Penetration testing : Certificated
Download
Report
Transcript Penetration testing : Certificated
PENETRATION TESTING
Presenters: Chakrit Sanbuapoh
Sr. Information Security
MFEC
AGENDA
Penetration testing
?
Certificated
Penetration testing for?
Methodology
System & Network
Web
Mobile
Tools
Commercial
Free Tools
Report
Ex.
Q&A
PENETRATION TESTING
VULNERABILITY ASSESSMENT
PENETRATION TESTING
PENETRATION TESTING TYPE
Internal
External
1. Black box
2. White box
3. Grey box
Reference : http://www.giac.org/cissp-papers/197.pdf
PENETRATION TESTING : CERTIFICATED
Certified Penetration Testing Engineer (CPTE)
PENETRATION TESTING : CERTIFICATED
The Offensive Security Certified Professional (OSCP)
PENETRATION TESTING : CERTIFICATED
CEH: Certified Ethical Hacking
PENETRATION TESTING : CERTIFICATED BIG
NAME
Certified Penetration Testing Consultant (CPTC)
GIAC Web Application Penetration Tester (GWAPT)
GIAC Penetration Tester (GPEN)
Certified Information Systems Security Professional (CISSP)
Certified Information Security Manager (CISM)
Certified Information Systems Auditor - CISA
PENETRATION TESTING FOR?
PENETRATION TESTING : METHODOLOGY
ขันตอน
้
หรื อวิธีการ เพื่อ?
PENETRATION TESTING : METHODOLOGY
Information Gathering
Information Analysis and Planning
Vulnerability Detection
Penetration
Attack/Privilege Escalation
Analysis and reporting
Clean-up
Information
Gathering
Information
Analysis and Vulnerability Penetration
Detection
Planning
Attack/
Privilege
Escalation
Analysis
and
Reporting
Clean Up
PENETRATION TESTING : METHODOLOGY
SYSTEM & NETWORK
No.
(Weakness)
1 System and Infrastructure
Misconfiguration/Insecure
Configuration
2 Insecure Communication
3
4
5
Improper Software Version and
Obsolete Software Support
Improper/Unnecessary Services
User/Password Weakness
(Description)
ีการตั ้ า(Configure) นร ั System หรื อ Infrastructure
เห า
อ า นการรั ขอ ี่ ี วา า ั เ น Username, Password
ั ีการ อ กัน เห า
การเขารหั ขอ หรื อ ีการเขารหั ขอ
ว Algorithm ี่ ี วา ข ร อ ั เพี พอ
ีการ าน Software เวอร นั่ ี่ เห า เ น เ นเวอร นั่ ี่ ีการ
Support, เ นเวอร นั่ ี่ ี อ หว
ีการ าน Service ี่ เห า หรื อ าเ นตอ าน
ีการตั ้ ื่อ Username หรื อ Password ี่ า าร า เ า า
PENETRATION TESTING : METHODOLOGY
WEB APPLICATION
OWASP 2013
•
•
•
•
•
•
•
•
•
•
A1-Injection
A2-Broken Authentication and Session Management
A3-Cross-Site Scripting (XSS)
A4-Insecure Direct Object References
A5-Security Misconfiguration
A6-Sensitive Data Exposure
A7-Missing Function Level Access Control
A8-Cross-Site Request Forgery (CSRF)
A9-Using Components with Known Vulnerabilities
A10-Unvalidated Redirects and Forwards
PENETRATION TESTING : METHODOLOGY
MOBILE
PENETRATION TESTING: TOOLS - COMMERCIAL
Nessus Vulnerability Scanner - Tenable Network Security
Rapid 7 Nexpose + Metasploit Professional
CORE Impact Pro
Immunity CANVAS Professional
IBM APPSCAN
ACUNETIX
HP WebInspect
Havij Advanced SQL Injection
ETC
PENETRATION TESTING: TOOLS - FREE
Tenable Nessus Home
Rapid 7 Nexpose Community
NMAP
Blackbuntu Linux
Firefox Addon
Metasploit
Kali Linux
ETC
REPORT
Executive
Technical
BENEFIT OF PENETRATION TESTING
Manage Risk Properly
Increase Business Continuity
Minimize Client-side Attacks
Protect Clients, Partners And Third Parties
Comply With Regulation or Security Certification
Evaluate Security Investment
Protect Public Relationships And Brand Issues
Q&A