Security testing - Penetration testing

1. Red Team - (internal)

2. pentester - (external)
3. tiger team

Product in evaluation:
EAL (evaluation assurance level, 1 hingga 7) - https://www.mycc.gov.my/ (malaysia,
singapore and india)
- how to test ->via pentest
- functionality test
- EAL7 is the higher and hanya ada di petronas

Security gap -> compliance

- https://www.bnm.gov.my/documents/20124/938039/PD-RMiT-June2023.pdf (Risk
Management in Technology)

ADS streaming
Stegano

dir
notepad test.txt:gajah.txt
*if file JPG notepad SRK.jpg:try.txt

cara nak check document:

dir /R

to kill hardisk - to delete data tapi hardisk boleh guna balik

degausser - to permanenetly delete data hardisk (hardisk takle guna balik)

incident response:
ada 3 fasa
- IRP (incienr response protocol) https://www.incidentresponse.org/
- DRP (Disaster recovery)
- BCP (business resumption)

axa cyber insurance

https://axaxl.com/insurance/product-families/cyber

RISK
- Avoidance
- Mitigation
- Acceptance
- Transfer

= Business impact Analysis (BIA)

= ARO x SLE = ALE
(annual rate of occurance) x (loss , kerugian) = (Annual loss expectency)

SLE, kerugian = AV x EF
SLE, kerugian = asset value x exposure value

RISK
- qualitative (xboleh diukur dengan duit , impact to reputation)
- Quantitative (

IRP
- Malware
- Data Thef
anamoly - suspicious

MRTG and PRTG

https://www.volatilityfoundation.org/ (malware)

strings stuxnet.vmem | grep https://

https://www.kali.org/tools/foremost/ (digunakan untuk data recover dalam linux)

https://crackstation.net/ (for hashing)

https://www.virustotal.com/gui/home/upload (check malware)
https://github.com/topics/malware-samples (malware sample)
http://www.behindthefirewalls.com/2013/12/stuxnet-trojan-memory-forensics-
with_16.html

#.vol -f stuxnet.vmem malfind -p 868 -- dump

https://www.vulnhub.com/
https://www.hackthebox.com/

how to use chatGPT dengan betul

1. role
2. task
3. expectation
4. temp

Detection of Malware
- Backdoor - valid service used illegally
- Trojans - Client (client) & server malicious file - poison ivy
- Rootkits - hiding process
- Ransonware - encrypting files for $
- A.P.T - advanced persistent threat

cmd- log in as admin

#netstat -ant | clip
#netstat -anb | clip
open notepad Cntl+V

Detecting rootkit - datang dalam bentuk driver

- run windows
- type sigverif (file signature verification) - to check all the driver either have
malware or not
- yara signiture - linux

https://eternallybored.org/misc/netcat/ - netcat
https://upx.github.io/ - nak ubah size hash file

echo 0000 >> file.txt

upx
https://secure.eicar.org/eicar.com.txt