The Business of Penetration Testing - PowerPoint PPT Presentation

About This Presentation
Title:

The Business of Penetration Testing

Description:

The Business of Penetration Testing Jacolon Walker Forums, bb, newsgroup, articles blogs etc Target discovery Usually known as footprinting identifying the ... – PowerPoint PPT presentation

Number of Views:187
Avg rating:3.0/5.0
Slides: 26
Provided by: csiUtdall
Learn more at: https://csi.utdallas.edu
Category:

less

Transcript and Presenter's Notes

Title: The Business of Penetration Testing


1
The Business of Penetration Testing
  • Jacolon Walker

2
Agenda
  • Introduction about me
  • Penetration testing Methodology
  • Pentesting Frameworks
  • Customizing your tool set
  • Engagement Prep
  • Post Engagement
  • Wrapping it all up

3
The about me stuff
  • 6 years in InfoSec
  • My talk not sponsored by employers
  • Write code, exploits, reverse malware for fun and
    sometimes profit
  • Have Certs
  • Placed 2nd in Sans Netwars
  • Disclaimer on ideology

4
Ethical Pentesting Methodology?
  • No such thing if you want to be successful
  • You need to think like a hacker
  • Pentesting methodologies cover all grounds and
    help win assessments
  • Attention to details and organization skills
  • Push the envelope but do not cross the line

5
Penetration Methodology
  • 5 step process
  • Reconnaissance
  • Scanning Enumeration
  • Gaining Access
  • Maintaining Access
  • Covering Tracks

6
Reconnaissance
7
Penetration Methodology Cont.
  • Reconnaissance
  • Gathering information passively
  • Not actively scanning or exploiting anything
  • Harvesting information
  • Bing, google, yahoo, yandex
  • Way back machine (archive)
  • Social media etc

8
Penetration Methodology Cont.
  • Scanning Enumeration
  • Target discovery
  • Enumerating
  • Vulnerability mapping

9
DEMO
  • Maltego
  • Recon-ng
  • Theharvester
  • Nmap

10
OSINT ALL THE DATA
11
Penetration Methodology Cont.
  • Gaining Access
  • Mapped vulns
  • Important to penetrate gaining user and
    escalating privs
  • Try multiple vectors. This is actually a decently
    easy part
  • Web application, wifi, social engineer.
  • Use your research

12
Penetration Methodology Cont.
  • Maintaining Access
  • Keeping account access
  • Privilege escalation
  • Pivoting to own all
  • ET phone home

13
DEMO
  • Metasploit
  • Post scripts

14
Broken? No luck?
15
Penetration Methodology Cont.
  • Covering Tracks
  • Removing tools
  • Backdoors, ET phone homes
  • Clearing logs
  • Windows security, application and system logs
  • Linux /var/log/
  • Remove audit logs carefully!!!!!

16
Penetration Frameworks
  • vulnerabilityassessment.co.uk
  • pentest-standard.org
  • Open Source Security Testing Methodology Manual
    (OSSTMM)
  • Information Systems Security Assessment Framework
    (ISSAF)
  • Open Web Application Security Project (OWASP) Top
    Ten
  • Web Application Security Consortium Threat
    Classification (WASC-TC)

17
Customizing your toolset
  • Kali Linux The new backtrack
  • Use your methodology to help build this
  • Recon, Scanning, Exploitation, Post exploitation
  • Become familiar with those tools
  • Change it up to add more to your collection

18
My toolset
  • A few things in my tool set
  • Recon-ng / Theharvester
  • Burpsuite
  • Nmap / p0f / ncat
  • Nessus / CoreImpact / Acunetix / Saint
  • Arachni / Vega / Metasploit / Websecurify
  • Python Python Python
  • Keepnote / Lair / etherpad / (armitage testing)

19
Toolset Demo
  • Demonstrating some of the tools I use

20
Finally the assessment is over? No
http//nooooooooooooooo.com
21
Pre-engagement Prep
  • You are selling a Service so....
  • Sell something
  • Tools customization
  • Knowing what offers and market rates are
  • Is this assessment for you?
  • Fixed pricing or hourly
  • What does the client want?
  • Can you provide what they want?

22
Engagement Sold!!!
  • Scope of work
  • Understand what the client wants
  • Black, gray, white box testing or red teaming
  • How long assessment will take
  • What to expect from the assessment
  • Client contacts from project manager to network
    admins incase of emergencies
  • Use methodologies that you have created
  • Remember to log everything
  • Secure communication with clients

23
Post Engagement
  • Report writing
  • Any issues occur? Could they have been prevented?
    Can it be fixed?
  • Did you get what you wanted from the engagement?
    Profit?
  • Any new tools added or methodologies?
  • Possible new techniques?
  • Was the customer satisfied?

24
Report Writing
  • It is the last thing the customer sees. Make it
    the best thing they see
  • Customers are paying for quality
  • Different reports for various teams
  • Executive Summary
  • Detailed Summary
  • I could write a whole presentation about this but
    I will not

25
Wrapping it all up
  • Pentesting has numerous components
  • Its not always about hacking its about research
    and business
  • Making sure you are NICHE at what you do. Know
    your target and field
  • Always improve your methods while helping your
    client improve their infrastructure
  • Dont learn to hack, Hack to learn
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "The Business of Penetration Testing" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!