Submit Search
Upload
Penetration Testing Services Technical Description Cyber51
•
1 like
•
724 views
M
martinvoelk
Follow
Penetration Testing Services and Vulnerability Assessment Services.
Read less
Read more
Report
Share
Report
Share
1 of 18
Download Now
Download to read offline
Recommended
Packet sniffing & ARP Poisoning
Packet sniffing & ARP Poisoning
Viren Rao
Network protocols and vulnerabilities
Network protocols and vulnerabilities
G Prachi
gkkSecurity essentials domain 2
gkkSecurity essentials domain 2
Anne Starr
SDN and Named Data Networking Security
SDN and Named Data Networking Security
wolverinetyagi
Nachos Theoretical assigment 3
Nachos Theoretical assigment 3
colli03
Certified Ethical Hacker quick test prep cheat sheet
Certified Ethical Hacker quick test prep cheat sheet
David Sweigert
Hacking Cisco
Hacking Cisco
guestd05b31
Internet census 2012
Internet census 2012
Giuliano Tavaroli
More Related Content
What's hot
Module 5 Sniffers
Module 5 Sniffers
leminhvuong
Unit 3:Enterprise Security
Unit 3:Enterprise Security
prachi67
Firewall - Network Defense in Depth Firewalls
Firewall - Network Defense in Depth Firewalls
phanleson
Vulnerabilities in IP Protocols
Vulnerabilities in IP Protocols
babak danyal
Ceh v5 module 10 session hijacking
Ceh v5 module 10 session hijacking
Vi Tính Hoàng Nam
Barriers to TOR Research at UC Berkeley
Barriers to TOR Research at UC Berkeley
joebeone
IPsec Basics: AH and ESP Explained
IPsec Basics: AH and ESP Explained
Andriy Berestovskyy
Network Forensics: Packet Analysis Using Wireshark
Network Forensics: Packet Analysis Using Wireshark
n|u - The Open Security Community
Ceh v5 module 20 buffer overflow
Ceh v5 module 20 buffer overflow
Vi Tính Hoàng Nam
Module 4 Enumeration
Module 4 Enumeration
leminhvuong
Entropy and denial of service attacks
Entropy and denial of service attacks
chris zlatis
Sniffing via dsniff
Sniffing via dsniff
Kshitij Tayal
Module 2 Foot Printing
Module 2 Foot Printing
leminhvuong
Honeypots - Tracking the Blackhat Community
Honeypots - Tracking the Blackhat Community
amiable_indian
Network sniffers & injection tools
Network sniffers & injection tools
vishalgohel12195
Network Scanning Phases and Supporting Tools
Network Scanning Phases and Supporting Tools
Joseph Bugeja
Password sniffing
Password sniffing
SRIMCA
Ethical hacking Chapter 6 - Port Scanning - Eric Vanderburg
Ethical hacking Chapter 6 - Port Scanning - Eric Vanderburg
Eric Vanderburg
Attacking Automatic Wireless Network Selection
Attacking Automatic Wireless Network Selection
amiable_indian
Prensentation on packet sniffer and injection tool
Prensentation on packet sniffer and injection tool
Issar Kapadia
What's hot
(20)
Module 5 Sniffers
Module 5 Sniffers
Unit 3:Enterprise Security
Unit 3:Enterprise Security
Firewall - Network Defense in Depth Firewalls
Firewall - Network Defense in Depth Firewalls
Vulnerabilities in IP Protocols
Vulnerabilities in IP Protocols
Ceh v5 module 10 session hijacking
Ceh v5 module 10 session hijacking
Barriers to TOR Research at UC Berkeley
Barriers to TOR Research at UC Berkeley
IPsec Basics: AH and ESP Explained
IPsec Basics: AH and ESP Explained
Network Forensics: Packet Analysis Using Wireshark
Network Forensics: Packet Analysis Using Wireshark
