Posted: August 11th, 2022

Penetration Testing

Penetration Testing
Use the Penetration Testing Plan Template to create a 3- to 4-page Penetration Testing Plan for the organization you chose.

Research and include the following:

Pentest Pre-Planning
Engagement timeline: Tasks and who performs them
Team location: Where will the penetration team execute their tests?
Organization locations tested: multiple locations, countries (Export restrictions and government restrictions)
Which pentest technologies will be used? Consider the following as you research options:
Scanning Tools: Nmap, Nikto
Credential Testing Tools: Hashcat, Medussa, John the Ripper, Cain and Abel
OSINT Tools: Whois, TheHarvester
Wireless Tools: Aircrack-ng, Kismet
Networking Tools: Wireshark, Hping
What client personal are aware of the testing?
What resources provided to pentest team?
Test Boundaries:
What is tested?
Social engineering test boundaries? What is acceptable?
What are the boundaries of physical security tests?
What are the restrictions on invasive pentest attacks?
What types of corporate policy affect your test?
Gain Appropriate authorization (Including third-party authorization)
Pentest Execution Planning: Given the scope and constraints you developed in your Pentest Pre-Plan, plan the following pentest execution activities
Reconnaissance
Scanning
Gaining Access
Maintaining Access
Covering Tracks
Pentest Analysis and Report Planning:
Analyze pentest results
Report pentest results

Note: The page assignment length requirement applies to the content of the assignment. Start the assignment with an Ace homework tutors – APA formatted title page and add a reference section with at least two professional references. Use the references in the text of the assignment. For assignments that require use of the template, insert the completed template into the Ace homework tutors – APA document. Delete the assignment instructions from the document. This will improve the originality score from Safe Assign. Make sure to check the SafeAssign originality score. Individual assignments can be submitted more than once to correct any content, quality, or originality issues.

Penetration Testing

Company name: Amazon
Penetration Testing Scope Statement
Criteria Response
Project Title: Penetration Testing
Project Sponsor(s): CEO, CIO, CISO, and the board
Business Context for the Penetration Test: The penetration testing is on the company is based on a security assessment that aims at helping the company identify technical vulnerabilities in IT and communications systems that can be exploited by potential threat actors.
Project Scope Description: The project will conduct internal and external network testing, physical social engineering testing, Wi-Fi testing, and physical security testing.
Date Prepared: 3rd October 2020
Prepared By:

Penetration Test Pre-Planning
Team Location (s) Organization Location(s) Client Personnel Aware of Testing Resources Provided to Pentest Team • Pentest Technologies Used
Company headquarters in Seattle, WA. Seattle (headquarters) 410 Terry Ave N The organization will be contacted on the day and time the testing will be conducted. The client personal aware of the test in are IT team in all locations. Specialized OS distribution and software frameworks • The Network Mapper (NMAP)
• John the Ripper
• TheHarvester
• Kismet
• Wireshark
Company headquarters in Seattle, WA. Arlington, US. Crystal City. Specialized OS distribution and software frameworks • TheHarvester
• Kismet
• Nessus
• The Network Mapper (NMAP)
• John the Ripper
Company headquarters in Seattle, WA. Atlanta, US. 3333 Piedmont Rd NE. Specialized OS distribution and software frameworks • The Network Mapper (NMAP)
• John the Ripper
• Kismet
• Wireshark
• Hashcat
Company headquarters in Seattle, WA. Bellevue, US. 425 106th Ave NE. Specialized OS distribution and software frameworks • TheHarvester
• Kismet
• Burpsuite
• John the Ripper (Das, 2020).

High-Level Work Schedule: Project Scope
Description of Work/Pentest Boundaries Constraints
The items to be tested include the company website, web application, email and domain name servers (DNS), employ credentials, and network. The social engineering test boundaries include note threatening to harm someone, must obtain federal documents, not allowed to impersonate law enforcement, and not obtaining social security numbers or personal information from unsuspecting targets (Goodchild, 2013). The acceptable requirement for social engineering include obtain valid contract under the local laws, separating the phase of the test to avoid outside harm, and informing the appropriate people before the test begin. The boundary for physical security check is not to conduct a test without notifying the personnel in the location. The invasive pentest attacks should not cause the contamination, modification, or loss of the company data, disclose data to third parties or testers, and result in loss of defenses against real attacks (Turpe, & Eichler, n.d.). The corporate policies of the Amazon that will affect the test include password management policy and the data access policy. Various limitations that would hinder high-level work include limitation to access to the target environment. Time limitation may also affect the high-level work schedule, since the testing will be conducted as a timeboxed assessment, which is required to be completed in a predefined time period (Anagani, 2020).
Milestones Duration (Days)
Reconnaissance
Scanning
Gaining access
Maintaining access 4
3
2
3

