Professional Documents
Culture Documents
Guida Penetration Testing
Guida Penetration Testing
So far, we have discussed the necessary techniques and tools that can be used to footprint a
target orga nization's network, Penetration testing (or pen testing) refers to the process of testing
the organization's security posture using similar techniques and tools as that of an attacker, but
with the knowledge and approval of the organization. Footprinting is the first step to perform in
the pen testing process. Performing footprinting in a systematic manner enables a pen tester to
discover potential security liabilities that an attacker may exploit. In the pen testing process, the
pen tester acts as a malicious outsider and simulates an attack to find security loopholes.
A footprinting pen test helps in determining an organization's information on the Internet such
as network architecture, operating systems, applications, and users. The pen tester tries to
gather publicly available sensitive information of the target by pretending to be an attacker. The
The pen tester can perform the same attacks as an attacker, The pen tester should try all possible
ways in which to gather as much information as possible in order to ensure the maximum scope
of footprinting pen testing. If the pen tester finds sensitive information on any publicly available
Pen testing is a means to examine network security. Steps in the procedure should be followed
in order, to ensure maximum scope of testing. The steps involved in footprinting pen testing are:
Always perform pen testing with authorization. The first step in a footprinting pen test is
to get proper authorization from the organization. This may or may not include the system
administrators.
Defining the scope of the security assessment is a prerequisite for pen testing. Defining
the scope of assessment determines the range of systems in the network to be tested and
the resources that can be used to test and so on. It also determines the pen tester's
limitations. Once you define the scope, you should plan and gather sensitive information
Use footprint search engines such as Google, Yahoo! Search, Ask, Bing, and Dogpile to
gather the target organization's information such as employee details, login pages,
intranet portals and so on. that can help in performing social engineering and other types
Such use helps to expose security loopholes in the code and configuration of the websites.
Google hacking is usually done with the help of advanced Google operators that locate
Perform footprinting through web services such as Netcraft, Pipl, Google Finance, and
Pinterest, Google+ and so on. This can assist in performing social engineering. You can
also use people search engines to obtain information about a target person.
Perform website footprinting using tools such as Burp Suite, Web Data Extractor, HTTrack
Web Site Copier, Metagoofil, and WebSite-Watcher in order to build a detailed map of
this to perform social engineering that in turn may help in mapping the target
organization's network. Analyzing email headers can help to collect information such as
sender's IP address, sender's mail server, sender's address, data and time received by the
originator's email servers, authentication system used by sender's mail server, sender's
Gather competitive intelligence using tools such as Hoover's, LexisNexis, or Business Wire.
These tools extract competitor information such as its date of establishment, location,
progress analysis, higher authorities, product analysis, marketing details and so on.
Perform Whois footprinting using tools such as Whois Lookup, SmartWhois, and Batch IP
Converter to extract information about particular domains. You can capture information
such as IP address, domain owner name, registrant name, and contact details including
phone numbers, and email IDs. The information can be used to create a detailed map of
Perform DNS footprinting using tools such as DNSstuff, DIG, and myDNSTools to
determine key hosts in the network and to perform social engineering attacks. Resolve
the domain name to learn about its IP address, DNS records and so on.
Perform network footprinting using tools such as a Path Analyzer Pro, VisualRoute, and
GEO Spider to learn the network range and other information about the target network
dumpster diving, impersonation on social networking sites and phishing to gather critical
information about the target organization. Through social engineering, you can gather
target organization's security products in use, OS and software versions, network layout
When finished with the implementation of footprinting techniques, collect and document
the information obtained in each stage of testing. You can use this document to study,
understand, and analyze the security posture of the target organization. This also enables
It is advisable to pen-test the target network to identify its security posture. Pen-testing in
anticipation of a possible problem helps to find and fix any security loopholes present in the
target network. Such proactive prevention practices can keep an entire network from being
compromised. This section describes the steps involved in pen-testing the target network and
identifying live systems, discovering open ports and associated services, and grabbing system
banners from a remote location to simulate a network hacking attempt. You, as an ethical hacker
or pen-tester, should scan and test the network in every manner possible to ensure that there is
Once you are done with the penetration testing, document all your findings at every stage of the
The more ports that are open on the server, the easier it will be for an attacker to connect to it.
