The Penetration Test is a simulation of attempts to penetrate or circumvent existing security mechanisms of a system, followed by a direct attack on specific servers. This is done to ensure that breaches in the specific level of security are identified and subsequently, that the steps necessary to mitigate these breaches are implemented.
It involves manipulating different layers of system input, in order to achieve unauthorized access to database information, deletion of log/database information, replacing contents of a website, Denial of Service, compromising sensitive data integrity and confidentiality and other such exploits. The objective of Penetration Testing is to investigate the system from an attacker’s perspective and identify exposures and risks to businesses before they evolve into fully fledged threats.
Our methods distinguish between the following perspectives:
External Penetration Test simulates unauthorized access, performed by an external factor possessing the initial information of a single IP address of a network / element, which is connected to external communication devices (router, firewall, Web server, etc.). The method enables us to assess the possible damages that an external intruder can inflict.
Internal Penetration Test simulates unauthorized access performed by either a legitimate network user or an unauthorized user who gained physical access to one of the communication devices (routers, hubs, etc.). The internal Penetration Test is performed with a direct connection to the attacked server. The security logic behind this act is that a server, which is protected from direct penetration, is most definitely protected from an external attack by a firewall.
Infrastructure Testing includes the competency of the system’s servers, operating systems, networking equipment and security mechanisms (Firewalls, Intrusion Detection Systems, Anti-Virus, etc.).
Application Security Testing is performed whenever an application is involved. This form of testing focuses on the application level, in addition to the infrastructure level. The testing procedure consists of examining the application itself for potential software malfunctions that may jeopardize the security of the system by directly attacking it. The application test aims at examining the following potential risks:
- Buffer Overflow
- Hidden Field Manipulation
- Cross-site Scripting (XSS)
- Denial of Service
- SQL Injection
- SSL Private Key Theft
- Cookies Poisoning
- Parameter Tampering
- Forceful Browsing
Penetration Test Formats
These penetration tests are divided into the following known formats:
Black Box testing and White Box testing. Black Box tests are conducted without prior knowledge of the system, and approach the system in the same manner that a user or a hacker would.
White Box testing is conducted under the assumption that some or all of the information regarding the system is revealed. Using this information, we searche for security vulnerabilities and faults in the system. This is the most comprehensive form of security auditing and provides a high success rate for uncovering vulnerabilities.
Black Box tests are essential to any security software product, software system or computer network. It quickly uncovers vulnerabilities and weaknesses related to the specification of the system. Where a high level of security is required, Black Box testing should be combined with White Box testing. White Box testing is better for uncovering weaknesses such as back doors, undocumented features and long-term race conditions.
Our security experts will analyze the security level of your network, system or application by attempting to penetrate them. During the test Comsec will simulate an uncertified access attempt, aiming to explore the following risks:
External unauthorized penetration to the internal organizations’ networks.
- Information leakage and damage caused by hostile Applets.
- Viruses and Trojan Horses – infection through e-mail or web services.
- Denial of service attackson the Internet and Hosting environments.
- Hackinginto the systems or into the customers’ data stored in infrastructures and facilities.
- Availability and integrity exposure of the customers’ data and the business information
- In-depth approach to enable the identification of vulnerabilities that stem from core design flaws, aggregation of multiple vulnerabilities, lack of controls and flawed business processes.
- The exact risk and exposure are simulated and calculated to provide real-world impact analysis to key business stakeholders.
- Our reviews involve manipulating different layers of system input, in order to achieve unauthorized access to sensitive information, deletion of log/database information, replacing contents of a website, Denial of Service (DoS), compromising sensitive data integrity and confidentiality and other such exploits.
High level security elements are inspected for potential and actual security flaws allowing various attacks by external attackers or malicious system users.
Offensive Framework Methodology
Offensive Framework Methodology is our unique proprietary tactics, techniques and procedures to preform an effective cyber threat modeling whilst assessing the current risks and the potential risks facing the organization’s information and operational assets.
Our methodology consists among the Infrastructure layer (com & system), Application layer, Firmware layer , Middleware (buses and interfaces) layer, although the tactics and techniques of each layer differ one from each another.
The basic idea of OFM:
To design and orchestrate the protection efforts & elements (controls, counter measures, safe guards, special sensors, etc.) of our customer’s business by analyzing the threat landscape from an offensive point of view. In other words: think like the attacker / adversary / threat agent in order to design the cyber defense posture.
Tips and Principals
- Test the most important systems first.
- Make security testing a routine and an integral part of the system, network operations and administration.
- Test the most important systems first.
- Use caution when testing.
- Ensure that security policy accurately reflects the organization’s needs.
- Integrate security testing into the risk management process.
- Ensure that system and network administrators are trained and capable.
- Ensure that systems are kept up-to-date with patches.
- Look at the big picture.
- Understand the capabilities and limitations of vulnerability testing.