SlideShare a Scribd company logo

NETWORK PENETRATION TESTING

Download as PPTX, PDF
Er Vivek Rana
Er Vivek Rana

ETHICAL HACKING!!

Technology
1 of 20
NAS103: Essentials of Network Penetration Testing
Course Introduction • Duration: 1 Day – 3 Sessions • Objectives – Introduce you to definitions involved in Penetration Testing – Prepare you for a Network based Penetration Test – Take you through a Network Penetration Test Tools and Methodology – Enable you Understand and Write a Penetration Testing Report – No Tool, Tool, Tool Demonstration. Conceptual knowledge for strong base • Prerequisites – Working knowledge of TCP/IP – Working knowledge of Windows Commands – Working knowledge of Bash Commands
Course Benefits • This course will be helpful for – Penetration Testing Practitioners within the Organizations or Consultants – Network Penetration Testing Project Leads – Network Engineers and Administrators – Prospective Network Penetration Testing Clients • At the end, you will be able to – Setup a Basic Network Penetration Testing Lab – Brainstorm and Dialog with Professional Penetration Testers – Write Basic Network Penetration Testing Reports – Understand Paid Network Penetration Reports • You will not be able to – Setup a Professional Network Penetration Testing Lab – Perform Professional Network Penetration Testing – Write rigorous Penetration Testing Report
Course Author • Praful Agarwal • Over 6 Years of Work Experience • Schooling from CBSE • Bachelor in Information Technology from PTU • PG in Cyber Crime Prosecution and Defense from Asian School of Cyber Law • ISO 27001:2005 Lead Auditor • Started hacking at the age of 13 • Lectured in Indian Navy, Indian Air Force, IISc Bengaluru, etc. • No Criminal Cases, so a Good Hacker 
Mindset • “We break computers, making them do stuff that their designers, implementers, and system administrators didn’t plan on them doing.” by a Noted Penetration Tester • Successful penetration testers and ethical hackers – Think out of the box, to do things differently – Be pragmatic but careful – Take notes regularly to make work reproducible
What is Security? • Confidentiality – Confidentiality, also referred to as privacy, is the process of making sure that data remains private and confidential • Integrity – Integrity is the guarantee that data is protected from accidental or deliberate (malicious) modification • Availability – From a security perspective, availability means that systems remain available for legitimate users
Base Definitions • Threat: An agent that may cause harm to the target organizations • Vulnerability: Flaw or loophole in our resources that can be used by an attacker to cause damage or destruction • Risk: Identification of vulnerabilities and threats shape into risks. That is, we have a risk when our system carries a vulnerability which can be attacked by a threat • Exploit: Exploit is an object which is initiated by the threat agent to cause damage to the organization using a vulnerability • Attack: Series of actions that exploits vulnerabilities in the target which may violate Confidentiality, Integrity and Availability of the organization
What is Ethical Hacking? • Hacking (traditional) – Manipulating technology to make it do something that it is not designed to do • Hacking (threatening) – Breaking into computers and network systems without permissions • Hacking – Computer Security (wikipedia) – Hacking means finding out weaknesses in a computer or computer network and exploiting them, though the term can also refer to someone with an advanced understanding of computers and computer networks • Ethical Hacking (wikianswers) – Ethical hacking is where a person hacks to find weaknesses in a system and then usually patches them
What is Penetration Testing? • Focused on finding security vulnerabilities in a target environment that could let an attacker penetrate the network or computer systems, or steal information – Using tools and techniques very similar to those employed by criminals – To prevent a thief, you may need to think like a thief – The goal is actual penetration – compromising target systems and getting access to information • Penetration testing is a subset of ethical hacking Ethical Hacking Penetration Testing
Ethical Hacking v/s PenTest • Ethical hacking is a general process of using hacker techniques for good purpose, which includes vulnerability discovery in a target organization’s network, software product vulnerability research, and other tasks • Penetration testing is more narrowly focused phrase, dealing with process of finding flaws in a target environment with the goal of penetrating systems, taking control of them • Penetration testing is focused on penetrating the target organization’s defenses, compromising systems and getting access to information
