red team

Introduction into the definition Pentest


“A penetration test, occasionally pentest, is a method of evaluating the security of a computer system or network by simulating an attack from a malicious source, known as a Black Hat Hacker, or Cracker. The process involves an active analysis of the system for any potential vulnerabilities that could result from poor or improper system configuration, both known and unknown hardware or software flaws, or operational weaknesses in process or technical countermeasures. This analysis is carried out from the position of a potential attacker and can involve active exploitation of security vulnerabilities. Any security issues that are found will be presented to the system owner, together with an assessment of their impact, and often with a proposal for mitigation or a technical solution. The intent of a penetration test is to determine the feasibility of an attack and the amount of business impact of a successful exploit, if discovered. It is a component of a full security audit.[citation needed] For example, the Payment Card Industry Data Security Standard (PCI DSS), and security and auditing standard, requires both annual and ongoing penetration testing (after systemchanges).” Wikipedia

 

Preperation /Reconnaissance

 

internet search:

Google/Bing/Yahoo/Astalavista

Maltego
theHarvester
BundesAnzeiger
http://www.onstrat.com/osint/
whois
Social Media

123 People

Physical Recon:

Visit the Place eg. As customer
Check the building
Video surveillance

Trip plates
entry systems
security/alarm systems

Meet the Client:

 

Find out what his business is

Find out about the companies hierarchy

Customer relations

Vendor relations

Threat modeling

Asset (resources which can become targets)
Threat
Vulnerability
Attack
Countermeasures
1. Identify the security objectives
2. Get a application overview
3. Decompose the architecture
4. Identify threats
5. Identify vulnerabilities

STRIDE Model:

 

Spoofing Identity

Tampering with Data

Repudiation

Information Disclosure

Denial of Service

Elevation of Privilege

DREAD Model:

 
Damage Potential
Reproducibility
Exploitability
Affected Users
Discoverability