Ceh v5 module 20 buffer overflow
Ceh v5 module 20 buffer overflow
Module 4 Enumeration
Module 4 Enumeration
Entropy and denial of service attacks
Entropy and denial of service attacks
Sniffing via dsniff
Sniffing via dsniff
Module 2 Foot Printing
Module 2 Foot Printing
Honeypots - Tracking the Blackhat Community
Honeypots - Tracking the Blackhat Community
Network sniffers & injection tools
Network sniffers & injection tools
Network Scanning Phases and Supporting Tools
Network Scanning Phases and Supporting Tools
Password sniffing
Password sniffing
Ethical hacking Chapter 6 - Port Scanning - Eric Vanderburg
Ethical hacking Chapter 6 - Port Scanning - Eric Vanderburg
Attacking Automatic Wireless Network Selection
Attacking Automatic Wireless Network Selection
Prensentation on packet sniffer and injection tool
Prensentation on packet sniffer and injection tool
Similar to Penetration Testing Services Technical Description Cyber51
An Toan Thong Tin.pptx
An Toan Thong Tin.pptx
VuongPhm
BSIDES-PR Keynote Hunting for Bad Guys
BSIDES-PR Keynote Hunting for Bad Guys
Joff Thyer
Network scan
Network scan
penetration Tester
Practical Malware Analysis Ch 14: Malware-Focused Network Signatures
Practical Malware Analysis Ch 14: Malware-Focused Network Signatures
Sam Bowne
Security tools
Security tools
Greater Noida Institute Of Technology
Ethical Hacking
Ethical Hacking
shahhardik27
Ethical hacking
Ethical hacking
shahhardik27
chapter-4-networking hjgjjgj did hfhhfhj
chapter-4-networking hjgjjgj did hfhhfhj
AmitDeshai
Anonymous Security Scanning and Browsing
Anonymous Security Scanning and Browsing
Abhilash Venkata
Slide Deck – Session 9 – FRSecure CISSP
Slide Deck – Session 9 – FRSecure CISSP
FRSecure
Network traffic analysis with cyber security
Network traffic analysis with cyber security
KAMALI PRIYA P
Network Analysis Mini Project 2.pptx
Network Analysis Mini Project 2.pptx
talkaton
Network Analysis Mini Project 2.pdf
Network Analysis Mini Project 2.pdf
talkaton
Network Penetration Testing
Network Penetration Testing
Mohammed Adam
Cyberscout Presentation
Cyberscout Presentation
Firoze Hussain
CNIT 152: 9 Network Evidence
CNIT 152: 9 Network Evidence
Sam Bowne
CNIT 121: 9 Network Evidence
CNIT 121: 9 Network Evidence
Sam Bowne
CNIT 152: 9 Network Evidence
CNIT 152: 9 Network Evidence
Sam Bowne
Normalizing Empire's Traffic to Evade Anomaly-Based IDS
Normalizing Empire's Traffic to Evade Anomaly-Based IDS
Utku Sen
Why Penetration Testing Services Cyber51
Why Penetration Testing Services Cyber51
martinvoelk
Similar to Penetration Testing Services Technical Description Cyber51
(20)
An Toan Thong Tin.pptx
An Toan Thong Tin.pptx
BSIDES-PR Keynote Hunting for Bad Guys
BSIDES-PR Keynote Hunting for Bad Guys
Network scan
Network scan
Practical Malware Analysis Ch 14: Malware-Focused Network Signatures
Practical Malware Analysis Ch 14: Malware-Focused Network Signatures
Security tools
Security tools
Ethical Hacking
Ethical Hacking
Ethical hacking
Ethical hacking
chapter-4-networking hjgjjgj did hfhhfhj
chapter-4-networking hjgjjgj did hfhhfhj
Anonymous Security Scanning and Browsing
Anonymous Security Scanning and Browsing
Slide Deck – Session 9 – FRSecure CISSP
Slide Deck – Session 9 – FRSecure CISSP
Network traffic analysis with cyber security