Types of Penetration Testing • Overt – Also known as White Hat Testing, involves performing external and/or internal testing with the knowledge and consent of the organization’s IT staff, enabling comprehensive evaluation of the network or system security posture. – As IT staff is fully aware of and involved in the testing, it may be able to provide guidance to limit the testing’s impact along with some training opportunity, with staff observing the activities and methods used by assessors to evaluate and potentially circumvent implemented security measures • Covert – Also known as Black Hat Testing, takes an adversarial approach by performing testing without the knowledge of the organization’s IT staff but with the full knowledge and permission of upper management – Purpose of this testing is to examine the damage or impact an adversary can cause—it does not focus on identifying vulnerabilities.
Types of Network PenTest • External – This testing is conducted from outside the organization’s security perimeter. This offers the ability to view the environment’s security posture as it appears outside the security perimeter—usually as seen from the Internet—with the goal of revealing vulnerabilities that could be exploited by an external attacker • Internal – In this type of testing, assessors work from the internal network and assume the identity of a trusted insider or an attacker who has penetrated the perimeter defenses. This kind of testing can reveal vulnerabilities that could be exploited from inside, and demonstrates the potential damage an internal attacker could cause • If both internal and external testing is to be performed, the external testing usually takes place first. This is particularly beneficial if the same assessors will be performing both types of testing
Phases of an Attack • Both malicious and ethical hackers rely on various phases in their attacks: – Reconnaissance – Scanning – Exploitation • Malicious attackers often go further, into phases such as: – Maintaining Access with backdoors and rootkits – Covering tracks with covert channels and log editing
Reconnaissance • Also known as Passive Information Gathering, this phase includes gathering information about the target from public sources – Web presence not just website – Search engines – Web archives – Personal websites of employees – Job postings – Newsgroups – Domain Registrar • By the end of this phase, the penetration tester will have a wealth of information regarding the target without ever visiting the target’s network. All passive information is gathered from third- party sources that have collected information about our target, or have legal requirements to retain this data.
Scanning • Also known as Active Information Gathering, this phase includes gathering information by interacting with the target network – Network addresses of live hosts, firewalls, routers, etc – Network topology – Operating systems on live hosts – Open ports – Running services – Potential vulnerable services • Minimize the chance of damaging the target machine(s), as there is always a possibility that our interactions could cause a target system or service to buzz the alarm of intrusion
Type of Scanning • Network Sweeping – Identifying live hosts at IP addresses by sending probe packets • Port Scanning – Determining listening TCP and UDP ports on systems • OS Fingerprinting – Determining target operating system type based on network behavior • Service Scanning – Identifying running services and protocols from open ports along with versions • Vulnerability Scanning – Listing down potential vulnerabilities in the target environment
Exploitation • Taking advantage of a vulnerable service in gaining access to a machine in target environment to run command in it • Exploitation may involve: – Moving files to a target machine – Taking files from a target machine – Sniffing network data in the target network – Install software in target machine – Using one vulnerable machine to compromise whole network • Acts as Proof of Exploitation (PoE), to be mentioned in the penetration testing report
Exploitation Risks • Exploiting target machines does bring some significant risks which must be carefully discussed with the target organization • Exploitation risks involve: – Service Crash – System Crash – Severe impact on system stability – Data exposure
Types of Exploitation • Server Side Exploits – Attacking a service which is listening on the network by generating and sending exploitation packets – User interaction on the target machine is not required • Client Side Exploits – Attacking a client application that fetches content from a server machine – Requires user interaction to actively pull content from the machine • Local Privilege Escalation – Attacking the local machine with limited privileges to jump to higher privileges on the machine such as root, admin – May or may not require user interaction
PenTest Reports • Executive Summary • Test Methodology • Findings – High Risks – Medium Risks • Conclusions • Remediations

