ETHICAL HACKING AND PENETRATION TESTING
Introduction
Penetration testing and ethical hacking are applied means of analysis or testing web applications by executing attacks which are allied to a factual attack that might transpire on a particular day. They are performed in a meticulous tactic to find as numerous security faults as imaginable and to offer a response on exactly how to alleviate the threats posed by such imperfections. However, security-conscious organizations have instigated incorporated penetration testing, susceptibility assessments, and source encryption appraisals in their software progress sequence. Thus, once they release an innovative or new application, it has previously been over several phases of analysis and remediation. Consequently, organizations undertake penetration trials to reinforce their company protection systems, all processor structures, and accompanying the Information Technology substructure.
Moreover, penetration tests aid organizations in advancing their cybersecurity. They ought to thus be conducted on an even basis since cyber delinquents continually search for new feeble points of emergent systems, packages, and applications (Bertoglio & Zorzo, 2017). Additionally, these tests might not offer complete security solutions for the organization, but meaningfully minimalize the likelihood of an efficacious spasm or attack. On the other hand, ethical hacking comprises all hacking means and related cyber-attack approaches, and it aims to recognize susceptibilities and repair them before they can be rummaged by criminals to obstruct with the web application system. A significant dissimilarity concerning ethical hacking and penetration testing is that it assesses all security flaws through many hacking tactics. In contrast, penetration tests are just shallow since they only do cybersecurity evaluation for particular IT systems.. Don't use plagiarised sources.Get your custom essay just from $11/page
Rules of Engagement
Rules of Engagement (RoE) are a manuscript which deals with the technique in which the penetration test is to be headed.
Scope
Cybersecurity penetration testing characteristically classifies the physical systems and a specific goal, and then appraisals the available evidence and assumes several means aimed at attaining that particular aim. For the circumstance of the Haverbrook’s Investment Group network systems, the penetration target is a gray box penetration test since it acknowledges the permutation of the white box and black box; in the essence that the testing squad workings are from the understanding of an invader who is exterior to the business, and thus the penetration tester begins by identifying the network map, the protection tools executed, the internet-facing websites and services, among other aspects. However, the source of such information is very much considerable, for the testers to understand if it originated from civic bases or if the attacker is a disgruntled worker or ex-worker who possesses the organization’s security information; for black-box testing.
This is essential for the Haver brook’s network system since it helps the testing crew to analyze the exact source of leakage of the security information system that is used by hackers. On the other hand, the white box testing is concerned with internal applications that are preordained for use by employees only. In this case, the testing group is provided with all available target information, including the source code of the web application of the Haver brook Investment Group. Hence, scanning and reconnaissance take a short time (Al Shebli & Beheshti, 2018, May). However, the link between the two testing boxes; the black and white, is that since the Haver brook network system is an internal application and provided the security information of the system is only possessed by the employees, therefore, if one employee is disgruntled or fired, he or she may leak the information to hackers. Hence it is easy for them to pinpoint the weaknesses existing in the network system.
This constitutes the gray box testing, which is primarily intended for testing website applications and is accomplished by evaluating the worker accounts to discern how the attacker gained entrance to the network system. The composition of the black and white testing techniques will thus help the penetration testers easily comprehend the target system, thus possibly reveal more substantial susceptibilities; with not as much of effort and cost, since it syndicates the contribution of the designers of the network system and the testers, thus the product eminence of the system is relatively upgraded. Once more, since less time is taken in realization of the particular source of information for hackers, the designer, therefore, has a lot of free time to fix the flaws.
Methodology
Typically, the gray box procedure uses automatic software testing implements to conduct the testing. Nevertheless, counterfoils and unit drivers are generated to dismiss the testing crew blue-collar production of the code. Phases trailed in accomplishing the gray box penetration testing for the Haverbrook’s network system are; identification of the inputs, outputs, primary paths which may be hunted by hackers to access the information, sub-roles or functions of the system, improvement inputs and outputs of the identified sub purposes, implementation of an appropriate test case for the sub meanings, substantiation of the correct result for all sub purposes. All these phases are meant to testing the software functionality of the network site and search for faults as a result of unsuitable code organization or inappropriate operational usage of the system. Characteristics of the Haverbrook network system will thus be obtained by matrix testing, which entails an examination of the software databases whereby the developers define all the variables prevalent in the program. This allows them to know the technical and business perils related to each variable, and thus determine the lifecycle of the network system.
