Pen-Testing.ppt about cyber security pnetesting
patelvedant1080
1 views
27 slides
May 17, 2025
Slide 1 of 27
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
About This Presentation
Pen-Testing.ppt about cyber security pnetestingPen-Testing.ppt about cyber security pnetestingPen-Testing.ppt about cyber security pnetestingPen-Testing.ppt about cyber security pnetestingPen-Testing.ppt about cyber security pnetestingPen-Testing.ppt about cyber security pnetestingPen-Testing.ppt ab...
Slide Content
Vulnerability Assessment
&
Penetration Testing
(VAPT)
&
Penetration Testing
(VAPT)
Part one:
the concept of
Vapt
2
the concept of
Vapt
2
What is a Vapt?(informal)
3
Port scanning
Vulnerability Scanning
Penetration Testing
3
Port scanning
Vulnerability Scanning
Penetration Testing
What is a VAPT?
4
Vulnerability Assessment and Penetration Testing (VAPT) is a methodical
approach to identifying and evaluating security weaknesses in computer systems,
networks, and web applications. It helps determine whether unauthorized access
or malicious activity is possible by simulating real-world attacks.
Vulnerability Assessment (VA): To detect known vulnerabilities using automated
tools.
Penetration Testing (PT): To exploit those vulnerabilities manually or
automatically to assess their impact.
The VAPT process includes:
gathering information about the target before the test (reconnaissance),
identifying possible entry points(Port scanning),
attempting to break in (either virtually or for real)
reporting back the findings.
4
Vulnerability Assessment and Penetration Testing (VAPT) is a methodical
approach to identifying and evaluating security weaknesses in computer systems,
networks, and web applications. It helps determine whether unauthorized access
or malicious activity is possible by simulating real-world attacks.
Vulnerability Assessment (VA): To detect known vulnerabilities using automated
tools.
Penetration Testing (PT): To exploit those vulnerabilities manually or
automatically to assess their impact.
The VAPT process includes:
gathering information about the target before the test (reconnaissance),
identifying possible entry points(Port scanning),
attempting to break in (either virtually or for real)
reporting back the findings.
Why conduct a penetration test?
Prevent data breach
Test your security controls
Ensure system security
Get a baseline
Compliance
5
Prevent data breach
Test your security controls
Ensure system security
Get a baseline
Compliance
5
Steps of VAPT (informal)
6
Establish goal
Information gathering
Reconnaissance (observation of a region to locate an enemy)
Discovery
Port scanning
Vulnerability scanning
Vulnerability analysis
Taking control
Exploitation
Brute forcing
Social engineering
Pivoting (compromised computer attacks)
Reporting
Evidence collection
Risk analysis
Remediation
6
Establish goal
Information gathering
Reconnaissance (observation of a region to locate an enemy)
Discovery
Port scanning
Vulnerability scanning
Vulnerability analysis
Taking control
Exploitation
Brute forcing
Social engineering
Pivoting (compromised computer attacks)
Reporting
Evidence collection
Risk analysis
Remediation
White Hat, Black Hat, Gray Hat
Hackers are commonly divided into three hats:
White, Gray and the infamous Black.
These colors serve as broad labels describing
the extensive spectrum in hacker communities
— from the good (white), to the bad (black) and
those who fall somewhere in between (gray).
Hackers are commonly divided into three hats:
White, Gray and the infamous Black.
These colors serve as broad labels describing
the extensive spectrum in hacker communities
— from the good (white), to the bad (black) and
those who fall somewhere in between (gray).