Recommended

Introduction to Web Application Penetration Testing
Introduction to Web Application Penetration TestingIntroduction to Web Application Penetration Testing
Introduction to Web Application Penetration TestingAnurag Srivastava
 
Security testing
Security testingSecurity testing
Security testingKhizra Sammad
 
Networking and penetration testing
Networking and penetration testingNetworking and penetration testing
Networking and penetration testingMohit Belwal
 
Vulnerability assessment & Penetration testing Basics
Vulnerability assessment & Penetration testing Basics Vulnerability assessment & Penetration testing Basics
Vulnerability assessment & Penetration testing Basics Mohammed Adam
 
Web Application Penetration Testing
Web Application Penetration Testing Web Application Penetration Testing
Web Application Penetration Testing Priyanka Aash
 
OWASP Top 10 2021 Presentation (Jul 2022)
OWASP Top 10 2021 Presentation (Jul 2022)OWASP Top 10 2021 Presentation (Jul 2022)
OWASP Top 10 2021 Presentation (Jul 2022)TzahiArabov
 
Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...
Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...
Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...Edureka!
 
Security testing
Security testingSecurity testing
Security testingTabăra de Testare
 

Recommended

Introduction to Web Application Penetration Testing
Introduction to Web Application Penetration TestingIntroduction to Web Application Penetration Testing
Introduction to Web Application Penetration TestingAnurag Srivastava
 
Security testing
Security testingSecurity testing
Security testingKhizra Sammad
 
Networking and penetration testing
Networking and penetration testingNetworking and penetration testing
Networking and penetration testingMohit Belwal
 
Vulnerability assessment & Penetration testing Basics
Vulnerability assessment & Penetration testing Basics Vulnerability assessment & Penetration testing Basics
Vulnerability assessment & Penetration testing Basics Mohammed Adam
 
Web Application Penetration Testing
Web Application Penetration Testing Web Application Penetration Testing
Web Application Penetration Testing Priyanka Aash
 
OWASP Top 10 2021 Presentation (Jul 2022)
OWASP Top 10 2021 Presentation (Jul 2022)OWASP Top 10 2021 Presentation (Jul 2022)
OWASP Top 10 2021 Presentation (Jul 2022)TzahiArabov
 
Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...
Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...
Penetration Testing Tutorial | Penetration Testing Tools | Cyber Security Tra...Edureka!
 
Security testing
Security testingSecurity testing
Security testingTabăra de Testare
 
WTF is Penetration Testing v.2
WTF is Penetration Testing v.2WTF is Penetration Testing v.2
WTF is Penetration Testing v.2Scott Sutherland
 
VAPT - Vulnerability Assessment & Penetration Testing
VAPT - Vulnerability Assessment & Penetration Testing VAPT - Vulnerability Assessment & Penetration Testing
VAPT - Vulnerability Assessment & Penetration Testing Netpluz Asia Pte Ltd
 
Introduction to penetration testing
Introduction to penetration testingIntroduction to penetration testing
Introduction to penetration testingAmine SAIGHI
 
Penetration Testing
Penetration Testing Penetration Testing
Penetration Testing RomSoft SRL
 
Penetration testing & Ethical Hacking
Penetration testing & Ethical HackingPenetration testing & Ethical Hacking
Penetration testing & Ethical HackingS.E. CTS CERT-GOV-MD
 
OWASP Top 10 Web Application Vulnerabilities
OWASP Top 10 Web Application VulnerabilitiesOWASP Top 10 Web Application Vulnerabilities
OWASP Top 10 Web Application VulnerabilitiesSoftware Guru
 
Penetration Testing Execution Phases
Penetration Testing Execution Phases Penetration Testing Execution Phases
Penetration Testing Execution Phases Nasir Bhutta
 
Understanding Penetration Testing & its Benefits for Organization
Understanding Penetration Testing & its Benefits for OrganizationUnderstanding Penetration Testing & its Benefits for Organization
Understanding Penetration Testing & its Benefits for OrganizationPECB
 
Security testing
Security testingSecurity testing
Security testingRihab Chebbah
 
Vulnerability and Assessment Penetration Testing
Vulnerability and Assessment Penetration TestingVulnerability and Assessment Penetration Testing
Vulnerability and Assessment Penetration TestingYvonne Marambanyika
 
Ceh v5 module 01 introduction to ethical hacking
Ceh v5 module 01 introduction to ethical hackingCeh v5 module 01 introduction to ethical hacking
Ceh v5 module 01 introduction to ethical hackingVi Tính Hoàng Nam
 
VAPT PRESENTATION full.pptx
VAPT PRESENTATION full.pptxVAPT PRESENTATION full.pptx
VAPT PRESENTATION full.pptxDARSHANBHAVSAR14
 
Ethical Hacking n VAPT presentation by Suvrat jain
Ethical Hacking n VAPT presentation by Suvrat jainEthical Hacking n VAPT presentation by Suvrat jain
Ethical Hacking n VAPT presentation by Suvrat jainSuvrat Jain
 
