Pentests
Im Rahmen eines Penetration Tests untersuchen wir die Sicherheit Ihrer Anwendung auf Herz und Nieren:
-
erreichbare Systeme, offene Ports, Versionen, Schwachstellen
-
Netzwerkdienste, Datei- und Business-Schnittstellen, anfällige Technologien
-
Cloud Assets
-
Phishing, Client-seitige Angriffe, Security Awareness
-
Passwörter, Benutzer- und Dienste-Rechte
-
Active Directory
-
öffentlich verfügbare Information (OSINT)
Für die Durchführung dieser Aufgaben bin ich zertifiziert nach OSCP, OSCE und OSEE.
Pentesting: Scopes & Skills
OSINT
Domains, Subdomains, Certificates, Archives, Cloud Resources, Software, People, Business Partners.
Reconnaissance
Target Scanning, Port Scanning, Vulnerability Scanning, Remote Enumeration.
Weaponization
Bind Shells, Reverse Shells.
Network Services
DNS, FTP, HTTP(S), IMAP, IPMI, LDAP, MSSQL, MySQL, NFS, Oracle, POP3, PostgreSQL, RDP, RMI, PRC, Rsync, Samba, SMB, SMTP, SNMP, SSH, Telnet, TFTP, VNC, WebDAV, WinRM, WMI.
Payloads Generation
Non-staged Shells, Staged Shells, Listeners.
Delivery
File Transfer, LOLbins, HTTP Server, SMB.
Phishing
GoPhish, BEeF, E-Mail Delivery, Metrics, Reporting, Security Awareness.
Exploitation
Metasploit, Empire.
Installation
Backdoor User, SSH, RDP, Telnet, PowerSploit, LOLBAS, GTFObins.
Command and Control
Remote Code Execution, Pass-the-Hash, C2 Infrastructure, C2 Frameworks.
Actions on Objective
Enumeration, Privilege Escalation, Password Cracking, Lateral Movement, Post Exploitation, Data Exfiltration, Tunneling, Pivoting.
Web Applications
Proxies, Vulnerability Scanning, Fingerprinting, Fuzzing, Web Shells, Client-side Attacks, Common Vulnerabilities.
Web Hacking
Command Injection, Directory Traversal, Open Redirect, Insecure Direct Object References, File Inclusion, SQL Injection, Cross-Site Scripting, Cross-Site Request Forgery, Bruteforcing Logins, Session Hijacking, File Uploads, XML External Entity, HTTP Verb Tampering, Broken Authentication, CAPTCHA Bypass, Broken Access Controls, Broken Session Management, Server-Side Request Forgery, Server Side Includes, Edge Side Includes, Server Side Template Injection, Cryptography, Insecure Deserialization, Security Misconfiguration, Vulnerable Components, Sensitive Data Exposure.
API Hacking
RESTful Services, SOAP, Common Vulnerabilities.
Windows and Linux Exploitation
Fuzzing, Debugging, Stack-based Buffer Overflows, SEH-based Buffer Overflows, Heap Overflows, Bypassing DEP / ASLR / SafeSEH, ROP Chains, Shellcodes, Restricted Shellcodes, Egghunter, Arbitrary Overwrites, Use After Free, Memory Address Leakage, Reverse Engineering.
Exploit Development
Das Herz schlägt für die Technik! Seit Jahren forsche ich im Bereich der Exploits und habe mich insbesondere auf Windows Exploit Development und das Ausnutzen von Schwachstellen in Netzwerkprotokollen und Linux-Systemen spezialisiert:
-
Network Scanning
-
Port Scanning
-
AV Evasion
-
Network Protocols and Services
-
Vulnerability Scanning
-
Payload Injection
-
File Transfers
-
Exploit Techniques
-
Password Cracking
-
Client-Side Attacks
-
Web Application Attacks
-
Privilege Escalation
-
Post Exploitation
-
Port Redirection, Port Tunneling, and Port Forwarding
Bitte beachten Sie in diesem Zusammenhang meine Publikationen "Deep Dive" und "Ethical Hacking".