The logistics of the network site are analyzed by pattern testing, to ensure that the previous security threats or defects of the system are reviewed. Thus the causes for the prior failure are acknowledged, and therefore the test cases are intended for finding other discontents before striking production (Nguyen, 2019, December). This assures the improved security of the data stored in that particular network system. Furthermore, regression testing of the software helps in ensuring that the newly introduced features of the system do not affect the security functionality of the system, which may leak information to hackers.
Additionally, the regression testing is essential in ensuring that the process of fixing any allied fault does not upset the rest or other functionalities of the software. The General Services Administration (GSA) will aid in guiding the testers on proper ways of addressing potential vulnerabilities permanently identified from gray box testing of the network system. Consequently, the testing crew organizes the penetration testing services in a manner that improves the Information technology infrastructure, which helps to integrate effective prevention or protection security events and techniques to guard resources and data (Oujezsky, 2019, July). Nevertheless, the expert ethical hackers regularly conduct a computer-generated attack to the network system in the quest for security flaws and develop appropriate remediation strategies to discourse these weaknesses.
The Haverbrook Investment Group organization will thus employ ethical hackers to help in improving their network security strength, and prevent data loss or theft. This is attained straightforwardly as the ethical hackers use the similar techniques that circumvent a system’s defenses as a mischievous hacker, but rather take benefit of the weaknesses recognized. They offer guidance on in what way to repair them. Thus the network system’s security is upgraded. To guarantee that the hacking or penetration testing is moral or ethical, the hacker or testing crew prerequisite has been endorsed by the Haverbrook Investment Group to review their network and detect security menaces. Linking the Haverbrook investment Group website or network application to the Centralia lab will confirm the difficulty of cleaning the site since the establishment of this linking requires injection of code in one file, which is stored in the web application or even a large number of records. However, that particular code may sometimes retain the data also after they are removed or interfered with by hackers. However, hackers only need to get the email in which the system can be found, and thus they can invade the website easily since they replicate the code to have a malicious code in which they can store files that are not normal. These files are mainly viruses and may damage the organization’s website. The Haverbrook group should thus develop antivirus systems to run regularly in their computers and also ensure that the email that stores the code is not displayed for visitors to access.
Objectives
The objective of developing a penetration testing plan for the Haverbrook’s Investment Group network systems is to review the security flaws of the organization’s net structures, and testing the security consciousness of the staffs in the organization, as well as its aptitude to recognize and react appropriately to the predominant or prospective security intimidations. However, this process is mainly aimed at mimicking the courses that hackers may use to inaugurate an attack on the corporate network or network applications and the business website. Through replication, the business stands a chance to detect security concerns before hackers can trace them and execute an exploit (Fashoto, 2018). A summary of the aims of conducting a gray box penetration testing of the Haverbrook’s network site are as follows; combining the input of the developers as well as for the testers, improving the overall system quality by analyzing and correcting all flaws which may be apparent within the website, saving time spent in undertaking black box and white box testing each at a time. Thus the discovered faults are fixed meritoriously since designers are given sufficient time to accomplish the task.
To ensure enough security for the data or information stored in the Haverbrook Group’s network system, the organization will preserve the authorized restrictions regarding data access and protecting the personal privacy of the website by restricting the disclosure of the information stored there. Again, authentication is an access control which prevents the unauthorized access of usernames, passwords, and other user details of the network system. It requires visitors to verify first before accessing the website, thus preserving the integrity of data. This assures that the data stored on the website cannot be corrupted.
Checklist
Network penetration testing defines weaknesses in the network carriage by determining Open ports, Troubleshooting sentient systems, facilities, and clutching system hangings. However, the penetration testing aids supervisors to close idle ports, extra services, hide or modify hangings, Troubleshooting services, and to standardize firewall rubrics. The following items compose the step to step checklist for network penetration testing course:
- Host detection- this is the highest significant stage of penetration testing as it is where the testers collect data about their target system. Footprinting is the tool that itemizes the registers to help in deciding the objective domain; the Haverbrook Investment Group network system.