Introduction To Vulnerability Assessment & Penetration Testing
Introduction To Vulnerability Assessment & Penetration TestingIntroduction To Vulnerability Assessment & Penetration Testing
Introduction To Vulnerability Assessment & Penetration TestingRaghav Bisht
 
Security testing fundamentals
Security testing fundamentalsSecurity testing fundamentals
Security testing fundamentalsCygnet Infotech
 
Web Application Security and Awareness
Web Application Security and AwarenessWeb Application Security and Awareness
Web Application Security and AwarenessAbdul Rahman Sherzad
 
What is Penetration Testing?
What is Penetration Testing?What is Penetration Testing?
What is Penetration Testing?btpsec
 
Penetration Testing Basics
Penetration Testing BasicsPenetration Testing Basics
Penetration Testing BasicsRick Wanner
 
Introduction to Penetration Testing
Introduction to Penetration TestingIntroduction to Penetration Testing
Introduction to Penetration TestingAndrew McNicol
 
Web application security
Web application securityWeb application security
Web application securityKapil Sharma
 
What is penetration testing
What is penetration testingWhat is penetration testing
What is penetration testingsakshisoni076
 
Penentration testing
Penentration testingPenentration testing
Penentration testingtahreemsaleem
 

More Related Content

What's hot

WTF is Penetration Testing v.2
WTF is Penetration Testing v.2WTF is Penetration Testing v.2
WTF is Penetration Testing v.2Scott Sutherland
 
VAPT - Vulnerability Assessment & Penetration Testing
VAPT - Vulnerability Assessment & Penetration Testing VAPT - Vulnerability Assessment & Penetration Testing
VAPT - Vulnerability Assessment & Penetration Testing Netpluz Asia Pte Ltd
 
Introduction to penetration testing
Introduction to penetration testingIntroduction to penetration testing
Introduction to penetration testingAmine SAIGHI
 
Penetration Testing
Penetration Testing Penetration Testing
Penetration Testing RomSoft SRL
 
Penetration testing & Ethical Hacking
Penetration testing & Ethical HackingPenetration testing & Ethical Hacking
Penetration testing & Ethical HackingS.E. CTS CERT-GOV-MD
 
OWASP Top 10 Web Application Vulnerabilities
OWASP Top 10 Web Application VulnerabilitiesOWASP Top 10 Web Application Vulnerabilities
OWASP Top 10 Web Application VulnerabilitiesSoftware Guru
 
Penetration Testing Execution Phases
Penetration Testing Execution Phases Penetration Testing Execution Phases
Penetration Testing Execution Phases Nasir Bhutta
 
Understanding Penetration Testing & its Benefits for Organization
Understanding Penetration Testing & its Benefits for OrganizationUnderstanding Penetration Testing & its Benefits for Organization
Understanding Penetration Testing & its Benefits for OrganizationPECB
 
Vulnerability and Assessment Penetration Testing
Vulnerability and Assessment Penetration TestingVulnerability and Assessment Penetration Testing
Vulnerability and Assessment Penetration TestingYvonne Marambanyika
 
Ceh v5 module 01 introduction to ethical hacking
Ceh v5 module 01 introduction to ethical hackingCeh v5 module 01 introduction to ethical hacking
Ceh v5 module 01 introduction to ethical hackingVi Tính Hoàng Nam
 
VAPT PRESENTATION full.pptx
VAPT PRESENTATION full.pptxVAPT PRESENTATION full.pptx
VAPT PRESENTATION full.pptxDARSHANBHAVSAR14
 
Ethical Hacking n VAPT presentation by Suvrat jain
Ethical Hacking n VAPT presentation by Suvrat jainEthical Hacking n VAPT presentation by Suvrat jain
Ethical Hacking n VAPT presentation by Suvrat jainSuvrat Jain
 
Introduction To Vulnerability Assessment & Penetration Testing
Introduction To Vulnerability Assessment & Penetration TestingIntroduction To Vulnerability Assessment & Penetration Testing
Introduction To Vulnerability Assessment & Penetration TestingRaghav Bisht
 
Security testing fundamentals
Security testing fundamentalsSecurity testing fundamentals
Security testing fundamentalsCygnet Infotech
 
