RightSec Penetration Testing Services

RightSec

Penetration Testing

Services Version 1.0

September 2021

1 RightSec Penetration Testing Services

Table of Contents

RightSec Security Assessment ................................................................................................................. 2

Security Testing ....................................................................................................................................... 3

Methodology and Approach ............................................................................................................... 3

Types of Tests and Exercises ................................................................................................................... 4

Application Penetration Testing ......................................................................................................... 4

Compliance Driven Penetration Testing ............................................................................................. 5

Internal Network Penetration Testing ................................................................................................ 6

Mobile Application Penetration Testing ............................................................................................. 7

Red Team Assessment ........................................................................................................................ 8

Wireless Penetration Test ................................................................................................................... 9

API Security Assessment ................................................................................................................... 10

Infrastructure Security Assessment .................................................................................................. 11

Secure Code Review .......................................................................................................................... 12

Social Engineering Exercises ............................................................................................................. 13

Server Hardening Assessments ......................................................................................................... 14

Blockchain Penetration Testing ........................................................................................................ 15

Contact Us ............................................................................................................................................. 16


RightSec Security Assessment

Practical security assessments are essential for a business to understand their

environment’s risk and help define appropriate strategies to ensure a safe and healthy

Technology landscape. RightSec provides a wide range of testing solutions including web

application penetration tests, internal, Active Directory testing, Wi-Fi testing, secure code

review and red teaming amongst others.

RightSec is comprised of nationally renowned white-hat hackers equipped with industry

best certificates, and security specialists experienced in military and private sectors that

can support you achieve any business goal.

The below are examples of most common enterprise drivers towards vulnerability

assessments:

• Compliance with PCI-DSS requirements, APRA CPS 234, Vendor Risk Assessments

• BAU Security Testing as part of your ISMS Vulnerability Management Program

• Release of new systems into productions with confidence and speed

• Determine areas of weakness, uncover flaws and previously-unknown

vulnerabilities — and see how they can be exploited

• Controls Assurance (Validate your security controls)

• Ensure your systems are safe

• Receive actionable advice on how to harden your systems against attacks

• Improve confidence in your cyber security, confirm that the design of your system

is secure

• Tackle new business opportunities by securely integrating to partner systems (API

testing)

We can test your systems to strengthen security and keep your organisation safe.


Security Testing

Security assessments aim to identify vulnerabilities within the assessed infrastructure,

diagnose those vulnerabilities, and exploit them in a safe and controlled manner.

Each test RightSec provides is directly aligned to your business needs, with separate goals

and different methodologies.

Methodology and Approach RightSec has developed a testing methodology by combining several industry best practice

frameworks such as OWASP, OSTTM and WASC along with RightSec’s custom internal

testing methodology. Each test that RightSec offers has its own custom methodology. This

ensures that our testers will thoroughly analyse all aspects of the target in a safe and

methodical manner. Our toolkit includes best-of-breed commercial, open-source and

customised penetration tools.

You will receive a comprehensive business report of our testing, detailing our approach and

techniques, risk-ranked prioritised findings and clear recommendations on mitigating

actions.

Any security issues are reported with accompanying step-by-step instructions and

screenshots, so that you can replicate the attack, get a visual perspective of the problem,

and understand the nature, and urgency, of the potential risk.

RightSec will incorporate the client’s approach to

risk management, prioritising mitigation

recommendations in accordance with the client’s

risk appetite.

Next section will cover the different types of tests

RightSec can offer.


Types of Tests and Exercises Whatever your penetration test driver is, RightSec can support you. The following are some

of the services RightSec is ready to offer you:

Application Penetration Testing

Application penetration tests are fundamental for gauging the security level of the business’

external environment. Aligned against industry best practices such as OWASP, OSSTMM and

RightSec internal testing methodology, application penetration tests look to exploit common

web application vulnerabilities in order to compromise the assessed host.

RightSec uses a combination of automatic and manual tests to fully assess the application. With

expert knowledge in the field, and testers using custom tooling designed to assess even the

most robust applications, RightSec will be able to accommodate testing for any type of

application.

We understand that the purpose of applications differs between organisations and our

testers do not follow a trivial approach for each engagement. RightSec applies custom

test cases and methodologies to ensure that our test is tailored to your business needs.

We use a structured approach to understand the application and model vulnerabilities

based on the WASC threat classification framework to allow for an easier analysis of

any threats found.


