Practical Penetration Test Training 6

1
ABOUT US

• SECURIUM FOX offers cyber security consultancy
  services with its expert and experienced team. We
  are providing consulting services to prevent
  cyber attacks, data leak and to ensure that our
  customers are ready and safe against cyber
  attacks, with more than 15 years of
  experience.In addition to pentests and
  consulting services, SECURIUM FOX prepares its
  customers and field enthusiasts for real life
  scenarios by providing trainings in the lab
  environment which was prepared by themselves,
  with its young, dynamic and constantly following
  team.Everytime that hackers are in our lives,
  there are always risks that we can face with a
  cyber attack. Over the years cyber security has
  become a critical precaution for all
  organizations and companies after the effects and
  number of attacks. SECURIUM FOX tests the weak
  points of customers for possible attacks and
  provides consulting services to eliminate these
  weak points.SECURIUM FOX team also offers
  support for the development of our country in
  this field by supporting free events being
  organized as a volunteer by the Octosec team.

2

• PENETRATION TESTING AND TRAINING

3
What is Penetration Testing?

• With high profile Cyber Attacks including
  Advanced Persistent Threats (APT), Ransomware
  attacks and insider threats dominating the news
  headlines, it is highly important for
  organizations to identify potential
  vulnerabilities and keep their security posture
  tight by fixing them. Penetration testing plays a
  key role in identifying, understanding and
  rectifying the vulnerabilities in an
  organizational computing resources/ applications
  before a potential cyber attacker finds and
  utilizes the opportunity.Penetration Testing is
  the process of identifying security
  vulnerabilities in computing applications by
  evaluating the system or network with various
  malicious methodologies. The end-purpose of this
  test is to secure critical information from
  outsiders who continually try to gain
  unauthorized access to the system.
  Vulnerabilities, once identified, can be
  exploited to gain access to sensitive
  information. Security issues uncovered through an
  ideal Penetration Testing are then presented to
  the system owner with an accurate assessment of
  potential impact it have on the entire
  organization.An efficient Pen testing helps in
  finding the gaps in the security tools that an
  organization is using, finds multiple attack
  vectors and misconfigurations. It also helps in
  prioritizing the risk, fixing it and improving
  the overall security response time.

4
What are the steps involved in Penetration
Testing?

• Determining the feasibility of a particular set
  of attack vendors
• Identifying risk vulnerabilities that result from
  a combination of lower-risk vulnerabilities
  exploited in a particular sequence
• Figuring out vulnerabilities that maybe difficult
  to detect with automated network applications
• Assessing the magnitude of potential business and
  operational impacts of successful attacks
• Providing evidence to support increased
  investment in security personnel and technology

5

• Penetration Testing is an evolving function of
  the IT infrastructure of many enterprises today.
  Its wings are forever expanding to encompass many
  inter-departmental concerns like social
  engineering, web application security and
  physical penetration testing.
• Although there are a host of Penetration Testing
  Tools that are available for use, the choice to
  enable one should ideally come out of the ease to
  deploy, configure and use the same. It is to be
  kept in mind that the tools should methodologies
  that helps vulnerabilities to be categorized
  based on severity that needs immediate fix. It
  should also be noted that Penetration Testing
  tools should empower automated verification of
  vulnerabilities to save time and reduce human
  errors.

6
Penetration Testing Tools?

• Acunetix
• Aircrack-ng
• Cain Abel
• Ettercap
• John the ripper
• Metasploit
• Nessus
• Kismet
• Wireshark

7
Penetration Testing Methodologies?

• 1) Data collection There are a plenty of methods
  used to get target system data, including Google
  Search. While Web page source code analysis is
  another technique to get more information about
  the system, software and plugin versions, there
  are an array of free tools and services available
  in the market too that provides information like
  database, table names, software versions and
  hardware used by various third party plugins.
• 2) Vulnerability Assessment Based on the data
  collected via first step, security weakness in
  the target system can be identified with ease.
  This helps penetration testers to launch attacks
  using identified entry points in the system.

8

• 3) Actual Exploit This being the crucial step,
  it requires special skills and techniques to
  launch attack on target system. Experienced
  penetration testers can use their skills to
  launch attack on the system
• 4) Result analysis and report preparation After
  completion of penetration tests detailed reports
  are prepared for taking corrective actions. All
  identified vulnerabilities and recommended
  corrective methods are listed in these reports.
  You can customize vulnerability report format
  (HTML, XML, MS Word or PDF) as per your
  organization needs.

9
You can always contact with SECURIUM FOX. You can
contact us through our email addresses or by
using the contact form on the side.

• INFO
• 3rd Floor,Lohia Towers,
• Nirmala Convent Rd,
• Gurunanak Nagar,Patamata,Vijyawada,
• Andhra Pradesh -520010
• 9652038194
• 08666678997
• info_at_securiumfoxtechnologies.com

10

• info_at_securiumfoxtechnologies.com
• Andhra Pradesh Office
• 91 8666678997,91 91652038194
• 3rd Floor,Lohia Towers,
• Nirmala Convent Rd,Gurunanak Nagar,Patamata,Vijaya
  wada,
• info_at_securiumfoxtechnologies.com
• UK Office
• 44 2030263164
• Velevate, Kemp House, 152 - 160,City Road,EC1V
  2NX
• London
• info_at_securiumfoxtechnologies.com
• Tamil Nadu Office
• 91 9566884661
• Kailash Nagar, Nagar, Tiruchirappalli, Tamil Nadu
  620019
• info_at_securiumfoxtechnologies.com

• Noida Office
• 91 (120) 4291672, 91 9319918771
• A-25, Block A,
• Second Floor,Sector - 3,
• Noida, India
• info_at_securiumfoxtechnologies.com
• USA Office
• 1 (315)933-3016
• 33 West,17th Street,
• New York,
• NY-10011, USA
• info_at_securiumfoxtechnologies.com
• Dubai Office
• 971 545391952
• Al Ansari Exchange, Ansar Gallery - Karama
  Branch, Hamsah-A Building - 3 A St - Dubai -
  United Arab Emirates