Security Testing Methodology

Internal & External Network

  • Information gathering (external sources, social media)
  • Network mapping (DNS, Ripe, segmentation)
  • Vulnerability identification (automated and manual)
  • Social engineering (if part of scope)
  • Exploitation (gaining access)
  • Post exploitation (gather data and further access)
  • Privilege escalation (system and network)
  • Covering tracks (avoid detection)
  • Findings, recommendations and reporting

Network Devices Configuration Review

  • Identify security issues caused by misconfiguration
  • Identify security issues caused by missing settings
  • Review polices and rules
  • Review of password policy and the storage method
  • Identify allowed services
  • Analyze processing capabilities
  • Detect network mapping and service
  • Detect vulnerability
  • Analyze vulnerability
  • Findings, recommendations and reporting

Wireless Network

  • Deep analysis of the Wireless device
  • Penetration testing of WLAN and associated services
  • Bypass WLAN Authentication
  • Attack the wireless Clients.
  • Findings, recommendations and reporting

Web Application

  • OWASP Top 10
  • Information gathering
  • Security configuration testing
  • Authentication testing
  • Session management testing
  • Authorization testing
  • Access control
  • Business logic testing
  • Data validation testing
  • Injection testing (SQLi, XSS, etc)
  • Denial of Service testing
  • Web Services & API testing
  • Findings, recommendations and reporting

Mobile Application

  • OWASP Top 10
  • Improper platform usage
  • Insecure data storage
  • Insecure communication
  • Insecure authentication
  • Insufficient cryptography
  • Insecure authorization
  • Client code quality
  • Reverse engineering and de-compiling
  • Findings, recommendations and reporting

Applications Source Code Review

  • Authentication
  • Session Management
  • Authorization
  • OWASP Top 10 (injections in user manipulated variables, XSS, CSRF, etc.)
  • Insecure Direct Object Reference
  • Sensitive data exposure
  • Missing Function Level Access Control
  • Using Components With Know Vulnerabilities
  • Review dangerous functions usage
  • Encryption methods
  • SSL/TLS configuration and usage
  • Business logic (potentially bypass critical steps)
  • Identify denial-of-service points in weak functions
  • Client-side vs server-side validation
  • Findings, recommendations and reporting

Security Testing Guidelines

Internal and External Network

Wireless Network

Web/Mobile Application

Source Code Review

Configuration Review

ISSAF

Information System Security Assessment Framework

PTES

Penetration Testing Execution Standards

OSSTMM

Open-Source Security Testing Methodology Manual

OWASP

Open Web Application Security Project

PCI-DSS

Payment Card Industry Data Security Standard
STIG NIST CIS

Security Assessment Methodology

Info Gathering

Input Questionnaire 

Automated Testing

Mapping, Scanning & Discovery

Vulnerability Assessment

Manual Testing

Vulnerability Identification

Penetration Testing

Exploitations

Deliverables

Vulnerabilities Categorization 

Mitigation Recommendations

Team Certification

Check how we can help you