- Port scanning- This is achieved by the use of tools such as Netscan tools, Nmap, or network observer, which aid the penetration testers to inquire about a server or host of the external network for open ports. These open ports are an entrance for invaders to enter in and to fix mischievous backdoor applications.
- Banner grabbing- This is also known as OS Fingerprinting and is executed by the use of tools such as Telnet, NMAP, or IDServe. These tools define the functioning system and the description or version of the target server. This initiates the finding and exploitation of weaknesses and trying to gain control above the system.
- Scanning for Vulnerabilities- the GIFLanguard, Nessus, Retina CS, and SAINT are the vital tools for discovering weaknesses on the objective system and operation systems too. The GIFLanguard compromises network reviewing policies and Weakness assessment. The Nessus is a vulnerability scanner tool that quests bug in the software and discovers an exact way of mocking the security of the network system.
- Drawing a network diagram- the network diagram helps the testers to understand the rationale linking the path to the objective host in the network.
- Preparing Proxies- the proxy servers act as intermediaries to protect the network from outside access and filtering out unsolicited contents in the network system. The SSL proxy is very substantial in hiding hackers from being trapped.
- Documentation of all outcomes- this helps to find out prospective weaknesses in the network.
Reconnaissance Plan
Overview
Reconnaissance signifies the effort of information collecting afore whichever actual attacks are deliberate. The intent is to gather as sufficient remarkable data regarding the network system beleaguered and may be accomplished by the many diverse widely accessible sources or by network scanning approaches. However, surveillance and digitization is the crucial fragment of an attack since it may divulge the sensitive parts of the network system.
Furthermore, at this point in a penetration system, no facet of the network system ought to be ignored irrespective of how inoffensive it may appear. Reconnaissance will, therefore, begin with profiling the organization, which entails gathering the pertinent information about the host, network system, and the personnel involved in the functionality of the network system in the Haverbrook investment group. Through this, the hackers can gather the elementary security alignments of the Haverbrook’s network system and network route or path, as well as the data flow sequence for the system.
Reconnaissance Methods
Footprinting is a crucial technique or means of gathering information pertinent to the network system. By this, the ethical hackers or testing crew stand a chance to implement a prosperous attack since they hold the essential particulars of the network system, and thus they can crash the system (Oujezsky, 2019, July). Basically, for the Haverbrook investment group’s network system, information can be well analyzed by an attacker since the confidential security information of the network system is freely and openly provided to the clients. In some cases, the information may be leaked by ex-clients to the hackers. The type of information gathered by footprinting is mainly contact data such as employee titles, email addresses, telephone numbers and fax numbers; since such information will help them acquire necessary information that may be stored in the employees’ user accounts. Scanning of the network system will help in scrutinizing and discerning the prevalent susceptible ports by using software’s necessary information gained by the intruders. Providing all information regarding the website application for the Haverbrook Group may lower the confidentiality of the website in case one client or worker is discontinued, and his access permission denied immediately since he or she may offer confidential information to hackers.
There are two diverse approaches of reconnaissance; active and passive. Active investigation refers to the system data gathering for chopping tenacities or system dissemination testing. In an active investigation, a hacker uses organization evidence to gain unsanctioned entrance to secure alphanumeric or automated tools and can go about routers or even firewalls to acquire it. Active reconnaissance is too used by system experts besides computer programmers to assess the safety of websites and structures and test for impending susceptibilities. To execute current renaissance, ethical hackers must have an earnest application that probes anchorages to divulge fragile or delicate ones that may have stayed unheeded. Furthermore, hackers conscript proactive reconnaissance actions to benefit from unguarded data. Such welfares may comprise economic gains if they illegitimately dispense and flog the else protected data or attainment of the advantage of knowledge for pilfering clever stuff they can use to shortcut the evidence collecting course.
On the other hand, passive reconnaissance is an endeavor to acquire information about embattled computers and networks deprived of actively engaging by the systems. However, the passive observation is a legalized information gathering tool since it does not interfere with the web, but amasses the open-source information, that is, from the public purview (Qehaja, 2016). Using this technique requires no skill since it is available to anyone. Therefore the hackers can access the network information enthusiastically by manually searching the Haverbrook investment group’s company website. Information collected in this circumstance may comprise; company contact names, phone numbers and email addresses, company locations and branches, discontented employee blogs and web sites, associations to other correlated companies, amongst additional elementary information.
