Upload File

end-to-end methodology. testing phases reconnaissance mapping discovery exploitation repeat… ...

  • Home
  • Documents
  • End-to-End Methodology. Testing Phases Reconnaissance Mapping Discovery Exploitation Repeat… Report
13
ANATOMY OF A WEB PEN TEST End-to-End Methodology

Upload: daniella-blankenship

Post on 12-Jan-2016

221 views

Category:

Documents


0 download

Report

Tags:

TRANSCRIPT

Page 1: End-to-End Methodology. Testing Phases Reconnaissance Mapping Discovery Exploitation Repeat… Report

ANATOMY OF A WEB PEN TEST

End-to-End Methodology

Page 2: End-to-End Methodology. Testing Phases Reconnaissance Mapping Discovery Exploitation Repeat… Report

Testing Phases

Reconnaissance Mapping Discovery Exploitation Repeat… Report

Page 3: End-to-End Methodology. Testing Phases Reconnaissance Mapping Discovery Exploitation Repeat… Report

Reconnaissance

Whois records Architecture diagrams IPs and Hostnames DNS information Google Searches Social Networks Blogs and Other Web Sites

Page 4: End-to-End Methodology. Testing Phases Reconnaissance Mapping Discovery Exploitation Repeat… Report

Whois[laa@lobo ~]$ whois generalstatics.com[Querying whois.verisign-grs.com]domain: generalstatics.comowner: Neale Pickettorganization: WoozleWorksemail: [email protected]: 2175 35th Stcity: Los Alamosstate: NMpostal-code: 87544country: USphone: +1.5055004666admin-c: CCOM-411473 [email protected]: CCOM-411473 [email protected]: CCOM-411473 [email protected]: ns1.afraid.org

contact-hdl: CCOM-411473person: Neale Pickettorganization: WoozleWorksemail: [email protected]: 2175 35th Stcity: Los Alamosstate: NMpostal-code: 87544country: USphone: +1.5055004666

source: joker.com live whois service

Page 5: End-to-End Methodology. Testing Phases Reconnaissance Mapping Discovery Exploitation Repeat… Report

Architecture Diagram

Page 6: End-to-End Methodology. Testing Phases Reconnaissance Mapping Discovery Exploitation Repeat… Report

Mapping Port scans Version Checking OS Fingerprinting Spidering Pieces/flow of the application

User/admin/public areasLogin screensConfiguration and ManagementSession identifiers

Learning the various components that make up a web application

Page 7: End-to-End Methodology. Testing Phases Reconnaissance Mapping Discovery Exploitation Repeat… Report

Network Scan

Page 8: End-to-End Methodology. Testing Phases Reconnaissance Mapping Discovery Exploitation Repeat… Report

Discovery

Focus is on finding issues User interfaces Information leakage Authentication systems Error messages Some exploitation will happen as part of

this stepDirectory browsing

Page 9: End-to-End Methodology. Testing Phases Reconnaissance Mapping Discovery Exploitation Repeat… Report

Directory Browsing

Page 10: End-to-End Methodology. Testing Phases Reconnaissance Mapping Discovery Exploitation Repeat… Report

Exploitation

Attacking the flaws in an applicationInjectionXSSAuthentication/Authorization bypass

Determine implications of an attackWhat can happen as a result…

What other parts of the application infrastructure are exposed through the attack?

Page 11: End-to-End Methodology. Testing Phases Reconnaissance Mapping Discovery Exploitation Repeat… Report

Repeat…

Some knowledge of the application may be gained that wasn’t found in the Recon, Mapping, or Discovery phases

Jump back into the workflow, utilizing the newly discovered information

Page 12: End-to-End Methodology. Testing Phases Reconnaissance Mapping Discovery Exploitation Repeat… Report

Reporting Documentation for Reporting is collected

during all phases Executive Summary

Appears first, but written lastAudience is management

IntroductionScope, objectives, personnel

MethodologyStep-by-step, including tools usedSufficient detail to allow verification and repeat of

test

Page 13: End-to-End Methodology. Testing Phases Reconnaissance Mapping Discovery Exploitation Repeat… Report

Reporting (2)

FindingsCategorized according to riskInclude recommendations

ConclusionsShort summaryLike Executive Summary, but audience is

technical Appendix

Permission memo, data discovered, tools outputs


RECONNAISSANCE pamphlet.pdfMARINE CORPS RECONNAISSANCE MARINE CORPS RECONNAISSANCE Entry level: ... The Basic Reconnaissance Preparation Workout Guide is one example of a 10

DISCOVERY, RECONNAISSANCE, AND - Weeblylivelylchs.weebly.com/.../exploration-reconnaissance-and-discovery.pdf · DISCOVERY, RECONNAISSANCE, AND EXPANSION . ... Age of Expansion European

Geologic Reconnaissance of Semisopochnoi Island 'Western ... · Geologic Reconnaissance of Semisopochnoi Island ... eluvium, and talus ... GEOLOGIC RECONNAISSANCE OF SEMISOPOCHNOI