Web Application Security and Awareness
Web Application Security and AwarenessWeb Application Security and Awareness
Web Application Security and AwarenessAbdul Rahman Sherzad
 
What is Penetration Testing?
What is Penetration Testing?What is Penetration Testing?
What is Penetration Testing?btpsec
 
Penetration Testing Basics
Penetration Testing BasicsPenetration Testing Basics
Penetration Testing BasicsRick Wanner
 
Introduction to Penetration Testing
Introduction to Penetration TestingIntroduction to Penetration Testing
Introduction to Penetration TestingAndrew McNicol
 
Web application security
Web application securityWeb application security
Web application securityKapil Sharma
 

What's hot (20)

WTF is Penetration Testing v.2
WTF is Penetration Testing v.2WTF is Penetration Testing v.2
WTF is Penetration Testing v.2
 
VAPT - Vulnerability Assessment & Penetration Testing
VAPT - Vulnerability Assessment & Penetration Testing VAPT - Vulnerability Assessment & Penetration Testing
VAPT - Vulnerability Assessment & Penetration Testing
 
Introduction to penetration testing
Introduction to penetration testingIntroduction to penetration testing
Introduction to penetration testing
 
Penetration Testing
Penetration Testing Penetration Testing
Penetration Testing
 
Penetration testing & Ethical Hacking
Penetration testing & Ethical HackingPenetration testing & Ethical Hacking
Penetration testing & Ethical Hacking
 
OWASP Top 10 Web Application Vulnerabilities
OWASP Top 10 Web Application VulnerabilitiesOWASP Top 10 Web Application Vulnerabilities
OWASP Top 10 Web Application Vulnerabilities
 
Penetration Testing Execution Phases
Penetration Testing Execution Phases Penetration Testing Execution Phases
Penetration Testing Execution Phases
 
Understanding Penetration Testing & its Benefits for Organization
Understanding Penetration Testing & its Benefits for OrganizationUnderstanding Penetration Testing & its Benefits for Organization
Understanding Penetration Testing & its Benefits for Organization
 
Security testing
Security testingSecurity testing
Security testing
 
Vulnerability and Assessment Penetration Testing
Vulnerability and Assessment Penetration TestingVulnerability and Assessment Penetration Testing
Vulnerability and Assessment Penetration Testing
 
Ceh v5 module 01 introduction to ethical hacking
Ceh v5 module 01 introduction to ethical hackingCeh v5 module 01 introduction to ethical hacking
Ceh v5 module 01 introduction to ethical hacking
 
VAPT PRESENTATION full.pptx
VAPT PRESENTATION full.pptxVAPT PRESENTATION full.pptx
VAPT PRESENTATION full.pptx
 
Ethical Hacking n VAPT presentation by Suvrat jain
Ethical Hacking n VAPT presentation by Suvrat jainEthical Hacking n VAPT presentation by Suvrat jain
Ethical Hacking n VAPT presentation by Suvrat jain
 
Introduction To Vulnerability Assessment & Penetration Testing
Introduction To Vulnerability Assessment & Penetration TestingIntroduction To Vulnerability Assessment & Penetration Testing
Introduction To Vulnerability Assessment & Penetration Testing
 
Security testing fundamentals
Security testing fundamentalsSecurity testing fundamentals
Security testing fundamentals
 
Web Application Security and Awareness
Web Application Security and AwarenessWeb Application Security and Awareness
Web Application Security and Awareness
 
What is Penetration Testing?
What is Penetration Testing?What is Penetration Testing?
What is Penetration Testing?
 
Penetration Testing Basics
Penetration Testing BasicsPenetration Testing Basics
Penetration Testing Basics
 
Introduction to Penetration Testing
Introduction to Penetration TestingIntroduction to Penetration Testing
Introduction to Penetration Testing
 
Web application security
Web application securityWeb application security
Web application security
 

Similar to NETWORK PENETRATION TESTING

What is penetration testing
What is penetration testingWhat is penetration testing
What is penetration testingsakshisoni076
 
Penentration testing
Penentration testingPenentration testing
Penentration testingtahreemsaleem
 
BAIT1103 Chapter 7
BAIT1103 Chapter 7BAIT1103 Chapter 7
BAIT1103 Chapter 7limsh
 
Lecture 10 intruders
Lecture 10 intrudersLecture 10 intruders
Lecture 10 intrudersrajakhurram
 