Consequently, this is a vital contrivance for the testing crew of the penetrating testing of the Haverbrook investment group network system as it aids in collecting the accessible information encompassing the organization since it is the foundation point of several prospective data ruptures. Otherwise, the active reconnaissance tool is the process of scrutinizing a computer system in demand to range methodological flaws that can be used to contact it. The structure information gained by this methodology is substantial for the penetration testing course of Haverbrook’s organization’s network system since it helps to integrate the prospective means that may be used by hackers to access the protected network system content.
Scanning Plan
Overview
Scanning is the use of the tool expressly to pursuit for the open or susceptible network ports. Therefore, scanning facilitates easy documentation of the best and the highest available areas that can be easily demoralized. Thus, the process of gathering or collecting supplementary info or data regarding the goal of using highly multifaceted and antagonistic investigation performances (Ibrahim & Kant, 2018). The purpose or the aim of the scanning plan is any to detect probable faintness that can be demoralized purposely to attain or gain access point to the target network and the systems within. Scanning plan involves the use of the web application scanner, which is a computerized security program that facilitates or aids individuals in identifying or searching for the susceptibilities within the various web applications. The Web application scanner first crawls the entire website as it scrutinizes in depth the multiple files it finds within the website as well as exhibiting the whole edifice of the website. Having discovered the various data within site, a web application scanner carries out or performs an automatic assessment for the ordinary security susceptibilities through beginning a series of web occurrences or outbreaks. Web application scanner plays a vital role within the organizational websites since it aids in scanning various web applications, examines security for your web application hence being able to display defenselessness, which is identified.
Tactics, Techniques, and Procedures
There are three types of web application scanning that are performed on various websites. These include; web crawling, link discovery, and data analysis (Baloch, 2017). Web crawling involves the act of the web application scanner intermingling with a web application mainly through examining or analyzing the HTML codes which have been used within the website and the URLs in it. Having considered the various HTML codes within the web application, a web scanner, therefore, performs restriction analysis purposely for finding or locating liabilities within the form. Thus, the web application scanner scuttles the web application with an Internet Protocol address whereby it can extract some JavaScript-based links besides custom static links. Link discovery, and this involves the capability of the web application scanner being able to scan for the various relationships within the websites such as submission and the links requested by the genuine users (Aarya, 2018, June). Data analysis involves the act of the web application scanner to examine data analysis for HTTP headers and the HTML content hence being able to identify various weaknesses within the web applications quickly.
However, while I will be carrying out or establishing the scanning plan, I will determine various active systems through examining or evaluating whether the web application scanner will be able to link to all the internet protocol address present in the network besides its capability in determining open transmission control protocol, application version information and various vulnerabilities which may be present in the Haverbrook systems. Therefore, this implies that if the web application scanner is capable of linking or connecting to the network, it is an active system. The attacker vector is used to refer to the path or any means, which is usually followed by hackers purposely to gain or acquire access to the computer device or even sure website intentionally to deliver the evil consequence. Therefore, I will use various measures to determine the attacker vector I intend to exploit (Krasniqi & Bejtullahu, 2018). First and foremost, I will evaluate the attacker vector, which greatly tricks users in taking some sort of action, which may, in turn, lead to the leakage of the organization data or information or even the users’ details. In this case, phishing emails are the attacker vector, which I intend to exploit since it comprises various links that may appear to be coming from a known contact, which in turn asks the users their authorizations for a counterfeit purpose.
There are distinct types of scanning tools that can be utilized during the process or the phase of the scanning plane. Network scanning may be used to refer to the set of dealings or rules which are used in the identification of the hosts, ports, and many services within the network. The use of the NMAP is among the most vital tools which are used in this stage of intellect gathering. This tool can easily enable the attacker to obscure a network of the target association. Centralia Security Lab involves the act of gathering information such as the kinds of the operating systems being used, internet protocol address, and the also services which are running on target systems.
