Professional testing of your network security posture
Documentation review aims at determining weaknesses in the implementation of security controls and gives scope of management effort.
log review if log management practices are up to date and effective (logging the intended events for critical devices firewalls, routers, and access control Radius, IDS, file integrity etc..)
ruleset review (identify weaknesses in security devices, firewall, routers, ips policies are being applied and operating properly and integrated to the environemnt; adhering to security policies)
system configuration review (unnecessary services and applications running, proper hardening, users provisioning, logging, backups,)
network sniffing (capture & replay traffic, discovery of host and services,identify services, os applications, protocols and unauthorized activities, capturing passwords)
file integrity checking (verifying file checksums database for every systems)
Target identification & analysis techniques
network discovery (monitoring traffic to find IP addresses and protocols to understand communication between hosts)
network port and service identification (
vulnerability scanning
wireless scanning (passive, active,suspicious RF emitting-device location tracking, bluetooth scanning)
target vulnerability validation techniques
password cracking
penetration testing (phases & logistics)
Hacking Laws
Footprinting
Google Hacking
Scanning
Enumeration
System Hacking
Trojans and Backdoors
Viruses and Worms
Sniffers
Social Engineering
Phishing
Hacking Email Accounts
Denial of Service
Session Hijacking
Hacking Webservers
Web Application Vulnerabilities
Web Based Password Cracking Techniques
SQL Injection
Hacking Wireless Networks
Physical Security
Linux Hacking
Evading IDS, Honeypots and Firewalls
Buffer Overflows
Cryptography
