Penetration tests
Controlled attacks on infrastructure.
Penetration tests are performed in accordance with specification agreed prior to the order.
In particular, the specification contains the following issues:
- scope of the infrastructure to be tested,
- precise timeframe of the attack,
- allowed and not allowed methods of operations.
Scenarios of testing web applications.
Penetration tests of web applications are usually performed using one of the three following scenarios:
scenario No. 1 (external attack):
testers have as much information as a standard user legally using the application. This way of testing makes it possible to simulate an external attack attempt on the application, usually through the Internet. Using such an attack scenario allows to specify further possible ways of penetration of other infrastructure elements.
scenario No. 2 (internal attack):
testers have certain access to the system at the defined authority level. This scenario allows, for instance, to test the possibility of hostile activity of an employee causing a damage to the company. Executing the scenario will allow to disclose possible vulnerability of the application to escalation of authority and possibility of unauthorised access to information. Running this test allows to protect information flow and access, for instance in the company’s intranet, better.
scenario No. 3 (detailed version of scenario No. 2):
it covers testing vulnerability to escalation of authority from each of the defined access levels. Its aim is to check the correctness of authorisation mechanisms for the tested application.
Tests of operation systems include the following variants:
scenario No. 1, remote attack:
The scenario includes an attempt to gain access to the system without local access.
scenario No. 2, local attack:
The scenario includes an attempt to gain authority of other users (the target, if possible, being the rights of the system administrator).
Network penetration tests
Network infiltration aims at identification of its topology, devices it uses and the possibility of attacking particular infrastructure elements (intranet, VPN concentrator, application servers, DMZ zones, etc.).