Vulnerability assessment on cyber security
Vulnerability assessment on cyber securityVulnerability assessment on cyber security
Vulnerability assessment on cyber securityrb5ylf93do
 
network security.pdf
network security.pdfnetwork security.pdf
network security.pdfKIYALIBAN1
 
Attackers process
Attackers processAttackers process
Attackers processbegmohsin
 
The Art of Penetration Testing in Cybersecurity.
The Art of Penetration Testing in Cybersecurity.The Art of Penetration Testing in Cybersecurity.
The Art of Penetration Testing in Cybersecurity.Expeed Software
 
CISM_WK_3.pptx
CISM_WK_3.pptxCISM_WK_3.pptx
CISM_WK_3.pptxdotco
 
Vulnerability assessment and penetration testing
Vulnerability assessment and penetration testingVulnerability assessment and penetration testing
Vulnerability assessment and penetration testingAbu Sadat Mohammed Yasin
 
Penetration Testing.pptx
Penetration Testing.pptxPenetration Testing.pptx
Penetration Testing.pptxAnanta Khare
 
Definitive Security Testing Checklist Shielding Your Applications against Cyb...
Definitive Security Testing Checklist Shielding Your Applications against Cyb...Definitive Security Testing Checklist Shielding Your Applications against Cyb...
Definitive Security Testing Checklist Shielding Your Applications against Cyb...Knoldus Inc.
 
1 (20 files merged).ppt
1 (20 files merged).ppt1 (20 files merged).ppt
1 (20 files merged).pptseshas1
 
Ethical Hacking justvamshi .pptx
Ethical Hacking justvamshi .pptxEthical Hacking justvamshi .pptx
Ethical Hacking justvamshi .pptxvamshimatangi
 
Defcon 22-tim-mcguffin-one-man-shop
Defcon 22-tim-mcguffin-one-man-shopDefcon 22-tim-mcguffin-one-man-shop
Defcon 22-tim-mcguffin-one-man-shopPriyanka Aash
 

Similar to NETWORK PENETRATION TESTING (20)

What is penetration testing
What is penetration testingWhat is penetration testing
What is penetration testing
 
Penentration testing
Penentration testingPenentration testing
Penentration testing
 
BAIT1103 Chapter 7
BAIT1103 Chapter 7BAIT1103 Chapter 7
BAIT1103 Chapter 7
 
Vapt life cycle
Vapt life cycleVapt life cycle
Vapt life cycle
 
Lecture 10 intruders
Lecture 10 intrudersLecture 10 intruders
Lecture 10 intruders
 
Intruders
IntrudersIntruders
Intruders
 
Vulnerability assessment on cyber security
Vulnerability assessment on cyber securityVulnerability assessment on cyber security
Vulnerability assessment on cyber security
 
CyberSecurity101.pdf
CyberSecurity101.pdfCyberSecurity101.pdf
CyberSecurity101.pdf
 
network security.pdf
network security.pdfnetwork security.pdf
network security.pdf
 
Attackers process
Attackers processAttackers process
Attackers process
 
The Art of Penetration Testing in Cybersecurity.
The Art of Penetration Testing in Cybersecurity.The Art of Penetration Testing in Cybersecurity.
The Art of Penetration Testing in Cybersecurity.
 
CISM_WK_3.pptx
CISM_WK_3.pptxCISM_WK_3.pptx
CISM_WK_3.pptx
 
Vulnerability assessment and penetration testing
Vulnerability assessment and penetration testingVulnerability assessment and penetration testing
Vulnerability assessment and penetration testing
 
Penetration Testing.pptx
Penetration Testing.pptxPenetration Testing.pptx
Penetration Testing.pptx
 
Definitive Security Testing Checklist Shielding Your Applications against Cyb...
Definitive Security Testing Checklist Shielding Your Applications against Cyb...Definitive Security Testing Checklist Shielding Your Applications against Cyb...
Definitive Security Testing Checklist Shielding Your Applications against Cyb...
 
ch08.ppt
ch08.pptch08.ppt
ch08.ppt
 
ch18 ABCD.pdf
ch18 ABCD.pdfch18 ABCD.pdf
ch18 ABCD.pdf
 
1 (20 files merged).ppt
1 (20 files merged).ppt1 (20 files merged).ppt
1 (20 files merged).ppt
 