Network traffic analysis with cyber security
Network Analysis Mini Project 2.pptx
Network Analysis Mini Project 2.pptx
Network Analysis Mini Project 2.pdf
Network Analysis Mini Project 2.pdf
Network Penetration Testing
Network Penetration Testing
Cyberscout Presentation
Cyberscout Presentation
CNIT 152: 9 Network Evidence
CNIT 152: 9 Network Evidence
CNIT 121: 9 Network Evidence
CNIT 121: 9 Network Evidence
CNIT 152: 9 Network Evidence
CNIT 152: 9 Network Evidence
Normalizing Empire's Traffic to Evade Anomaly-Based IDS
Normalizing Empire's Traffic to Evade Anomaly-Based IDS
Why Penetration Testing Services Cyber51
Why Penetration Testing Services Cyber51
More from martinvoelk
Cyber51 Company Presentation Public
Cyber51 Company Presentation Public
martinvoelk
Consulting Flyer
Consulting Flyer
martinvoelk
VoIp Security Services Technical Description Cyber51
VoIp Security Services Technical Description Cyber51
martinvoelk
Vulnerability Assesment Subscriptions Cyber51
Vulnerability Assesment Subscriptions Cyber51
martinvoelk
Web Application Penetration Test
Web Application Penetration Test
martinvoelk
Why Penetration Tests Are Important Cyber51
Why Penetration Tests Are Important Cyber51
martinvoelk
Ppctrainer Offers
Ppctrainer Offers
martinvoelk
AdWords Training & AdWords Consulting
AdWords Training & AdWords Consulting
martinvoelk
AdWords Training & AdWords Consulting
AdWords Training & AdWords Consulting
martinvoelk
Basic Adwords Course Outline
Basic Adwords Course Outline
martinvoelk
Pronetexpert Cisco Ccde Bootcamp Training Courses
Pronetexpert Cisco Ccde Bootcamp Training Courses
martinvoelk
CCIE Bootcamp Training Courses
CCIE Bootcamp Training Courses
martinvoelk
Servicios de la Seguridad delos Redes
Servicios de la Seguridad delos Redes
martinvoelk
IT Network Security Services
IT Network Security Services
martinvoelk
ProNetExpert Cisco Premier Partner & Cisco Learning Partner Associate
ProNetExpert Cisco Premier Partner & Cisco Learning Partner Associate
martinvoelk
More from martinvoelk
(15)
Cyber51 Company Presentation Public
Cyber51 Company Presentation Public
Consulting Flyer
Consulting Flyer
VoIp Security Services Technical Description Cyber51
VoIp Security Services Technical Description Cyber51
Vulnerability Assesment Subscriptions Cyber51
Vulnerability Assesment Subscriptions Cyber51
Web Application Penetration Test
Web Application Penetration Test
Why Penetration Tests Are Important Cyber51
Why Penetration Tests Are Important Cyber51
Ppctrainer Offers
Ppctrainer Offers
AdWords Training & AdWords Consulting
AdWords Training & AdWords Consulting
AdWords Training & AdWords Consulting
AdWords Training & AdWords Consulting
Basic Adwords Course Outline
Basic Adwords Course Outline
Pronetexpert Cisco Ccde Bootcamp Training Courses
Pronetexpert Cisco Ccde Bootcamp Training Courses
CCIE Bootcamp Training Courses
CCIE Bootcamp Training Courses
Servicios de la Seguridad delos Redes
Servicios de la Seguridad delos Redes
IT Network Security Services
IT Network Security Services
ProNetExpert Cisco Premier Partner & Cisco Learning Partner Associate
ProNetExpert Cisco Premier Partner & Cisco Learning Partner Associate
Penetration Testing Services Technical Description Cyber51
1.
Security Services
Description
2.