The first thing an attacker does is monitor network traffic for vulnerabilities such as open ports
and services running, through which the network could be compromised. Admins may install,
configure some unwanted services, leave services with default settings, and turn them on during
OS and application installations. This can cause unwanted traffic to the server or a way for an
attacker to intrude into the system. Attackers might also "banner grab" to trace the server name
and its version, and then use this information to break into a network. Therefore, close all the
unused/unnecessary open ports, unwanted services, and so on, and configure the server in such
a way that it hides the display of the banner. Also create inbound and outbound firewall rules to
block all the unwanted ports from allowing any connections from outside the network.
The first step of network penetration testing is to detect live hosts on the target network.
You can attempt to detect the live hosts (i.e., accessible hosts in the ta rget network), using
network scanning tools such as Nmap, Angry IP Scanner, SolarWinds Engineer's toolset,
Perform port scanning using tools such as Nmap, NetScanTools Pro, Hping3, PR TG
Network Monitor, and SuperScan. These tools help to probe a server or host an the target
network for open ports. Open ports are the doorways through which an attacker installs
malware on a system. Therefore, you should always check for open ports and close them
Scan beyond IDS and firewall; this helps you to understand the organization's security
Use proxy tools such as Proxy Switcher, Proxy Workbench, CyberGhost, Tor, and Burp
target machine and then comparing the responses with the database. This determines
the operating system running on the target host of a network and its version. Once you
know the version and the operating system running on the target system, find and exploit
the vulnerabilities related to that OS. Try to gain control over the system and compromise
Draw a network diagram of the vulnerable hosts that helps you to understand the logical
connection and path to them in the network. You can draw the network diagram with the
help of tools such as Network Topology Mapper, OpManager, The Dude, NetSurveyor,
and NetBrain. The network diagrams provide valuable information about the network and
its architecture.
The last but the most important step in penetration testing is to preserve all the outcomes
of tests conducted in previous steps in a document. This document will assist in finding
potential vulnerabilities in the network which you can use to suggest countermeasures.
Thus, penetration testing helps in assessing the security posture of the network and fixing
any security loopholes before they can cause trouble and result in severe organizational
loss.
Enumeration Pen Testing
This section describes the importance of enumeration pen testing, the framework of pen testing
Through enumeration, an attacker may gather sensitive information on organizations with weak
security. That sensitive information can be used to hack and break into the organization's
network, potentially resulting in huge loss in terms of information, service, or finance. To prevent these
kinds of attacks, every organization must test its own security, Enumeration pen testing
builds on the data collected in the reconnaissance phase. It is used to identify valid user accounts
or poorly protected resource shares using active connections to systems and directed queries.
A pen tester should conduct pen tests against various enumeration techniques in order to check
if the target network is revealing any sensitive information that may help an attacker in
performing an attack. This may reveal sensitive information such as user accounts, IP address,
email contacts, DNS, network resources and shares, application information, etc. The pen tester
should try to discover as much information as possible regarding the target, This helps to
A pen tester should perform all possible enumeration techniques to enumerate as much
information as possible about the target. To ensure the full scope of the test, enumeration pen
Find the network range using tools such as Whois Lookup. Finding network range helps in
enumerating important servers in the target network.
Calculate the subnet mask required for the IP range using tools such as Subnet Mask
Calculator. The calculated subnet mask can serve as an input to many of the ping sweep
and port scanning tools for further enumeration, which includes discovering hosts and
open ports.
Find the important servers connected to the Internet using tools such as Nmap. Use the
Nmap syntax to find the servers connected to Internet is as follows: nmap - sp <network-
range>. In place of the network range, enter the network range value obtained in the first
step.
Find any open ports and close them if they are not required. Open ports are doorways for
an attacker to break into a target's security perimeter, Therefore, perform port scanning
to check for the open ports on the nodes. Pen testers and security auditors use tools such
Perform NetBIOS enumeration to identify the network devices over TCP/IP and to obtain
a list of computers that belong to a domain, a list of shares on individual hosts, and
policies and passwords. Tools such as Hyena, Nsauditor Network Security Auditor, and
Perform SNMP enumeration by querying the SNMP server in the network. The SNMP
server may reveal information about user accounts and devices. Tools such as OpUtils
Network Monitoring Toolset and Engineer's Toolset can perform SNMP enumeration.
