Pentesting: Difference between revisions
From Cramsession
Jump to navigationJump to search
✍️ Verified Author: Mflavell • Click to view professional profile & credentials
(→Act) |
(→Tools) |
||
| (22 intermediate revisions by the same user not shown) | |||
| Line 13: | Line 13: | ||
* Document what '''should''' be their and it's purpose. | * Document what '''should''' be their and it's purpose. | ||
* | :* Open ports | ||
* | :* API endpoints | ||
* | :* Outbound connections | ||
This established a known baseline for the system. | This established a known baseline for the system. | ||
| Line 35: | Line 37: | ||
* provide the tester will full access to this network - normally done using a jump box. | * provide the tester will full access to this network - normally done using a jump box. | ||
finally: | finally: | ||
* perform the test | * perform the test | ||
== Check == | == Check == | ||
* Review the test results | * Review the test results | ||
Are they valid: | Are they valid: | ||
| Line 61: | Line 68: | ||
For each finding: | For each finding: | ||
Patch the code | |||
===Patch the code=== | |||
:* If you own the code - Change the code. | :* If you own the code - Change the code. | ||
| Line 71: | Line 79: | ||
===Mitigate the problem=== | |||
Mitigate the problem | |||
| Line 80: | Line 87: | ||
===Cannot fix, assess the risk=== | |||
Cannot fix, assess the risk | |||
| Line 92: | Line 97: | ||
::* How does the CIA triad impact the business? | ::* How does the CIA triad impact the business? | ||
[[Assessing Risk|📖More about risk]] | |||
== Repeat == | |||
Repeat this cycle until all issues have been resolved. | |||
* Don't accept that a fix until you have poof from a pen test that it is fixed! | |||
:* Yes developers want a ''get out of pentest free'' card | |||
= Tools = | = Tools = | ||
| Line 102: | Line 120: | ||
[[BURP Suite]] | [[BURP Suite]] | ||
[[CURL]] | |||
= More Information = | |||
[https://www.cobalt.io/blog/a-pentesters-guide-to-cross-site-scripting-xss Common XSS tactics] | |||
[https://cheatsheetseries.owasp.org/cheatsheets/XSS_Filter_Evasion_Cheat_Sheet.html XSS Filter Evasion Cheat Sheet] | |||
Latest revision as of 17:31, 5 December 2025
Cybersecurity > Pentesting
Process
Based on the PDCA cycle
Plan
Gather documentation for the test
- Document what should be their and it's purpose.
- Open ports
- API endpoints
- Outbound connections
This established a known baseline for the system.
Do
Setup an environment for the test.
- This should be a copy of production.
- This must be isolated from all other instances. Must be on it's own subnet.
- This must not contain production data.
- provide the tester will full access to this network - normally done using a jump box.
finally:
- perform the test
Check
- Review the test results
Are they valid:
- Where all systems scanned.
- Where all ports scanned.
Document:
- Document the test results
Act
For each finding:
Patch the code
- If you own the code - Change the code.
- If the code is in the supply chain:
- Find a patch / revised version
Mitigate the problem
- Remove the component or feature
- Place the component behind something so it cannot be reached.
Cannot fix, assess the risk
- What is the impact of this vulnerability.
- If it is exploited what could happen:
- Consider the CIA triad in risk analysis.
- How does the CIA triad impact the business?
Repeat
Repeat this cycle until all issues have been resolved.
- Don't accept that a fix until you have poof from a pen test that it is fixed!
- Yes developers want a get out of pentest free card
