-
Penetration testing steps.
Be clear about your goals. Determine the scope: the scope, IP, domain name, and internal and external networks of the test target.
Determine the rules: to what extent, and when? Can I edit my upload? whether it can be elevated, etc.
Identify requirements: web application vulnerabilities, business logic vulnerabilities, personnel rights management vulnerabilities, etc.
Vulnerability exploration. Exploit the vulnerabilities listed in the previous step for various systems, applications, etc.
2.Combine vulnerabilities to exploit-db and other locations to find exploits.
3.Look for a verified POC online.
Contents: System vulnerability: The system is not patched in a timely manner.
WebSever vulnerability: WebSever configuration issues.
Web application vulnerability: a web application development issue.
Other port service vulnerabilities: Various 21 8080(ST2) 7001 22 3389
Communication security: clear text transmission, token transmission in cookies, etc.
Vulnerability verification. Verify all the vulnerabilities found in the previous step that may be successfully exploited, and build a simulated environment for testing based on the actual situation. Successful before being applied to the target.
Automated validation: Combined with results provided by automated scanning tools.
Manual verification, based on publicly available resources.
Test verification: Build a simulated environment for verification.
Login guessing: Sometimes you can try to guess the password and other information of the login port.
Business vulnerability verification: If a service vulnerability is found, verify it.
Disclosure of the use of resources.
Bypass defense mechanism: whether there is a firewall or other device, and how to bypass it.
Customized attack path: the best tool path, based on weak entrances, high intranet privilege locations, and end goals.
Bypass detection mechanism: whether there is a detection mechanism, traffic monitoring, anti-virus software, malicious detection, etc.
Attack: Obtained after experimentation, including but not limited to XSS, SQL injection statements, etc.
Get what you need. Attack: Attack based on the results of the previous steps.
Get inside information: infrastructure.
Further infiltration: Intranet intrusion, sensitive targets.
Persistence: Generally we do not need to penetrate customers. Rookit, backdoor, add management, stationing techniques, etc.
Information collation. Finishing infiltration tools: Finishing the **, POC, EXP, etc. used in the infiltration process.
Organize and collect information: Organize all the information collected during the infiltration process.
Organize vulnerability information: Sort out various vulnerabilities encountered in the infiltration process and various vulnerable location information.
Supplementary introduction: It is necessary to analyze the cause of the vulnerability, the verification process and the harm it brings.
Remediation suggestion: Of course, it is necessary to propose a reasonable, efficient and safe solution to all the problems that arise.
-
1. Tool raw materials:
2. Security application.
1. Component safety testing.
Detect and analyze the standard use of activity security, broadcast receiver security, service security, content provider security, intent security, and webview, and find component vulnerabilities caused by irregular use in the program.
2. Safety detection.
Detect and analyze the security processing of obfuscation, DEX protection, SO protection, resource file protection, and third-party loading libraries, and find vulnerabilities that are decompiled and cracked.
3. Memory safety detection.
4. Data security detection.
Vulnerability detection is carried out in the process of data input, data storage, storage data categories, data access control, sensitive data encryption, memory data security, data transmission, certificate verification, remote data communication encryption, data transmission integrity, local data communication security, session security, data output, debugging information, sensitive information display, etc., and vulnerabilities in the process of data storage and processing are found to be illegally called, transmitted, and stolen.
5. Business security testing.
Detect and analyze user login, password management, payment security, identity authentication, timeout setting, exception handling, etc., and discover potential vulnerabilities in the process of business processing.
6. Application management testing.
2) Application uninstallation: detect whether the application uninstallation is completely cleared and whether there is residual data;
Third, if it involves the service process, the general process is like this:
1. Determine your intention.
2) Business communication: After receiving the form, the business will immediately communicate with the intended customer, determine the test intention, and sign a cooperation contract;
2. Start the test.
Collected materials: generally include system accounts, stable test environments, business processes, etc.
3. Perform the test.
1) Risk analysis: familiar with the system, risk analysis, design and test risk points;
2) Vulnerability mining: security testing experts conduct security penetration testing in groups and submit vulnerabilities;
3) Report summary: summarize the system risk assessment results and vulnerabilities, and send test reports.
4. Delivery is completed.
1) Vulnerability repair: the enterprise repairs it according to the test report;
2) Regression test: both parties settle the test fee according to the contract, and the enterprise pays the cost.
-
<>Step 3: Vulnerability detection. Use the information gathered to find the vulnerable points of the target.
Step 4: Exploit the vulnerability, after finding the weakness of the opponent's system, further overcome the opponent's system and get the permission of the target system.
Step 5: Infiltrate other hosts in the target intranet, and use the permissions obtained from the target machine as a springboard to further conquer other hosts in the intranet.
Step 6: Verify the vulnerability and fix the vulnerability.
Step 7: Clear the traces of penetration and prepare a test report.
-
The basic process of penetration testing is as follows:
Step 1: Define your goals.
1. Determine the scope: Plan the scope of the test target so that there will be no cross-bounds.
2. Determine the rules: clearly state the degree and time of penetration testing.
3. Determine the requirements: Is the direction of penetration testing the vulnerability of the web application? Business logic vulnerabilities? Personnel rights management vulnerability? Or something else, so as not to have an out-of-bounds test.
Step 2: Information Collection.
1. Basic information: IP, network segment, domain name, and port.
2. System information: operating system version of hail stove book.
3. Application information: applications on each port, such as web applications, email applications, etc.
4. Version information: the version of all detected things.
Step 4: Verify the vulnerability.
All the vulnerabilities found above that may be successfully exploited are verified, and a simulated environment is built for experiments based on the actual situation, and then used in the target after success.
Automated validation: Combined with results provided by automated scanning tools.
Manual verification: Manually verifies based on publicly available resources.
Test verification: Build a simulated environment for verification.
Login guessing: You can try to find the password of the login port.
What is penetration testing:
Penetration testing is a mechanism provided to prove that cyber defenses are working as intended. Consider assuming that your company regularly updates its security policies and procedures, patches its systems from time to time, and employs tools such as vulnerability scanners to ensure that all patches are in place. If you've already done that, why do you need to ask a foreign party for a review or penetration test?
Because, penetration testing is able to independently examine your network strategy, in other words, to put an eye on your system.
In other words, penetration testing refers to the use of various means to test a specific network by infiltrators in different locations (such as from the intranet, from the extranet, etc.), in order to find and mine the vulnerabilities in the system, and then output a penetration test report and submit it to the network owner. Based on the penetration test reports provided by the infiltrators, the network owner can clearly understand the security risks and problems in the system.
Have a very accurate psychometric test: follow the steps below step by step, don't cheat, or your hopes will be disappointed (take 3 minutes to complete). >>>More
Upstairs is too detailed to go without saying.
Is there still a brand of reverse osmosis membrane, the reverse osmosis membrane used in my water purifier is Qinsen, you can take a look.
The REACH test is one of the environmental tests, and substances that meet one or more of the norms stipulated in Article 57 of the Treaty can be recognized as "substances of high value" (SVHC) and included in the "Candidate List for Authorization" (also known as the "Candidate List") and arrive on the SVHC list". >>>More
When it comes to cultural infiltration, we must first think clearly that the infiltrated cultures are connected, transmitted and integrated with each other. I just saw that it was said that cultural unification, I think this is too difficult, Qin Shi Huang in history. >>>More