Penetration Testing — Approach and Methodology

Image for post
Image for post

Profiling

Profiling involves gathering as much as information as possible about the target network for discovering the possible ways to
enter into the target organization. This involves determining the target operation systems, web server versions, DNS information,
platforms running, existence of vulnerabilities & exploits for launching the attacks. The information can be gathered using
various techniques such as Whois lookup, enquiring the DNS entries, google searches (using GHDB), social networking sites,
emails, websites, etc.

Discovery involves using the automated tools and manual techniques to identify the live hosts present in the network, determining
the target system’s operating system through banner grabbing, presence of open ports, services running, & versions
of the services, technology information, protocols and its version.
Enumerating an internal network allows the penetration tester to identify the network resources, & shares, users & groupsusers,
groups, routing tables, audit & serviceaudit, service settings, machine names, applications & bannersapplications,
banners and protocols & with its details. The identified information would allow the Penetration tTester to identify system
attack points and perform password attacks to gain unauthorized access to informationsystems.

Scanning

Scanning involves identifying the vulnerabilities present in network services, information systems and perimeter security
controls by enterprise class tools with most updated feeds, and using the best manual scripts. In addition, manual assessments
helps eliminating the false positives reported by the tools and to identify the false negatives.
Scanning will identify network topology & OS vulnerabilities, application & services vulnerabilities, application & services
configuration errors, etc. In the scanning phase, the pPenetration tTester will identify exploits and evaluate attack surface
area.
Discovery & Enumeration

Scanning Scanning involves identifying the vulnerabilities present in network services, information systems and perimeter security controls by enterprise class tools with most updated feeds, and using the best manual scripts. In addition, manual assessments helps eliminating the false positives reported by the tools and to identify the false negatives. Scanning will identify network topology & OS vulnerabilities, application & services vulnerabilities, application & services configuration errors, etc. In the scanning phase, the Penetration Tester will identify exploits and evaluate attack surface area.

Exploitation

This stage uses the information gathered on active ports and services with the related vulnerabilities to safely exploit the services exposed. Attack scenarios for production environment will use a combination of exploit payloads in strict accordance with agreed rules of engagement.It involves research, test exploits and launch payloads against the target environment using Penetration Test frameworks such as meta-sploit.

Reporting All exploitable security vulnerabilities in the target system are recorded with associated CVSS v2 based scores are reported to the client. The identified security vulnerability is thoroughly assessed and reported along with appropriate recommendation or mitigation measures.

thank you

Written by

Blogger | Security Researcher | Digital forensic analyst | Twitter — @mrunal110

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store