Contemplation of nature and penetration testing

Others 2019-08-11 05:19:41 views: null

PTEST penetration testing standard

1: the early stage of interaction
in the early interaction (Pre-Engagement Interaction) stage, penetration testing team and the client organization interactive discussion, the most important thing is to determine the scope of penetration testing, objectives, constraints, and service contract details. This stage typically involves collecting customer requirements, prepare test plans, test scope and definition of the border, defining business objectives, project management and planning activities.

2: intelligence-gathering stage
after determining the target range, will enter the intelligence gathering (Information Gathering) stage, penetration testing team can use a variety of sources of information gathering techniques and methods to try to obtain more information about the target organization's network topology, system configuration, and security and defense information measures.
Intelligence-gathering methods penetration tester can be used include open-source information queries, Google Hacking, social engineering, network Capitol, scanning probe, passive monitoring, service enumeration and so on. The probe of the intelligence system is the ability to target penetration testers a very important skill, whether adequate intelligence gathering largely determine the success or failure of penetration testing, because if you miss the key intelligence information, you will probably later in stage in nothing.

3: Threat Modeling stage
after gathering sufficient intelligence to information, members of the penetration testing team to stop typing on the keyboard, we gather together to perform threat modeling (Threat Modeling) and planning attacks against information obtained. This is a penetration testing process is very important, but easily overlooked a key point. By the careful intelligence analysis team to attack ideas and brainstorming, we can sort things out from a lot of information and intelligence, determining the most viable channel attacks.

4: Vulnerability analysis phase
after the attack to determine the most viable channel, we need to consider how to get access to the control of the target system, namely vulnerability analysis (Vulnerability Analysis) stage.

At this stage, the penetration tester requires several stages to obtain a comprehensive summary and analysis of intelligence information before, especially security vulnerability scan results, service enumeration information by searching for penetration code resource available to find out you can implement penetration attacks point of attack, and verified in a laboratory environment. At this stage, a high level of penetration testing team will conduct security vulnerability detection and excavation for a number of critical systems and services on the attack channel, expected to identify unknown security vulnerabilities can be exploited, and the development of the code penetration, thereby opening the channel attacks on the critical path.

5: permeate attack phase
penetration attacks (Exploitation) is part of penetration testing of the most charismatic. In this session, penetration testing team needs to take advantage of what they identified the target system vulnerabilities to invade the real system which, to obtain access control. Penetration attacks can take advantage of open channels available penetration of the code, but generally in practical application scenarios, penetration testers also need to fully consider the target system features to customize the penetration attacks, and the need to defeat security defense measures target network and system implementation, in order to achieve successful penetration purposes. In the black box testing, penetration testers also need to consider the target system escape detection mechanisms, so as to avoid causing the target tissue Security Response Team alert and discovery

6: After the attack phase penetrate
penetration attacks (Post Exploitation) after the whole process of penetration testing is the most able to reflect aspects of penetration testing team creativity and technical capabilities. The front part can be said is on track to complete a very common goal, in this session, you need penetration testing team based on business model objectives of the organization, the different characteristics of asset protection and security in the form of defense programs, independent design targets identify critical infrastructure, and to find the most information about the client organization and the value of assets and security of attempts to reach a final avenue of attack can cause the most significant business impact on the client organization. Penetration testing in different scenarios, these targets and pathways may be changing, but the settings are accurate and feasible, but also on the team's own sense of innovation, the scope of knowledge, practical experience and technical capabilities.

7: Report Stage
penetration testing process eventually submitted to the client organization, get recognized and successful contract payment is a penetration test report (Reporting). This report embodies the key intelligence information before penetration test team in all phases of the acquisition, exploration and discover system vulnerabilities to attack the process of successful penetration and the resulting business consequences of an attack vector, but also standing defense the point of view of those who help them analyze security defense system weaknesses, problems, and repair and upgrade technology programs.

The nature of penetration testing

Target asset information gathered breadth, the complexity of the decision process of penetration.
After the target host information collected by depth, penetration authority decided to continue to control.
Penetration of the nature of the information collected, and collected more information provides a powerful guarantee for the subsequent follow-up information.
Continued penetration of the nature trail is associated with, and provides a powerful clue associated direction for the subsequent attack chain side.
After penetration of the essence of authority to control, and provides authority to control the time for space at the expense of a strong foundation for the penetration.

As long as the password is "group", "a man" set, there must be a large law, as long as the password is "an industry" Settings "group" must regularly be found.

Penetrate the essence of information gathering, and information gathering should be most effective, it must be inseparable from the "clues association", and information gathering, whether it is internal, external, or more active information gathering, passive information gathering. How the information collection target A and B, finishing do "clues association" is a very interesting job.

Penetration testing process, mention the right to non-core tasks, and does not advise trying to put right here, because acquiring rights to a "point" in the actual process, and the process is long and difficult, not because of a bold attempt, and It affected the entire penetration testing process.

Penetration Meditations

Before turning to "infiltrate contemplation", the first to solve several problems. These days the mail and also one of the main issues mail.

Just getting started should learn that a piece of knowledge? / Security practitioners for many years feel tired heart, knowledge update too fast, can not keep up, how to do?
You should choose and learn a new framework to do large-scale penetration of penetration?
A project / penetration of a target does not have any idea, how do?

