Transcript Penetration testing : Certificated

PENETRATION TESTING
Presenters: Chakrit Sanbuapoh
Sr. Information Security
MFEC
AGENDA
 Penetration testing
 ?
 Certificated
 Penetration testing for?
 Methodology
 System & Network
 Web
 Mobile
 Tools
 Commercial
 Free Tools
 Report
 Ex.
 Q&A
PENETRATION TESTING
VULNERABILITY ASSESSMENT
PENETRATION TESTING
PENETRATION TESTING TYPE
 Internal
 External
1. Black box
2. White box
3. Grey box
Reference : http://www.giac.org/cissp-papers/197.pdf
PENETRATION TESTING : CERTIFICATED
 Certified Penetration Testing Engineer (CPTE)
PENETRATION TESTING : CERTIFICATED
 The Offensive Security Certified Professional (OSCP)
PENETRATION TESTING : CERTIFICATED
 CEH: Certified Ethical Hacking
PENETRATION TESTING : CERTIFICATED BIG
NAME






Certified Penetration Testing Consultant (CPTC)
GIAC Web Application Penetration Tester (GWAPT)
GIAC Penetration Tester (GPEN)
Certified Information Systems Security Professional (CISSP)
Certified Information Security Manager (CISM)
Certified Information Systems Auditor - CISA
PENETRATION TESTING FOR?
PENETRATION TESTING : METHODOLOGY
 ขันตอน
้
หรื อวิธีการ เพื่อ?
PENETRATION TESTING : METHODOLOGY
 Information Gathering
 Information Analysis and Planning
 Vulnerability Detection
 Penetration
 Attack/Privilege Escalation
 Analysis and reporting
 Clean-up
Information
Gathering
Information
Analysis and Vulnerability Penetration
Detection
Planning
Attack/
Privilege
Escalation
Analysis
and
Reporting
Clean Up
PENETRATION TESTING : METHODOLOGY
SYSTEM & NETWORK
No.
(Weakness)
1 System and Infrastructure
Misconfiguration/Insecure
Configuration
2 Insecure Communication
3
4
5
Improper Software Version and
Obsolete Software Support
Improper/Unnecessary Services
User/Password Weakness
(Description)
ีการตั ้ า(Configure) นร ั System หรื อ Infrastructure
เห า
อ า นการรั ขอ ี่ ี วา า ั เ น Username, Password
ั ีการ อ กัน เห า
การเขารหั ขอ หรื อ ีการเขารหั ขอ
ว Algorithm ี่ ี วา ข ร อ ั เพี พอ
ีการ าน Software เวอร นั่ ี่ เห า เ น เ นเวอร นั่ ี่ ีการ
Support, เ นเวอร นั่ ี่ ี อ หว
ีการ าน Service ี่ เห า หรื อ าเ นตอ าน
ีการตั ้ ื่อ Username หรื อ Password ี่ า าร า เ า า
PENETRATION TESTING : METHODOLOGY
WEB APPLICATION
 OWASP 2013
•
•
•
•
•
•
•
•
•
•
A1-Injection
A2-Broken Authentication and Session Management
A3-Cross-Site Scripting (XSS)
A4-Insecure Direct Object References
A5-Security Misconfiguration
A6-Sensitive Data Exposure
A7-Missing Function Level Access Control
A8-Cross-Site Request Forgery (CSRF)
A9-Using Components with Known Vulnerabilities
A10-Unvalidated Redirects and Forwards
PENETRATION TESTING : METHODOLOGY
MOBILE
PENETRATION TESTING: TOOLS - COMMERCIAL
 Nessus Vulnerability Scanner - Tenable Network Security
 Rapid 7 Nexpose + Metasploit Professional






CORE Impact Pro
Immunity CANVAS Professional
IBM APPSCAN
ACUNETIX
HP WebInspect
Havij Advanced SQL Injection
 ETC
PENETRATION TESTING: TOOLS - FREE







Tenable Nessus Home
Rapid 7 Nexpose Community
NMAP
Blackbuntu Linux
Firefox Addon
Metasploit
Kali Linux
 ETC
REPORT
 Executive
 Technical
BENEFIT OF PENETRATION TESTING







Manage Risk Properly
Increase Business Continuity
Minimize Client-side Attacks
Protect Clients, Partners And Third Parties
Comply With Regulation or Security Certification
Evaluate Security Investment
Protect Public Relationships And Brand Issues
Q&A