Metasploit Study Notes (i)

Penetration Testing Process:

1. The Pre-interaction phase (pre-engagement Interaction), the penetration Test team interacts with the customer organization to determine the scope of penetration, objectives, constraints, and details of the service contract.

2. The intelligence gathering phase (information gathering), the Penetration testing team uses various sources of information and techniques to gather information about the network topology, system configuration, and security defenses of the target organization, including: Open source information query, Google Hacking, social engineering, network casing, scanning detection, passive monitoring, service enumeration and so on.

3. Threat Modeling Phase (Threat Modeling), gather information through previous intelligence, brainstorm and identify the direction of attack.

4. Vulnerability Analysis phase (vulnerablily analyze), after determining the attack mode, you need to consider how to gain access control of the system. At this stage, the attacker needs to analyze the information obtained in the previous 3 phases, especially the security sweep surface vulnerability results, service enumeration information, etc.

5. Penetration attack phase (exploitation), penetration Test team through the previous acquisition of the target system security vulnerabilities, avoid the network and the implementation of security measures in the system to achieve infiltration purposes. In black-box testing, penetration testers also need to consider the escape of the target system detection mechanism, so as to avoid causing the target organization to respond to the team's vigilance and discovery.

6. The post-infiltration attack phase (post exploitation)is the most important step in the penetration testing process to reflect the creativity and technical capabilities of the penetration testing team. In this process, the team needs to design attack targets, identify critical infrastructure, and find the most valuable and tried-and-safe information and assets of the customer organization according to the different characteristics of the target organization's business operation model, protection of asset form and security defense plan. Ultimately reach an attack path that will have the most important business impact on your organization.

7. Reporting phase (Reporting), to provide customers with a test report, including the penetration Test team to obtain critical intelligence information, detection and excavation of the system security vulnerabilities, the process of successful infiltration attacks, as well as the consequences of the business impact of the attack path, but also to stand on the defender's point of view To help them analyze weaknesses in the security system, problems, and patching and escalation scenarios.

Security vulnerability life cycle:

1. Security vulnerability Research and excavation : by a high level of hackers and penetration testers, mainly using source code audit (white box test), Reverse engineering (gray box test), Fuzz Test (black box test) and other methods, mining the target system can be exploited security loopholes.

2. Penetration code development and Testing : At the same time as vulnerability mining, hackers develop a proof-of-concept penetration attack code (POC) that verifies that the security vulnerabilities found exist and that they can be exploited.

3. Security loopholes and penetration code in the closed team circulated , found security loopholes and give penetration code, white hat notify manufacturers to repair, after the manufacturers repair and then publish. Black hats and grey hats are generally shared secretly in small, closed teams to exploit the attack value of these security holes and penetration code.

4. Security vulnerabilities and penetration codes began to spread , and for various reasons security vulnerabilities and penetration codes were disclosed and spread rapidly across the security community.

5. Malicious programs appear and spread , black hats in the grasp of security loopholes and infiltration code based on the further development of more easy-to-use, more automated communication capabilities of malicious programs, and through the hacker Community social organization structure and the Internet to spread.

6. Penetration code/malicious programs to spread and harm the internet , manufacturers to release patches and security warnings to further let the entire hacker community to understand the emergence of new security vulnerabilities and corresponding infiltration code, malicious programs, more black hat through the Internet to obtain malicious programs, the Internet to reach the peak of harm.

7. Penetration attack code/attack tools/malicious programs gradually die out, in the vendor patch, the security company provides detection and removal mechanisms to be widely used after the corresponding infiltration code, malicious programs will be gradually discarded by the black hat, thereby slowly disappearing.

This article is from the "Boundless" blog, please make sure to keep this source http://7492110.blog.51cto.com/7482110/1585965

Metasploit Study Notes (i)