Penetration Testing
Get a real-world look at how attackers could exploit your vulnerabilities - and guidance on how to stop them - with our pen testing services.
What Is Penetration Testing?
Penetration testing, also called pen testing, is a cyberattack simulation launched on your computer system. The simulation helps discover points of exploitation and test IT breach security.
By doing consistent pen testing, businesses can obtain expert, unbiased third-party feedback on their security processes. Though potentially time-consuming and costly, pen testing can help prevent extremely expensive and damaging breaches.
Types of Penetration Testing
External Penetration Testing
An external penetration test emulates the role of an attacker attempting to gain access to an internal network without internal resources or inside knowledge. A Falconer Security engineer attempts to gather sensitive information through open-source intelligence (OSINT), including employee information, historical breached passwords, and more that can be leveraged against external systems to gain internal network access. The engineer also performs scanning and enumeration to identify potential vulnerabilities in hopes of exploitation.
Our Methodology
All testing performed is based on the NIST SP 800-115 Technical Guide to Information Security Testing and Assessment, OWASP Testing Guide (v4), and customized testing frameworks.
• Planning – Customer goals are gathered and rules of engagement obtained.
• Discovery – Perform scanning and enumeration to identify potential vulnerabilities, weak areas, and exploits.
• Attack – Confirm potential vulnerabilities through exploitation and perform additional discovery upon new access.
• Reporting – Document all found vulnerabilities and exploits, failed attempts, and company strengths and weaknesses.
Internal Penetration Testing
An internal penetration test emulates the role of an attacker from inside the network. A Falconer Security engineer will scan the network to identify potential host vulnerabilities. The engineer will also perform common and advanced internal network attacks, such as: LLMNR/NBT-NS poisoning and other man- in-the-middle attacks, token impersonation, kerberoasting, pass-the-hash, golden ticket, and more. The engineer will seek to gain access to hosts through lateral movement, compromise domain user and admin accounts, and exfiltrate sensitive data.
Our Methodology
All testing performed is based on the NIST SP 800-115 Technical Guide to Information Security Testing and Assessment, OWASP Testing Guide (v4), and customized testing frameworks.
• Planning – Customer goals are gathered and rules of engagement obtained.
• Discovery – Perform scanning and enumeration to identify potential vulnerabilities, weak areas, and exploits.
• Attack – Confirm potential vulnerabilities through exploitation and perform additional discovery upon new access.
• Reporting – Document all found vulnerabilities and exploits, failed attempts, and company strengths and weaknesses.
Our Approach
We use real ethical hackers who simulate the actions of real attackers and apply a threat modelling methodology for the purpose of uncovering the most critical and actionable threats. This way, we adapt our approach according to the severity of each forecasted threat.
This approach includes following steps:
- Understanding system architecture and security requirements;
- Identification of roles, components and assets in a system;
- Discovering the activity matrix and potential security rules;
- Identification and exploitation of risky assets;
- Simulation of conditions which a threat may be exploited.
Once the threat modelling is correctly established and exploited, we move forward to the next steps:
- Review the overall design to discover initial application flaws;
- Prioritize the impact of discovered vulnerabilities and application flaws according to their risk and impact;
- Choose relevant mitigation and response options for each of these threats;
- Created detailed guidelines on how to prevent & avoid similar threats.
All of the above-mentioned steps will be carried out by professional ethical hackers who have a unique understanding of security.
Under the scope of a penetration test, our main objective remains the discovery of the following assets and roles:
- User Authorization Credentials
- Backend System Authorization Credentials
- Internal Metrics
- Unreleased Product Information
- Customer & Client Information
Additionally, we will try to establish what each of the anonymous unregistered users, regular users of the system or system administrators can accomplish inside the system, in order to perform an analysis regarding system access.
Can a penetration test destroy my network?
Network integrity is the number one concern for businesses considering pen testing. Responsible penetration testing teams will have multiple safety measures in place to limit any impacts to the network.
Prior to a pen test, the business works with testers to create two lists: an excluded activities list and an excluded devices list. Excluded activities may include tactics like denial-of-service (DoS) attacks. A DoS attack can completely obliterate a network, so the business may want to guarantee it will not be done on a pen test.
What You Will Get:
