eSec Forte Technologies Pvt. Ltd.

INDIAGurugram: Level-2 Enkay Center, Udyog Vihar - 122016Bangalore: 167, Amar Jyothi Layout, Domlur, Bangalore- 560071E-Mail: info@esecforte.com Phone: +91 124 4264666 | +91 80-41208825Web: http://esecforte.com Skype: esecsales

Agenda

• About Us• Our Service Offerings• Our Products• Background and Scope• Our Methodology• Annexure– Sample Reports

eSec Forte Technologies is a Services Company with offerings ranging from Information Security, (Penetration Testing, Vulnerability Assessment Products), Information Technology Services, Mobile Solutions.

We are headquartered in Delhi, India with offices in California and Bangalore.

We are the authorized distributor of Rapid7 products in Indian Sub-Continent– Metasploit and NeXpose in Indian Sub- Continent

We provide services offerings in the domain of Information Security, Mobile Solutions, IT Services

We have worked with Government Agencies, Law Enforcement Agencies, Defence Forces and Corporate Setups.

We have been listed as a part of top 100 Enterprise Security Companies in India

About US

metasploitMetasploit is a Pentetration Testing tool which helps companies test network security by safely

simulating cyber-attacks to test defenses and determine data risk.

World's most used Penetration Testing software

DITIONS

metasploit

Our Products – Information Security

NeXpose - Vulnerability Management Software

editions

Enterprise Consultant Express Community

Our Products – Information Security

Why Metasploit and Nexpose for Defence Users

• To safeguard classified information and critical infrastructure• To protect information and prevent attacks from multiple Attack Vectors such as

– USB, – External Peripherals, – Local Network Attacks, – Client Side Attacks– Password Brute forcing – Phishing– Specific Vulnerability Attack

• User Awareness and sensitization • Ease of Use – Users can be easily trained to operate both the tools• Detailed and Customizable Reporting and Dashboards• Customized Policy Scans

Being used by Defence Forces, Law Enforcement, Government Agencies & Private Enterprises.

• Network Architecture Review• Vulnerability Assessment • Vulnerability Management Solution• Penetration Testing• Configuration Audit of Servers & Network Devices• Web Application Security Audit• Gap Analysis and Compliance Audit• Formulation/Review of Security Policies• Source Code Review

Security Auditing & Consultancy Services Information Risk

Management

• Media Forensics• E-mail Forensics• Mobile Phone Forensics• Network Forensics• Incident Handling• Cyber Crime Investigation

Cyber Forensics

• Metasploit Certification Training• Nexpose Certification Training• IT Security Awareness Training• Vulnerability Assessment and Penetration Testing

Training• Web Application Pen Testing Training

Corporate Trainings

Our Services – Information Security

Configuration Review

• Environmental scan to identify security issues.

• Recommended Network Architecure

Objectives

System Review Review System (UNIX, Windows) configuration, Accounting,

Auditing, service enabled and security policy enabled.

Network Devices

Review Interface Configurations and Services Review Routing, Access-Lists and VLAN configurations..

Security Devices

Review Security configurations, service enabled, logging and monitoring.

Outcome

A manual/ automatic configuration review is undertaken on identified network components and servers configurations to determine mis-configurations.

At the end of this stage we will have a detailed understanding of the IT architecture, application functionality and vulnerabilities that can be potentiality exploited.

Security

Policies

Application Technology

Network Topology

IT Infrastructure

Server Config

Network Device Config

Our Approach

• Identify Vulnerable applications that are susceptible to SQL Injections, Cross-Site Scripting.

• Identify directory traversal and scripting errors.

Objectives

Directory Traversal

Conduct checks to verify if web application servers have addressed directory traversal vulnerabilities.

Scripting Errors

Identify if web applications are susceptible to CGI and JAVA specific scripting errors

SQL Injection Focus on techniques to take advantage of web applications that are

vulnerable to SQL Injections methods by way of structuring SQL Queries.

Cross-site Scripting

Conduct Information Insertion techniques from Untrusted sources in to the context of trusted sources.

Outcome

Web Password Cracking

Verify by way of automated/manual scripts to check for password cracking techniques on web forms

Input Validation

Verify Input validation mechanisms on web application servers

Web Application

Security Assessment

Identify and assess web applications pertaining to the top 10 criticalities mentioned within the OWASP methodology

• Identify authentication and input validation mechanisms.

• Stringent web applications.