Some Considerations
7
Scope
Internal or external
In-house or outsourced
Selecting a pen-tester (white hat hacker)
White hat hacker vs Black hat hacker
Penetration tests are sometimes called white hat attacks because in a pen test, the good
guys are attempting to break in. The term "white hat" in Internet slang refers to an ethical
computer hacker, or a computer security expert, who specializes in penetration testing
and in other testing methodologies to ensure the security of an organization's information
systems
7
Scope
Internal or external
In-house or outsourced
Selecting a pen-tester (white hat hacker)
White hat hacker vs Black hat hacker
Penetration tests are sometimes called white hat attacks because in a pen test, the good
guys are attempting to break in. The term "white hat" in Internet slang refers to an ethical
computer hacker, or a computer security expert, who specializes in penetration testing
and in other testing methodologies to ensure the security of an organization's information
systems
Steps of penetration test
8
12 subcategories of the Web Application Penetration Testing Methodology:
based on OWASP (Open Web Application Security Project) methodology
1.Information Gathering
2.Configuration and Deploy Management Testing
3.Identity Management Testing
4.Authentication Testing
5.Authorization Testing
6.Session Management Testing
7.Data Validation Testing
8.Error Handling
9.Cryptography
10.Business Logic Testing
11.Client Side Testing
8
12 subcategories of the Web Application Penetration Testing Methodology:
based on OWASP (Open Web Application Security Project) methodology
1.Information Gathering
2.Configuration and Deploy Management Testing
3.Identity Management Testing
4.Authentication Testing
5.Authorization Testing
6.Session Management Testing
7.Data Validation Testing
8.Error Handling
9.Cryptography
10.Business Logic Testing
11.Client Side Testing
Steps of network Vuln. Assessment &
penetration test
9
penetration test
9
Steps of VAPT
10
Step 1: Introduction and Objectives
Step 2: Information gathering
Step 3: Vulnerability analysis
Step 4: Simulation (Penetrate the system to provide the proof)
Step 5: Risk assessment
Step 6: Recommendations for reduction or recovery and providing the report
10
Step 1: Introduction and Objectives
Step 2: Information gathering
Step 3: Vulnerability analysis
Step 4: Simulation (Penetrate the system to provide the proof)
Step 5: Risk assessment
Step 6: Recommendations for reduction or recovery and providing the report
Part 2:
Introduction to some
Penetration Testing
Tools
12
See – Pen-Testing.docx
Introduction to some
Penetration Testing
Tools
12
See – Pen-Testing.docx
Kali Linux
Kali Linux is a Debian-derived Linux distribution, designed for digital forensics
and penetration testing.
Kali Linux is preinstalled with numerous penetration-testing programs.
Kali Linux can be run from a hard disk, live CD, or live USB. It is a supported
platform of the Metasploit Project's Metasploit Framework, a tool for developing
and executing security exploits.
From the creators of BackTrack comes Kali Linux, the most advanced penetration
testing distribution created till now.
13
Kali Linux is a Debian-derived Linux distribution, designed for digital forensics
and penetration testing.
Kali Linux is preinstalled with numerous penetration-testing programs.
Kali Linux can be run from a hard disk, live CD, or live USB. It is a supported
platform of the Metasploit Project's Metasploit Framework, a tool for developing
and executing security exploits.
From the creators of BackTrack comes Kali Linux, the most advanced penetration
testing distribution created till now.
13
Installing Kali Linux
1- Go to the link http://www.kali.org/downloads/
2- Download a proper version of the kali Linux image (based on your “system type”, if it is
32 bit or 64 bit, for example for 64 bit OS you can download Kali Linux 64 bit ISO (to
find the type of the system: right click on the computer icon in your desktop or in the
start menu and go to the properties tab and read the system type there).
3- Then you can write this ISO file to a cd or DVD or flash memory and use it or you can put
it in the VMware like below.
4- For running Kali Linux in the VMware, go to the start and type VMware Workstation
and open that.
5- Go to the file-> new virtual machine to install the Kali Linux through this wizard.
6- Install the Kali Linux and select it from the list in the left sideof the page and power it on.
7- Type the user name and password (ex. User: root Pass: toor).
8- Go to the application->Kali Linux to see all the penetration testing tools there.
14
1- Go to the link http://www.kali.org/downloads/
2- Download a proper version of the kali Linux image (based on your “system type”, if it is
32 bit or 64 bit, for example for 64 bit OS you can download Kali Linux 64 bit ISO (to
find the type of the system: right click on the computer icon in your desktop or in the
start menu and go to the properties tab and read the system type there).
3- Then you can write this ISO file to a cd or DVD or flash memory and use it or you can put
it in the VMware like below.
4- For running Kali Linux in the VMware, go to the start and type VMware Workstation
and open that.
5- Go to the file-> new virtual machine to install the Kali Linux through this wizard.
6- Install the Kali Linux and select it from the list in the left sideof the page and power it on.
7- Type the user name and password (ex. User: root Pass: toor).
8- Go to the application->Kali Linux to see all the penetration testing tools there.
14
Penetration testing tools
whois: for information gathering step
Maltego: for information gathering step
Hydra: for brute force step
Vega: for Vulnerability analysis
15
whois: for information gathering step
Maltego: for information gathering step
Hydra: for brute force step
Vega: for Vulnerability analysis
15
Maltego
Maltego is an open source intelligence and forensics application.
It will offer you gathering of information as well as the representation of this
information in an easy to understand format.
16
Maltego is an open source intelligence and forensics application.
It will offer you gathering of information as well as the representation of this
information in an easy to understand format.
16
Maltego
1- Go to the Applications -> Kali Linux -> top 10 security tools -> maltego, or open a
command line terminal and type maltego.
2- If it is your first time you want to run this program, you should register to this
program by using an email address and then login to the program using this email
address and the password that you set before.
3- Go to the menu tab (a circle at the top left corner of the page) and select new.
4-from the palette menu (from the left side of the page), select domain and drag and
drop it to the middle of the page.
5- Type the domain name in the property view of the domain (at the right side).
