The latest articles on DEV Community by Ehtisham-sudo (@sudoehtisham). https://dev.to/sudoehtisham https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F747921%2F62d17508-7769-401c-a0e0-9ef94e6a7443.jpeg https://dev.to/sudoehtisham en Ehtisham-sudo Tue, 31 May 2022 18:01:44 +0000 https://dev.to/sudoehtisham/penetration-testing-stages-and-methodologies-3jbl https://dev.to/sudoehtisham/penetration-testing-stages-and-methodologies-3jbl <p>Penetration tests have multiple objectives and goals. Each penetration test is different based on the target scope. But there are methodologies that are same as foundational steps in order to achieve the goal. Penetration test stages: </p> <p><strong>Information Gathering</strong><br> This stage involves collecting as much publically accessible information about a target/organisation as possible, for example, OSINT and research. this stage has two sub-branches. Active and passive information gathering. </p> <p><strong>Enumeration</strong> <br> This stage involves discovering applications and services running on the systems. For example, web server and application version detection.</p> <p><strong>Exploitation</strong> <br> This stage involves leveraging vulnerabilities discovered on a system or application. This stage can involve the use of public exploits or exploiting application logic.</p> <p><strong>Privilege Escalation</strong> <br> after gaining initial access privilege escalation helps to escalate attacker's abilities to maximum (as root or admin user).</p> <p><strong>Post-exploitation</strong><br> This stage involves process to target as many system as possible and escalate the attack surface of target. </p> <p><strong>Reporting</strong> <br> The final stage is to organize and document each step during the pentest and list all the discovered flaws and security suggestion in order to enhance the security </p> <h2> Methodologies </h2> <p><strong>OSSTMM</strong><br> The Open Source Security Testing Methodology Manual provides a detailed framework of testing strategies for systems, software, applications, communications and the human aspect of cybersecurity. <br> OSSTM is used during testing: </p> <ol> <li><p>Telecommunications</p></li> <li><p>Wired Networks</p></li> <li><p>Wireless Communication </p></li> </ol> <p><strong>OWASP</strong> <br> The "Open Web Application Security Project" framework is a community-driven and frequently updated framework used solely to test the security of web applications and services. <br> All most all web applications are tested based on these guidelines. </p> <p><strong>NIST Cybersecurity Framework 1.1</strong><br> The NIST Cybersecurity Framework is a popular framework used to improve an organizations cybersecurity standards and manage the risk of cyber threats. This framework is a bit of an honourable mention because of its popularity and detail.</p> <p><strong>NCSC CAF</strong> <br> The Cyber Assessment Framework (CAF) is an extensive framework of fourteen principles used to assess the risk of various cyber threats and an organization's defence against these.</p> security todayilearned linux Ehtisham-sudo Mon, 30 May 2022 11:26:08 +0000 https://dev.to/sudoehtisham/what-is-penetration-testing--3549 https://dev.to/sudoehtisham/what-is-penetration-testing--3549 <p>Penetration testing is a process of security audit that evaluates the organization's security, infrastructure, network and Applications against internal and external threat actors. It is helpful way to determine the security policies and controls. This process involves active evaluation of security by simulating an attack similar to real attackers. Main objectives are to test and analyze design weakness, technical flaws and vulnerabilities. </p> <p><strong>Security Audit</strong> <br> Security Audit checks whether an organization is following the standard security policies and procedures. </p> <p><strong>Vulnerability Assessment</strong> <br> A vulnerability assessment focus on discovering the vulnerabilities in the system but without any evidence that these can be exploited. Also it lacks the information to evaluate how much damage it can cause to the System security </p> <p><strong>Compliance Oriented Penetration testing</strong> <br> This type of testing is driven by compliance requirements. It is determined to evaluate compliance requirements about standards, frameworks, laws, acts etc. </p> <p><strong>Red-Team-based Penetration testing</strong> <br> Red-team-based testing covers all areas of security testing. It includes assessing people, networks, application ad physical security.</p> <p><strong>Black-Box Testing</strong> </p> <ol> <li><p>limited knowledge about target</p></li> <li><p>Requires a lot of research and information gathering </p></li> <li><p>Resource and time consuming </p></li> </ol> <p><strong>White-Box Testing</strong> </p> <ol> <li><p>Complete information about target </p></li> <li><p>Less time and resource consuming </p></li> <li><p>Bugs and vulnerabilities can be patched quickly </p></li> </ol> <p><strong>Gray-Box Testing</strong></p> <ol> <li><p>Combination of black and white Testing </p></li> <li><p>usually limited information (depends on target scope)</p></li> <li><p>Security testing and assessments are performed internally </p></li> </ol> <p><strong>Basic-Skills of a Penetration Tester</strong></p> <ul> <li><p>Networking (most important)</p></li> <li><p>knowledge of Firewalls, Routers and Intrusion detection systems </p></li> <li><p>Open Source Techniques</p></li> <li><p>Web Servers, mail, SNMP stations and Access devises </p></li> <li><p>Operating System knowledge </p></li> <li><p>Web Application architecture (frontend-backend,)<br><br> <em>Ability to read, learn and enhance Every day</em></p></li> </ul> linux hacking security Ehtisham-sudo Sat, 28 May 2022 12:23:50 +0000 https://dev.to/sudoehtisham/day2-of-learning-cyber-security-93f https://dev.to/sudoehtisham/day2-of-learning-cyber-security-93f <h2> Computer Networking </h2> <ul> <li><p>OSI Model &amp; TCP Model </p></li> <li><p>DNS and DNS types</p></li> <li><p>The life of a data packet </p></li> <li><p>Common Ports and running Services </p></li> <li><p>Cyber Security Mindset and motivation </p></li> </ul> <p>A resource to understand how internet works<br><br> <a href="https://explained-from-first-principles.com/internet">Internet explained from first principles</a></p> Ehtisham-sudo Fri, 27 May 2022 08:30:29 +0000 https://dev.to/sudoehtisham/day-1-of-learning-cyber-security-4im1 https://dev.to/sudoehtisham/day-1-of-learning-cyber-security-4im1 <h2> Linux for beginners </h2> <ul> <li><p>Introduction to Linux </p></li> <li><p>basic commands </p></li> <li><p>package management </p></li> <li><p>Network configuration</p></li> <li><p>File permissions</p></li> <li><p>Log management </p></li> <li><p>DNS configuration </p></li> </ul> <p><em>A very beginner friendly resource</em> <br> <a href="https://linuxjourney.com">https://linuxjourney.com</a><br> <em>A website to explain commands and working process</em><br> <a href="https://explainshell.com">https://explainshell.com</a></p>