Therefore, this process aids in further identification of the live hosts besides the potential vulnerabilities that may allow Centralia Security Lab personnel to acquire or gain access. However, having identified a few openings through the use of the examinations and recons, the individuals will be able to determine the target built on the position quickly. Hping3 is among the network command-line oriented scanning tool that is mainly used for TCP/IP protocol. This tool sends ICMP echo requests as well as identifies TCP plus UDP protocols. Besides, this tool has the capability or the ability to carry out or performing network safety inspecting, firewall testing, TCP/IP stacks auditing, among other functions (Nagpure & Kurkure, 2017, August). Also, other tools may be used in scanning and enumeration of vulnerabilities and systems. These include; intruder, which is an upbeat susceptibility scanner that aids in scanning you as soon as new defenselessness is released. Netsparker is a computerized scanner that will assist in recognizing susceptibilities such as SQL injection. Acunetix is an automated web weakness scanner that detects and reports on over 4500 web application susceptibilities comprising all the alternatives of SQL injection and XSS.
Information within a web application usually secured through setting or establishing various security codes purposely to inhibit or restrict unauthorized people for accessing the information or data within the website. Despite restricting information access through the enactment of the multiple security codes, various ways are used by the hackers in accessing the different kinds or types of information such as usernames, machine names, shares, and services from the system. First and foremost, username informational data is usually accessed by hackers through mainly through the act of password cracking. Password cracking involves the process of recovering or even the act of guessing a password from the various data transmission systems or stored locations. This process enables hackers to improve a password quickly or to acquire unauthorized access to the password. Password cracking can be achieved through performing various techniques such as spidering, whereby there are multiple cases in which the passwords containing the organizational details are available within the website or twitter.
Therefore, this process involves the act of gathering information from these sources once being able to establish wordlists, which in turn facilitates the accomplishment of the brute force and dictionary attacks. This will, in turn, enable the hackers to easily access the website hence acquiring the details of the username. Besides, guess is also among the techniques that facilitate access to the username details within site. This cracking method involves the actor guessing the passwords since some sites usually use or set admin as their default passwords (Mikulskis, 2019, November). In case these passwords have not been changed or altered, this subjects the hackers to access the username details preserved within the website. Also, machine names are among the kinds of information Haverbrook systems. Therefore, data or information containing the machine names can be easily accessed through the use of various attack techniques’ XSS (cross-site scripting) Attack I commonly used technology which aids hackers to obtain the machine names of Haverbrook systems. This involves the act of receiving an application URL “get request” to the web browser bypassing the validation process, thus being able to trigger XXS script.
This script enhances people among the website to believe that the webpage they are viewing is legitimate even though, in reality, it is compromised. Therefore, these subjects such individualists enter personal details, credit card information, among other sensitive information hence enabling the hacker to easily acquire access to the names of the various machines within the Haverbrook systems. Having accessed different machine names, the hackers will be able to easily search for the security measures which have been installed in the machine to aid in offering or providing security hence restricting access to the website by unauthorized people. In case the hackers acquire some security measures who have been installed within thus being Abe to use the password or security codes the acquirer to access the Haverbrook systems whereby they can easily acquire vital details or inflation the web application, therefore, using it for other purposes there than what they are intended for.
Service of the system, as among the kinds of information on various websites, is also accessed by hackers using multiple ways or methods. This commences when the hackers first identify a system that has exposures in that they can exploit. Having identified or examined various vulnerabilities within the system, the hackers, therefore, gains access to the system whereby they test their access to the system repeatedly purpose to ensure that they can easily invade the system and go without being detected. Once the hacker has consistently accessed the system, he or she identifies the useful information within the system and collects it. This information enhances the hackers to evaluate the information they acquire from the website hence being able to use it to determine the various services which are carried out within the web application.
There is various software that is used by hackers to gather or acquire information within a particular website. Netcraft is among the software which has been commonly used by the hackers in accessing websites. This software aids in the provision of detailed information about the web hosting and server were hence enabling the users to acquire accurate and vital information concerning what is happening on the server alongside the internet protocol address. This software allows the hackers to save the information they receive from various websites in their reports, whereby they can later use this information to identify the right tests and hence to be able to define the attack surface, which is most appropriate for the penates.
Netcraft software has been useful in Haverbrook systems. This is mainly because it aids in the collective gathering of the information which has helped in minimization of the misuse of the organizational data since through the use of the formation gathered, it will quickly set or establish various security measures which will restrict or inhibit unauthorized people from accessing the Haverbrook systems. Therefore, the Netcraft software facilitates or initiates the gathering of the information mainly through the act of offering internet security services, which are used in detecting cyber crimes besides disruptions. However, the use of the internet services, the owners of the Haverbrook systems have been able to access the various sources and gather or collect vital information which is used in enacting or implementing security codes including passwords purposely to restrict hackers from accessing the essential details or information within the Haverbrook systems.
