- iSec TRAINING
- CONTACT US
1.Retrieve the banners of network services and identify types and versions of software installed on the target Browse sites in their entirety in order to identify the different pages that are accessible directly (using the links on the main page) and indirectly
2.Using tools for enumeration of resources to identify the service provider or hidden but accessible resources that may contain relevant information in the context of the audit. Identify management and administration services
3.Use the Internet or internal SEO services such as search engines to identify all relevant information in the context of the audit (old resources or site structures, discussions on setting up the service in technical forums, configuration information, or user accounts stored on collaborative services such as shared calendars
The objective of this activity is to identify security loopholes in different components of the network. With the profile of the target network, the security posture of the network segment (as a whole) is evaluated by passively and actively testing all the connection points of the network hosts on that network, and by identifying potential vulnerabilities exposed by these targets.
Broken Access Control: Access control enforces policy such that users cannot act outside of their intended permissions. Failures typically lead to unauthorized information disclosure, modification, or destruction of all data or performing a business function outside the user's limits.
Cryptographic Failures: Determine the protection needs of data in transit and at rest. For example, passwords, credit card numbers, health records, personal information, and business secrets require extra protection, mainly if that data falls under privacy laws, e.g., EU's General Data Protection Regulation (GDPR), or regulations, e.g., financial data protection such as PCI Data Security Standard (PCI DSS).
Injection: Automated testing of all parameters, headers, URL, cookies, JSON, SOAP, and XML data inputs to hostile data. Some of the more common injections are SQL, NoSQL, OS command, Object Relational Mapping (ORM), LDAP, and Expression Language (EL) or Object Graph Navigation Library (OGNL) injection.
Insecure Design: Insecure design is a broad category representing different weaknesses, expressed as “missing or ineffective control design.” Insecure design is not the source for all other Top 10 risk categories.
Security Misconfiguration: The application might be vulnerable if the application is Missing appropriate security hardening across any part of the application Unnecessary features are enabled or installed Default accounts and their passwords are still enabled, etc.
Vulnerable and Outdated Components: You are likely vulnerable if you do not know the versions of all components you use. If the software is vulnerable, unsupported, or out of date. This includes the OS, web/application server, database management system (DBMS), applications, APIs and all components, runtime environments, and libraries.
Identification and Authentication Failures: Confirmation of the user's identity, authentication, and session management is critical to protect against authentication-related attacks. There may be authentication weaknesses if the application permits automated attacks such as credential stuffing, where the attacker has a list of valid usernames and passwords.
In this step, vulnerabilities/security observations from the previous phase are analyzed and/or exploited. The detected vulnerabilities are exploited and infiltration attempts to the internal systems are carried out after getting proper approval from the Client’s trusted agent.
Tasks The objective of this activity is to exploit the identified vulnerability. the vulnerabilities are found to be exploitable, this information is communicated to the Client’s trusted agent and an approval to exploit is obtained from the Client.
After cross-referencing and verifying vulnerabilities identified against databases of known vulnerabilities, these vulnerabilities are actively tested further to provide aggregation launch points. A series of sophisticated tests then follows, where the team leverages extensive experience and attack profiles, test scripts, and exploit programs to attempt to compromise the security of the target environment.
● Analyze the vulnerabilities in order to identify the exploitation and infiltration steps that can be performed.
● Communicate the exploitation activity with the trusted agent and obtain the confirmation before performing the actual exploitation steps on the target environment.
● Perform exploitation steps.
● Analyze the exploited vulnerabilities in order to identify the scope of infiltration.
● Record steps and results in Exploitation Details.
The objective of this step is to create a detailed technical report and management executive summary detailing the activities performed and the security vulnerabilities and observations identified on the target operating system environment. The reports are prepared based on the format agreed upon by iSec SBA and the Client. The final report will mainly include the following:
iSec's penetration testers can evaluate your security and provide ideas to strengthen it by putting the security of your wireless to the test. Vulnerabilities can be addressed, new technology or architecture deployed, and new security rules implemented.