Perform LDAP enumeration by querying the LDAP service. Enumerating LDAP service
provides valid user names, departmental details, and address details. An attacker can use
this information to perform social engineering and other kinds of attacks. Tools such as
Perform SMTP enumeration to determine valid users on the SMTP server. Tools such as
NetScanTools Pro can query the SMTP server for this information.
Perform DNS enumeration to locate all the DNS servers and their records. The DNS servers
provide information such as system names, user names, IP addresses, etc. The Windows
systems, client software (softphones) /VolP phones User-agent IP addresses and user
extensions, etc. Use tool such as Svmap and Metasploit to collect this information.
Perform RPC enumeration to identify any vulnerable services on the RPC service ports.
Use tools such as Nmap and NetScan Tools Pro to extract this information.
Commands such as rusers, rwho, and finger can obtain this information.
The last step is to document all the findings obtained during the enumeration pen testing.
Analyze the results and suggest countermeasures for the client to improve their security.
Pen testers use their system hacking knowledge to assess the security of target systems. As a
pen tester, you should evaluate the security posture of your target system, by trying to break its
security through simulating various attacks in the same way an outside attacker would do.
There are certain steps you need to follow to conduct a system penetration test. This section
will teach you how to conduct a system hacking pen test, with the help of knowledge gained
Penetration testers should follow the strategies of an attacker to test the network or system
efficiently against malware. A penetration tester performs a wide range of available and
Conducting a security assessment to identify vulnerabilities can protect a network from sniffing
attacks. This section describes the pen testing process that simulates sniffing attacks. It involves
series of steps during which the pen tester uses different techniques and tools to sniff the target
network.
You have learned how the attacker sniffs the conversation in a target network to gain confidential
information. This section describes how to test a ta rget network for sniffing attacks. A pen tester
should simulate the actions of an attacker performing a sniffing attack to check the target
network for sniffing. Pen testing will determine whether the network is vulnerable to any type of
Implement security mechanism such as SSL and VPN to secure the network traffic
A pen test simulates sniffing attacks that an attacker might carry out. A pen tester should try all
possible ways of sniffing the network. This ensures the full scope pen test, which will reveal the maximum
possible vulnerabilities in the network.
Follow specific pen testing steps to perform the test successfully. Let us begin with the sniffing
Flood the switch with many Ethernet frames, each containing different source MAC
addresses. Check whether the switch enters into the fail-open mode, in which the switch
broadcasts data to all ports rather than just to the port intended to receive the data. If
this happens, the attackers have the ability to sniff network traffic. You can use tools such
Broadcast the DHCP requests with spoofed MAC addresses. At a certain point, this may
exhaust the DHCP server' address space available for a period. If this happens, the
attackers will have the chance to sniff network traffic or DHCP requests of clients by
building a rogue DHCP server. Test for DHCP starvation attacks by using tools such as
Perform rogue server attacks by running a rogue DHCP server in the network and
Try to compromise the ARP table and change the MAC address so that the IP address
points to another machine. If this is successful, the attackers can also do the same thing
and steal information by changing the MAC address to their own system. To perform ARP
Try to spoof the MAC address on the network card, Try to change the factory-assigned
MAC address of a networked device, If this succeeds, an attacker can bypass the access
the network allows this kind of attack, then attackers can also break into the network and
steal data. To prevent this, use tools such as Technitium MAC Address Changer (T MAC).
router advertisement messages to the host on the subnet, Check whether the router
changes its default router to the malicious route suggested by the advertisement
messages. If the router changes its default path, then it is vulnerable to DOS attacks,
Perform DNS spoofing using techniques such as arpspoof/dnsspoof. The DNS spoofing
attack misdirects the victim to another address that is under the control of the attacker,
The attacker intercepts the DNS request of the victim and sends a response with a spoofed
IP address before the actual response arrives at the victim's system, The spoofed DNS
redirects the victim to the attacker's site, To prevent this kind of attack, maintain proper
Perform cache poisoning by sending a Trojan to the victim's machine that changes proxy
Perform proxy server DNS poisoning to test for sniffing. In this type of attack, the attacker
sets up a proxy server and a rogue DNS as the primary DNS entry in the proxy server
system. The attacker lures the victim to use the attacker's proxy server, If the victim uses
the attacker's proxy server, the attacker can sniff all the traffic between the victim and
After performing all these tests, document all findings and tests conducted. Analyze the
Considering that you are now familiar with all the necessary concepts of social engineering,
we will proceed to penetration testing. Social engineering pen testing is the process of testing
the target's security against social engineering by simulating the actions of an attacker.
