Test list
Entire customer IT infrastructure
Implementation methods
The NCS Red Team will carry out an attack targeting the entire IT infrastructure of the customer according to a process consisting of the following steps:
- External Reconnaissance: The step of researching the target of attack. Targets include both systems and people. Some of the information that needs to be collected at this step are:
• Domains, IPs, services, public web applications of customers.
• This information is for future pentesting.
• The client’s organizational model.
• Personal information, such as email accounts and login accounts, may be leaked to the customer’s application. Access to at least one email account increases the likelihood that phishing emails to other email addresses will succeed.
- Initial Compromise: Attempt to execute code snippets and system statements on one or more server/workstation systems. This can be achieved by exploiting security vulnerabilities on public systems that enable RCE (Remote command execution). In addition, if necessary, phishing attacks can be carried out on users to control an internal user’s computer.
- Establish Foothold: Use tools/techniques to establish connection points/locations that can control and control objects (objects can be servers, user computers, etc.)
Privilege Escalation: Escalating privileges and attempting to obtain the highest traffic on the system.
- Persistence: Ensuring continued control of the hijacked system.
- Lateral Movement: Implementing attacks on other systems in a successfully compromised environment to capture other critical systems in the customer’s network.
- Exfiltration: Capture screenshots of some information as evidence of the attack and successful access to sensitive data.
Outcomes Result
The results report includes the following contents:
- Overview of purpose and scope of implementation
- Summary of approach, method of implementation
- Detailed results by stage of RedTeaming service implementation
- Plan to overcome weaknesses and security vulnerabilities taken advantage of during the service implementation.
- Recommendations to improve information security defence and monitoring