Posts Tagged "penetration testing"

PenTester Pro Tip: Validating The TOE

If you’ve ever worked as a professional penetration tester then you definitely know what a TOE is. For those of you who do not, the TOE or “Target Of Evaluation” is “the product or system that is the subject of evaluation” (Wikipedia). For the sake of simplicity, a system connected to the internet with an IP address is the TOE for an external penetration test. Your client has provided a list of IP addresses, maybe in CIDR notation, maybe they’ve just dropped you a spreadsheet with a list of targets that fall within the scope of testing, at the end of the day, they’ve provided to you with a list of assets that are in play. Side note: I won’t stress the importance of performing thorough reconnaissance and the value it will provide to both you (during the assessment) and to your client. There are plenty of books and training courses that have done a fine job conveying that message. However, I do want to provide you with the following scenarios and why it is important to validate and verify your targets: Scenario 1: Client Provides Wrong IP Addresses (Bitter CIDR) You’ve laid out your pentest, you’ve got a list…

continue reading

Advanced Threat Protection Evasion for Penetration Testers: Part 2

In my last post, “Scratching the Surface of Advanced Threat Protection”, I covered what ATP actually is and how it works. In this post, I am going to provide you with a basic methodology that will assist in evading Advanced Threat Prevention in the event you happen to encounter it during a penetration test. The second part of this methodology will also prove useful for testing these products on their own, prior to network implementation, which will actually be the third part of my ATP series (Testing Advanced Threat Protection Products). A Method To The Madness A good penetration tester knows the importance of performing thorough reconnaissance. The more information you gather about your target of evaluation, the better your chances are of having a successful penetration test. When we learn that Advanced Threat Prevention may be a game changer, there are some additional steps to take to increase your odds. It all boils down to your OSINT skills. Defeating ATP isn’t necessarily any more technical than antivirus evasion. It just requires you to do a little more R&D.  A good friend once told me, “if you fail to plan, you plan to fail” –  Since then I’ve adopted this saying as my…

continue reading