Ethical Hacking justvamshi .pptx
Ethical Hacking justvamshi .pptxEthical Hacking justvamshi .pptx
Ethical Hacking justvamshi .pptx
 
Defcon 22-tim-mcguffin-one-man-shop
Defcon 22-tim-mcguffin-one-man-shopDefcon 22-tim-mcguffin-one-man-shop
Defcon 22-tim-mcguffin-one-man-shop
 

Recently uploaded

Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .Alan Dix
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxLoriGlavin3
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxLoriGlavin3
 

Recently uploaded (20)

Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
 

NETWORK PENETRATION TESTING

  • 2. Course Introduction • Duration: 1 Day – 3 Sessions • Objectives – Introduce you to definitions involved in Penetration Testing – Prepare you for a Network based Penetration Test – Take you through a Network Penetration Test Tools and Methodology – Enable you Understand and Write a Penetration Testing Report – No Tool, Tool, Tool Demonstration. Conceptual knowledge for strong base • Prerequisites – Working knowledge of TCP/IP – Working knowledge of Windows Commands – Working knowledge of Bash Commands
  • 3. Course Benefits • This course will be helpful for – Penetration Testing Practitioners within the Organizations or Consultants – Network Penetration Testing Project Leads – Network Engineers and Administrators – Prospective Network Penetration Testing Clients • At the end, you will be able to – Setup a Basic Network Penetration Testing Lab – Brainstorm and Dialog with Professional Penetration Testers – Write Basic Network Penetration Testing Reports – Understand Paid Network Penetration Reports • You will not be able to – Setup a Professional Network Penetration Testing Lab – Perform Professional Network Penetration Testing – Write rigorous Penetration Testing Report
  • 4. Course Author • Praful Agarwal • Over 6 Years of Work Experience • Schooling from CBSE • Bachelor in Information Technology from PTU • PG in Cyber Crime Prosecution and Defense from Asian School of Cyber Law • ISO 27001:2005 Lead Auditor • Started hacking at the age of 13 • Lectured in Indian Navy, Indian Air Force, IISc Bengaluru, etc. • No Criminal Cases, so a Good Hacker 
  • 5. Mindset • “We break computers, making them do stuff that their designers, implementers, and system administrators didn’t plan on them doing.” by a Noted Penetration Tester • Successful penetration testers and ethical hackers – Think out of the box, to do things differently – Be pragmatic but careful – Take notes regularly to make work reproducible
  • 6. What is Security? • Confidentiality – Confidentiality, also referred to as privacy, is the process of making sure that data remains private and confidential • Integrity – Integrity is the guarantee that data is protected from accidental or deliberate (malicious) modification • Availability – From a security perspective, availability means that systems remain available for legitimate users
  • 7. Base Definitions • Threat: An agent that may cause harm to the target organizations • Vulnerability: Flaw or loophole in our resources that can be used by an attacker to cause damage or destruction • Risk: Identification of vulnerabilities and threats shape into risks. That is, we have a risk when our system carries a vulnerability which can be attacked by a threat • Exploit: Exploit is an object which is initiated by the threat agent to cause damage to the organization using a vulnerability • Attack: Series of actions that exploits vulnerabilities in the target which may violate Confidentiality, Integrity and Availability of the organization
  • 8. What is Ethical Hacking? • Hacking (traditional) – Manipulating technology to make it do something that it is not designed to do • Hacking (threatening) – Breaking into computers and network systems without permissions • Hacking – Computer Security (wikipedia) – Hacking means finding out weaknesses in a computer or computer network and exploiting them, though the term can also refer to someone with an advanced understanding of computers and computer networks • Ethical Hacking (wikianswers) – Ethical hacking is where a person hacks to find weaknesses in a system and then usually patches them
  • 9. What is Penetration Testing? • Focused on finding security vulnerabilities in a target environment that could let an attacker penetrate the network or computer systems, or steal information – Using tools and techniques very similar to those employed by criminals – To prevent a thief, you may need to think like a thief – The goal is actual penetration – compromising target systems and getting access to information • Penetration testing is a subset of ethical hacking Ethical Hacking Penetration Testing
  • 10. Ethical Hacking v/s PenTest • Ethical hacking is a general process of using hacker techniques for good purpose, which includes vulnerability discovery in a target organization’s network, software product vulnerability research, and other tasks • Penetration testing is more narrowly focused phrase, dealing with process of finding flaws in a target environment with the goal of penetrating systems, taking control of them • Penetration testing is focused on penetrating the target organization’s defenses, compromising systems and getting access to information