Table of Contents NETWORK
PENETRATION TEST ...................................................................................................... 3 WHY? ................................................................................................................................................................. 3 METHODOLOGY ................................................................................................................................................ 3 Footprinting / Network Mapping ............................................................................................................3 Scanning and enumeration.........................................................................................................................4 Vulnerability Analysis....................................................................................................................................7 Exploitation ........................................................................................................................................................8 Reporting.............................................................................................................................................................9 WEB APPLICATION PENETRATION TEST..................................................................................... 9 WHY? ................................................................................................................................................................ 9 METHODOLOGY ...........................................................................................................................................10 Configuration Management Analysis .................................................................................................. 10 Analysis of Authentication ....................................................................................................................... 11 Session Management Analysis ................................................................................................................ 11 Analysis of Authorization ......................................................................................................................... 12 Data Validation Analysis........................................................................................................................... 12 Analysis of Web Services ........................................................................................................................... 13 Reporting.......................................................................................................................................................... 13 APPENDIX A: TYPES OF PENETRATION TESTS……………………………………………………...……….15 Copyright © 2010 - 2012 Cyber 51 Ltd. All Rights Reserved. http://www.cyber51.co.uk | Email: info@cyber51.co.uk
3.
Network Penetration Test Why? Individuals
and businesses enjoy and rely on modern communication methods, collaboration services and benefit from new opportunities the Internet age has created. However, Cyber Crime is on the rise too and has led governments to form complete new authorities to tackle Cyber Warfare and malicious activity. We at Cyber 51 play our part in making the Internet and modern communications a more secure space. Hackers attack both private and corporate systems on a daily basis. The attacker can be stationed anywhere in the world and needs just internet access and the appropriate tools. The threat is real and it happens thousands of times a day. Many attacks take place undetected and result in the theft and destruction of valuable data. The solution: Penetration Tests and Network Security Audits. Cyber 51 will, with the legal permission of the network owner, attack customer systems in the same way as a Hacker. In doing so, Cyber 51 is able to expose security holes in the system. The benefit: The customer is made aware of the Security holes that exist and could be exploited by a hacker with malicious intent to gain unauthorized access to the customer network. In addition, Cyber 51 will prepare a plan of action and, if the customer wishes, implement the closure of these holes. Methodology Footprinting / Network Mapping The process of footprinting is a completely non‐intrusive activity performed in order to get the maximum possible information available about the target organization and its systems using various means, both technical as well as non‐technical. This involves searching the internet, querying various public repositories (whois databases, domain registrars, Usenet groups, mailing lists, etc.). Also, our Security Testing Consultants will look to obtain as much detail as possible of the current topology and network profile. This can consist of information around IP addressing, gathering public domain information about the business, Ping sweeps, port scanning etc. Copyright © 2010 - 2012 Cyber 51 Ltd. All Rights Reserved. http://www.cyber51.co.uk | Email: info@cyber51.co.uk
4.
This information is
then compiled and subsequently analyzed for further areas of investigation. Information Gathering o Expected results • Domain names • Servers names • IP addresses • Network Topology • Information about ISP • Internet presence • Company Profile o Tasks: • Examine and gather information about domain registries. • Find IP addresses Blocks • Names and locations of DNS servers • Use of multiple traces in order to identify systems and devices between. • Identify email addresses related to the company. • Identify newsgroups, Forums and boards where information related to the company is located. • Examine web pages and scripts source codes • Examine email headers Scanning and enumeration The scanning and enumeration phase will comprise of identifying live systems, open / filtered ports found, services running on these ports, Copyright © 2010 - 2012 Cyber 51 Ltd. All Rights Reserved. http://www.cyber51.co.uk | Email: info@cyber51.co.uk
5.
mapping router /
firewall rules, identifying the operating system details, network path discovery, etc. This phase involves a lot of active probing of the target systems. After successfully identifying the open ports, services behind them will be fingerprinted, either manually or by using readily available tools. Then, the penetration tester will confirm the exact name and version of the services running on the target system and the underlying Operating System before including the same in the final report. Services identification on systems o Expected Results • Ports open, closed and filtered • IP addresses of live systems • IP addresses of internal networks • Asset Services • Map the Network • List tunneled and encapsulated protocols discovered • List supported routing protocols • Application type and patch level • Type of operating systems o Tasks • Collection of responses from network • Test TTL / firewalking firewall • Use ICMP and reverse lookup to determine the existence of machines on network • Use TCP fragments with FIN, NULL and XMAS on ports 21, 22,25,80 and 443 of the hosts found on the network • Use TCP SYN on ports 21, 22, 25.80 and 443 of the hosts found on the network. Copyright © 2010 - 2012 Cyber 51 Ltd. All Rights Reserved. http://www.cyber51.co.uk | Email: info@cyber51.co.uk
6.
