Pentester Blogs

This is one of the top questions I hear at the time of a SIEM implementation. Most people (non-technical) think that just like doing a ‘ping’ to an IP address, we can do ping ports. Honestly, that is not possible. Then how can we actually check accessibility to a port, well there is a way. But before we jump in to it, we need to know a few basics about what a port is, and why we are not able to ping it.

Wireshark essential tutorial What we are going to do? In this post, we will start learning Wireshark from the scratch. I’ll show the menus, filters and many other options. Most of the people know about Wirehsark, but they don’t want to try it, because they simply don’t know how to write filters. My key focus will be on creating filter, not writing filters. Yes it is true, that you can make filters without learning those filter parameters. On simple words, you can use Wireshark without touching the keyboard. Those who have kali linux, they have it in Kalilinux. I’ll be using wireshark 32 bit version. I’ll concentrate on HTTP traffic throughout the tutorial. So let’s start with little bit of theory

Scanning Assets After the initial reconnaissance, a pentester identifies the target system, as discussed before the pentester concentrates on getting a mode of entry into the target system. The scanning phase can not be limited to intrusion alone. It can be extended form of reconnaissance where the pentester learns more about target, like what operating system is being used, what services  are being run on the systems, and any configuration lapses if any of it can be identified. The pentester can then strategize his/her attack, factoring in these aspects. Footprinting is the first phase of pentesting, in which the pentester gains information about the target, passively or actively. Footprinting alone is not enough for pentesting because it will only give the pentester an overview or primary information about the target. The pentester can use this primary information in the next phase to gather even more in-depth details about the target. This process of gathering in-d...

The very first phase of pentesting is Foot printing and reconnaissance. The idea is to develop a picture of our client before performing a test. Generally speaking foot printing and reconnaissance is only done for black box pentesting. But even if we are performing white or gray box testing, we’ll plot an idea about where to start and how to start the test. Specifically in white box testing, if we need some clarification with a few of the points given by the clients then, definitely we ask for them to clear it for us. In black box testing we identify whether any information is leaked to internet unknowingly by the client. Hence black box testing is the best way for security assessment, since it gives full picture about what information is disclosed. For a malicious hacker any information that is readily available on internet is useful to him. Before we jump into the technical we need to know a few basic terms used in information gathering. These terms helps to understand t...

Today we’ll build or technically speaking “virtualize” our demo labs. Most of the intentionally vulnerable applications which we see in internet are in a specific format known as “ ova (open virtualization archive)” or “ ov f (open virtualization format)”, which you can directly import without any issues. Before we start building a virtual machine we need to know some essential basics. The real machine in which you’ve have installed virtualization software is called as host / physical machine. And the virtual machine running inside host machine is known as guest / virtual machines

Penetration testing is just like hacking in an ethical way. We follow the same procedures, tools and tricks to mock a hacker’s attempt to take over an enterprise networks/systems. The one who execute penetration testing is known as a ” P en-tester” . The pentester first do a vulnerability assessment, in which he list out known vulnerabilities in existing in network. With respect to vulnerabilities received he tries to exploit them, which is known as " P entesting" . He records the maximum level/depth he could reach. The pen tester then creates a detailed report about vulnerabilities and their impact on the network. These reports will have recommendation to fix these vulnerabilities or to mitigate them.