... Abstract 3 What ia a Penertation Test? 4 1. Cleint Penetraion Test Request 5 1.2 Scope 5 1.3 Intrusive or Non-Intrusive 5 1.4 Compromise or Non Compromise 5 2. Goals and Objectives 6 3. Penertation testing Methodology 2.1 Penetration test plans 2.2 NIST penertation testing documentation 2.3 Web application penertation testing 2.4 E-commerece penertation testing 2.5 Network penetration testing 2.6 Common tools and applications for peneration testing 7 2.7 Black box testing, grey box testing, Black/grey box testing 2.8 Social engineering testing 7 3. Test Plan 15 3.1 Task 3.1 Reporting 3.1 Schedule 3.2 Limitation of Liability 3.3 End of Testing 3.1 Unanswered Questions 10 3.4 Signatures 8 3.1 Authorization Letter 8 4. Conclusion 11 5. Bibiography 11 Acronyms 22 Appendix A – Test Case Procedures 23 Abstract This document is a proposal with a series of activities undertaken to identify and exploit security vulnerabilities. It helps confirm the effectiveness or ineffectiveness of the security measures that have been implemented. This proposal provides an understanding of penetration testing. It discusses the benefits, the strategies and the mythology of conducting penetration testing. The mythology of penetration testing includes three phases: test preparation, test and test analysis. Key Words: Security Testing, Vulnerability...
Words: 1995 - Pages: 8
...Operating Systems Dependency on Penetration Testing Michael S. Self University of Maryland University College-Europe Table of Contents Abstract………………………………………………………………………………..…………..3 History and Purpose of Penetration Testing……………………….......................…..………….4 Techniques and Tools for Performing Penetration Testing………….………….……..…………5 Example of Penetration Test Process………………………………....………...…….………….6 References…………………………………………………………………………………………7 Abstract This report will encompass penetration testing of operating systems. It first explains the evolution of penetration testing, and what purpose it serves. It then describes techniques and tools used to perform the tests. The report will conclude with an example of a penetration test. Operating Systems Dependency on Penetration Testing History and Purpose of Penetration Testing According to Pfleeger & Pfleeger 2011 in their book titled ‘Security in Computing’, penetration testing, or pentesting, is a technique used in computer security which an individual, or team of experts purposely tries to hack a computer system. Penetration started as a grey art that was often practiced in an unstructured and undisciplined manner by reformed or semi-reformed hackers. They used their own techniques and either their ‘home grown’ tools, or borrowed and traded ideas with associates. There was little reproducibility or consistency of results or reporting, and as a result the services were hard to integrate into...
Words: 1151 - Pages: 5
...Author Retains Full Rights This paper is from the SANS Penetration Testing site. Reposting is not permited without express written permission. Interested in learning more? Check out the list of upcoming events offering "Hacker Techniques, Exploits & Incident Handling (SEC504)" at https://pen-testing.sans.org/events/ Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46 A Management Guide to Penetration Testing David A. Shinberg © SANS Institute 2003, © SA NS In sti tu As part of GIAC practical repository. te 20 03 ,A ut ho rr Version 2.1a eta Practical Assignment ins SANS Hacker Techniques, Exploits, and Incident Handling (GCIH) fu ll r igh ts. Author retains full rights. Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46 Abstract Penetration tests are an excellent method for determining the strengths and weaknesses of a network consisting of computers and network devices. However, the process of performing a penetration test is complex, and without care can have disastrous effects on the systems being tested. This paper provides guidance, primarily focused around planning and management, on how to conduct a penetration test comprised of five phases – Preparation, Public Information, Planning, Execution and Analysis and Reporting. However, due to the technical and sometimes sensitive nature of penetration testing only a cursory overview how to compromise a system is provided...
Words: 4111 - Pages: 17
...vital in nature. The need to conduct penetration testing should be an ongoing task for organizations as new technologies emerge. Even with security measures in place hackers continue to find ways around the roadblocks which are put in place to secure our networks. Just this month alone the Federal Bureau of Investigation’s network was compromised as a hacker was able to penetrate the emails of one of the organization’s special agents (Brito, 2012). The FBI has some of the most sophisticated computer security measures in place known to man and if their systems can be hacked I assure you that no one is safe. In order to properly examine a computer network for vulnerabilities a company’s information systems manager needs to determine whether such testing can be completed in house or should be outsourced to a penetration testing contractor. It is my belief that penetration testing is best left to contractors whose sole function is in conducting these types of tests, as they are better equipped with the tools and knowledge needed to get an accurate overview of a business network. However, penetration testing should be completed periodically by a business internal IT staff as they can apply updates to prevent vulnerabilities throughout the year and can assist a third party vendor in getting the best snapshot of a network’s vulnerabilities. Take for instance if IT staff does nothing to conduct any testing when the third party penetration company becomes involved they are going...