• Attempt connections
on DNS servers • Use TCP SYN (half open) to list ports that are closed or open filtered all hosts on the network found • Use TCP fragments to ports and services available in the host • Use UDP packets to list all open ports found on the network host • Try to identify the Standard protocols • Try to identify non-standard protocols • Try to identify encrypted protocols • Identify date, time and System Up-Time • Identify the predictability of TCP sequence numbers • Identify the predictability of TCP sequence number ISN Service identification: o Expected Results • Type of services • Application version and type that offers the service o Tasks • Match each open port with its corresponding service • Identify the Server Up-Time and patches applied • Identify the application that provides the service through the use of fingerprinting and banners • Identify the version of the application • Use UDP based services and Trojans attempt to make connections to the services found System Identification: Copyright © 2010 - 2012 Cyber 51 Ltd. All Rights Reserved. http://www.cyber51.co.uk | Email: info@cyber51.co.uk
7.
o Expected Results
• Type of operating system • Patch Level • Type of system • Enumeration System o Tasks • Examine system responses to determine your operating system • Check the prediction of TCP sequence numbers Vulnerability Analysis After successfully identifying the target systems and gathering the required details from the above phases, a penetration tester will try to find any possible vulnerabilities existing in each target system. During this phase a penetration tester will use automated tools to scan the target systems for known vulnerabilities. These tools have their own databases consisting of latest vulnerabilities and their details. During this phase a penetration tester will also test the systems by supplying invalid inputs, random strings, etc., and check for any errors or unintended behaviours in the system output. By doing so there are many possibilities that the penetration tester may come across unidentified vulnerabilities. Penetration tester will not to rely only on automated tools for this activity Vulnerability testing o Expected Results • Type of applications and services listed by vulnerability • Patch Level of systems and applications • List of vulnerabilities that can cause denial of service • List of areas secured by obscurity Copyright © 2010 - 2012 Cyber 51 Ltd. All Rights Reserved. http://www.cyber51.co.uk | Email: info@cyber51.co.uk
8.
o Tasks
• Integrate the most popular scanners, hacking tools and exploits in this test • Measure the goal with these tools • Try to identify vulnerabilities in a system and application type d • Perform redundant testing with at least two of the most popular scanners • Identify the vulnerabilities of the operating system • Identify application vulnerabilities • Check the vulnerabilities found by using exploits Exploitation During this phase a penetration tester will try to find exploits for the various vulnerabilities found in the previous phase. Quite often, successful exploitation of vulnerability might not lead to root (administrative) access. In such a scenario additional steps need to be taken, further analysis is required to access the risk, that particular vulnerability may cause to the target system. Example attack scenarios in this phase include, but aren’t limited to; buffer overflows application or system configuration problems modems routing issues DNS attacks address spoofing share access and exploitation of inherent system trust relationships. Copyright © 2010 - 2012 Cyber 51 Ltd. All Rights Reserved. http://www.cyber51.co.uk | Email: info@cyber51.co.uk
9.