6- Right click on the domain. Choose Run Transform-> all transforms-> to website
DNS
7- Right click on one of the websites and choose Run Transform-> all transforms->
ToServerTechnologiesWebsite.
17
1- Go to the Applications -> Kali Linux -> top 10 security tools -> maltego, or open a
command line terminal and type maltego.
2- If it is your first time you want to run this program, you should register to this
program by using an email address and then login to the program using this email
address and the password that you set before.
3- Go to the menu tab (a circle at the top left corner of the page) and select new.
4-from the palette menu (from the left side of the page), select domain and drag and
drop it to the middle of the page.
5- Type the domain name in the property view of the domain (at the right side).
6- Right click on the domain. Choose Run Transform-> all transforms-> to website
DNS
7- Right click on one of the websites and choose Run Transform-> all transforms->
ToServerTechnologiesWebsite.
17
Maltego
8- Right click on one of the websites and choose Run Transform-> all transforms-> To
IP Address.
9- Right click on one of the IP address and choose Run Transform-> all transforms
->Net block using Whois.
10- Right click on one of the net block and choose Run Transform-> all transforms->
toLocationCountryNetblock.
11- Right click on one of the websites and choose Run Transform-> all transforms->
Mirror: email addresses found
18
8- Right click on one of the websites and choose Run Transform-> all transforms-> To
IP Address.
9- Right click on one of the IP address and choose Run Transform-> all transforms
->Net block using Whois.
10- Right click on one of the net block and choose Run Transform-> all transforms->
toLocationCountryNetblock.
11- Right click on one of the websites and choose Run Transform-> all transforms->
Mirror: email addresses found
18
WHOIS SERVICE
WHOIS is a query and response protocol that is widely used for querying
databases that store the registered users of an Internet resource, such as a domain
name, an IP address block, or an autonomous system
It is also used for a wider range of other information.
The protocol stores and delivers database content in a human-readable format.
19
WHOIS is a query and response protocol that is widely used for querying
databases that store the registered users of an Internet resource, such as a domain
name, an IP address block, or an autonomous system
It is also used for a wider range of other information.
The protocol stores and delivers database content in a human-readable format.
19
Using WHOIS SERVICE
1- Open a command line terminal in Kali Linux and type whois <target> for example:
whois google.com
2- Type ping yahoo.com and find the IP address of yahoo.
3-type whois <yahoo IP address>
4- Go to the link http://www.iana.org/whois and type google.com
5- Go to the link http://www.whois.net/ and type www.google.com
20
1- Open a command line terminal in Kali Linux and type whois <target> for example:
whois google.com
2- Type ping yahoo.com and find the IP address of yahoo.
3-type whois <yahoo IP address>
4- Go to the link http://www.iana.org/whois and type google.com
5- Go to the link http://www.whois.net/ and type www.google.com
20
Vega
Vega is a free and open source scanner and testing platform to test the security of
web applications.
Vega can help you find and validate SQL Injection, Cross-Site Scripting (XSS),
inadvertently disclosed sensitive information, and other vulnerabilities.
It is written in Java, GUI based, and runs on Linux, OS X, and Windows
21
Vega is a free and open source scanner and testing platform to test the security of
web applications.
Vega can help you find and validate SQL Injection, Cross-Site Scripting (XSS),
inadvertently disclosed sensitive information, and other vulnerabilities.
It is written in Java, GUI based, and runs on Linux, OS X, and Windows
21
Vega
1- In the Kali Linux go to the Applications -> Kali Linux -> Web Applications -> web
crawlers -> Vega, or Open a command line terminal in Kali Linux and type vega.
2- Go to the link https://subgraph.com/vega/download/index.en.html to download
Vega.
3- Install the Vega tool and run it.
4- Go to the scan tab -> start new scan.
5- Type http://www.ebay.com/ to find this website vulnerability.
22
1- In the Kali Linux go to the Applications -> Kali Linux -> Web Applications -> web
crawlers -> Vega, or Open a command line terminal in Kali Linux and type vega.
2- Go to the link https://subgraph.com/vega/download/index.en.html to download
Vega.
3- Install the Vega tool and run it.
4- Go to the scan tab -> start new scan.
5- Type http://www.ebay.com/ to find this website vulnerability.
22
Hydra: Brute force Attack
23
23
Finding a username and password of
a website
1.Go the the website: http://www.sunstudiophotography.com/
2.Type /hackme at the end of the website URL address (for going to this part of the
site you need to have a username and password).
3.Download a library of usernames and a library of passwords through the internet or
use some tools such as key generator tools to produce a list of username and
password ( now you have 2 files, one of the consists of a list of usernames and the
other one consists of a list of passwords.)