Compliance Driven Penetration

Testing

Some organisations are required to perform penetration testing in order to comply with

and maintain governance responsibilities. Our services can support you with getting

compliant with most regulations and standards, including:

• Regulations such as PCI DSS, ISM, SOX, and HIPAA

• Industry standards such as ISO 17799 and ISO 27001.

• APRA CPS 234 Vulnerability Management for financial entity and partners.

• Privacy legislations such as GDPR and the Australian Privacy Act

• Vendor Security Assessments


Internal Network Penetration

Testing

Internal networks generally hold the most critical business applications and data. It allows for

collaboration between employees and management of assets. Internal penetration tests assume

the pretext of an attacker having already compromised the network. An attacker sets their goals

to compromise critical internal infrastructure by elevating their privilege levels and moving

laterally throughout the network. Attackers leverage several vulnerabilities and employ tools,

techniques and procedures (TTP’s) from the most advanced threat groups.

RightSec understands that in the modern age of computing, the dynamics of security are

constantly changing. Our testers are readily available to test and emulate the latest threats to

ensure that your organisation is ready for what may face them.

Internal penetration tests generally consist of three phases:

• Network Discovery: In this step the internal infrastructure will be mapped out with

a strong emphasis on critical infrastructure. At the end of this phase, the testers

should have a good understanding of the internal system layout.

• Target Identification: Following on from the previous step, the tester will take

a detailed look into the found systems and attempt to identify any

vulnerabilities within the assess host.

• Vulnerability Exploitation: At this stage, the attacker

will attempt to safely exploit any found vulnerabilities

in the hopes of compromising the assessed

infrastructure, elevating their privilege levels and

moving laterally throughout the internal network.


Mobile Application Penetration

Testing

Mobile applications are often overlooked when it comes to security, yet their

functionality is as complex as a web application. RightSec has performed numerous

mobile application penetration tests, and our testers have a deep understanding of the

nuances of the vulnerabilities that arise from the development of mobile applications.

RightSec combines a process of automated and manual testing with a testing

methodology derived from industry-best practices. Our testers employ proprietary and

custom tooling to ensure that the full depth of the application is sufficiently tested.


Red Team Assessment

The threat of an attack against your organisation is always imminent, however being

able to practice theory is a rare occurrence. When the time comes to respond to an

attack, it is important that security team operators and linked business groups are ready

to engage with any threat that comes their way.

A red team assessment is an excellent way to test the robustness of security controls.

The attacking team will attempt to compromise the business infrastructure and reach

the set goals within the agreed scope. This can range from application and infrastructure

attacks to social engineering and physical asset compromises.

The team at RightSec is extremely well trained in assessing an organisation’s external

footprint and creating an attack chain that will ensure that all business units are

sufficiently engaged to respond to the threat.


Wireless Penetration Test

The internal wireless network is mostly seen as a barrier between an attacker remaining

outside of your network, and full access to internal infrastructure. With modern

technology, attackers can remain unseen as they attempt to penetrate the corporate

wireless network, and even attempt to coerce employees with fake wireless login

portals to harvest credentials.

Wireless penetration tests assess the resilience of wireless networks against an attacker

attempting to infiltrate the network. Various different test cases are performed

depending on the type of setup. RightSec can modify their testing methodology on the

fly to accommodate for all types of wireless setups. RightSec will aid in defining a

methodology tailored directly to your business needs.

Wireless penetration tests generally consist of the following:

• Site survey: Mapping out of all access points, and identification of areas of interest

such as places with low wireless signal strength and clients nearby

• Wireless infrastructure testing: The objective of this phase is to thoroughly assess

the wireless infrastructure in use and determine any points an attacker may be able

to exploit. This can take many forms, and is highly dependent on the infrastructure

in use

• Wireless client testing: Thorough testing of the process for

authenticating and managing clients that may leave it vulnerable

to attacks which could compromise the integrity of the

connection and user credentials

• Wireless exploitation: Depending on the findings in the previous

step, RightSec will create an attack plan, and attempt to execute

it against the wireless infrastructure


API Security Assessment

Application Programming Interfaces (API) are great ways to deploy multiple

applications and let them flow through a single endpoint. As such API endpoints

generally receive sensitive data, authorisation requests and perform checks when

accessing privileged application functionality.