Potential vulnerabilities will
be systematically tested for weakness and overall risk. The strength of captured password files will be tested using password-cracking tools. Individual user account passwords may also be tested using dictionary-based, automated login scripts. In the event that an account is compromised, we will attempt to elevate privileges to that of super user, root, or administrator level. Our Security Consultants will maintain detailed records of all attempts to exploit vulnerabilities and activities conducted during the attack phase. Reporting The last phase in the entire activity is the reporting phase. This phase can occur in parallel to the other three stages or at the end of the Attack stage. The final report will be prepared keeping in mind both Management as well as Technical aspects, detailing all the findings with proper graphs, figures, etc. so as to convey a proper presentation of the vulnerabilities and it’s impact to the business of the target organization. An executive summary, describing in brief, the activities performed, findings, and high-level recommendations will be provided. Also detailed technical descriptions of the vulnerabilities and the recommendations to mitigate them will be documented in this report. All the security holes found and exploited will be accompanied with proper Proof‐of‐Concept by means of screenshots of the successful exploits, or any other such methods. This report will consist in an Executive report containing, without to be limited to: conclusions, recommendations, statistics, and hacking methodology brief, and a Technical Report containing without to be limited to: Information Gathering, Network Information, Analysis and Attack results of accomplished tasks. Web Application Penetration Test Why? Web applications have become increasingly vulnerable to different forms of hacker attacks. According to a Gartner Report, 75% of attacks today occur at the application level. A Forrester survey states that “people are now attacking through applications, because it’s easier Copyright © 2010 - 2012 Cyber 51 Ltd. All Rights Reserved. http://www.cyber51.co.uk | Email: info@cyber51.co.uk
10.
than through the
network layer.” Despite common use of defenses such as firewalls and intrusion detection or prevention systems, hackers can access valuable proprietary and customer data, shutdown websites and servers and defraud businesses, as well as introduce serious legal liability without being stopped or, in many cases, even detected. To counter this problem, Cyber 51 Ltd. offers a comprehensive security risk assessment solution - Web Application Penetration Testing - to identify, analyze and report vulnerabilities in a given application. As part of this service, Cyber 51 Ltd. attempts to identify both inherent and potential security risks that might work as entry points for the hacker. We believe vulnerabilities could be present in a web application due to inadvertent flaws left behind during development, security issues in the underlying environment and misconfigurations in one or more components like database, web server etc. When conducting a Web Application Penetration Testing assignment, Cyber 51 Ltd. adopts a strong technology and process-based approach supported by a well-documented methodology to identify potential security flaws in the application and underlying environment. Adherence to industry standards such as OWASP, customized tests based on technology and business logic, skilled and certified security engineers, risk assessment on the vulnerabilities found, scoring system based on CVSS (Common Vulnerability Scoring System) make us different from the other vendors in this space. Customers would benefit from web application penetration testing on the application as it gives an in-depth analysis of your current security posture, recommendations for reducing exposure to currently identified vulnerabilities are highlighted and it allows the customer to make more informed decisions, enabling management of the company’s exposure to threats. The security assessment report submitted on completion of the engagement provides a detailed and prioritized mitigation plan to help customers in addressing security issues in a phased manner. Methodology Configuration Management Analysis The infrastructure used by the Web application will be evaluated from a security perspective. The tests to be performed are as follows: • TLS and SSL tests. Copyright © 2010 - 2012 Cyber 51 Ltd. All Rights Reserved. http://www.cyber51.co.uk | Email: info@cyber51.co.uk
11.
• Security Testing
over the listener of management system databases. • Testing the configuration of the infrastructure and its relationship with the Web application, vulnerability analysis, analysis of authentication mechanisms and identification of all the ports used by the Web application. • Testing the application settings, search through directories and regular files, comments from developers and the eventual acquisition and operational analysis of logs generated by the application. • Searching for old files, backups, logs of operations and other files used by the Web application. • Search and test management interfaces or web application related infrastructure. • Test various HTTP methods supported and the possibilities of XST (Cross-Site Tracing). Analysis of Authentication We will evaluate the various mechanisms and aspects of the web application authentication. The tests to be performed are as follows: • Credentials management • Enumeration of users and user accounts easily identifiable. • Proof of identification credentials brute force, based on information found or inferred. • Testing the authentication mechanisms looking for evasion • Logouts mechanisms and weaknesses associated with the Internet browser cache. • Strength tests over captchas and test multi-factor authentication. Session Management Analysis We will evaluate the different mechanisms and management aspects of web application sessions. The tests to be performed are as follows: Copyright © 2010 - 2012 Cyber 51 Ltd. All Rights Reserved. http://www.cyber51.co.uk | Email: info@cyber51.co.uk
12.