Enumeration is among the steps involved in the scanning process. This consists of the act of plotting and removing names and passwords, preferably with preeminent rights. Therefore, the information which is received offers CSL with the ability to create or establishing connections that are active connections with the target system, which further facilitates or initiates the individuals in identifying vulnerabilities that may be present within the network system. Also, social engineering results in the benefits which can be extracted from the email addresses. Therefore, CSL uses an exploited Active Directory against the surnames which are valid or genuine to brute force or crack the password. Due to the listing of the organizational or websites passwords online, this will undeniably permit the CSL to test the passwords which have been proposed against the devices present in the HIG network.
CSL will begin the process of enumeration on any port, which will be identified as open (Backes, 2017). Therefore, this will enable the CSL to quickly attempt to retrieve the usernames and passwords which have been enacted or set purposely restrict unauthorized access leading to the illegal access and misuse of the data or information which is stored within the website or network system. Kali Linux is a platform that includes various penetration tools that assistances CSL with using enum4linux. This software tool offers CSL the capability of seeing what group and operating system could be using besides password policy.
Gaining Access Plan
Overview
Gaining access to the network refers to the various or distinct methods or ways which are used by hackers to illegally access specific system to obtain or acquire the data or info hence misusing it through using it for other purposes other than what they are intended for. The primary method which can be used by the hackers to gain access to a particular network is mainly through Self Registration Service. This process is commonly used by most computer users as well as the apple mobile devices (Baloch, 2017). Some of the hackers usually use various vulnerabilities or flaws as an advantage purposely to acquire or gain access to the website. Most of the most commonly used defects which aid the hackers learning or gaining access to the network with the use of various kinds of information such as usernames, machine names, shares, and service of the system.
Vulnerable sources
These vulnerabilities include; SQL injection, which involves the act of injecting the code, which has been used in establishing the website. Therefore, this consists of the action of the hacker inserting a piece of the system in computer programs whereby after the execution of the infected program, this offers or provides the users with access to the computer program.
Since most of the databases of the websites usually contain vital or sensitive information or details of the users and information about the customers, an attacker or hacker will perform various attempts purposely to acquire or gain access to database aided by the SQL injection. Therefore, the attacker first identifies the input, which is to be included in the SQL query. This enables the attacker to be able to create, unload, read, update, or even delete the records which are kept or maintained in the database. Username Enumeration is among the vulnerabilities which exist within an application hence being able to display or disclose error message to tell if the username which has been provided is valid or not.
Thus, in turn, aids the attacker in identifying username which is valid after several login attempts with distinct usernames. Besides, the attacker or the hacker can easily make attempts in registration, alter the password, and forgets the password page. This is mainly facilitating by the failure of the developers to delete the trivial accounts, which are usually created or established purposely for testing purposes. This enhances the attackers to quickly gain access to the network system hence being able to acquire the information concerning the system as well as customers’ and user’s data, which results in misuse.
Techniques and Software
Cracking of the user passwords is mainly facilitated by various techniques, which include; brute force, social engineering, password guessing, among other technologies. Brute force is among the simplest methods which are sued in gaining access to the web site or server (anything that is password protected). This involves the act of trying a combination of the passwords and usernames repeatedly until it gets into the site or server. Password guessing is also among the techniques which are used in cracking passwords of a particular website to gain access to it. It involves the art of recovering passwords from data stored in computer servers or networks. This can be achieved through the act of sending phishing emails.
This is the commonly used method that is employed by the hackers whereby they send emails to their target victims with phishing website links hence being able to acquire access to the information within the site since the victim will put their surname and password in that phishing page, therefore, getting their accounts compromised. Social engineering is also among the standard password guessing techniques. This involves the attempt of the attacker or hacker acquiring the information of the victim via social media platforms such as Facebook, Twitter (Bozic & Wotawa, 2017). Through the use of the data is gathered, the hackers will be able to figure out the victim password hence being able to access the information or the data of the users and customers within site. This can be minimized or overcome through the act of using complex passwords, which various attackers or hackers are unable to guess.
