Pentesting

From Cramsession
Jump to navigationJump to search
✍️ Verified Author: MflavellClick to view professional profile & credentials

Cybersecurity > Pentesting

Process

Based on the PDCA cycle


Plan

Gather documentation for the test

  • Document what should be their and it's purpose.
  • Open ports
  • API endpoints
  • Outbound connections

This established a known baseline for the system.



Do

Setup an environment for the test.

  • This should be a copy of production.
  • This must be isolated from all other instances. Must be on it's own subnet.
  • This must not contain production data.
  • provide the tester will full access to this network - normally done using a jump box.


finally:

  • perform the test


Check

  • Review the test results


Are they valid:

  • Where all systems scanned.
  • Where all ports scanned.


Document:

  • Document the test results


Act

For each finding:


Patch the code

  • If you own the code - Change the code.
  • If the code is in the supply chain:
  • Find a patch / revised version


Mitigate the problem

  • Remove the component or feature
  • Place the component behind something so it cannot be reached.


Cannot fix, assess the risk

  • What is the impact of this vulnerability.
  • If it is exploited what could happen:
  • Consider the CIA triad in risk analysis.
  • How does the CIA triad impact the business?


📖More about risk

Repeat

Repeat this cycle until all issues have been resolved.


  • Don't accept that a fix until you have poof from a pen test that it is fixed!
  • Yes developers want a get out of pentest free card

Tools

ZAP Proxy

Nmap

Scanning web servers

BURP Suite

CURL

More Information

Common XSS tactics

XSS Filter Evasion Cheat Sheet

Retrieved from "https://cramsession.net/index.php?title=Pentesting&oldid=1308"