• Session management
scheme will be tested. • CSRF (Cross-Site Request Forgery). • Test attributes Cookies. • Setting sessions. • Evidence of attributes exposed session and repetition. Analysis of Authorization We will evaluate the various mechanisms and aspects of web application authorization. The tests to be performed are as follows: • Privilege escalation. • "Path Traversal". • Evidence of evasion of clearance mechanisms. • Testing the "business logic" of the Web application, avoiding, altering, or cheating their relationships within the application. Data Validation Analysis We will evaluate the various repositories, access and protection mechanisms related to the validation of data used by the Web application. The tests to be performed are as follows: • Test various XSS (Cross Site Scripting) and "Cross Site Flashing." • SQL Injection tests. • LDAP injection tests. • Evidence of ORM injection. • XML Injection tests. • SSI injection testing. • Testing XPath Injection. • Injection Test IMAP / SMTP. Copyright © 2010 - 2012 Cyber 51 Ltd. All Rights Reserved. http://www.cyber51.co.uk | Email: info@cyber51.co.uk
13.
• Evidence Code
Injection. • Injection Test Operating System Commands. • Evidence of buffer overflow. • Evidence of Splitting / Smuggling of HTTP. • Evidence of evasion of clearance mechanisms. • Evidence of privilege escalation. Analysis of Web Services We will evaluate the web application services related to SOA (Service Oriented Architecture): The tests to be performed are as follows: • Security testing of WSDL. • Evidence of structural Security of XML. • Testing of security at XML content. • Test HTTP GET parameters / REST. • Tests with contaminated SOAP attachments. • Repeat testing of web services. • Testing AJAX Web application vulnerabilities regarding this technology. Reporting The last phase in the entire activity is the reporting phase. This phase can occur in parallel to the other three stages or at the end of the Attack stage. The final report will be prepared keeping in mind both Management as well as Technical aspects, detailing all the findings with proper graphs, figures, etc. so as to convey a proper presentation of the vulnerabilities and it’s impact to the business of the target organization. An executive summary, describing in brief, the activities performed, findings, and high level recommendations will be provided. Also detailed technical descriptions of the vulnerabilities and the recommendations to mitigate them will be documented in this report. Copyright © 2010 - 2012 Cyber 51 Ltd. All Rights Reserved. http://www.cyber51.co.uk | Email: info@cyber51.co.uk
14.
All the security
holes found and exploited will be accompanied with proper Proof‐of‐Concept by means of screenshots of the successful exploits, or any other such methods. This report will consist in an Executive report containing, without to be limited to: conclusions, recommendations, statistics, and hacking methodology brief, and a Technical Report containing without to be limited to: Information Gathering, Network Information, Analysis and Attack results of accomplished tasks. Copyright © 2010 - 2012 Cyber 51 Ltd. All Rights Reserved. http://www.cyber51.co.uk | Email: info@cyber51.co.uk
15.
Penetration Testing Any of
our Penetration Tests can contain one or more modules as listed below. We will tailor any Penetration Test to your individual business needs. Internet Security Assessment Any device with access to the Internet is a potential open door to would-be hackers. We provide vulnerability assessments during which we closely map the network architecture, examine all open ports, hosts and services with access to the Web, and ensures that these network devices are secure. Defensive thinking gathers information such as domain names, IP network ranges, operating system and applications, to identify systems on the network, how they are related, the services that are exposed through open ports (such as http, SMTP, terminal services, etc.). Once open ports and attached services are identified, we determine whether each service has been updated with the most recent patches and identifies other vulnerabilities located within the exposed services. In addition to conducting vulnerability assessments, we perform more rigorous penetration tests in which the information gathered from the assessment is used to attempt to penetrate the network. This more thorough procedure can confirm whether potential vulnerabilities are, in fact, capable of being exploited to expose the network. Following all vulnerability assessments and penetration tests, we use the information we gather to prepare a thorough vulnerability analysis and offers recommendations for strengthening network security. Intranet Security Assessment While outside threats must be guarded against, business must also protect against potential threats from within their own networks. Using many of the same techniques and procedures for Internet Security Testing, we provide Intranet risk assessment and analysis to protect against the potential threat posed by insiders. Depending on the client’s needs, intranet testing can be performed by us under varying degrees of disclosure of network information from the client, for example with or without network accounts. Copyright © 2010 - 2012 Cyber 51 Ltd. All Rights Reserved. http://www.cyber51.co.uk | Email: info@cyber51.co.uk
16.