4.Go to the command line terminal and type this:
hydra <website> -L <userlist> -P <wordlist> -V -f http-get /<sub dir>
for example:
hydra www.sunstudiophotography.com -L /root/Desktop/userlist.txt -P
/root/Desktop/wordlist.txt -V -f http-get /hackme
1.You find the username and password of this web site
2.Login to the website using the username: guest and password: password [4]
24
a website
1.Go the the website: http://www.sunstudiophotography.com/
2.Type /hackme at the end of the website URL address (for going to this part of the
site you need to have a username and password).
3.Download a library of usernames and a library of passwords through the internet or
use some tools such as key generator tools to produce a list of username and
password ( now you have 2 files, one of the consists of a list of usernames and the
other one consists of a list of passwords.)
4.Go to the command line terminal and type this:
hydra <website> -L <userlist> -P <wordlist> -V -f http-get /<sub dir>
for example:
hydra www.sunstudiophotography.com -L /root/Desktop/userlist.txt -P
/root/Desktop/wordlist.txt -V -f http-get /hackme
1.You find the username and password of this web site
2.Login to the website using the username: guest and password: password [4]
24
Hydra-gtk : Finding Gmail password
1- Go to the Applications -> Kali Linux -> Password Attacks -> Online Attacks -> hydra-gtk
2- Set:
In the target tab:
Single Target: smtp.gmail.com
Port: 465
Protocol: smtp
Use SSL should be selected
Show Attempts should be selected
In the passwords tab:
Username: [email protected]
Password list: browse and choose the password file
Try login as password should be selected.
Click start in the start tab.
25
1- Go to the Applications -> Kali Linux -> Password Attacks -> Online Attacks -> hydra-gtk
2- Set:
In the target tab:
Single Target: smtp.gmail.com
Port: 465
Protocol: smtp
Use SSL should be selected
Show Attempts should be selected
In the passwords tab:
Username: [email protected]
Password list: browse and choose the password file
Try login as password should be selected.
Click start in the start tab.
25
3- Hydra found gmail password:11111111q
4- Or you can go to the command line terminal and type:
hydra -S -l [email protected] -P /root/Desktop/pass4.txt -V -s 465
smtp.gmail.com smtp
Or type:
hydra -s 465 -S -V -l [email protected] -P/root/Desktop/pass4.txt -e s -t
36 -w 36 smtp.gmail.com smtp
26
4- Or you can go to the command line terminal and type:
hydra -S -l [email protected] -P /root/Desktop/pass4.txt -V -s 465
smtp.gmail.com smtp
Or type:
hydra -s 465 -S -V -l [email protected] -P/root/Desktop/pass4.txt -e s -t
36 -w 36 smtp.gmail.com smtp
26
References:
[1] http://en.wikipedia.org/wiki/White_hat_%28computer_security%29
[2] https://community.rapid7.com/docs/DOC-2248
[3] http://searchsoftwarequality.techtarget.com/definition/penetration-testing
[4] http://en.wikipedia.org/wiki/Penetration_test
[5] https://www.securitymetrics.com/pentest_steps.adp
[6] http://www.kali.org/
[7] http://en.wikipedia.org/wiki/Kali_Linux
[8] https://www.paterva.com/web6/
[9] http://en.wikipedia.org/wiki/Whois
[10] https://subgraph.com/vega/
[11] http://www.youtube.com/watch?v=plitHS8Tqdo
27
[1] http://en.wikipedia.org/wiki/White_hat_%28computer_security%29
[2] https://community.rapid7.com/docs/DOC-2248
[3] http://searchsoftwarequality.techtarget.com/definition/penetration-testing
[4] http://en.wikipedia.org/wiki/Penetration_test
[5] https://www.securitymetrics.com/pentest_steps.adp
[6] http://www.kali.org/
[7] http://en.wikipedia.org/wiki/Kali_Linux
[8] https://www.paterva.com/web6/
[9] http://en.wikipedia.org/wiki/Whois
[10] https://subgraph.com/vega/
[11] http://www.youtube.com/watch?v=plitHS8Tqdo
27
Tags
Categories
GeneralDownload
Download Slideshow Get the original presentation fileQuick Actions
Statistics
- Views 1
- Slides 27
- Age 199 days
Related Slideshows
22
Pray For The Peace Of Jerusalem and You Will Prosper
RodolfoMoralesMarcuc
30 views
26
Don_t_Waste_Your_Life_God.....powerpoint
chalobrido8
32 views
31
VILLASUR_FACTORS_TO_CONSIDER_IN_PLATING_SALAD_10-13.pdf
JaiJai148317
30 views
14
Fertility awareness methods for women in the society
Isaiah47
29 views
35
Chapter 5 Arithmetic Functions Computer Organisation and Architecture
RitikSharma297999
26 views
5
syakira bhasa inggris (1) (1).pptx.......
ourcommunity56
28 views