Upload
esec-forte-technologies
View
832
Download
5
Embed Size (px)
Citation preview
eSec Forte Technologies Pvt. Ltd.
INDIAGurugram: Level-2 Enkay Center, Udyog Vihar - 122016Bangalore: 167, Amar Jyothi Layout, Domlur, Bangalore- 560071E-Mail: [email protected] Phone: +91 124 4264666 | +91 80-41208825Web: http://esecforte.com Skype: esecsales
Agenda
• About Us• Our Service Offerings• Our Products• Background and Scope• Our Methodology• Annexure– Sample Reports
eSec Forte Technologies is a Services Company with offerings ranging from Information Security, (Penetration Testing, Vulnerability Assessment Products), Information Technology Services, Mobile Solutions.
We are headquartered in Delhi, India with offices in California and Bangalore.
We are the authorized distributor of Rapid7 products in Indian Sub-Continent– Metasploit and NeXpose in Indian Sub- Continent
We provide services offerings in the domain of Information Security, Mobile Solutions, IT Services
We have worked with Government Agencies, Law Enforcement Agencies, Defence Forces and Corporate Setups.
We have been listed as a part of top 100 Enterprise Security Companies in India
About US
metasploitMetasploit is a Pentetration Testing tool which helps companies test network security by safely
simulating cyber-attacks to test defenses and determine data risk.
World's most used Penetration Testing software
DITIONS
metasploit
Our Products – Information Security
NeXpose - Vulnerability Management Software
editions
Enterprise Consultant Express Community
Our Products – Information Security
Why Metasploit and Nexpose for Defence Users
• To safeguard classified information and critical infrastructure• To protect information and prevent attacks from multiple Attack Vectors such as
– USB, – External Peripherals, – Local Network Attacks, – Client Side Attacks– Password Brute forcing – Phishing– Specific Vulnerability Attack
• User Awareness and sensitization • Ease of Use – Users can be easily trained to operate both the tools• Detailed and Customizable Reporting and Dashboards• Customized Policy Scans
Being used by Defence Forces, Law Enforcement, Government Agencies & Private Enterprises.
• Network Architecture Review• Vulnerability Assessment • Vulnerability Management Solution• Penetration Testing• Configuration Audit of Servers & Network Devices• Web Application Security Audit• Gap Analysis and Compliance Audit• Formulation/Review of Security Policies• Source Code Review
Security Auditing & Consultancy Services Information Risk
Management
• Media Forensics• E-mail Forensics• Mobile Phone Forensics• Network Forensics• Incident Handling• Cyber Crime Investigation
Cyber Forensics
• Metasploit Certification Training• Nexpose Certification Training• IT Security Awareness Training• Vulnerability Assessment and Penetration Testing
Training• Web Application Pen Testing Training
Corporate Trainings
Our Services – Information Security
Configuration Review
• Environmental scan to identify security issues.
• Recommended Network Architecure
Objectives
System Review Review System (UNIX, Windows) configuration, Accounting,
Auditing, service enabled and security policy enabled.
Network Devices
Review Interface Configurations and Services Review Routing, Access-Lists and VLAN configurations..
Security Devices
Review Security configurations, service enabled, logging and monitoring.
Outcome
A manual/ automatic configuration review is undertaken on identified network components and servers configurations to determine mis-configurations.
At the end of this stage we will have a detailed understanding of the IT architecture, application functionality and vulnerabilities that can be potentiality exploited.
Security
Policies
Application Technology
Network Topology
IT Infrastructure
Server Config
Network Device Config
Our Approach
• Identify Vulnerable applications that are susceptible to SQL Injections, Cross-Site Scripting.
• Identify directory traversal and scripting errors.
Objectives
Directory Traversal
Conduct checks to verify if web application servers have addressed directory traversal vulnerabilities.
Scripting Errors
Identify if web applications are susceptible to CGI and JAVA specific scripting errors
SQL Injection Focus on techniques to take advantage of web applications that are
vulnerable to SQL Injections methods by way of structuring SQL Queries.
Cross-site Scripting
Conduct Information Insertion techniques from Untrusted sources in to the context of trusted sources.
Outcome
Web Password Cracking
Verify by way of automated/manual scripts to check for password cracking techniques on web forms
Input Validation
Verify Input validation mechanisms on web application servers
Web Application
Security Assessment
Identify and assess web applications pertaining to the top 10 criticalities mentioned within the OWASP methodology
• Identify authentication and input validation mechanisms.
• Stringent web applications.