This section describes social engineering pen testing and the steps to conduct the test.
The main objective of social engineering pen testing is to test the strength of human factors in a
security chain within the organization. Social engineering pen testing helps to raise the level of
security awareness among employees. The tester should demonstrate extreme care and
professionalism in the social engineering pen test, as it might involve legal issues such as violation
As a pen tester, first you should get proper authorization from the organization administrators
to perform social engineering. Then implement various social engineering techniques to lure
employees into revealing organization's sensitive information. Collect all possible information
and then organize a meeting. Explain to employees the techniques you used to grab information
and how the attackers can use that information against the organization and the penalties for
leaking information. Try to educate and give practical knowledge to employees about social
engineering, because this is the only preventive measure against social engineering.
Users should list and follow the standard steps of social engineering in a systematic manner to
reap maximum benefit. Following steps are used in typical social engineering pen testing:
Step 1: Obtain authorization
First, obtain permission and authorization from the management to conduct the test.
Before commencing the test, you should know the purpose of conducting the test and to
what extent you can test. Thus, the second step in social engineering pen testing is to
define the scope. In this step, gather basic information such as no of departments,
employees that need to be tested, or level of physical intrusion permitted, and so on that
Obtain a list of emails and contact details of predefined targets from the organization. If
the organization provides you the information, then create a script with specific pretexts,
or try to collect emails and contact details of employees in the target organization.
Step 4: Collect emails and contact details of employees in the target organization
If the required information is not provided by the organization, then try to collect email
addresses and contact details of the target organization's human resources on your own
After collecting email addresses and contact details of the target organization's
footprinting through social networking sites, and so on, to collect more information about
Obtain sufficient useful information, then create a script with specific pretexts or else try
again to collect emails and contact details of other employees in the target organization.
Create a script based on the information considering both positive and negative results
of an attempt.
After obtaining email addresses and contact details of employees of the target organization, you
can launch social engineering in three possible ways: by email, by phone, and in person.
Discussed below are the steps to perform social engineering via emails:
As you already have email addresses of the target organization's employees, send emails
asking for personal information such as their user names and passwords by pretending to
department on pretext of an emergency. Your email should look like a genuine one.
If you succeed in luring the target employees, your job is easy. When the victims reply,
document the information obtained, including their names. If you fail to get a response
from some victims, do not worry; there are other ways to mislead them.
Step 8: Send and monitor emails with malicious attachments to target victims
Send emails with malicious attachments that launch spyware or other stealthy
Thereafter, monitor the victims' email using tools such as ReadNotify to check whether
they have opened the attachment. When victims open the attachment, you can extract
the information easily. Document the information extracted along with the victims'
names.
If some victims fail to open the document, then apply other techniques such as phishing
emails.
Step 9: Send phishing emails to target victims
Send a phishing email to target employees, and (only after you obtain explicit permission
to do so) make it appear to be from a bank asking for their sensitive information.
If you receive the target employees' response, document the information extracted along
If there is no response from some victims, then proceed to perform social engineering via
telephonic methods.
To succeed in performing social engineering via phone, one has to engage in polite conversation
in an effort to extract sensitive company information. Be natural, rehearse before making the
call, and have follow-up questions for every question. Record the conversation for reporting
purposes.
Step 10: Call the target, introduce yourself as his or her colleague, and then ask for the
sensitive information.
Step 12: Call a target posing as a technical support administrator. Tell the person that to
maintain a record of all the employees, information about their system and log in time,
etc., you need a few details from employees. This way, you can convince the target to
Step 13: Call a target, introduce yourself as one of the important people in the
organization, and try to extract information.
Step 14: Call a target and offer him or her rewards in lieu for exchange of personal
information.
Step 15: Threaten the target with dire consequences (for example, the company will
Step 16: Use reverse social engineering techniques so that the targets yield personal
information themselves.
The success of any social engineering technique depends on how well a tester can enact the
testing script and on her/his interpersonal skills. There could be countless other social
engineering techniques based on available information and the scope of the test.
Always scrutinize your testing steps for legal issues. To succeed in performing social engineering
in person, you should dress appropriately and always maintain direct eye contact while speaking
with the target employee. Use the mirror technique by mimicking the gestures of the target
person to gain his/her trust. For example, if the target person is smiling, you should respond with
information.
