Topic: Security

Penetration Testing(Pen Test) The Ultimate Guide 0

What is penetration testing?

Penetration testing is an art. You can find out a lot of techniques and understand all of the tools, but the reality is that software is complex, especially when you start putting a lot of software systems together.

It’s that complexity that means that there is no one-size-fits-all solution when it comes to finding ways to get into systems.

An attack that may work against one web server may not work for the same web server running on a different system.

Sometimes, you can try a particular attack a number of times without success before it suddenly starts working and you find a way to break into the system.

A skilled and successful penetration tester has not only the technical skills necessary to run the tools and understand what is happening, but also the creativity necessary to try different approaches.

Penetration testing is a type of security testing that is used to test the insecurity of an application. It is conducted to find the security risk which might be present in the system.

If a system is not secured, then any attacker can disrupt or take authorized access to that system.

Security risk is normally an accidental error that occurs while developing and implementing the software. For example, configuration errors, design errors, and software bugs, etc.

Why is penetration testing required?

Ultimately, the goal of a penetration tester is to help an organization improve their defenses in case a real attacker comes by to break in and steal information.

This information can come in many forms. In the case of a business, it may be intellectual property. This is any information that the business relies on to set them apart from other companies.

This may be patents, source code, or any other documentation about how the business is run. Other forms of data are banking information, credit card numbers, social security numbers, usernames, passwords, and especially anything related to health care.

Attackers may be trying to steal any of that information, because it can be sold or used to gain additional access to other systems.

Penetration testing normally evaluates a system’s ability to protect its networks, applications, endpoints and users from external or internal threats. It also attempts to protect the security controls and ensures only authorized access.

Penetration testing is essential because:

It identifies a simulation environment i.e., how an intruder may attack the system through white hat attack.

It helps to find weak areas where an intruder can attack to gain access to the computer’s features and data.

It supports to avoid black hat attack and protects the original data.

It estimates the magnitude of the attack on potential business.

It provides evidence to suggest, why it is important to increase investments in security aspect of technology.

Note: – we have been talking about information security, and that’s a phrase you will hear about a lot. The objective is to protect the information assets of an organization. However, an attacker may not care about your information assets. They may care more about your computing assets. In other words, they may simply be looking to collect a system they can add to their network of systems that will perform tasks for them. This is a very lucrative business, so don’t assume that just because you are a small organization you aren’t a target. You are. Especially if you are easy for the picking. Your systems and their computing power are just as good as those from large, high-profile companies—more so if they are easy to break into.

Testing types

Black box test

 

The first is called a black box test. This is something like a traditional penetration test, but on the extreme end.

A black box test means the tester has no knowledge of the target other than who the target is. The attacker may not know ip addresses, domain names, or anything.

Gray box test

When someone is performing a full-blown black box penetration test, it may be a good chance to test response capabilities.

In that case, you may have a red team, also sometimes called a tiger team.

The red team is the attack team. They are the ones trying to get in. The ones on the inside, whether they are aware it’s happening or not (and sometimes the operations staff has no idea in order to get a true sense of response capabilities), are called the blue team.

You may also have a white team, which is aware of both ends of the equation. This is more common in competitions, however, and the white team in that case is entirely neutral and manages the competition.

White box test

This is generally full knowledge. The attack team works closely with the target. It may involve having credentials established ahead of time.

This allows the tester to perform full local (on-system) assessments without having to penetrate before checking the local settings.

You may have systems that appear to be very hard on the outside, but once the system is popped it’s a soft, gooey mess on the inside.

This can be an enormous problem, so it’s helpful to check local hardening as well as remote hardening.

The operations team is generally informed and works with the attack team to ensure that there is no impact to customers as a result of the testing.

When to perform penetration testing?

Penetration testing is an essential feature that needs to be performed regularly for securing the functioning of a system. In addition to this, it should be performed whenever:

Security system discovers new threats by attackers.

You add a new network infrastructure.

You update your system or install new software.

You relocate your office.

You set up a new end-user program/policy.

Penetration Testing Methodology

The Penetration Testing methodology we will be using in this article is a modified version of a common methodology I would use when working with a client. It will allow us to get right to the meat of penetration testing.

 

There will be a number of areas that we won’t get into that will come up as you keep working, including the following:

Intelligence gathering: – this is reconnaissance work against your target and will vary based on how much information you were provided before the engagement.

Scanning – before you start determining your attack strategy, you need to know what your targets are. This will provide you with a lot of information about systems and ports as well as, potentially, any firewalls that may be in place.

Vulnerability identification: – once you have some target systems and applications identified, getting a list of known vulnerabilities will tell you where you can quickly and easily get in.

Exploitation: – the vulnerabilities that you have identified will lead you to exploitation. This is where you actually begin to penetrate the systems by exploiting the vulnerabilities that you have identified. Some vulnerabilities are very difficult to exploit, and other exploits may just not work. You may end up finding a lot of false positives in this stage where the vulnerability was identified but the expected exploit didn’t work.