Web Application Testing

Site spidering

Subvert user authentication controls

Attack backend/SQL injection

Test URL input exploitation

Test encryption settings

Test application rules

Subvert cookies mechanisms

Assess code, comments, and default resources

Assess our client and server form submission

Analyse the structure of your site:• Map the site using a site spidering tool to identify

all pages• Review all user accessible HTML/source code • Identify default, backup and inappropriate pages• Test the server platform, validate headers and

cookies used

Structural analysis

Validate controls for input and forms:• Input information of inappropriate length or type• Input HTML or unprintable characters• Attempt buffer overflow attacks, URL specific

attacks

Input Validation

Test user and application controls:• User authentication failure responses• Lockouts and timeouts, username and passwords

tests• Route messages to backend application and

database servers• SQL injection

Application and User Controls

Assess session controls:• Validate cookie usage and settings, • Exchange and alter session cookies• Alter URL and variable session information• Downgrade encryption settings

Session Controls

Data, transaction

analysisData and transaction analyses:

• Disrupt transaction integrity and send false transactions

• Reuse transactions• Confirm workflow rules

Web Application Testing- Our Approach

Psychological Methods to exploit the Human Tendency(Trust, Carelessness, Basic Awareness)

What

Easier than Technical Hacking and Hard to Detect/Track(Victims can range from an Intern to Senior Management)

Why

• Hacker with acting skills• Learn to know how people feel by observing their actions

• Alter feelings by changing what is said and done

• Persuade the victim to want to give information

The Mind

Carelessness

Comfort Zone

Helpful

Fear

Dumpster Diving

Password Harvesting

Smoking Zones

Impersonation

Execution Mechanisms

Piggybacking

Troubled User

Conformity

Deadlines

Social engineering

Social Engineering

Detailed report on observations and suggested improvement areas

Objectives

Touch-point Security

Assessment

Tests designed to ascertain if sensitive information can be stolen from: (i) Computing & Communication aides such as printers, faxes, photocopiers (ii) Mobile computing devices such as unattended Blackberry or PDAs (iii) Insecure use of peripherals

OnlineSocial

Engineering

Technique to ascertain the awareness levels of users towards intentional manipulation towards achieving mal-intended goals. E.g. Pretexting, Phishing, Trojan Horse and Baiting

Team Assessment

Tests that attempts to escalate level of physical access and intrude into restricted areas to capture sensitive information.

Walk-by Security & Dumpster

Diving

Attempts to gain physical access to sensitive information so as to highlight user ignorance towards physical security controls. Tests include Shoulder-Surfing, Tail-gaiting and Dumpster Diving

Outcome

Social engineering is the human side of breaking into corporate network and facilities

Vulnerability Assessment

• Devices / Servers with services being offered

• Topology of network architecture as seen by an attacker or Intruder

• Identify Insecure configurations

• Identify weak authentication mechanisms

Objectives Outcome

Insecure Default Configuration

Identify and execute security checks targeted towards Insecure, Default or Misconfigured devices / servers

Weak / Bad Authentication

Perform checks to Identify weak authentication mechanisms in use and execute methods to exploit them

Port Scanning Discover services that are listening on open ports. Generate a list of

potential vulnerabilities in open ports leading to exploitation/ ccompromise of remote host

Network Surveying

Build a topography of the network architecture from an attacker or an intruder‘s perspective.

Identify vulnerable zones for a sucessfull penetration

Information Leakage

Perform tests to assess Information leakage like Internal IP addresses, Applications and Backend Database version information

Application Version

Information

Conduct checks to identify application version Information and list associated version specific vulnerabilities.

OS Version Information

Conduct checks to identify operating system version Information and list associated version specific vulnerabilities.

Services Configured

Perform tests to assess that current enabled services are not vulnerable to exploits or attacks.

• Build a topology of Applications, Backends, Operating systems and services enabled on devices/ servers

Penetration Testing

• Identify Devices and services that are susceptible to Buffer Overflow and Denial of Service attacks.

• Identify Spoofable networks and IP‘s

• Identify weak passwords in use by way of Password cracking techniques

Objectives

Spoofing Attacks Forge source address and impersonate trusted IP/Networks to gain

access to restrictive servers and networks

Session Hijacking

Hijack existing sessions to gain full or partial control of the network or server

Buffer Overflow Attacks

Send overly long input streams, causing the server to overflow parts of the memory and either crash the system or execute arbitrary code

Password Cracking

Perform password Brute forcing mechanisms which uses multiple combination and permutation of characters

Denial of Service Attacks

Verify for the network device or server‘s robustness when subjected to D-DOS attacks

Outcome

Thank You

For further details, please contact:contact@esecforte.com or visit

http://www.esecforte.com/

OFFICES IN INDIAGurugram: Level-2 Enkay Center, Udyog Vihar - 122016Bangalore: 167, Amar Jyothi Layout, Domlur, Bangalore- 560071E-Mail: info@esecforte.com Phone: +91 124 4264666 | +91 80-41208825Web: http://www.esecforte.com Skype: esecsales