Pentesting: Difference between revisions

From Cramsession
Jump to navigationJump to search
✍️ Verified Author: MflavellClick to view professional profile & credentials
No edit summary
Line 10: Line 10:
* Document what '''should''' be their and it's purpose.
* Document what '''should''' be their and it's purpose.


** Open ports
*: Open ports


** API endpoints
*: API endpoints


** Outbound connections
*: Outbound connections


This established a known baseline for the system.
This established a known baseline for the system.
Line 61: Line 61:
* Mitigate the problem.
* Mitigate the problem.


** Remove the component or feature
*: Remove the component or feature


** Place the component behind something so it cannot be reached.
*: Place the component behind something so it cannot be reached.




* Assess the risk
* Assess the risk


** What is the impact of this vulnerability.
*: What is the impact of this vulnerability.


** If it is exploited what could happen:
*: If it is exploited what could happen:


*** Consider the CIA triad in risk analysis.
*:: Consider the CIA triad in risk analysis.


*** How does the CIA triad impact the business?
*:: How does the CIA triad impact the business?


= Tools =
= Tools =

Revision as of 20:39, 9 May 2025

Process

Based on the PDCA cycle

Plan

Gather documentation for the test

  • Document what should be their and it's purpose.
  • Open ports
  • API endpoints
  • Outbound connections

This established a known baseline for the system.

Do

Setup an environment for the test.

  • This should be a copy of production.
  • This must be isolated from all other instances. Must be on it's own subnet.
  • This 'must not contain production data.
  • provide the tester will full access to this network - normally done using a jump box.

finally:

  • perform the test

Check

  • Review the test results

Are they valid:

  • Where all systems scanned.
  • Where all ports scanned.


Document:

  • Document the test results

Act

For each finding:

  • Patch the code - if the onus is on you!
  • Find a patch for the code - if the problem came from the supply chain.


  • Mitigate the problem.
  • Remove the component or feature
  • Place the component behind something so it cannot be reached.


  • Assess the risk
  • What is the impact of this vulnerability.
  • If it is exploited what could happen:
  • Consider the CIA triad in risk analysis.
  • How does the CIA triad impact the business?

Tools

Nmap

Scanning web servers

Retrieved from "https://cramsession.net/index.php?title=Pentesting&oldid=770"