Words: 1998 - Pages: 8
...Using penetration testing to enhance your company's security Based on the fundamental principle that prevention is better than cure, penetration testing (pen-testing) is essentially an information assurance activity to determine if information is appropriately secured. Conducted by penetration testers, sometimes referred to as ‘white hats’ or ethical hackers, these tests use the same tools and techniques as the bad guys (‘black hat hackers’), but do so in a controlled manner with the express permission of the target organization. Vulnerability scans versus pen-testing A common area of confusion is the relationship between vulnerability scanning (automated) and pen-testing (expert-driven manual testing). Both involve a proactive and concerted attempt to identify vulnerabilities that could expose the organization to a potential malevolent attack. Vulnerability scanners are great at identifying ‘low-hanging’ vulnerabilities, such as common configuration mistakes or unpatched systems that offer an easy target for attackers. What they are unable to determine is the context or nature of the asset or data at risk. They are also less able than humans to identify unknown-unknowns (things not already on the risk register, or which haven't been theorized by the organization as potential security issues). Good pen-testing teams, however, do this very well. For instance, pen-testers can give countless examples of engagements where an environment was previously scanned only for vulnerabilities...
Words: 1752 - Pages: 8
...Attack & Penetration Plan 1. List the 5 steps of the hacking process. * Reconnaissance * Scanning * Gaining Access * Maintaining Access * Covering Tracks 2. In order to exploit or attack the targeted systems, the first initial step I would do to collect as much information as possible about the targets prior to devising an attack and penetration test plan would be reconnaissance. I would use passive reconnaissance as this pertains to information gathering. 3. The reconnaissance phase can have many different faces, and depending on the goal of the attacker, various tools and applications can be used. Nslookup can be used to look up all the available host on a network through the DNS server. You can get IP address information of hosts on your targeted network. You can also get the information of the purpose of the hosts. Whois lookup is a protocol that can be used to interrogate the servers operated by regional internet registries which holds information about every IP/Domain registered on the internet. You can get information about your target such as; the name of the owner, address of the owner. IP ranges that a certain IP belongs to, contact information like emails and phone numbers, administrators names and server names. You can also just use your targets web site. Sometimes the targets website can reveal way too much information without realizing it, and just by looking at the information they have on there can get you what you need. Social...
Words: 1233 - Pages: 5
...Unit 1 Lab Assessment Questions & Answers 1. List the five steps of the hacking process. -Reconnaissance -Scanning -Gaining Access -Maintaining Access -Covering Tracks 2. To exploit or attack the targeted systems, what can you do as an initial first step to collect as much information as possible about the targets prior to devising an attack and penetration test plan? Collect as much information as possible through analysis. You must have all the needed data you can acquire regarding the system, network and applications. This information will be used to generate an appropriate test plan. Using NMAP can provided you with a good network survey. NMAP can provide you information regarding what Operating Systems are running as well as the type of packets, filters and/or firewalls are installed. Review old test results and reports that have been kept with all issues that have plagued the network, this will show you any previous vulnerabilities and allow you to check if a fix was implemented. 3. What applications and tools can be used to perform this initial reconnaissance and probing step? NMAP is that will allow you to collect OS information as well as packets, filters and firewall information. Nslookup will allow you to map an IP to a specified domain. The Domain Name Server (DNS) will give you information on a specific domain that is used to communicate with the network Whois will allow you to profile the organization, this will provide you with the...