Reporting: – once you are done, make sure to clearly document all of your findings so you have something tangible and coherent to present to your employer or client.

 

How is penetration testing beneficial?

Penetration testing offers the following benefits:

Enhancement of the management system:- it provides detailed information about the security threats. In addition to this, it also categorizes the degree of vulnerabilities and suggests you, which one is more vulnerable and which one is less. So, you can easily and accurately manage your security system by allocating the security resources accordingly.

Avoid fines: – penetration testing keeps your organization’s major activities updated and complies with the auditing system. So, penetration testing protects you from giving fines.

Protection from financial damage: – a simple breach of security system may cause millions of dollars of damage. Penetration testing can protect your organization from such damages.

Customer protection: – breach of even a single customer’s data may cause big financial damage as well as reputation damage. It protects the organizations who deal with the customers and keep their data intact.

How to become a penetration tester?

Anyone can be a penetration tester. Good penetration testers require experience and knowledge,

You should keep in mind the expected ethical obligations. If you just want to go out and break into systems without regard to laws, you are free to do that, of course. That doesn’t make you a penetration tester, though. It makes you a criminal, and it’s entirely possible that you won’t be free for much longer.some organization that is very understanding and lenient that will let you try things out on their systems, or, better yet, get yourself a small lab system that you can work on.

Penetration Lab

Get a copy of virtualbox, or vmware or parallels if you are more comfortable with them. Install it on your system. You can download virtualbox from http://www.virtualbox.org.

Get a copy of kali linux. This will be an .iso image that you will use to install kali into a virtual machine. You can download the current .iso from http://www.kali.org. Virtualbox will allow you to install a new operating system from the .iso image you have downloaded.

Get a copy of metasploitable 2. There are different places to get this. You should use google, bing, or your favorite search tool to look for a place from which to download it. It will make for a good target for some of what we will be doing. This does not require installation. It is a vmware image that you should be able to just open in any virtualization software that you have, including virtualbox.

 

WannaCRY Ransomware , How to keep your system safe 0

We will discuss about wannacry ransomware cyber attack and how to decrypt data which encrypted by wannacry.

 

The WannaCry ransomware began to spread across the all over the Internet on Friday May 12th, 2017. I took my phone to see the text from my friend, “What should we do to beware the ransomware?” My stomach tightened. It was time for friendly IT support.

Their home system was set to auto-install patches. All of their files were backed up remotely to a secure system and their firewall & malicious software protections were current.

I determined to share the steps that I use to protect my friend’s computer so that end users can better protect themselves when issues like the WannaCry ransomware crop up from time to time. If you are using a Windows operating system here is a helpful steps to follow.

Open Windows Update by clicking the Start button in the lower left corner. In the search box, type Update, and then, in the list of results, click Windows Update.

 

  1. Click on Check for updates, and then wait while Windows looks for the latest updates for your computer.

  2. Then turn on the automatic windows update

 

   3.  Click Install updates.

 

If you’re not of a mind to do thing automatically you can set it to manually install patches.

• Use this link to download update Manual :

MS17-010 Update for Windows 8.1
The first option is for 64bit system and another option for 32bit system
MS17-010 Update for Windows 10
The first option is a 32bit system and a second option for a 64bit system
Update link for MS17-010 for Windows 7 and Server 2008
Choose the first 64bit system choice or the second 32bit option.
Links Update for MS17-010 for Windows XP and Server2003 and 8

In the case of a user that has MacOS who might not be technically sound knowledge, have them click on the AppStore and select “update” next to the patches that need to be installed.

 

 

  •  No matter what your platform of choice.
     
  • Make sure that you have malicious software protections   installed and that they are kept up to date.
  • Your system firewall should deny inbound connections and anti-virus should be kept current.
  • While these programs are not a 100% guarantee, by any stretch of the imagination, they will help with the lot of the cruft that could negatively affect your systems.

 

How to Decrypt WannaCRY.

 

A tool under the name WanaKiwi is “able” to decrypt the data in the hands of the ransom software,But only if the user has not restarted or turned off the computer.

This condition must come from how the rudimentary software algorithm works. The researcher focused on the initial numbers stored in the random memory of the computer on which the software is based to perform the encryption process.

More generally and simply, the tool searches for these numbers and begins the process of decrypting encrypted data in advance, hence the importance of the above requirement, in addition to the reference of some other reports to another condition is not to take off new software after infection such as games and office applications which can damage the order Store those numbers on your computer’s memory by using that space for another program.

Note: The new tool works on both Windows 2008, 7, XP and Vista, and has been proven effective by some security companies. Another tool named WanaKey is based on the same principle
Link Download direct: Wanakiwi_0.2.zip or Wanakiwi.zip

For more information and reference.
answer.microsoft.com

Often I see people finding fault to the end users. Rather than do that, I preferred to share what should be done to better protect their systems. Hopefully, if we preserve to share more information like this it will help to better protect the home user.