Embed Size (px)
DESCRIPTION
Penetration testing. Agenda. Penetration testing ? Certificated Penetration testing for? Methodology System & Network Web Mobile Tools Commercial Free Tools Report Ex. Q&A. Penetration testing. Vulnerability Assessment. Penetration Testing. Penetration testing TYPE. - PowerPoint PPT Presentation
Citation preview
PENETRATION TESTING
Presenters: Chakrit SanbuapohSr. Information Security MFEC
AGENDA Penetration testing
? Certificated
Penetration testing for? Methodology
System & Network Web Mobile
Tools Commercial Free Tools
Report Ex.
Q&A
PENETRATION TESTING
VULNERABILITY ASSESSMENT
PENETRATION TESTING
PENETRATION TESTING TYPE
Internal External
1. Black box2. White box3. Grey box
Reference : http://www.giac.org/cissp-papers/197.pdf
PENETRATION TESTING : CERTIFICATED
Certified Penetration Testing Engineer (CPTE)
PENETRATION TESTING : CERTIFICATED
The Offensive Security Certified Professional (OSCP)
PENETRATION TESTING : CERTIFICATED
CEH: Certified Ethical Hacking
PENETRATION TESTING : CERTIFICATED BIG NAME Certified Penetration Testing Consultant (CPTC) GIAC Web Application Penetration Tester (GWAPT) GIAC Penetration Tester (GPEN) Certified Information Systems Security Professional (CISSP) Certified Information Security Manager (CISM) Certified Information Systems Auditor - CISA
PENETRATION TESTING FOR?
PENETRATION TESTING : METHODOLOGY
ขนตอน หรอวธการ เพอ?
PENETRATION TESTING : METHODOLOGY
Information Gathering Information Analysis and Planning Vulnerability Detection Penetration Attack/Privilege Escalation Analysis and reporting Clean-up
Information Gathering
VulnerabilityDetection
Penetration Attack/PrivilegeEscalation
InformationAnalysis andPlanning
AnalysisandReporting
Clean Up
PENETRATION TESTING : METHODOLOGYSYSTEM & NETWORK
No. n° îªn� � (Weakness) ε° ·µ¥� � � (Description) 1 System and Infrastructure
Misconfiguration/Insecure Configuration
¤ µ¦ Ênµ� � � � (Configure)Ħ³ ´� � � System ®¦º°Infrastructure ŤnÁ®¤µ³ ¤
2 Insecure Communication n° µÄ µ¦¦´ no°¤¼É¤ ªµ¤ ε ´Án� � � � � � � � � � � � � � � Username, Password ¥¤ µ¦ o° ´Å¤nÁ®¤µ³Ã¥ µ¦Áoµ¦® o°¤¼®¦º°¤ µ¦Áoµ¦® o°¤¼� � � � � � � � � � � � �oª¥� Algorithm ÉŤn¤ ªµ¤ÂȦ ° £¥Á¡¥¡°� � � � � � � �
3 Improper Software Version and Obsolete Software Support
¤ µ¦Äoµ� � � � Software Áª°¦rÉ ÉŤnÁ®¤µ³ ¤ÁnÁÈÁª°¦rÉ ÉŤn¤ µ¦� � � � � � � � � � �Support, ÁÈÁª°¦rÉ É¤ n° îªn² ²� � � � � � �
4 Improper/Unnecessary Services ¤ µ¦Äoµ� � � � Service ÉŤnÁ®¤µ³ ¤®¦º°Å¤nεÁÈ o° Äoµ� � � � � � � � �5 User/Password Weakness ¤ µ¦ ʺɰ� � � � Username ®¦º°Password É µ¤µ¦ µÁµÅonµ¥� � � � � � �
PENETRATION TESTING : METHODOLOGYWEB APPLICATION OWASP 2013
• A1-Injection• A2-Broken Authentication and Session Management• A3-Cross-Site Scripting (XSS)• A4-Insecure Direct Object References• A5-Security Misconfiguration• A6-Sensitive Data Exposure• A7-Missing Function Level Access Control• A8-Cross-Site Request Forgery (CSRF)• A9-Using Components with Known Vulnerabilities• A10-Unvalidated Redirects and Forwards
PENETRATION TESTING : METHODOLOGYMOBILE
PENETRATION TESTING: TOOLS - COMMERCIAL
Nessus Vulnerability Scanner - Tenable Network Security Rapid 7 Nexpose + Metasploit Professional CORE Impact Pro Immunity CANVAS Professional IBM APPSCAN ACUNETIX HP WebInspect Havij Advanced SQL Injection
ETC
PENETRATION TESTING: TOOLS - FREE
Tenable Nessus Home Rapid 7 Nexpose Community NMAP Blackbuntu Linux Firefox Addon Metasploit Kali Linux
ETC
REPORT
Executive Technical
BENEFIT OF PENETRATION TESTING
Manage Risk Properly Increase Business Continuity Minimize Client-side Attacks Protect Clients, Partners And Third Parties Comply With Regulation or Security Certification Evaluate Security Investment Protect Public Relationships And Brand Issues
Q & A
