Penetration Testing Company NYC



What Is A Penetration Test?

Penetration testing AKA pen-testing or pen test is a process where a tester looks for exploitable vulnerabilities from within an IT infrastructure that may allow the tester to subvert, modify and extract information.

Attacker’s objective is to identify entry points accessing your data; these entry points can have vulnerabilities in one or more systems that may include Operation System, Firewalls, Web servers, web applications, services and other devices.

External Penetration Testing will simulate an attacker targeting Internet facing systems that are connected to internal resources such as database extracting data or installing back-doors for a later use, in most cases that attacker would do both (see diagram). This penetration testing will include three main ways into a given system: (1) open services on servers. (2) Network devices such as routers, and Firewalls. (3) Find weakness within Web Application retrieving sensitive information by using code injections and other methods. Within each method we search for human-errors in the design and/or implementation, and/or user miss-configurations that can pose potential weaknesses. These weaknesses can be later exploited to deface website, upload files, obtaining access to user’s mailbox and obtaining administrative rights.

Internal Penetration Testing will simulate an attacker that has a foot hold in the internal perimeter (see diagram). This penetration testing will include three main ways into a given system: (1) open services on servers and workstations. (2) Find and locate systems defaults, security updates and etc. (3) Find databases that may have sensitive information due to vulnerabilities, updates, miss-configuration targeting internal resources such as servers, workstation, storage devices and other devices gaining unauthorized access to said systems.

 

Penetration Testing

Penetration Methods

There are three methods to perform above penetrations: Automated, manual and hybrid.

Automated: Using set of tools that can simulate different types of attacks, this type has three major advantages: (1) it’s fast (2) lower costs (3) will get the low hanging fruits. There is one major disadvantage: cannot “see” unexpected systems behavioral by using “fuzzing” techniques that can later be used to create other types of attacks such as buffer overflow & other types of code injections.

Manual: In this case using tools that are configured & written every time differently, so testing is done deeply, this method has one major advantage: getting more weakness that an attacker may find and exploit. There is one major disadvantage: takes longer time with higher costs.

Hybrid: This method takes the best from both methods; getting the low hanging fruits faster plus other hidden attack vectors using the manual method at reasonable cost.

The Application Level

Attacker will leverage the application level trying to gain unauthorized access to data from both Internal & External pathways. In this case the consultant will start with network tests and will continue testing the application level using the hybrid method. Next the consultant will check the application trying to find entry points in one or more:

    • Network Analysis
      1. Foot printing
      2. Publicly available information
      3. WHOIS & DNS enumeration
      4. DNS Interrogation
      5. Network Reconnaissance
      6. Scanning
      7. Search for listening services and ports
      8. Detect Operation System
      9. Enumeration
      10. Banner Grabbing
      11. Enumerate for Common Network Services
      12. Web Server Vulnerabilities
      13. Test for default credentials
      14. Test for default content
      15. Test for Web Server Software Bugs
      16. HTTP Methods

 

  • Web Application Analysis
    1. Core Defense Mechanisms
    2. Web Application Technologies
    3. Mapping the Application
    4. Bypassing Client-Side Controls
    5. Attacking Authentication
    6. Attacking Session Management
    7. Attacking Access Controls
    8. Attacking Data Stores
    9. Attacking Back-End Components
    10. Attacking Users: XSS
    11. Attacking Users: Other Techniques
    12. Attacking Application Logic
    13. Exploiting Information Disclosure
    14. Attacking Application Architecture
    15. Attacking the Application Server
    16. Code Injection
      1. SQL Injections
      2. Fuzzing: Server and Application
      3. Format Strings
      4. Buffer Overflow
      5. Buffer Overrun

Deliverable

The final report will include detailed information on security risk, vulnerabilities, and the necessary countermeasures and recommended corrective actions.

The final report will consist of the following sections:

  1. Introduction – including the scope and methodology used for this pen-testing.
  2. Executive Summary – appropriate for senior management to review and understand the current level of risk.
  3. Findings and Recommendations – providing sufficient technical details for the IT team to understand and correct the issues.

 

Resources

Penetration Testing Audit - Case Study

Penetration Testing Audit – Case Study

External Network & Web Application Assessment Demo

External Network & Web Application Assessment Demo

 

"Ounce of preventive is worth a pound of cure."

Call An Expert 646-755-3933

Name (required)

Email (required)

Phone

Your Message

Our Clients Love Us

Douglas Haddad AFN

Accurate, Safe & Secure
It is the smallest things that can do the most damage. In the realm of security there is no greater asset than someone who can protect you from the things you didn’t even know existed. 2Secure Corp does an amazing job at keeping our operations safe and secure, at a price that works for us. Whenever we had any emergency it was dealt with the immediacy we have grown to expect and the solutions provided were both accurate and cost effective for our organization.

Advanced Funds Network LLC
Douglas A. Haddad
Managing Partner