Penetration Testing

PenTest 101
The Way of the Packet LogoIt is said the longest journey starts with a single step. I would add that the first step is the most difficult.
 
This quick and easy to read chapter helps you take that first step. It begins by providing perspective, insight and an easy to follow progression for developing and using PenTest skills not found anywhere else.
 
This chapter can greatly shorten the time it takes to get started and get ready for your next job or keep the one you have.
 
This is without a doubt your best first lesson in being a white hat. One that you will come back to time and time again.

If you don’t find the weakness in your network security, someone else will do it for you.

With your Network Field Survival Guide you will be able to quickly find answers for:

Which Tools

Where to start the attack

c

How do you start the attack

t

How did you know to try that

Basic Attack Flow

  • Enumerate 2%
  • Invasive Recon 2%
  • Most Attacks Fail Here 90%
  • Attack Escalation 2%
  • Non-Priv Access 2%
  • Root 2%

1. Enumerate –>

  • FingerPrint OS
  • Ports/SVC Ver
  • Gather Usernames & Email Addresses
  • Leverage Info From Other Hosts.
    • ie Usernames & Passwords

2. Invasive Recon

Try access using common usernames, weak passwords, remote access unprotected service, access to other info, user info, password files (NFS, SMB, FTP, SAMBA)

Most attacks fail here

between 2 and 3. The key is to recognize attack scenarios.

3. Attack Escalation

Remote exploit. Hydra, using discovered usernames and password list against services.

4. Non-Priv Access

Futher attack, copy in local exploit, trust exploitation.

5. Root

Gain priv access, get password files, offline password cracking, trust exploitation.