Program Executive Officer (Acting)...Integrated Survey Program (ISP) Program Executive Office Special Reconnaissance, Surveillance, and Exploitation UNCLASSIFIED UNCLASSIFIED UNCLASSIFIED

Automatic Heap Layout Manipulation for Exploitation...Takeaways •Heap layout manipulation can be automated, end-to-end •Future work: New types of software, improved discovery and

Reconnaissance and Surveillance Leader Course RECONNAISSANCE AND SURVEILLANCE COMMUNICATIONS RECONNAISSANCE & SURVEILLANCE LEADER COURSE

HACKING UK TRIDENT - Cryptome · reconnaissance, enumeration and vulnerability scanning, weaponization (acquisition and preparation of tools), exploitation (including zero-day exploitation)

Reconnaissance Vocale

Airborne Reconnaissance Information Technical ArchitectureAirborne Reconnaissance Information Technical Architecture DEFENSE AIRBORNE RECONNAISSANCE OFFICE DISTIRIBUTION _STA 'Em'T

Sujet concours Ô Service 2019 Reconnaissance V4...La lutte pour la reconnaissance est consubstantielle au concept de reconnaissance. L'opposé de la reconnaissance pourrait être,

Mode d’emploi...217 Reconnaissance faciale 220 Reconnaissance des iris 225 Reconnaissance des empreintes 228 Samsung Pass 232 Dossier sécurisé

Reconnaissance faciale

Reconnaissance Weaponization Delivery Exploitation Installation … · 2019-03-05 · 5 USE CASE Figure 4 – Suspicious Modules Running on ACER-PC RSA NetWitness Endpoint also provides

Network Reconnaissance

LES NATURES - … · Tests de reconnaissance du déterminant Test de reconnaissance du nom Test de reconnaissance du pronom Test de reconnaissance de la préposition

SPECIAL RECONNAISSANCE, SURVEILLANCE, AND EXPLOITATION ·  · 2017-06-06Program Executive Office Special Reconnaissance, Surveillance, and Exploitation. UNCLASSIFIED UNCLASSIFIED

SAFER-LC D6.10 : Exploitation Plan - Final version...The final version of this Exploitation Plan provide a cumulative overview of the undertaken activities at the end of the project

Reconnaissance Geophysique

Reconnaissance and Surveillance Leaders Course RECONNAISSANCE & SURVEILLANCE LEADERS COURSE RECONNAISSANCE AND SURVEILLANCE COMMUNICATIONS

Reconnaissance Flights

Rome Research Corporation Richard R. Petroski · 2011. 5. 14. · RADC-TR-830-400Jnay91LEVELYZ -t, Final Technical Report January 1981I! RECONNAISSANCE SENSOR 0 SYSTEM EXPLOITATION

WP6 “Dissemination, Standards and Exploitation Konstantinos … · 2020-05-03 · End to End network slicing that include the ground and space segment offering Virtual Satellite

RECONNAISSANCE GEOPHYSICAL SURVEYS VINCENT TOWNSHIP … · 010 2.9546 reconnaissance geophysical surveys

190312 Sergej Epp AI Ready Go submission...Reconnaissance Weaponization and Delivery Exploitation Command and Control Lateral Movement Installation Actions on the Objective Automated

Reconnaissance and Surveillance Leader Course Urban Reconnaissance and Surveillance

Personalized confidence in radiation oncology · exploitation of the system capabilities through data-driven decisions. Indented for • Advanced End-to-End QA • Commissioning of

Reconnaissance Tools

EXPLOITATION PETROLIERE EN MER ET DROIT …...De même, je voudrais témoigner ma grande admiration et ma profonde reconnaissance au Professeur Martin NDENDE qui a été pour moi une

UNOFFICIAL TRANSLATION Decree of 8 May 1986 and ...opportunities.staatsolie.com/...mining-decree-1986.pdfSmall-scale mining: The reconnaissance, exploration and exploitation of mineral

32nd TACTICAL RECONNAISSANCE SQUADRON (PHOTOGRAPHIC) TACTICAL... · 32nd TACTICAL RECONNAISSANCE SQUADRON (PHOTOGRAPHIC) LINEAGE 45th Reconnaissance Squadron (Fighter) constituted,

Reconnaissance éclair

How secure are your PI Systems?: A primer for PI …...15 Pre-Compromise •Reconnaissance •Weaponization •Delivery Compromise •Exploitation •Installation Post-Compromise •Command

La reconnaissance d'écriture - rdorat.free.frrdorat.free.fr/Enseignement/ELN/Seance7/La_reconnaissance_d... · La reconnaissance d’écriture Définition : La reconnaissance de

PENTESTING - Kroll Inc....- Having Domain-Admin-level in the domain you are: - Not having Domain-Admin-level on the current domain: Reconnaissance + Exploitation (and always depending

SATELLITE RECONNAISSANCE