These three issues should be three questions every security practitioner will encounter in different stages. At the same time I have encountered a bottleneck 4 four times, were also substantially the same as above.

Network security is a special industry, is a paradox. Also another emerging industry, although with a bright future, but most people are "touch stones" Although the former bank can be expected, but then not know the depth of the river. Whether a beginner or many years will face particularly confused period, to choose which direction, or by inadvertently update knowledge, network security should be to select a "precipitation" The best direction is down, so many years of knowledge or skills to settle down forming knowledge, systematic, and transmission of. The most simple example, should the author wrote in 2009, "for the first-class information interception system" technique and induction retrospect it seems that this technology today still use it? Or even "class block" this software is gone. But it can stay and remains useful is: knowledge (research summary of first-class interception), systematic (at that time waf induction systems, etc.), transfer of (paper share). I call it the penetration of "three axes", more like: learning, summarize, sum up, sharing a complete process. Knowledge is not too fast, not necessarily what the security field more promising direction, but that the "three axes" connection is complete.

Penetration test development to the present, the tool colorful, colorful frame, posture Sao increasingly odd. Sources of knowledge means a steady stream, for a tweet, for a small circle dense, dazzling, should be how to treat? Here I put that question down, I wonder if we see not seen "Dragon", also took the memory of Mr. Jin Yong, the Dragon, the original with one million words in telling a story is very tragic, want revenge is not revenge, not want Zionist Zionist, I wanted to remarry can not get remarried. Xu Zhu it? But also did not forget the early heart, although actually have internal strength and beauty, but they never go back to the Shaolin. Just recognize their parents, they are away from death. Eight words summed up the entire work life is bitter eight: Health bitter, bitter old, agony, suffering death, the unpleasant bitter, bitter love parting, seeking not bitter, bitter Wu Yin flaming. It is also the subject of the title of this series, a sweeping monk is focused on this
kind, he said:

Since Shaolin Temple, Bodhidharma is only one person who is seventy skills, because the monastery Seventy skills, each of which is enough to kill people, so every stunt to be appropriate to resolve the Dharma, Dharma only the higher the mercy of the concept Viet monks to practice the more skills, more training will otherwise force the more severe internal injuries, sooner or later possessed by the devil!

The same penetration, too, is not mandatory personal pursuit of tools, frameworks, to force posture deduction skill surface, as Jiu Mozhi as by small non-phase power to drive the 72 Shaolin skills, and ultimately possessed by the Devil, the last person to confusion. Qiao Feng other hand, it will be the main recipe, then it slips out sweeping monk vomit a little blood. Not acquire more tools / frameworks / posture is a good thing, when there is no system of their own knowledge, but knowledge leads to confusion, complex system. When the encounter combat scene, I do not know what attracted by winning. Through a confusion, loss of privileges, trail exposed. Ultimately futile.

Penetration of meditation is very important, especially after penetration stage, you need to have a set of very complete cycle plan, thinking problems you may encounter, or by gathering information known to derive possible problems, which is the penetration of meditation. Moves not more, in essence, the strength is not hard, that inch. Therefore, this series is not only msf course, I just think it makes mastery, in conjunction with the other needs, leveraging development effort to further penetration. Speaking mastered, it is necessary to mention the "chain" is a security chain security, attack the introduction of chain attacks, backdoor introduction of chain backdoors.

Penetrate the essence of information gathering, every item If you get confused no solution, please continue to collect. The nature of the information collected is associated with penetration of meditation, with clues "chain". Every real attack drill projects, the most rare is not the intrusion, and it is not a domain controller or obtain the highest authority. But how to evolve into a penetration attacks on a process has been beneficial. After penetration needed precipitation, and precipitation need to leave penetration contemplative time. With "Meditation" tool to resolve colorful, colorful framework, Sao increasingly odd posture, when defuse hostility, they form a set of self-knowledge.

I wish every reader will find himself able to integrate through the "martial arts", in conjunction with the phagocytic other "moves", graceful, stone is, a branch is the sword.

Focus APT attack and defense (reproduced in): https://micropoor.blogspot.com/ (summit ten years older drivers)

Guess you like

Origin www.cnblogs.com/LyShark/p/11332869.html
Recommended
LFOSSA Yuanlaisusu Open Course | Mastering the Cloud Native Future: Comprehensive Guide to CNCF Certification and Exam Preparation Tips
Ranking
C++ Basic Syntax
bootstrapTable hides a column based on a condition
Why is reentrant lock recommended instead of Synchronized when dynamic high concurrency?
hexo create a blog
[Fully open source and non-encrypted version] Imitation of the eighth district distribution/online signature/multiple sets of download templates/APP distribution hosting/APP packaging and packaging
Polymerization combination
https://www.flysnow.org/2017/05/06/go-in-action-go-log.html
From the perspective of Flutter and the front-end, talk about how to ensure UI fluency under the single-threaded model
nginx-301, 302 redirect
Geolocation by IP Address in ASP.NET
Daily
More
2024-04-26(22)
2024-04-25(32)
2024-04-24(30)
2024-04-23(30)
2024-04-22(5)
2024-04-21(0)
2024-04-20(6)
2024-04-19(5)
2024-04-18(0)
2024-04-17(31)

Code World

© 2018 codetd.com