Web Application Testing
Site spidering
Subvert user authentication controls
Attack backend/SQL injection
Test URL input exploitation
Test encryption settings
Test application rules
Subvert cookies mechanisms
Assess code, comments, and default resources
Assess our client and server form submission
Analyse the structure of your site:• Map the site using a site spidering tool to identify
all pages• Review all user accessible HTML/source code • Identify default, backup and inappropriate pages• Test the server platform, validate headers and
cookies used
Structural analysis
Validate controls for input and forms:• Input information of inappropriate length or type• Input HTML or unprintable characters• Attempt buffer overflow attacks, URL specific
attacks
Input Validation
Test user and application controls:• User authentication failure responses• Lockouts and timeouts, username and passwords
tests• Route messages to backend application and
database servers• SQL injection
Application and User Controls
Assess session controls:• Validate cookie usage and settings, • Exchange and alter session cookies• Alter URL and variable session information• Downgrade encryption settings
Session Controls
Data, transaction
analysisData and transaction analyses:
• Disrupt transaction integrity and send false transactions
• Reuse transactions• Confirm workflow rules
Web Application Testing- Our Approach
Psychological Methods to exploit the Human Tendency(Trust, Carelessness, Basic Awareness)
What
Easier than Technical Hacking and Hard to Detect/Track(Victims can range from an Intern to Senior Management)
Why
• Hacker with acting skills• Learn to know how people feel by observing their actions
• Alter feelings by changing what is said and done
• Persuade the victim to want to give information
The Mind
Carelessness
Comfort Zone
Helpful
Fear
Dumpster Diving
Password Harvesting
Smoking Zones
Impersonation
Execution Mechanisms
Piggybacking
Troubled User
Conformity
Deadlines
Social engineering
Social Engineering
Detailed report on observations and suggested improvement areas
Objectives
Touch-point Security
Assessment
Tests designed to ascertain if sensitive information can be stolen from: (i) Computing & Communication aides such as printers, faxes, photocopiers (ii) Mobile computing devices such as unattended Blackberry or PDAs (iii) Insecure use of peripherals
OnlineSocial
Engineering
Technique to ascertain the awareness levels of users towards intentional manipulation towards achieving mal-intended goals. E.g. Pretexting, Phishing, Trojan Horse and Baiting
Team Assessment
Tests that attempts to escalate level of physical access and intrude into restricted areas to capture sensitive information.
Walk-by Security & Dumpster
Diving
Attempts to gain physical access to sensitive information so as to highlight user ignorance towards physical security controls. Tests include Shoulder-Surfing, Tail-gaiting and Dumpster Diving
Outcome
Social engineering is the human side of breaking into corporate network and facilities
Vulnerability Assessment
• Devices / Servers with services being offered
• Topology of network architecture as seen by an attacker or Intruder
• Identify Insecure configurations
• Identify weak authentication mechanisms
Objectives Outcome
Insecure Default Configuration
Identify and execute security checks targeted towards Insecure, Default or Misconfigured devices / servers
Weak / Bad Authentication
Perform checks to Identify weak authentication mechanisms in use and execute methods to exploit them
Port Scanning Discover services that are listening on open ports. Generate a list of
potential vulnerabilities in open ports leading to exploitation/ ccompromise of remote host
Network Surveying
Build a topography of the network architecture from an attacker or an intruder‘s perspective.
Identify vulnerable zones for a sucessfull penetration
Information Leakage
Perform tests to assess Information leakage like Internal IP addresses, Applications and Backend Database version information
Application Version
Information
Conduct checks to identify application version Information and list associated version specific vulnerabilities.
OS Version Information
Conduct checks to identify operating system version Information and list associated version specific vulnerabilities.
Services Configured
Perform tests to assess that current enabled services are not vulnerable to exploits or attacks.
• Build a topology of Applications, Backends, Operating systems and services enabled on devices/ servers
Penetration Testing
• Identify Devices and services that are susceptible to Buffer Overflow and Denial of Service attacks.
• Identify Spoofable networks and IP‘s
• Identify weak passwords in use by way of Password cracking techniques
Objectives
Spoofing Attacks Forge source address and impersonate trusted IP/Networks to gain
access to restrictive servers and networks
Session Hijacking
Hijack existing sessions to gain full or partial control of the network or server
Buffer Overflow Attacks
Send overly long input streams, causing the server to overflow parts of the memory and either crash the system or execute arbitrary code
Password Cracking
Perform password Brute forcing mechanisms which uses multiple combination and permutation of characters
Denial of Service Attacks
Verify for the network device or server‘s robustness when subjected to D-DOS attacks
Outcome
Thank You
For further details, please contact:[email protected] or visit
http://www.esecforte.com/
OFFICES IN INDIAGurugram: Level-2 Enkay Center, Udyog Vihar - 122016Bangalore: 167, Amar Jyothi Layout, Domlur, Bangalore- 560071E-Mail: [email protected] Phone: +91 124 4264666 | +91 80-41208825Web: http://www.esecforte.com Skype: esecsales