External Penetration Testing
It is a combination of manual and automated testing of a client's public facing systems. An external penetration test emulates the role of a malicious attacker on the internet attempting to gain access to an internal network without internal resources or inside knowledge. A YTechX specialist attempts to gather sensitive information through open-source intelligence (OSINT), including employee information, historical breached passwords, and more that can be leveraged against external systems to gain internal network access. The consultant also performs scanning and enumeration to identify potential vulnerabilities in hopes of exploitation.
Our Methodolody
All testing performed under this service are based on the NIST SP 800 - 115 Technical Guide to Information Security Testing and Assessment, OWASP testing Guide (v4) plus other customized testing frameworks.
PLANNING
Customer goals are gathered and rules of engagement obtained.
DISCOVERY
Perform scanning and enumeration to identify potential vulnerabilities, weak areas and exploit.
ATTACK
Confirm potential vulnerabilities through exploitation and perform additional discovery upon new access.
REPORTING
Document all found vulnerabilities and exploits, failed attempts, company strengths and weaknesses.
Thorough Testing
Activities performed during external penetration testing include but not limited to:
Vulnerability Scanning and exploitation
Social media intelligence gathering
Username and account enumeration
Breached credential intelligence gathering
Service, port and website enumeration
Enumerating third parties for data leaks(S3 Buckets, GitHub, etc
Attacking login portals(Website, O365, VPN, etc)
Multi-Factor Authentication (MFA) bypassing
Other testing depends on specific customer content and footprint