Words: 765 - Pages: 4
...Megan Patterson IS4560 Monday E1 Class Week 1-Penetration Test Plan June 17, 2013 Attack and Penetration Test Plan Megan Patterson IS4560 Childers June 17, 2013 External Penetration testing tests the security surrounding externally connected systems from the Internet, as well as within a corporate network. Controlled tests are used to gain access to Internet resources and ultimately to the DMZ, which is an internal network; by going through and around firewalls from the Internet. External Penetration Testing involves the finding and exploitation of actual known and unknown vulnerabilities from the perspective of an outside attacker. The External Attack and Penetration testing Process is as follows: * Phase 1-Discovery * Analysis * Footprint * Identify * Phase 2-Services * Ping * Map * Scan * Phase 3-Enumeration * Extract * Collect * Intrusive * Phase 4-Application Layer Testing * Manual * Depth * Blind * Phase 5-Exploit * Attack * Penetrate * Compromise The purpose of the External Attack and Penetration testing plan is to outline on what to do for an external penetration test within a corporate network. The goals for this plan if it is successful, is that to go ahead and deploy whatever the tester is testing after documentation has been written, saved, and reviewed by the IT staff. If the plan is not successful, then the tester needs to go through the steps of retesting the application...
Words: 402 - Pages: 2
...application server • Credit card transaction processing occurs • The test will include penetrating past specific security checkpoints. • The test can compromise with written client authorization only. Goals and Objectives John Smith, CEO of E-commerce Sales, has requested that we perform a penetration test on the company’s production e-commerce Web application server and its Cisco network. It is our intention to run various penetration tests at irregular times in order to accurately test security measures that have been put in place. E-commerce Sales will not be aware of any of the penetration measures nor will they be aware of the times that this will be done. Information about the network will be gathered and analyzed for any open network interfaces. Success of the test is determined by determining any potential weaknesses in the network and being able to identify solutions to protect those weaknesses. Failure is determined by the inability to pinpoint any weaknesses in the system or to find weaknesses and not be able to suggest solutions. Tasks During the course of the penetration testing there are several different tasks that we will have to perform. These tasks are listed...
Words: 1705 - Pages: 7
...Explain what you believe to be the most important difference between internal and external penetration tests. Imagine you are the manager of an information security program. Determine which you believe to be the most useful and justify your answer. Internal pen-testing takes a different approach -- one that simulates what an insider attack could accomplish. The target is typically the same as external pen-testing, but the major differentiator is the "attacker" either has some sort of authorized access or is starting from a point within the internal network. Insider attacks have the potential of being much more devastating than an external attack because insiders already have the knowledge of what's important within a network and where it's located, something that external attackers don't usually know from the start. As a manager, I have to keep in mind that, The goal of the pen-test is to access specific servers and crown jewels within the internal network by exploiting externally exposed servers, clients, and people. Whether it's an exploit against a vulnerable Web application or tricking a user into giving you his password over the phone, allowing access to the VPN, the end game is getting from the outside to the inside. An "external" penetration test will examine the various resources available from anyone outside the security perimeter (i.e., the firewall). This testing could include the web/email servers, dial-in, wireless and VPN access. The "internal" penetration test...
Words: 444 - Pages: 2
...2011 Ethical Hacking & Penetration Testing ACC 626: IT Research Paper Emily Chow 20241123 July 1, 2011 I. Introduction Due to the increasing vulnerability to hacking in today’s changing security environment, the protection of an organization’s information security system has become a business imperative . With the access to the Internet by anyone, anywhere and anytime, the Internet’s “ubiquitous presence and global accessibility” can become an organization’s weakness because its security controls can become more easily compromised by internal and external threats. Hence, the purpose of the research paper is to strengthen the awareness of ethical hacking in the Chartered Accountants (CA) profession, also known as penetration testing, by evaluating the effectiveness and efficiency of the information security system. 2 1 II. What is Ethical Hacking/Penetration Testing? Ethical hacking and penetration testing is a preventative measure which consists of a chain of legitimate tools that identify and exploit a company’s security weaknesses . It uses the same or similar techniques of malicious hackers to attack key vulnerabilities in the company’s security system, which then can be mitigated and closed. In other words, penetration testing can be described as not “tapping the door” , but “breaking through the door” . These tests reveal how easy an organization’s security controls can be penetrated, and to obtain access to its confidential and sensitive information asset by hackers...
