Pentest

Why is it necessary?

Penetration test

There are many cases where organizations suffer incidents that could have been avoided if the protection mechanisms had been reinforced at the time. By detecting vulnerabilities in the systems, we help to prevent security deficiencies that otherwise an attacker could take advantage of and attempt against our information and systems.

Some important concepts

Vulnerability

Vulnerabilities are weaknesses of a computer system that allow an attacker to compromise the integrity, availability or confidentiality of it. Examples of vulnerabilities are weak passwords, misconfigurations, outdated systems, etc.

Exploit

An exploit is a piece of code that takes advantage of a security deficiency (vulnerability) in an application or system, so that an attacker could use it to their advantage. We can distinguish between two types: known exploits or unknown exploits (0-day).

Payload

Payloads are closely related to exploits. The payload is the load that we activate when we are exploiting a vulnerability. The most common in an attack is to exploit a vulnerability with a basic exploit to inject a payload with which to gain control of the team that we attack.

Phases of a pentest

Recognition phase

Possibly, this is one of the stages that requires more time. In this phase of the pentest we will dedicate ourselves to obtain all the possible information of the objective like, topology of the network, IP addresses, metadata about users in social networks, versions of software like websites, etc. All this information will be very useful for the following phases.

Scan phase

Using the information obtained previously, possible attack vectors are searched. This can be done manually or through tools. A combination of both is the most optimal.This stage involves the scanning of ports and services.

Enumeration phase

The objective of this stage is to obtain the data referring to the users, names of equipment, network services, among others. At this stage of the audit, active connections are made to the system and queries are executed within it.

Access phase

In this stage, access to the system is finally made. This task is achieved from the exploitation of those detected vulnerabilities that were used by the auditor to compromise the system.

Post-explotation

This phase is not carried out in all cases. It is done after the exploitation and having obtained access. It would be possible to collect information internally to try to gain privileges or perform other actions. It is used to know what an attacker could get in case of accessing the systems.
More information

Contact us

Contact us if you are interested in getting more information about a service or you think we can help you.