Upload File

penetration testing

9
PENETRATION TESTING From: Sumtrix (A Cyber Security Consultancy) By: Mayank Singh

Upload: mayank-singh

Post on 06-Aug-2015

407 views

Category:

Documents


7 download

Report

Tags:

TRANSCRIPT

Page 1: Penetration Testing

PENETRATION TESTING

From: Sumtrix (A Cyber Security Consultancy)

By: Mayank Singh

Page 2: Penetration Testing

WWW.SUMTRIX.COM Email:[email protected]

About PENETRATION TESTING

▪ A Penetration Testing, also known as a Pen Test is a legal attempt at gaining access to your protected computer systems or networks, often conducted by a third party organization. The purpose of the test is to identify security vulnerabilities and then attempt to successfully exploit them in order to gain some form of access to the network or computer system.

▪ Two of the more common types of penetration tests are black box and white box penetration testing. 

In a black box test, no prior knowledge of the corporate system is given to the third party tester. This is often the most preferred test as it is an accurate simulation of how an outsider/hacker would see the network and attempt to break into it. 

A white box test on the other hand is when the third party organisation is given full IP information, network diagrams and source code files to the software, networks and systems, in a bid to find weaknesses from any of the available information.

November 2014 Mayank SIngh

Page 3: Penetration Testing

WWW.SUMTRIX.COM Email:[email protected]

PENETRATION TESTING- SOFTWARE'S / TOOLS / UTILITIES

November 2014 Mayank SIngh

▪ Exploitation

▪ Framework

▪ Social Engineering Attack Tools

▪ SQL Injection Detection Tools

Page 4: Penetration Testing

WWW.SUMTRIX.COM Email:[email protected]

November 2014 Mayank SIngh

EXPLOITATION TOOL

Page 5: Penetration Testing

WWW.SUMTRIX.COM Email:[email protected]

Continue…

November 2014 Mayank SIngh

EXPLOITATION TOOL

Page 6: Penetration Testing

WWW.SUMTRIX.COM Email:[email protected]

▪ Metasploit

▪ Mercury

▪ OpenSCAP

▪ rsif

▪ Phemail.py

▪ Xenotix XSS Exploit Framework 

November 2014 Mayank SIngh

FRAMEWORK

Page 7: Penetration Testing

WWW.SUMTRIX.COM Email:[email protected]

• Social-Engineering Toolkit (SET)

November 2014 Mayank SIngh

SOCIAL ENGINEERING ATTACK TOOLS

Page 8: Penetration Testing

WWW.SUMTRIX.COM Email:[email protected]

▪ CAT.NET

▪ Dotdefender

▪ Microsoft Url Scan

▪ GreenSql

▪ HP Scrawlr

▪ Sqlstripes

November 2014 Mayank SIngh

SQL INJECTION DETECTION TOOLS

Page 9: Penetration Testing

WWW.SUMTRIX.COM Email:[email protected]

ThankYouBe Secure AlwaysFor more Updates:

www.sumtrix.com

www.facebook.com/sumtrix14

Email:[email protected]

November 2014 Mayank SIngh

SumtrixA Cyber Security Consultancy

http://www.facebook.com/sumtrix14

Penetration Testing Results

Penetration Testing Report - E-SPIN Group · Penetration Testing Report Independent / 3rd party Web Application Vulnerability & Security Assessment / Penetration Testing / Audit (come

INFORMATION SHEET PENETRATION TESTING...Vulnerability scanning VS penetration testing Penetration testing distinguishes itself from general vulnerability scanning but the two phrases

penetration testing

PENETRATION TESTING SERVICES - Opposition Security · PENETRATION TESTING SERVICES Opposition Security penetration testing services evaluate your security program in depth to find

Penetration Testing Presentation

BackTrack 5 Wireless Penetration Testing Beginner's …cdn.ttgtmedia.com/...BackTrack-5-Wireless-Penetration-Testing-eBook... · BackTrack 5 Wireless Penetration Testing Beginner's

Penetration Testing Basics

Wireless Penetration Testing

Custom Penetration Testing - SANS Sims - Custom... · Advanced Penetration Testing - 2009 SANS 3 What is Penetration Testing? • Process of testing a target environment for weaknesses

Demystifying Penetration Testing

Penetration Testing Methodologies Testing... · penetration testing, aiutando la comunità di sicurezza nella scelta del percorso migliore per il penetration testing. Il termine open

Internal Penetration Testing

Web Application Penetration Testing · Penetration Testing By: Frank Coburn & Haris Mahboob. Take Aways Overview of the web app penetration ... §Penetration testing vs vulnerability

Penetration Testing - University of Texas at Dallascsi.utdallas.edu/...Penetration_Testing...Slides.pdf · Penetration Testing. What is penetration testing? Attempt to bypass security

Writing a Penetration Testing Report - Abaxio · (Sample Penetration Testing Report Black Box Penetration Testing For GPEN.KM V1.0 Month dd th, ... Title Black Box Penetration Testing

VAPT (Vulnerability Assessment & Penetration Testing) //Remedy · VAPT (Vulnerability Assessment & Penetration Testing) //Remedy A Division. In Penetration Testing, part of a security

Penetration Testing Methodology

Web Applications Penetration Testingcs1160315/WebPenetration... · 2018. 3. 3. · Penetration testing typically includes network penetration testing and application security testing

Cone Penetration Testing

sap penetration testing sap penetration testing - Black Hat

Chapter22 Penetration Testing

Penetration testing demystified

Penetration Testing - Brown University Departmentcs.brown.edu/cgc/net.secbook/se01/handouts/Ch09-PenetrationTesti… · Penetration Testing 12/7/2010 Penetration Testing 1 What Is

Penetration testing Professional

Android Penetration Testing

Penetration Testing Magazine

Network Infrastructure Penetration Testing and …...Network Infrastructure Penetration Testing and Ethical Hacking This course teaches penetration testing and will illustrate how

Penetration Testing Network & Perimeter Testing

Firewall Penetration Testing

PENETRATION TESTING - Perspective Risk · PDF fileA PROVIDER OF PENETRATION TESTING SERVICES? ... Invariably, penetration testing means that the penetration testers will

Expert Penetration Testing

Penetration Testing Report