Scribd Logo
Upload

Welcome to Scribd!

  • Penetration Testing Plans and Scope

    Uploaded by

    Shahzaib Khan
    6 views2 pages
    The penetration testing plan outlines tests for design and development errors, password policies, and social engineering. Network scans will check for unnecessary open ports and services, default ports, and vulnerabilities using tools like Nmap, Nessus, and Metasploit. Web scans will use Nikto, check TLS/SSL configurations, and brute force login panels using Hydra and Sqlmap.

    Original Description:

    Original Title

    penetration testing plans and scope.docx

    Copyright

    © © All Rights Reserved

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    The penetration testing plan outlines tests for design and development errors, password policies, and social engineering. Network scans will check for unnecessary open ports and services, default ports, and vulnerabilities using tools like Nmap, Nessus, and Metasploit. Web scans will use Nikto, check TLS/SSL configurations, and brute force login panels using Hydra and Sqlmap.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as docx, pdf, or txt
    6 views2 pages

    Penetration Testing Plans and Scope

    Uploaded by

    Shahzaib Khan
    The penetration testing plan outlines tests for design and development errors, password policies, and social engineering. Network scans will check for unnecessary open ports and services, default ports, and vulnerabilities using tools like Nmap, Nessus, and Metasploit. Web scans will use Nikto, check TLS/SSL configurations, and brute force login panels using Hydra and Sqlmap.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as docx, pdf, or txt
    of 2

    PENETRATION TESTING PLANS AND SCOPE

    17 December 2018

    OVERVIEW

    1. Design and Development Errors


    Testing for Flaws in the design and functioning of hardware and software. Testing for misconfiguration in services
    that can introduce loopholes for the attacker. Oscap tool will be used for this purpose. Built-in PCI policies will be
    utilized.

    2. Password Policies
    Policies against Improper storage of passwords in plain documents, sharing of passwords on unsafe media, phishing
    attacks, use of default passwords and use of two-factor authentication and public/private keys. Making sure no
    usernames are used that can be easily guessed from social media accounts.

    3. Social Engineering Tests


    In this test, attempts are being made to make a person reveal the sensitive information like password, business-
    critical data, etc. These tests are mostly done through phone or internet and it targets certain employees & processes.

    4. Network Scans
     Using Nmap scans with all ports and vuln scripts, finding unnecessary open ports and services.

     Verifying if any service is using the default port.

     Disabling ICMP and services like ftp, telnet, smb, vnc etc.

     Scanning with Nessus with specific policies.

     Exploiting the vulnerabilities with Metasploit and manual scripts from ExploitDB.

     Removing netcat and other remote access tools.

     Running Aircrack-ng on local office environments to scan for rogue Access points.

     Using dig and fierce to perform DNS zone transfers.

     Using Ettercap to utilize ARP poisoning and try to redirect traffic between hosts to mitigate man-in-the-
    middle attack.

     Brute-Forcing Oracle user accounts.

    1
    5. Web Scans
     Scanning web services with Nikto,

     TLS / SSL scans to check weak algorithm support.

     Running vulnerability scans on Burp Suite.

     Running scans on web servers using Zap to ensure the results from Burp Suite.

     Performing client-based API attacks to trigger Denial of service.

     Brute-forcing login panels with Sqlmap and Hydra using dictionaries.

     Performing session hijacking of currently logged in user.

    You might also like