Module 06: Network Penetration Testing Methodology-Internal
Objective
The objective of this lab is to provide knowledge on the network, system and user enumeration and other penetration testing methodologies that include:
- Service enumeration
- Password audits
- Vulnerability Assessment
- OS pentesting
- Privilege Escalation
Scenario
Both internal and external network attacks are conducted in almost the same way, except for the fact that in case of an internal pen test; the attacker may possess authorized access or is starting from a point within the internal network. Such insider attacks tend to be more disastrous since the attackers already have the knowledge of the essential ones within a network and their location.
As a penetration tester or a Security Auditor, you must know how to enumerate target networks, users, services, perform vulnerability assessment, exploit vulnerabilities, extract as much employee data as possible, and attain escalated privileges to the target.
0 comments:
Post a Comment