Typically during penetration tests, scanners are used to detect vulnerabilities. Sometimes security professionals may want to go undetected to test the response of the blue team (aka defensive security) and the security controls of an organization. However, vulnerability scanners are quickly detected due to the amount of network traffic generated by these tools. There are also times that standard, automated scans may miss vulnerabilities. To solve for these issues, manual vulnerability testing is required. Vulnerability scanners should always be used during pentests to ensure that you detect the easy-to-find vulnerabilities quickly and more efficiently, but manual testing should also be done alongside regular scans. Manual vulnerability detection takes more effort and knowledge, but it is a much-needed skill for the advanced pentester. This article will show you how!
All security professionals should be familiar with the Penetration Testing Execution Standard (PTES) as a great set of technical guidelines for performing pentests. It covers the following main sections of a typical pentesting methodology:
- Pre-engagement Interactions
- Intelligence Gathering
- Threat Modeling
- Vulnerability Analysis
- Post Exploitation
This article covers the following bolded sections from PTES: Intelligence Gathering, Vulnerability Analysis, and Exploitations. We won’t go in too deep on the Exploitation step; however, we will show how to determine possible exploits from the data gathered during the Intelligence Gathering and Vulnerability Analysis steps.
The tools you will need to pentest are installed on the Kali Linux distribution, and, if they are not, most are available for install from the Kali Linux repositories. ParrotOS is another great Linux distribution, as is Ubuntu with TrustedSec’s Pen Tester Framework (PTF). PTF is a script that installs the most common pentesting tools on Linux offering similar tools to Kali. If you are a Windows fan, you should checkout FireEye’s Commando VM. Commando VM comes with (Read more...)
*** This is a Security Bloggers Network syndicated blog from The Ethical Hacker Network authored by Phillip Wylie. Read the original post at: http://feedproxy.google.com/~r/eh-net/~3/FBhZQX9pfNs/