
gm
1@
89
y6
br
Vulnerability Research Sources for Penetration Testers
om
us-cert.gov
l.c
cve.mitre.org
ai
secunia.com
gm
vupen.com
1@
89
y6
br
Commercial Tools for Penetration Testers
om
Metasploit pro
NeXpose
l.c
SAINT
ai
IBM Rational Appscan
gm
Immunity canvas
Core impact 1@
Nessus professional feed
89
HP Web Inspect
Acunetix WVS
y6
om
NIST 800-115 (Technical Guide for Information Security
Testing)
l.c
OSSTMM (Open Source Security Testing Methodology
ai
Manual)
gm
OWASP Testing Guide
1@
ISSAF (Information Systems Security Assessment
Framework)
89
Penetration Testing Framework
PTES (Penetration Testing Execution Standard)
y6
br
Penetration Test Report
om
This is The most important thing in penetration
testing process
l.c
ai
We show managers and technical guys at
gm
company what vulnerabilities they have in either
their Network ,systems ,web apps , mobile apps ,
1@
wireless and how they can secure them with
detailed and clear explanation
89
y6
om
Vulnerability Types
l.c
http://nvd.nist.gov/cwe.cfm
ai
gm
Top Vulnerabilities
http://secunia.com/resources/reports/
1@
Exploit Availability Repositories
89
http://www.exploit-db.com/
y6
http://packetstormsecurity.org/
br
http://securityreason.com/
Introduction : References -2
om
NIST 800-115: http://csrc.nist.gov/publications/nistpubs/800-
115/SP800-115.pdf
l.c
OSSTM: http://www.isecom.org/osstmm/
OWASP Testing Project:
ai
https://www.owasp.org/index.php/OWASP_Testing_Project
gm
ISSAF: http://www.oissg.org/issaf
Penetration Testing Framework:
1@
http://www.vulnerabilityassessment.co.uk/Penetration%20Tes
t.html
89
PTES: http://www.pentest-standard.org/index.php/Main_Page
Interesting discussion on the use of standards:
y6
http://resources.infosecinstitute.com/standards-for-
br
penetration-testing/
Introduction : References -3
om
http://www.vulnerabilityassessment.co.uk/rep
l.c
ort%20template.html
ai
gm
Penetration test reports
1@
89
http://www.mediafire.com/?wl969qbtptzfp13
y6
br