Dial-in RAS Security
Assessment Dial-in links pose a potential threat to the integrity of the network security system. We examine dial-up connections that allow employees to access the network through public telephone lines or other dial-up connections. Given a range of telephone exchanges that may include modems, we can identify target numbers that allow for remote access. Using these numbers, we attempt to exploit vulnerabilities in the system and gain access to the network. We can also assess risks posed by the exposure of dial-up connections to the public telephone network which might undermine the client’s own internal security architecture. Web Application Assessment This assessment examines what services are being offered on Web- based portals and e-commerce applications to examine potential vulnerabilities with respect to authentication, authorization, data integrity, data confidentiality, and consumer privacy concerns. We can test these applications using either zero-knowledge testing or full- access testing to examine the full range of potential vulnerabilities. We also conduct source code audits to identify any potential vulnerability among the applications and scripts that are accessible through the Web. Wireless Assessment Wireless networks, while highly convenient, present additional security threats since the wireless signals are not limited by the physical boundaries of a traditional network. We evaluate how to prevent wireless communications from being exposed to eavesdropping and access by unauthorized intruders. Additionally, we examine the enterprise infrastructure for unencrypted or standard WEP enabled access points that may be vulnerable in order to ensure the security of the network. Copyright © 2010 - 2012 Cyber 51 Ltd. All Rights Reserved. http://www.cyber51.co.uk | Email: info@cyber51.co.uk
17.
Social Engineering Assessment Social
engineering involves manipulating and/or deceiving company employees and other human resources to gain unauthorized access to a network or to confidential information. We are a premier consulting firm in our ability to identify weak links in the security chain through exploitation of human vulnerabilities. We leverage our unparalleled expertise in this field to expose what is often the weakest link in the information security apparatus: the human element. Once individual or systemic weaknesses are identified, we recommend procedures designed to ensure that employees do not divulge information that could compromise company assets. The social engineering assessment not only uses tactics intended to gain confidential information, but also to induce unsuspecting employees to create vulnerabilities that can subsequently be exploited to gain access to confidential information. Telecommunications Assessment We have unique experience testing vulnerabilities in private bank exchanges that operate company voicemail and messaging systems. Unauthorized access to these systems can allow an intruder to eavesdrop on and manipulate employee voicemail messages, initiate outgoing calls from internal company lines, and access corporate telephone networks and directories. Database Assessment Client lists, credit card records, and other confidential information held in databases must be given particular protection from unauthorized disclosure. We test database integrity to determine whether any vulnerability may compromise this sensitive information. Physical Security Assessment Access to confidential information can often be obtained by simply gaining physical access to company premises. We conducts on-site surveillance to assess physical security and uses social engineering, pass key duplication, and other techniques designed to gain physical entry into secure areas and the network system. Copyright © 2010 - 2012 Cyber 51 Ltd. All Rights Reserved. http://www.cyber51.co.uk | Email: info@cyber51.co.uk
18.
Forensic Analysis In addition
to preventing future attacks, we can conduct forensic analysis to evaluate past security breaches. This analysis examines log reports, compares backups to identify modifications to the network, and investigates the introduction of foreign software tools to help identify intruders, determine the extent to which the network has been compromised, and mitigate potential damages from the intrusion. Intrusion Investigation We can investigate documented intrusion attempts in to your network and situations where data was actually compromised. Through investigation, you can find the source of the attack, the techniques used, and how to correct these flaws. While it is always best to stop attacks before they happen, it is important to investigate any possible compromise of your intellectual property. Copyright © 2010 - 2012 Cyber 51 Ltd. All Rights Reserved. http://www.cyber51.co.uk | Email: info@cyber51.co.uk
Download Now