RightSec’s skilled testers are capable of testing even the most robust API endpoints,

searching for security risks and functionality bypasses. RightSec has adopted a

custom methodology derived from industry best practices such as the OWASP top

10 API vulnerabilities and our own internal methodology to ensure that the target

application is thoroughly tested. Our findings are group by the WASC threat

classification module allowing for easier analysis and understanding of findings.


Infrastructure Security Assessment

Once an application is deployed, either externally or internally, the infrastructure

requires constant maintenance to ensure that configuration is secure, services and

ports exposed are secure, and no software is missing any security patches.

Infrastructure security testing involves the use of techniques to compromise assets

commonly used by attackers while focusing on infrastructure components such as

servers, operating systems and security devices.

RightSec has developed an infrastructure security testing methodology based on a

combination of automated and manual testing. Similarly to application testing,

findings are grouped in classifications to make analysis easier to visualise and help

with future remediation steps.


Secure Code Review

The software development life-cycle followed by most development teams often

miss the important aspect of security. As such, applications tend to be riddled with

numerous simple vulnerabilities that could have been remediated before

application release.

RightSec has developed a secure code review methodology that can be used across

many different programming languages. Our methodology combines manual

inspection of source code as well as the use of proprietary, custom and open-source

tooling. RightSec will work closely with the business to ensure that our

methodology is tailored to your needs, and a secure application will be ready at

release time.


Social Engineering Exercises

Often the weakest point of any entity lies within human manipulation. RightSec

offers a wide range of services to help train employees against social engineering

attacks, whether that be through active phishing and vishing assessments or in-

person/virtual training seminars tailored to the business.

RightSec employees possess military training of human and emotional intelligence.

Our testers are capable of performing social engineering assessments ranging from

extremely high-skilled to low-skilled threat actors. Pretexts defined in the social

engineering assessments will be tailored directly to your business by

reconnaissance through open source intelligence vectors.

Consistent social engineering training is a vital element in ensuring that employees

are aware and alert of imminent threats and understand how to respond to threats

accordingly.


Server Hardening Assessments

Server hardening assessments involve thoroughly reviewing configurations of the

server to understand their conformance to industry-best practices. By assessing the

configuration of a standard server deployment, any security issues can be fixed

across a whole fleet of servers.

RightSec has developed a server hardening assessment methodology by combining

benchmarks from CIS, NIST, ACSC and our own internal resources. Throughout

testing RightSec will employ various scripts and manual configuration reviews to

ensure that the configuration of the server is consistent with industry best

practices.


Blockchain Penetration Testing

Blockchain is a timestamped chain of immutable records (i.e., blocks)

that are linked cryptographically. It is effective in recording information

in a permanent and tamperproof way. The technology is readily being

developed and adopted for different services and applications in highly

regulated sensitive areas such as the Financial Sector and Healthcare.

Blockchain, as other technologies, need to present the right security

configuration and not introduce further risk to the business adopting it.

As such, it is vital to perform penetration tests against blockchain

applications. Effective blockchain testing supports organisations with

building and utilising the technology securely with the connected

infrastructure, and ensure that it is secure and aligned to industry

regulations and best practices.

RightSec has developed a blockchain penetration testing methodology

based on industry best practices. Through a combination of manual and

automated testing, RightSec will thoroughly test any implementation

of blockchain technology.

We understand that Blockchain implementations and use cases vary

between organisations. For that reason, our methodology and the

wide-ranging expertise and skills of our penetration testers are robust

and adaptable. We adopt a structured approach and model

vulnerabilities based on the SWC registry classification of smart

contract weaknesses to allow for easier analysis and documenting of

threats found.

A specific blockchain configuration is usually a combination of multiple

technologies, tools and methods that address a particular problem or

business use case. RightSec addresses and considers all elements

within the blockchain. From the ledger, smart contracts, business and

application logic, all the way down to the infrastructure being used. We

understand the importance of integrity, confidentiality and privacy of

the data stored inside the blockchain and we will dedicate ourselves to

maintain these values.


Contact Us

Whatever your security drivers are RightSec can help.

Still have some questions?

Reach out for a consultation today

Your one-stop cyber security shop!

Email: [email protected] Website: https://www.rightsec.com.au Phone: +61 401 730 789

RightSec

mailto:[email protected]

https://www.rightsec.com.au/

RightSec Penetration Testing Services

Documents

Transcript of RightSec Penetration Testing Services