Appropriate Authorization (Including Third-Party Authorization)
Title/Organization Description of Authorization and Consent
Financial Industry Regulatory Authority (FINRA) The authorization to test systems of the company that are associated with finance will be provided by FINRA
American Institute of CPAs The authorization for the test provided by American Institute of CPAs, to ensure the testing upholds to security, availability, privacy, confidentiality, and processing integrity.
Payment Card Industry Data Security Standard (PCI DSS) Amazon services involve the use credit cards by customers requiring authorization to test systems.

Reconnaissance Pentest Activities
Reconnaissance Deliverable Name Reconnaissance Deliverable Description
Web search engine Running common web search to acquire as much information as possible.
Building Recon Gaining ability of using entry practices by users.
Public network scanning Finding access vulnerabilities in public Wi-Fi networks broadcasted by the company.
Footprinting The activity is used in gathering company information regarding security footprint from the outside looking in.

Scanning Pentest Activities
Scanning Test Deliverable Name Scanning Test Deliverable Description
NMAP The activity is used to determine the potential point of ingress by tracing hops of a packet send travelling from the company location to the target.
Web application scanning The activity involves scanning of the application code for vulnerability analysis (Passi, 2018: 2024 – Write My Essay For Me | Essay Writing Service For Your Papers Online).
Nessus the network is scanned for vulnerabilities
Burpsuite The web applications are scanned for potential vulnerabilities.

Gaining Access Activities
Gaining Access Activity Name Gaining Access Activity Description
Spear phishing The reconnaissance is used at this activity to launch targeted phishing attack to access to the system.
VPN scanning The VPN tunnel is scanned for vulnerabilities and the attempt to access the system externally using VPN.
Attempted Tailgating This involves gaining physical access to the building to learn more about the work station environment.
Hashcat The activity involves attempts to gain access through passwords by testing the passwords using dictionary words and information of the company.

Maintaining Access Activities
Maintaining Access Activity Name Maintaining access Activity Description
Data exfiltration The activity involves transferring of data from computers or the server for a certain period to an external period. Data exfiltration will be conducted through web protocols, email, or tunneling protocols.
Conduct a covert channel The activity involves transfer of data through secrete communication tunnels within a network including DNS tunnels, HTTO tunnels, and VoIP.

Using a backdoor on the network The backdoor tunnel is planted into the network.

Covering Tracks Activities
Covering Tracks Activity Name Covering Tracks Activity Description
Deleting logs Logs deletion is conducted to ensure there is no presence of suspicious logs activities.
Hiding files Hiding file is conducted to make it difficult for the delete, especially when hidden in other simple files such as images or audio.
Hiding malicious processes The activity was conducted to hide malicious processes from monitoring system processes.

Pentest Analysis and Report Planning
After completing the test, the pentest analysis is conducted, which involves documenting the methods used in gaining access and maintain access to the systems. The analysis includes recommendations on how to solve and remediate the vulnerabilities discovered within the environment.
The report planning will include presentation of written recommendations from the test, reviewing the findings from the pentest analysis, and providing detailed explanations regarding insights and opportunities to improve the security posture of the company.

References
Anagani, S. (2020). Major Limitations of Penetration Testing You Need to Know. Medium. Retrieved from https://towardsdatascience.com/major-limitations-of-penetration-testing-you-need-to-know-3f99d2b72c47
Das, R. (2020). The Top 5 Pentesting Tools You Will Ever Need. INFOSEC Resources. Retrieved from https://resources.infosecinstitute.com/category/certifications-training/pentesting-certifications/top-pentesting-tools/
Goodchild, J. (2013). Social engineering in penetration tests: 6 tips for ethical (and legal) use. CSO. Retrieved from https://www.csoonline.com/article/2133330/social-engineering-in-penetration-tests-6-tips-for-ethical-and-legal-use.html
Passi, H. (2018: 2024 – Write My Essay For Me | Essay Writing Service For Your Papers Online). Penetration Testing: Step-by-Step Guide, Stages, Methods and Application. GreyCampus. Retrieved from https://www.greycampus.com/blog/information-security/penetration-testing-step-by-step-guide-stages-methods-and-application
Turpe, S., & Eichler, J. (n.d.). Testing Production Systems Safely: Common Precautions in Penetration Testing. Retrieved from https://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.149.4864&rep=rep1&type=pdf

Order | Check Discount