Maintaining Access Plan
Overview
As soon as an attacker gains entrance to the objective network system or computer, he or she can select to use mutually the order and the assets accessible to them, and auxiliary use the system as a takeoff pack to probe and abuse other schemes, or even retain a truncated outline and stay harming the organization. However, all these activities can destruct the business (Bertoglio & Zorzo, 2017). Nevertheless, attackers who decide on to remain concealed eliminate proof of their admittance and use the next exit or a Trojan to acquire recurrence access. Also, they can fix Rootkits at the core level to gain a fantastic entrance. Rootkits receive admittance at the operating system level, whereas a Trojan horse gains admittance at the application level.
Mutually, Rootkits and Trojan rely on operators to mount or fix them. Still, inside windows’ schemes, utmost Trojans attach themselves as a package and course as a native system, which has an executive entrance. Attackers can thus use Trojan horses to transfer user names, passwords, and also credit card substantiation kept on the network system. They subsequently uphold regulation over “their” system for a long time by “hardening” the system alongside other assailants, and occasionally, in the course, do reduce some grade of defense to the system from other outbreaks. They can use their entrance to snip data, consume CPU series, and trade subtle information or even alternative to coercion. Organizations can consequently use invasion exposure systems or set up honeypots and honeynets to spot invaders (Oomen, 2018). The second; honeynets, although it is not advocated lest the organization has the prerequisite security proficient at leveraging the notion for defense. The objective of a penetration tester is to certify that whenever they have magnificently conceded the network system of the Haverbrook investment group company, they magnify their admittance and withstand their manifestation for a long time as possible. In this stage, the penetration tester will do everything to enlarge their consents, discover user data, and persist furtive while running their programs deeper into the Information Technology infrastructure. For instance, the penetration crew may agree to intensify their rights to the roles of the network system overseer; this is aimed at continuing concealed in the system for a protracted time and tries to get at utmost the subtle data.
Techniques and Software
Some of the tools and techniques used by penetration testers to sustain their admittance to a network system include; backdoors, Trojan horses, viruses, residents, and worms. Backdoors are packages which are unfurnished out consecutively on the conceded system to inspire future admittance without demanding to adventure the susceptibilities above and above. These applications do not offer any suitability to the user of the conceded system. A Trojan horse is a malicious system that is presented on to a host to execute a required or necessary, work, nevertheless somewhat hides and performs concealed, or disguised, programs intimate its encryption to make backdoor, run screenplays, snip information, and to some extend expose specific data kept in the network system (Allen & Cardwell, 2016). Viruses are a mischievous code that taints a current course or folder. Such contagions may upset documents, memory space, boot sections, and hardware. The resident is a subclass of viruses which changes into the RAM space after the machine boots and later rebound evacuate through closure. Lastly, worms are contagious, which do not require requisite humanoid engagements to re-form and aim vulnerability. Then that performs order to change from its contemporary host to an alternative framework and hang onto fouling other stranded structures subsequently.
Covering Tracks
Overview
When the penetration testing crew varnish their work, they requisite to remove all pathways chief to the detectives locating back to them. This phase is accomplished by; deactivating checking, dissipating records, adjusting records and archive records, and eliminating all documents and files generated in the course of the penetration testing. The purpose of this stage is to shield up all the little hints that would give away the nature of the actions done by the testing squad. Though it may appear inexperienced, some invaders may use the methods of smacking substantiation of attack to the network system. Covering tracks can take the technique of moving specified files, altering their postponements, and retitling them. Though, it is a difficult task to recover and reorganize the veiled data, and grounded on the circumstance that some packages can rive files into minor panels and cover each other, this aids to hide information in essential prospect. However, rootkits are the superior technique or tool used for covering all tracks of logs and other artifacts or aspects that may leak directions for hackers. This, therefore, grounds the maintaining access of the Haverbrook Group’s website and prevents the identification of a prospective advanced persistent threat to the network system.
Techniques and Software
As mentioned in the overview, rootkits are the commonly used software technique for covering tracks used by ethical hackers or penetration testers since it combines numerous malware relations used in aggregation to support in a system hack. However, for the situation of the Haverbrook Investment Group network system, log erasure or adjustment tools, and firewall rule manipulation applications are the best for maintaining access and covering tracks for a penetration test (Shmaryahu, 2018, June). Also, exclusively established scripts could be comprised of these rootkits to take in network plotting, secret code crackers, and user profile designers.