Step 21. Try eavesdropping and shoulder surfing on systems and users.
Step 22: Document all your results and findings in a formal report.
information. SET categorizes attacks such as email, web, and USB according to the attack
vector used to trick humans. The toolkit attacks human weakness, exploiting trust, fear,
DoS/DDoS attacks can cause huge financial losses, reputation damage, and customer attrition,
among other things. This section deals with penetration testing methodology to identify the
DOS attacks can compromise the computers in a network. They can disorganize an
organization's functioning, depending on the nature of the attack. Organizations can lose a
great deal of money while network resources are disabled. DOS attacks come in a variety of
In general, in a DOS attack, the attacker sends illegitimate SYN or ping requests that overwhelm
the capacity of a network, thus leaving the network unable to handle legitimate connection
requests. Services running on the remote machines crash due to the specially crafted packets
that are flooded over the network. In such cases, the network cannot differentiate between
legitimate and illegitimate data traffic. DOS attacks can easily bring down a server. Attackers do
not need to have a great deal of knowledge to conduct them, making it essential to test for DOS
vulnerabilities.
Penetration testers should incorporate DOS attack into penetration testing plans to determine
whether a network server is susceptible to DOS attacks. DOS penetration testing determines a
minimum threshold for DOS attacks on a system, but the tester cannot ensure that the system
is resistant to DOS attacks. The penetration tester floods the target network with traffic,
mimicking hundreds of people repeatedly requesting the service to check the system stability.
Thus, results of penetration test help administrators to determine and adopt suitable network
perimeter security controls such as load balancing, IDS, IPS, and firewalls.
Launching a DOS attack can have a negative impact on the business of an organization.
Therefore, prior to verifying a vulnerability to a DOS attack by actually launching it, the
penetration testing team should check with the client. The result of the attack can lead to a loss
of reputation along with economic losses. A successful DOS attack can disable computers and,
Steps discussed below are the steps involved in the DoS-attack penetration testing process:
Step 1: Define the objective: The first step in any penetration testing process is to
define an objective. This helps you to plan and determine the actions that help you
Step 2: Test for heavy loads on the server: To perform load testing, the penetration
tester should put an artificial load on a server or application to test its stability and
performance. This involves the simulation of a real-time scenario. Test a web server for
load capacity, server-side performance, locks, and other scalability issues, using
Step 3: Check for DOS vulnerable systems: The penetration tester should scan the
network to discover any systems that are vulnerable to DOS attacks, using automated
Step 4: Run a SYN attack on the server: A penetration tester should try to run a SYN
attack on the main server by bombarding or flooding the target with connection request
packets, using tools such as Dirt Jumper DDoS Toolkit, HOIC, and DOS HTTP.
Step 5: Run port flooding attacks on the server: Port flooding sends a large number of
TCP or UDP packets to a particular port, creating a DOS on that port. The primary
purpose of this attack is to make the ports unusable and increase the CPU's usage to
100%. Both TCP and UPD ports are vulnerable to port flooding attacks. Use tools such as
Step 6: Run an email bomber on the email servers: The penetration tester should send
a large number of emails to test the target mail server, using tools such as Mail Bomber.
Step 7: Flood the website forms and guestbook with bogus entries: The penetration
tester should fill the online website forms and guestbook with arbitrary and lengthy
entries, and then submit them to check whether the data server is able to handle the
load.
Step 8: Document all the findings: Finally, document all the findings at each step of the
Penetration Testing
Various hijacking methods exist, using which attackers exploit design flaws inherent in the
TCP/IP protocol suite to hijack a valid session. Therefore, it is a good practice to pen-test
This section deals with a pen-testing method that helps in identifying session hijacking attacks
Session hijacking pen-testing involves the same process as that of the session hijacking attack.
For this, first the pen tester should locate a session, then check for various possibilities to hijack
a session. This may vary, depending on the network and mechanisms used for communication.
As already mentioned, the first step is to locate a target active session through packet
sniffing. After locating a session, check whether the URL uses a session ID; if it does,
then check whether the session is encrypted. If a session ID is not used, then proceed to
step 2.
If you succeed in cracking the session ID encryption, or if the session ID is not encrypted,
A penetration tester needs to examine the organization's network perimeters such as firewalls,
IDS systems to reduce the risks to the network from outside threats. Firewall/lDS penetration
testing helps in evaluating the firewall and IDS for ingress and egress traffic filtering capabilities.