  • 11. Types of Penetration Testing • Overt – Also known as White Hat Testing, involves performing external and/or internal testing with the knowledge and consent of the organization’s IT staff, enabling comprehensive evaluation of the network or system security posture. – As IT staff is fully aware of and involved in the testing, it may be able to provide guidance to limit the testing’s impact along with some training opportunity, with staff observing the activities and methods used by assessors to evaluate and potentially circumvent implemented security measures • Covert – Also known as Black Hat Testing, takes an adversarial approach by performing testing without the knowledge of the organization’s IT staff but with the full knowledge and permission of upper management – Purpose of this testing is to examine the damage or impact an adversary can cause—it does not focus on identifying vulnerabilities.
  • 12. Types of Network PenTest • External – This testing is conducted from outside the organization’s security perimeter. This offers the ability to view the environment’s security posture as it appears outside the security perimeter—usually as seen from the Internet—with the goal of revealing vulnerabilities that could be exploited by an external attacker • Internal – In this type of testing, assessors work from the internal network and assume the identity of a trusted insider or an attacker who has penetrated the perimeter defenses. This kind of testing can reveal vulnerabilities that could be exploited from inside, and demonstrates the potential damage an internal attacker could cause • If both internal and external testing is to be performed, the external testing usually takes place first. This is particularly beneficial if the same assessors will be performing both types of testing
  • 13. Phases of an Attack • Both malicious and ethical hackers rely on various phases in their attacks: – Reconnaissance – Scanning – Exploitation • Malicious attackers often go further, into phases such as: – Maintaining Access with backdoors and rootkits – Covering tracks with covert channels and log editing
  • 14. Reconnaissance • Also known as Passive Information Gathering, this phase includes gathering information about the target from public sources – Web presence not just website – Search engines – Web archives – Personal websites of employees – Job postings – Newsgroups – Domain Registrar • By the end of this phase, the penetration tester will have a wealth of information regarding the target without ever visiting the target’s network. All passive information is gathered from third- party sources that have collected information about our target, or have legal requirements to retain this data.
  • 15. Scanning • Also known as Active Information Gathering, this phase includes gathering information by interacting with the target network – Network addresses of live hosts, firewalls, routers, etc – Network topology – Operating systems on live hosts – Open ports – Running services – Potential vulnerable services • Minimize the chance of damaging the target machine(s), as there is always a possibility that our interactions could cause a target system or service to buzz the alarm of intrusion
  • 16. Type of Scanning • Network Sweeping – Identifying live hosts at IP addresses by sending probe packets • Port Scanning – Determining listening TCP and UDP ports on systems • OS Fingerprinting – Determining target operating system type based on network behavior • Service Scanning – Identifying running services and protocols from open ports along with versions • Vulnerability Scanning – Listing down potential vulnerabilities in the target environment
  • 17. Exploitation • Taking advantage of a vulnerable service in gaining access to a machine in target environment to run command in it • Exploitation may involve: – Moving files to a target machine – Taking files from a target machine – Sniffing network data in the target network – Install software in target machine – Using one vulnerable machine to compromise whole network • Acts as Proof of Exploitation (PoE), to be mentioned in the penetration testing report
  • 18. Exploitation Risks • Exploiting target machines does bring some significant risks which must be carefully discussed with the target organization • Exploitation risks involve: – Service Crash – System Crash – Severe impact on system stability – Data exposure
  • 19. Types of Exploitation • Server Side Exploits – Attacking a service which is listening on the network by generating and sending exploitation packets – User interaction on the target machine is not required • Client Side Exploits – Attacking a client application that fetches content from a server machine – Requires user interaction to actively pull content from the machine • Local Privilege Escalation – Attacking the local machine with limited privileges to jump to higher privileges on the machine such as root, admin – May or may not require user interaction
  • 20. PenTest Reports • Executive Summary • Test Methodology • Findings – High Risks – Medium Risks • Conclusions • Remediations