References
Al Shebli, H. M. Z., & Beheshti, B. D. (2018, May). A study on penetration testing processes and tools. In 2018 IEEE Long Island Systems, Applications and Technology Conference (LISAT) (pp. 1-7). IEEE.
Allen, L., & Cardwell, K. (2016). Advanced Penetration Testing for Highly-secured Environments. Packt Publishing Ltd.
Alsmadi, I., Burdwell, R., Aleroud, A., Wahbeh, A., Al-Qudah, M., & Al-Omari, A. (2018). Software Code Security: Lesson Plans. In Practical Information Security (pp. 181-200). Springer, Cham.
Arjun, C. V. (2017). Penetration testing: Vulnerability analysis in a virtual environment’. Journal of Engineering and Applied Sciences, 12(Specialissue9), 8723-8729.
Aarya, P. S., Rajan, A., Sachin, K. P. S., Gopi, R., & Sreenu, G. (2018, June). Web Scanning: Existing Techniques and Future. In 2018 Second International Conference on Intelligent Computing and Control Systems (ICICCS) (pp. 123-128). IEEE.
Backes, M., Hoffmann, J., Künnemann, R., Speicher, P., & Steinmetz, M. (2017). Simulated penetration testing and mitigation analysis. arXiv preprint arXiv:1705.05088, 6.
Baloch, R. (2017). Ethical hacking and penetration testing guide. CRC Press.
Bertoglio, D. D., & Zorzo, A. F. (2017). Overview and open issues on a penetration test. Journal of the Brazilian Computer Society, 23(1), 2.
Bozic, J., & Wotawa, F. (2017). Planning the attack! Or how to use ai in security testing?. In IWAISe: First International Workshop on Artificial Intelligence in Security (Vol. 50).
Fashoto, S. G., Ogunleye, G. O., & Adabara, I. (2018). EVALUATION OF NETWORK AND SYSTEMS SECURITY USING PENETRATION TESTING IN A SIMULATION ENVIRONMENT. Computer Science & Telecommunications, 54(2).
Ibrahim, A. B., & Kant, S. (2018). Penetration Testing Using SQL Injection to Recognize the Vulnerable Point on Web Pages. International Journal of Applied Engineering Research, 13(8), 5935-5942.
Krasniqi, G., & Bejtullahu, V. (2018). Vulnerability Assessment & Penetration Testing: A case study on web application security.
Mikulskis, J., Becker, J. K., Gvozdenovic, S., & Starobinski, D. (2019, November). Snout: An Extensible IoT Pen-Testing Tool. In Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security (pp. 2529-2531).
Nagpure, S., & Kurkure, S. (2017, August). Vulnerability assessment and penetration testing of a Web application. In 2017 International Conference on Computing, Communication, Control, and Automation (ICCUBEA) (pp. 1-6). IEEE.
Nguyen, T. D., Austin, S. C., & Irvine, C. E. (2019, December). A Strategy for Security Testing Industrial Firewalls. In Proceedings of the Fifth Annual Industrial Control System Security (ICSS) Workshop (pp. 38-47).
Women, A. G., Steinhäuser, K. G., Bleeker, E. A., van Broekhuizen, F., Sips, A., Dekkers, S., … & Sayre, P. G. (2018). Risk assessment frameworks for nanomaterials: Scope, link to regulations, applicability, and outline for future directions because of needed increase inefficiency. NanoImpact, 9, 1-13.
Oujezsky, V., Chapcak, D., Horvath, T., & Munster, P. (2019, July). Security Testing Of Active Optical Network Devices. In 2019 42nd International Conference on Telecommunications and Signal Processing (TSP) (pp. 9-13). IEEE.
Shimonski, R. (2016). Penetration Testing Essentials. John Wiley & Sons.
Shmaryahu, D., Shani, G., Hoffmann, J., & Steinmetz, M. (2018, June). Simulated penetration testing as contingent planning. In Twenty-Eighth International Conference on Automated Planning and Scheduling.
Qehaja, B., Krasniqi, G., Bajraliu, A., & Shabani, A. (2016). Web application penetration testing.