Penetration Testing / Ethical Hacking and Vulnerability Assessments

Establishing your security posture at a given “point-in-time” is a good starting point for organisations to discover their strengths and vulnerabilities. Identifying and rating vulnerabilities means risks can be prioritised and remedied based on potential impact they pose to security and business continuity.

Security audits are conducted from the following angles (External, Internal, Wireless) however are commonly packaged into a single audit scope:

External Penetration Testing - Testing for security vulnerabilities such as;

• Content Management System (CMS) - Organisation use CMS systems because of the ease of use in maintaining the currency of information across websites, blogs and intranets.
• SQL and LDAP Injection - coding vulnerabilities may allow "injection" of SQL or LDAP query syntax directly into the backend of your portal, allowing for unexpected manipulation of authentication systems or database information.
• Cross Site Scripting (XSS) - testing for the ability to inject HTML and JavaScript commands, which may be used in 'phishing' attacks against your website users to steal credentials or distribute malware, thereby abusing the trust your website has with its visitors.
• Insecure Upload Forms - websites which accept uploaded content must carefully inspect content from both unauthenticated and authenticated users, as unexpected files may be uploaded such as PHP or ASP backdoor shells or maliciously infected PDFs and other formats.
• Information Disclosures.
• Authentication bypass.
• Source code auditing.
• Correctly configured Operating System, Web Server, Dynamic Content and Database.
• Denial of Service attacks.
• Validating Role-Based Access Controls (RBAC) for authenticated users.

Examples include Microsoft Windows Server running IIS6 + ASP .Net + SQL Server, or Linux + Apache2 + PHP + MySQL

Internal Penetration Testing and Vulnerability Assessments - To protect against "Insider Threat", Intellectual Property and other data theft, and accidental introduction of virus, worms (such as Conficker) and other malware and spyware;

• Routers and Switching.
• Active Directory and Security Policies.
• Intranet Website and SQL Databases.
• Patch Management and Anti-Virus.
• Appliances, Servers and Workstations.

Wireless Site Audits - Wireless networking has brought improvements to productivity and the freedom to work from almost any location. The benefits come with risks. Ensuring wireless security protocols are sufficiently secure and both Access Points and clients (i.e. Laptops) are correctly configured and patched will prevent “war-driving” and “man-in-the-middle” attacks.

• Ensuring access points are correctly configured using industry standard protection.
• Dictionary and Brute Force attacks against pre-shared keys.
• Impersonation of a rogue laptop in an attempt to intercept Client-AP communication.
• Exploitation of out-dated Drivers for Windows, OS X and Linux.
• Up-to-date Firmware for Access Points.

If you'd like a quote or proposal for penetration testing services, please complete our online request form.