Checking and updating the firewall and IDS rules is an essential component of penetration testing.
Depending upon these rules traffic coming from outside the network is filtered and analyzed
against various threats. A pen-tester can even craft malicious packets to test firewall and IDS
rules which can help in the security assessment. After obtaining the security assessment report,
changes in the firewall and IDS rules can be made to enhance the network security.
To check if the IDS and firewalls enforce organization's network security policies.
To check the firewall/lDS for potential breaches of security that can be exploited.
by them.
rules or not.
Web Server Penetration Testing
This section describes the web servers pen testing performed to test the security posture of a
web server by simulating attacks on it much like an attacker, in order to find vulnerable areas in
the web server environment. Pen testing is a step-by-step process performed by a pen tester
Pen or Usecurity testing" is a methodology in which a pen tester simulates different types of
attacks on an organizations' information system to assess its security. Web server pen testing
tests an organization's web server security. Web server pen testing is used to identify, analyze,
related vulnerabilities, and so on in a web server. The best way to perform penetration testing
is to conduct a series of methodical and repeatable tests, and to work through all of the
different application vulnerabilities. Pen testing tools can automate the process.
Verification of Vulnerabilities
Remediation of Vulnerabilities
To identify make, version, and update levels of web servers; this helps in selecting
methodologies that help them assess the security of their web applications against known
attacks, Organizations hire pen testers to gauge their security by simulating known attacks on
target web applications, This section provides a brief overview of the steps involved in web
Web application pen testing is used to identify, analyze, and report vulnerabilities such as input
validation, buffer overflow, SQL injection, bypassing authentication, code execution, etc. in a
given application. The best way to perform penetration testing is to conduct a series of
methodical and repeatable tests and to work through all of the different application
vulnerabilities.
Identification of ports: Scan the ports to identify the associated running services and
Verification of vulnerabilities: To exploit the vulnerability in order to test and fix the
issue.
A web application penetration test evaluates the security of a web application. The process
detects various security weaknesses, flaws, or vulnerabilities and presents them to the system
owner, along with an assessment of potential impacts and possible solutions. As a pen tester,
you must test web applications for vulnerabilities such as input validation, buffer overflow, SQL
injection, bypassing authentication, code execution, and so on. The best way to penetration
test is to conduct a series of methodical and repeatable tests and to work through all of the
The general steps involved in web-application penetration testing are listed below to give you
You should define the aim of the penetration test before conducting it. This would help
You should gather as much information as possible about your target system or
network.
Most web application attacks occur because of improper configuration. Therefore, you
should conduct configuration management testing. This also helps you to protect
Perform session management testing to check your web application against various
attacks that attacker carries out on session ID such as session hijacking, session fixation,
and so on.
Send a vast amount of requests to the web application until the server is saturated.
Analyze the behavior of application when the server is saturated. In this way, you can
observed in most web applications, which can further lead to major vulnerabilities.
Thus, before a hacker finds those vulnerabilities and exploits your application, you must
Web application security flaws may be present even in the context of business logic,
such as improper error handling. Try to exploit such flaws. Attackers may do something
that a business does not allow, which could in turn lead to great financial losses. Testing
Analyze how a web application authorizes users, then try to find and exploit the
authenticated by the application, you should try to escalate your privileges to access
Web services use HTTP protocol in conjunction with SML, WSDL, SOAP, and UDDI
injection, information disclosure, and so on. You should conduct web services testing to
that they are just as vulnerable as traditional web applications. Testing for AJAX is
challenging, because developers are given full freedom to design the method of client-
server communication.
Once you conduct all the tests mentioned above, document all your findings and the
testing techniques you employed at each step. Analyze the document, explain the
current security posture to the concerned parties, and suggest how they can enhance
their security.
Wireless Pen Testing
Conduct pen tests on the WLAN to determine security loopholes and then repair them. A pen
tester tries to simulate an attack on the security of the target wireless network. This section
describes the steps the pen tester should perform to conduct a pen test on a wireless network.
Wireless Penetration Testing
vulnerabilities. A comprehensive detailed report about the findings along with the suite of
audiences.
assets.
Security Control Auditing: To test and validate the efficiency of wireless security
Data Theft Detection: Find streams of sensitive data by sniffing the traffic