Penetration
Testing is an exercise that attempts to simulate the
techniques adopted by an attacker to compromise your systems. It helps
to highlight those vulnerabilities which could be exploited by a remote
unauthorized attacker. NII's penetration testing service is a highly
creative, out-of-the-box engagement, and often results in new
vulnerabilities being discovered or a new tool being developed from
such an exercise. Visit the following links to get a better insight of
our penetration testing related research activities:
- Sample report from a penetration testing exercise we carried out for a large enterprise
- Advisories of security vulnerabilities we discover - some of them during routine penetration tests
- Articles that have appeared in various publications, again highlighting our innovative approach
- Presentations we have made at various security forums, especially on application security
A penetration testing exercise can be structured in various ways:
Application Security Audits
A penetration test could focus exclusively on your web applications. This could be done at various levels
Black-box testing:
Here, we only know the URL of the website. Enumeration of technologies,
mapping of the website, identification of fault injection points,
determining input validation vulnerabilities, or logical security
vulnerabilities, and the OWASP top 10 attacks are all part of this
exercise.
Grey-box testing:
Often enough, a web application involves authentication and
authorization components. In order to be able to test these, we request
for a dummy user account with the least level of privileges within the
application. Using this account, we are able to log in and test for
various flaws in the authentication scheme, as well as attempt to
escalate our privileges and bypass authorization restrictions.
Read our list of advisories here.
Network penetration testing
This type of a penetration test involves identifying the targets
through Google searches, WHOIS, DNS queries, etc. Fingerprinting and
identifying vulnerabilities. Exploitation of these vulnerabilities
depends on whether it is part of the engagement or not. Limited
exploitation is always done in terms of password guessing, directory
traversals, file uploads, etc. However, stronger exploitation such as
Denial of Service attacks, Buffer Overflow exploits, etc., are carried
out only if the possible fallouts from such exploitation are accepted
prior to the engagement.
Automated port identification
In
large and very large networks, the number of public IP addresses, and
the ports exposed on these IP addresses can vary on a daily basis. What
is required is an automated way to periodically scan a large range of
IP addresses, determine what ports are open, and attempt to identify
the service running on those ports. What is even more important is to
produce trending analyses reports, which show new IP addresses or new
ports that have appeared since the last scan was run. NII offers a
secure portal to its customers, where they can log in, enter their
ranges, run the scans, view the reports and compare with previous
scans.
