This is a front-page report to illustrate the types of things we will make available at the end of the testing process. The testing process will concentrate on the following areas:
Open port scan – This is the focus point of any attack and allows the hacker to know what is available to attempt to exploit.
Remote Access scans – brute force attack checking for common passwords / weak passwords / no passwords.
Software tag identification / Software version checks – This allows a hacked to target absolute software versions that have been updated to due to security hazards.
Denial of Service / Load testing / Rating Attacks – Can the website or indeed the server be crashed maliciously?
Memory and Stack Overflow attacks – Can the website / web services be bombarded with an overflow data in an attempt to exploit a memory loophole that allows a user to gain access to the server software in someday.
Website Software attacks
- Cross scripting
- Code injection
- Form attacks (HTTP PUT/POST/TRACE)
- Spam attacks / captcha checks
- SQL injection
- Old or backup files that can be used to exploit passwords and version information
- Directory information.
- Common server software CMS packages check.
If an SSL is present
- SSL version checks
- SSL encryotion checks
- Are passwords and cookies encrypted during the user interaction with the website
DNS poisoning attacks – Can the DNS of the website be spoofed and the user redirected to a malicious version of the site?
Indirect attack – Can I get a virus through to a user on the domain email?
Many different tests will be performed through both automated and manual means:
- At present we have tools to search for approximately 600 Common Vulnerabilities Exposures on common web servers types (Apache, IIS, Tomcat, JBoss)
- We have a database that contains 723 techniques for remote exploits
- Based on the technology we find on the website, we have up to 369 additional modules that allow for varying payloads to be delivered to the server
- We have tools to identify and test 6400 scripts that are potentially dangerous from old and outdated versions of software such as WordPress/Joomla/Typo3.
- Our database contains 1200 items which we check for in regards to old/outdated server software (separate from the script software)
In additional we have a manual process, to check the website for additional holes that aren’t easily spotted by automated software solutions mainly due to coding style and techniques.
Our penetration testing will be clearly visible within the customers website logs when reviewed also that gives the customer re-assurance that the tests we say we are going to do are actually done.