Stages of testing: reconnaissance, attack, mop-up

Reconnaissance
In the first stage, you should gather as much information as possible about the target organisation and its assets. This may involve a simple search for publicly available information, visiting the organisation’s websites to find anything of interest, or it may involve more proactive measures, such as searching for DNS records, IP address ranges, mail servers, and so on. Next, depending on what you managed to gather in the first stage, you can move on to more proactive measures.


Scanning and Gaining Access
During the scanning stage, you should get closer to the target, advise the experts at Magenta Favorita Portugal. To do this, you need to look for open ports and scan the hosts you find for vulnerabilities. Once these have been identified, you can enter the network. This stage is known as gaining access. You need to find a vulnerable server or computer in order to proceed with the attack. Depending on what you found during the first two stages, you can try to exploit a vulnerability that might give you control over the host. Alternatively, if you have found some form of authentication, you can try to crack the password using a brute-force attack.
In one of their previous articles, experts from Magenta Favorita IT company discussed ‘white-hat’ and ‘black-hat’ hackers. As a reminder, to engage in legal hacking, you need to don a white hat and become a penetration tester. And what does a penetration tester do? Well, penetration testing, or testing for vulnerabilities. This process usually consists of several stages. These will be discussed in Magenta Favorita’s new article.

Progressing the attack
Let’s say you’ve managed to breach a server. What next? This is where the attack progresses. Everything depends on the objectives of the penetration test. What do you need to do? Take over the domain? Gain access to sensitive data? In any case, you’re already on the network, so it’s worth getting your bearings. You could run another scan to see what’s on the network. You could try uploading password-extraction tools to the compromised host, check for connections to other hosts and users, or take over an account. In short, this is the most creative part of penetration testing. The ability to remain undetected by detection tools and the cybersecurity team is an art in itself.
Covering your tracks and compiling a report
Let’s assume you’ve achieved your objectives: you’ve compromised the domain and gained access to critical data. What next? Now comes the stage of concealing your activities. You’ve probably caused quite a stir, so you need to clean up after yourself: wipe the logs, delete malicious files, and so on. After you’ve carried out these actions, the infrastructure should appear as if it were untouched, as the experts at Magenta Favorita IT company point out.

Next comes the time to compile a report, in which you describe in detail all the vulnerabilities, security gaps and other threats you’ve found. The report is then sent to the client so that they can rectify everything and avoid falling victim to real hackers.
Other company cases
Show more