The Business of Penetration Testing - PowerPoint PPT Presentation

Loading...

PPT – The Business of Penetration Testing PowerPoint presentation | free to download - id: 5a3e5d-NzQ3M



Loading


The Adobe Flash plugin is needed to view this content

Get the plugin now

View by Category
About This Presentation
Title:

The Business of Penetration Testing

Description:

The Business of Penetration Testing Jacolon Walker Forums, bb, newsgroup, articles blogs etc Target discovery Usually known as footprinting identifying the ... – PowerPoint PPT presentation

Number of Views:91
Avg rating:3.0/5.0
Slides: 26
Provided by: csiUtdall
Learn more at: http://csi.utdallas.edu
Category:

less

Write a Comment
User Comments (0)
Transcript and Presenter's Notes

Title: The Business of Penetration Testing


1
The Business of Penetration Testing
  • Jacolon Walker

2
Agenda
  • Introduction about me
  • Penetration testing Methodology
  • Pentesting Frameworks
  • Customizing your tool set
  • Engagement Prep
  • Post Engagement
  • Wrapping it all up

3
The about me stuff
  • 6 years in InfoSec
  • My talk not sponsored by employers
  • Write code, exploits, reverse malware for fun and
    sometimes profit
  • Have Certs
  • Placed 2nd in Sans Netwars
  • Disclaimer on ideology

4
Ethical Pentesting Methodology?
  • No such thing if you want to be successful
  • You need to think like a hacker
  • Pentesting methodologies cover all grounds and
    help win assessments
  • Attention to details and organization skills
  • Push the envelope but do not cross the line

5
Penetration Methodology
  • 5 step process
  • Reconnaissance
  • Scanning Enumeration
  • Gaining Access
  • Maintaining Access
  • Covering Tracks

6
Reconnaissance
7
Penetration Methodology Cont.
  • Reconnaissance
  • Gathering information passively
  • Not actively scanning or exploiting anything
  • Harvesting information
  • Bing, google, yahoo, yandex
  • Way back machine (archive)
  • Social media etc

8
Penetration Methodology Cont.
  • Scanning Enumeration
  • Target discovery
  • Enumerating
  • Vulnerability mapping

9
DEMO
  • Maltego
  • Recon-ng
  • Theharvester
  • Nmap

10
OSINT ALL THE DATA
11
Penetration Methodology Cont.
  • Gaining Access
  • Mapped vulns
  • Important to penetrate gaining user and
    escalating privs
  • Try multiple vectors. This is actually a decently
    easy part
  • Web application, wifi, social engineer.
  • Use your research

12
Penetration Methodology Cont.
  • Maintaining Access
  • Keeping account access
  • Privilege escalation
  • Pivoting to own all
  • ET phone home

13
DEMO
  • Metasploit
  • Post scripts

14
Broken? No luck?
15
Penetration Methodology Cont.
  • Covering Tracks
  • Removing tools
  • Backdoors, ET phone homes
  • Clearing logs
  • Windows security, application and system logs
  • Linux /var/log/
  • Remove audit logs carefully!!!!!

16
Penetration Frameworks
  • vulnerabilityassessment.co.uk
  • pentest-standard.org
  • Open Source Security Testing Methodology Manual
    (OSSTMM)
  • Information Systems Security Assessment Framework
    (ISSAF)
  • Open Web Application Security Project (OWASP) Top
    Ten
  • Web Application Security Consortium Threat
    Classification (WASC-TC)

17
Customizing your toolset
  • Kali Linux The new backtrack
  • Use your methodology to help build this
  • Recon, Scanning, Exploitation, Post exploitation
  • Become familiar with those tools
  • Change it up to add more to your collection

18
My toolset
  • A few things in my tool set
  • Recon-ng / Theharvester
  • Burpsuite
  • Nmap / p0f / ncat
  • Nessus / CoreImpact / Acunetix / Saint
  • Arachni / Vega / Metasploit / Websecurify
  • Python Python Python
  • Keepnote / Lair / etherpad / (armitage testing)

19
Toolset Demo
  • Demonstrating some of the tools I use

20
Finally the assessment is over? No
http//nooooooooooooooo.com
21
Pre-engagement Prep
  • You are selling a Service so....
  • Sell something
  • Tools customization
  • Knowing what offers and market rates are
  • Is this assessment for you?
  • Fixed pricing or hourly
  • What does the client want?
  • Can you provide what they want?

22
Engagement Sold!!!
  • Scope of work
  • Understand what the client wants
  • Black, gray, white box testing or red teaming
  • How long assessment will take
  • What to expect from the assessment
  • Client contacts from project manager to network
    admins incase of emergencies
  • Use methodologies that you have created
  • Remember to log everything
  • Secure communication with clients

23
Post Engagement
  • Report writing
  • Any issues occur? Could they have been prevented?
    Can it be fixed?
  • Did you get what you wanted from the engagement?
    Profit?
  • Any new tools added or methodologies?
  • Possible new techniques?
  • Was the customer satisfied?

24
Report Writing
  • It is the last thing the customer sees. Make it
    the best thing they see
  • Customers are paying for quality
  • Different reports for various teams
  • Executive Summary
  • Detailed Summary
  • I could write a whole presentation about this but
    I will not

25
Wrapping it all up
  • Pentesting has numerous components
  • Its not always about hacking its about research
    and business
  • Making sure you are NICHE at what you do. Know
    your target and field
  • Always improve your methods while helping your
    client improve their infrastructure
  • Dont learn to hack, Hack to learn
About PowerShow.com