Words: 11999 - Pages: 48
...Penetration Testing Submitted By: ___________________________ Course: ___________________________ Professor Name: ___________________________ Date: ____________________________ Introduction: Penetration testing also known as pen testing is the act of testing a PC framework, network and Web application to discover vulnerabilities that an aggressor could take advantage.Pen tests could be mechanized with software applications or they can be performed physically. The procedure incorporates gathering data about the objective before the test (observation), recognizing possible points, endeavoring to soften up (either for all intents and purposes or seriously) and reporting back the discoveries. The primary target of penetration testing is to decide security shortcomings. A pen test can likewise be utilized to test an association's security approach consistence, its representatives' security awareness and the association's ability to distinguish and react to security episodes. [1] The penetration test doesn't stop at just revealing vulnerabilities but it also check the following stride to effectively misuse those vulnerabilities with a specific end goal to demonstrate (or negate) true assault vectors against an association's IT resources, information, people and the physical security. An infiltration test takes into consideration different assault vectors to be investigated against the same target. It is basically the mix of data or vulnerabilities over...
Words: 1886 - Pages: 8
...Conducting a Penetration Test on an Organization This document is decided to give readers an outlook on how a penetration test can be successfully done on an organization. A methodology has been drawn out in this document to allow readers to be acquainted with the process that penetration testers go through to conduct a penetration test. Copyright SANS Institute Author Retains Full Rights AD Conducting a Penetration Test on an Organization TABLE OF CONTENTS PAGE Abstract 2 Bibliography ut ho Conclusion rr Limitation of Penetration Testing eta ins The Process and Methodology Planning and Preparation Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46 Information Gathering and Analysis Vulnerability Detection Penetration Attempt Analysis and Reporting Cleaning Up fu ll r igh ts. What is a Penetration Test? 2 3 3 4 6 7 9 9 10 10 11 12 14 Appendix A: Netcraft (www.netcraft.com) results on www.sans.org Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46 Chan Tuck Wai (twchan001) © SA Full name: Chan Tuck Wai GIAC userID: twchan001 Course: Security Essentials Version: First (Original Submission) Conference Location: Malaysia NS In sti DETAILS tu te 20 Appendix B: Penetration Testing Tools 02 ,A Page 1 © SANS Institute 2002, As part of the Information Security Reading Room. Author retains full rights. Conducting a Penetration Test on an Organization ...
Words: 5729 - Pages: 23
...Interested in learning more about security? SANS Institute InfoSec Reading Room This paper is from the SANS Institute Reading Room site. Reposting is not permitted without express written permission. Conducting a Penetration Test on an Organization This document is decided to give readers an outlook on how a penetration test can be successfully done on an organization. A methodology has been drawn out in this document to allow readers to be acquainted with the process that penetration testers go through to conduct a penetration test. AD Copyright SANS Institute Author Retains Full Rights Conducting a Penetration Test on an Organization TABLE OF CONTENTS PAGE 2 What is a Penetration Test? 2 fu ll r igh ts. Abstract eta ins The Process and Methodology Planning and Preparation Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46 Information Gathering and Analysis Vulnerability Detection Penetration Attempt Analysis and Reporting Cleaning Up rr Limitation of Penetration Testing ut ho Conclusion 10 10 Appendix A: Netcraft (www.netcraft.com) results on www.sans.org 12 Appendix B: Penetration Testing Tools 14 tu te 20 ,A 11 02 Bibliography 3 3 4 6 7 9 9 sti DETAILS © SA NS In Full name: Chan Tuck Wai GIAC userID: twchan001 Course: Security Essentials Version: First (Original Submission) Conference Location: Malaysia Key fingerprint...
Words: 5638 - Pages: 23
...| Vulnerability Assessment System Penetration and Analysis Testing | |Memo | Internal Penetration Testing Tool and Purchase | | | | With the recent attack/hack on agency's network town police department authorities came to a decision to conduct a complete assessment on network vulnerabilities. The main goal of this memo is to assess or evaluate the network penetration tools available in the market. Compare the tools. Cost to buy and implement these tools internally. Hire a professional service to evaluate these tools. In this memo we will cover the internal implementation at high level. In the market there are many penetration tools like a. Nmap - Worlds Best Port Scanner b. Nessus - Vulnerability Scanner c. Metasploit - Exploit framework For testing Vulnerabilities I picked the above three mentioned tools which are widely used in many organizations and would be perfect for this scenario. The penetration tools that could be used to conduct a vulnerability analysis are; Nmap and Nessus which provide a number of penetration testing techniques such as port scanning, Credentialed and uncredentialed scans, enumeration, patch...
Words: 1156 - Pages: 5
