End-to-End Methodology. Testing Phases  Reconnaissance  Mapping  Discovery  Exploitation  Repeat…  Report.

Slides:

Advertisements

Similar presentations

Module II Footprinting

Advertisements

Siebel Web Services Siebel Web Services March, From

OWASP Web Vulnerabilities and Auditing

Chapter 2 Gathering Target Information: Reconnaissance, Footprinting, and Social Engineering.

Chapter 2. Slide 1 CULTURAL SUBJECT GATEWAYS CULTURAL SUBJECT GATEWAYS Subject Gateways  Started as links of lists  Continued as Web directories  Culminated.

I NDULGENC E There is no need for oversight or management direction. All staff members are superstars and act in the best interest of the company.

System Security Scanning and Discovery Chapter 14.

Penetration Testing Presented by: Elham Hojati Advisor: Dr. Akbar Namin July 2014.

Footprinting February 16, 2010 MIS 4600 – MBA © Abdou Illia.

It’s always better live. MSDN Events Securing Web Applications Part 1 of 2 Understanding Threats and Attacks.

Hands-On Ethical Hacking and Network Defense Second Edition Chapter 6 Enumeration.

Network Vulnerability Scanning Xiaozhen Xue Dept. of Computer Science Texas Tech University, USA Akbar Siami Namin Dept. of Computer.

“Today over 70% of attacks against a company’s network come at the ‘Application Layer’ not the Network or System layer.” - Gartner Is Your Web Application.

Vulnerability Assessment Course Terms, Methodology, Preparation, Obstacles, and Pitfalls.

Web Application Vulnerabilities Checklist. EC-Council Parameter Checklist  URL request  URL encoding  Query string  Header  Cookie  Form field 

Penetration Testing.

Penetration Testing Edmund Whitehead Rayce West. Introduction - Definition of Penetration Testing - Who needs Penetration Testing? - Penetration Testing.

Mapping The Penetration Tester’s Mind 0 to Root in 60 Min #MappingThePenTestersMind 1.

1 © 2006 Cisco Systems, Inc. All rights reserved. Session Number Presentation_ID Using the Cisco Technical Support & Documentation Website for Security.

W3af LUCA ALEXANDRA ADELA – MISS 1. w3af  Web Application Attack and Audit Framework  Secures web applications by finding and exploiting web application.

1 Infrastructure Hardening. 2 Objectives Why hardening infrastructure is important? Hardening Operating Systems, Network and Applications.

Footprinting Richard Newman “If you know the enemy and know yourself, you need not fear the result of a hundred battles. If you know yourself but not the.

1 Session Number Presentation_ID © 2001, Cisco Systems, Inc. All rights reserved. Using the Cisco TAC Website for IP Routing Issues Cisco TAC Web Seminar.

Information Systems Security Computer System Life Cycle Security.

A Security Review Process for Existing Software Applications

Honeypot and Intrusion Detection System

CSE 4481 Computer Security Lab Mark Shtern. INTRODUCTION.

Attack Lifecycle Many attacks against information systems follow a standard lifecycle: –Stage 1: Info. gathering (reconnaissance) –Stage 2: Penetration.

CIS 450 – Network Security Chapter 3 – Information Gathering.

International Telecommunication Union Geneva, 9(pm)-10 February 2009 ITU-T Security Standardization on Mobile Web Services Lee, Jae Seung Special Fellow,

Penetration Testing Report Chao-Hsien Chu, Ph.D. College of Information Sciences and Technology The Pennsylvania State University University Park, PA

GEOREMINDERS ANDROID APPLICATION BY: ADRIENNE KECK.

Hour 7 The Application Layer 1. What Is the Application Layer? The Application layer is the top layer in TCP/IP's protocol suite Some of the components.

Current and Future Applications of the Generic Statistical Business Process Model at Statistics Canada Laurie Reedman and Claude Julien May 5, 2010.

Network Assessment How intrusion techniques contribute to system/network security Network and system monitoring System mapping Ports, OS, applications.

CSE 4481 Computer Security Lab Mark Shtern. INTRODUCTION.

Engineering Essential Characteristics Security Engineering Process Overview.

Training and Dissemination Enabling Grids for E-sciencE Jinny Chien, ASGC 1 Training and Dissemination Jinny Chien Academia Sinica Grid.

Assessing a Target System Source: Chapter 3 Computer Security Fundamentals Chuck Easttom Prentice Hall, 2006.

Web Applications Testing By Jamie Rougvie Supported by.

1 The current lesson plans provided for in Webgoatv2 include Http Basics How to Perform Database Cross Site Scripting (XSS) How to Spoof an Authentication.

1 Session Number Presentation_ID © 2002, Cisco Systems, Inc. All rights reserved. Using the Cisco TAC Website for Security and Virtual Private Network.

Lesson 11: Configuring and Maintaining Network Security

Vulnerability Scanning Vulnerability scanners are automated tools that scan hosts and networks for known vulnerabilities and weaknesses Credentialed vs.

Web Security Group 5 Adam Swett Brian Marco. Why Web Security? Web sites and web applications constantly growing Complex business applications are now.

Cole David Ronnie Julio. Introduction Globus is A community of users and developers who collaborate on the use and development of open source software,

Web Portals Gateway To Information Or A Hole In Our Perimeter Defenses sm sm Deral Heiland – Layered Defense Research.

Retina Network Security Scanner

Esri UC 2014 | Technical Workshop | What is new in ArcGIS 10.2.x for Server Ismael Chivite, Greg Tieman.

17 Establishing Dial-up Connection to the Internet Using Windows 9x 1.Install and configure the modem 2.Configure Dial-Up Adapter 3.Configure Dial-Up Networking.

Network Reconnaissance CS490 - Security in Computing Copyright © 2005 by Scott Orr and the Trustees of Indiana University.

Mark Shtern.  Our life depends on computer systems  Traffic control  Banking  Medical equipment  Internet  Social networks  Growing number of.

Directory Services CS5493/7493. Directory Services Directory services represent a technological breakthrough by integrating into a single management tool:

SwCDR (Peer) Review 1 UCB MAVEN Particles and Fields Flight Software Critical Design Review Peter R. Harvey.

Integrating the Healthcare Enterprise Title of Presentation Name of Presenter IHE affiliation.

Kali Linux BY BLAZE STERLING. Roadmap  What is Kali Linux  Installing Kali Linux  Included Tools  In depth included tools  Conclusion.

Penetration Testing By Blaze Sterling. Roadmap What is Penetration Testing How is it done? Penetration Testing Tools Kali Linux In depth included tools.

 Terms:  “Security”: is a system’s ability to provide services while maintaining the five IA pillars  “Attack”: an action that violates one of the.

Modern information gathering Dave van Stein 9 april 2009.

Vulnerability Analysis Dr. X. Computer system Design Implementation Maintenance Operation.

Risk Assessments in Many Flavors George J. Dolicker, CISA, CISSP.

Department of Computer Science Introduction to Information Security Chapter 7 Activity Security Assessment Semester 1.

Web Application Hacker’s Toolkit

INDULGENCE There is no need for oversight or management direction. All staff members are superstars and act in the best interest of the company.

Security Testing Methods

Penetration Testing Karen Miller.

Footprinting (definition 1)

Web Penetration Testing and Ethical Hacking Capture the Flag

FootPrinting CS391.

SunGard Reconnaissance

Presentation transcript:

End-to-End Methodology

Testing Phases  Reconnaissance  Mapping  Discovery  Exploitation  Repeat…  Report

Reconnaissance  Whois records  Architecture diagrams  IPs and Hostnames  DNS information  Google Searches  Social Networks  Blogs and Other Web Sites

Whois ~]$ whois generalstatics.com [Querying whois.verisign-grs.com] domain: generalstatics.com owner: Neale Pickett organization: WoozleWorks address: th St city: Los Alamos state: NM postal-code: country: US phone: admin-c: CCOM tech-c: CCOM billing-c: CCOM nserver: ns1.afraid.org contact-hdl: CCOM person: Neale Pickett organization: WoozleWorks address: th St city: Los Alamos state: NM postal-code: country: US phone: source: joker.com live whois service

Architecture Diagram

Mapping  Port scans  Version Checking  OS Fingerprinting  Spidering  Pieces/flow of the application User/admin/public areas Login screens Configuration and Management Session identifiers  Learning the various components that make up a web application

Network Scan

Discovery  Focus is on finding issues  User interfaces  Information leakage  Authentication systems  Error messages  Some exploitation will happen as part of this step Directory browsing

Directory Browsing

Exploitation  Attacking the flaws in an application Injection XSS Authentication/Authorization bypass  Determine implications of an attack What can happen as a result…  What other parts of the application infrastructure are exposed through the attack?

Repeat…  Some knowledge of the application may be gained that wasn’t found in the Recon, Mapping, or Discovery phases  Jump back into the workflow, utilizing the newly discovered information

Reporting  Documentation for Reporting is collected during all phases  Executive Summary Appears first, but written last Audience is management  Introduction Scope, objectives, personnel  Methodology Step-by-step, including tools used Sufficient detail to allow verification and repeat of test

Reporting (2)  Findings Categorized according to risk Include recommendations  Conclusions Short summary Like Executive Summary, but audience is technical  Appendix Permission memo, data discovered, tools outputs