Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Physical Security Penetration Testing
- -------------------------------------
- After virtual security auditings major coprorations may not deploy a huge amount and resources to ensure the physical environment is secure. Hence auditing physical security again can be a bigger player for these organisations.
- Major Organisations which need physical Security.
- --------------------------------------------------
- - Nuclear Power Plants
- - Space Stations
- - Hydrogen Experimental sites
- - Data Control Centers
- etc etc etc...
- Physical Security Check list Areas
- ----------------------------------
- 1. Organisation Surroundings
- 2. Ensure the people in the organisation following the physical security rules.
- - They must use icards for the authentication
- - There must be a log manager of all the in-out activities
- - There should be a physical resource person(team) who is monitoring 24*7 the in-out operational work by the employees.
- - Reason for the visit should be validated.
- Check list for entering the server room.
- -> Name of the vistor
- -> Company of the visitor
- -> Company icard scanned copy.
- -> Adhar Card/dl etc
- -> Name of Person who is bringing the visitor
- -> Company he belongs to
- -> ICard number
- -> Devices they are carrying
- -> Hand over your phone in switched off mode to the gatekeeper
- -> Locker Keys will be given back to you
- Within the working space physical security checklist
- - Clean Desk policy
- - After meeting and after all the chats and plans making, before you leave the office discussion room you have to clear the white board or glass on which you have wrote anything about the task to be executed.
- - You have to shredder any document before throwing it in dustbin.
- Dumpster Diving : Process in which where hacker sneak into the grabage of any home or organisations and look for something important.
- - Make sure people in organisation not write any kind of information on sticky notes and on their desk with marker or pen.
- Serious Security Checklist
- --------------------------
- 1. There must be fire extinguisher in all the rooms and places in the organisation.
- 2. There must an AMC with the fire departmnet company.
- 3. There must be biometric authentication on server room.
- 4. There must be cameras inside the server room.
- 5. Electricity room and generater room should be at seprate locations.
- ISO 27001 : Physical Security Control List
- Watch here Red Team Breach: https://www.youtube.com/watch?v=pL9q2lOZ1Fw
- Database Penetration Testing
- ----------------------------
- Oracle
- MS-SQL MYSQL : 5.0.45 Communicaty Edition
- My-SQL : 3306
- Step 1: Scan the system with nmap and identify the database port and its version.
- nmap -A Traget IP
- Step 2: Scanning Version : mysql_version
- Step 3: info
- Step 4: Set RHOSTS <IP address>
- Step 5: run
- Step 6: use auxiliary/scanner/mysql/mysql_login
- Step 7: set USER_FILE root/Desktop/usernames.lst
- Step 8: set PASS_FILE root/Desktop/passwords.lst
- Step 9: run
- VOIP Pentesting : Voice Over Internet Protocol.
- ITs a process in which we try to sniff the voice packets and conversations with in the organisation in which certain VOIP devices are being used for internal communication.
- Aviya : The most trusted brand in VOIP communication.
- Put call through VOIP --> Target
- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
- Attacker : Intercept via Cain n Abel having SIP intercept facility.
- Demo : Tools required : Cain and Abel
- VPN Pentesting
- ---------------
- Is to encrypt the packets coming out from devices.
- =x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x=x
- Introduction to Penetration Testing
- -----------------------------------
- Its a post info gathering phase in which we exploit the vulnerabilities discovered in the VA phase.
- WEB PT
- NETWORK PT
- MOBILE PT - Mobile SF Framework .apk .ipa
- Documentation : Digital Security Report
- Ethics of Penetration Tester
- ----------------------------
- 1. Nothing out of the box in scope
- 2. You are a hacker not a hero
- 3. Documentation is for developers not for CEO so make sense.
- 4. Read the code of conduct and make sure you will not anything which beyond our scope.
- Penetration Testing Methodlogies
- --------------------------------
- 1. Web Based Pen Testing : Scope + Info Gather + Exploit + Report of remedations +
- Applying the patch through company team.
- 2. Network and Mobile
- 3. Process or Governence : Read the polcies,contracts,vendor agreements and so on + Find Loopholes in clauses + Report and Identify to high level management+ draft new polciy.
- iso 27001 Complaince : Read
- Scope Analysis
- ---------------
- Step 1: Query for VAPT
- Step 2: Scoping document WEB/NETWORK/MOBILE
- Step 3: Response Meeting
- Step 4: Proposal with Price and MAN per day cost
- Step 5: Acceptance and Date to start the project.
- Customer and Legal Agreements
- -----------------------------
- -> Code of Conduct Signing
- -> NDA - non disclosure Agreement
- -> MOU - Momerendum Of Understanding
- Pen Testing Planning and Scheduling
- -----------------------------------
- Teams
- VA : Web , Network , Mobile , Complaince
- PT : Web , Network , Mobile , Complaince
- Date Start : 21st Jan 2016 of Jan 26th Jan 2016
- Total Number of Days : 6 Man Days
- Green Zone : 2 3 Weeks 2 day : Sat Sunday
- Night Shift : 8.00PM -> Monday 3AM Close 422 Servers
- Sr. Resource : RM RM--> Single point of contact for the client.
- Pre Pen Testing Checklist
- -------------------------
- 1. License Requirements ????
- 2. List of tools to be used in the testing
- 3. Team Listing and Tracking
- Types of Pen Testing
- -> Internal : Network Pentesting and Internal Application Layer Pentesting
- inside which we try to audit and test all network assests of the organisation
- along with all in house web applications which runs on the network communication.
- -> External : Web Application Testing + Pen testing through a company VPN.
- -> White Box : Scope is clear, what os is running on each machines, open port details,
- service pack details , kernal details, critical or non critical details,
- version of services details and so on, application source code visibility etc etc.
- -> Grey Box : List of IP addresses in terms of network PT and Host name details thats all. In web subdomain names and thats all.
- -> Black Box : Webiste www.target.com IP List in scope.
- ¬People Part : https://www.youtube.com/watch?v=knc6Iq-hNcw
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement