Sanchez, Adrian B.

BSIT-C432

REVIEWER

What is Penetration Testing?

- A method for gaining assurance in the security of an IT system by attempting to breach some or
all of that system's security, using the same tools and techniques as an adversary might.

Importance of Penetration testing?

- Penetration tests are essential to an organization's security because they teach staff members
how to respond to any kind of attack from a hostile party.

Purpose of Penetration testing

- Finding security flaws in a network, system, or piece of software is the primary objective of
Penetration testing.

Methods Of Penetration Testing

External Testing - External penetration tests target the assets of a company that are visible on the
internet, e.g., the web application itself, the company website, and email and domain name servers
(DNS). The goal is to gain access and extract valuable data.

Internal Testing - In an internal test, a tester with access to an application behind its firewall simulates an
attack by a malicious insider. This isn’t necessarily simulating a rogue employee. A common starting
scenario can be an employee whose credentials were stolen due to a phishing attack.

Blind testing - In a blind test, a tester is only given the name of the enterprise that’s being targeted. This
gives security personnel a real-time look into how an actual application assault would take place.

Double-blind testing - security personnel have no prior knowledge of the simulated attack. As in the real
world, they won’t have any time to shore up their defenses before an attempted breach.

Targeted testing - In this scenario, both the tester and security personnel work together and keep each
other appraised of their movements. This is a valuable training exercise that provides a security team
with real-time feedback from a hacker’s point of view.
Stages Of Penetration Testing

Reconnaissance – In this phase, the tester gathers as much information about the target system as they
can, including information about the network topology, operating systems and applications, user
accounts, and other relevant information.

Scanning – In this penetration testing phase, the tester uses various tools to identify open ports and
check network traffic on the target system. Because open ports are potential entry points for attackers,
penetration testers need to identify as many open ports as possible for the next penetration testing
phase.

Vulnerability Assessment – The third penetration testing phase is vulnerability assessment, in which the
tester uses all the data gathered in the reconnaissance and scanning phases to identify potential
vulnerabilities and determine whether they can be exploited.

Exploitation – Once vulnerabilities have been identified, it’s time for exploitation. In this penetration
testing phase, the penetration tester attempts to access the target system and exploit the identified
vulnerabilities, typically by using a tool like Metasploit to simulate real-world attacks.
Reporting – Once the exploitation phase is complete, the tester prepares a report documenting the
penetration test’s findings. The report generated in this final penetration testing phase can be used to fix
any vulnerabilities found in the system and improve the organization’s security posture.

PENETRATION TESTING: Approach; Methodology, Types of test and Rates

Penetration Test Methodology - A penetration test is based on a four-phase methodology, which is a

cyclic process: Recon, Mapping, Discovery, Exploitation.

Recon - Searching for open-source information on the target of the security audit.

Mapping - Listing all functionalities of the audit target.

Discovery - Looking for vulnerabilities through manual searches and automated tools.

Exploitation - Testing possible exploitations of the flaws identified in the previous phase.

Why Should I Perform a Penetration Test?

- Reveal Vulnerabilities
- Show real risks
- Test your cyber-defence capability
- Ensure business continuity
- Have a third party expert opinion
- Follow regulations and certifications
 - Maintain Trust

TYPES OF TESTS

Web Platform - Tests for vulnerabilities related to web server configuration and the application layer.

Mobile Applications - Tests for vulnerabilities in mobile applications, including static and dynamic
analysis.

Connected Device -IoT - Tests for security flaws in the hardware, embedded software, communication
protocols, servers, web, and mobile applications.

Infrastructure and Network - Tests for flaws related to service configuration and operating system
architecture on external infrastructure.

Social Engineering - Tests the human factor of the company to assess staff reflexes when facing phishing
attempts, telephone attacks, and physical intrusion.

WHAT’S THE RESULT OF A PENETRATION TEST?

Security Measures and Best Practices to Implement - The final aim of a penetration test is to provide

concrete recommendations to improve the security level of the target.

Complementary Analysis - More in-depth penetration tests, or on portions of the target not included in
the scope of the previous test; White box audits, to take the security analysis a step further.

Cost of Penetration Testing

Ranges from 3k€ to 20k€

Legal Framework in Relation to Ethical Hacking

Legal Protections and Conditions for Ethical Hacking

Legal protections and conditions that control the activity of ethical hacking, commonly referred to as
"white hat" hacking, are referred to as legal safeguards and conditions for ethical hacking. Ethical
hacking is the practice of authorized people or groups conducting security audits and penetration tests
to find weaknesses in computer networks, applications, or systems with the goal of enhancing their
security.
Despite the fact that legal protections for ethical hacking differ from nation to nation, there are some
universal guidelines and requirements that are frequently followed. Here are a few crucial elements:

•Authorization

• Scope

• Non-Disclosure

• Privacy Protection

• Reporting

• Legal Immunity

• Compliance with Laws and Regulation

PRACTICAL ETHICAL HACKING EXERCISE

What is Practical Ethical Hacking Exercise - Practical ethical hacking exercises are activities or challenges
designed to help individuals learn and practice ethical hacking techniques in a safe and controlled
environment.

What is Hacking Tools?

- Hacking Tools are computer programs and scripts that help you find and exploit weaknesses in
computer systems, web applications, servers and networks.

Two main types of Hacking Tools

- Offensive Hacking Tools

- Defensive Hacking Tools

LAWS: Ecommerce, Data Privacy and Cybercrime Law

E-commerce Laws:

E-commerce laws govern online business transactions and consumer rights. These laws typically cover
areas such as online contracts, consumer protection, electronic signatures, taxation, intellectual property
rights, and advertising regulations. In many countries, e-commerce laws are often integrated into
existing commercial laws.

Data Privacy Laws:

Data privacy laws aim to protect individuals' personal information and govern how organizations handle
and process such data. Many countries have implemented comprehensive data protection laws, such as
the European Union's General Data Protection Regulation (GDPR) and California's California Consumer
Privacy Act (CCPA). These laws typically regulate the collection, storage, use, and sharing of personal
data, as well as individuals' rights regarding their data.

Cybercrime Laws:

Cybercrime laws focus on criminal activities committed through the use of computers, networks, or the
internet. They aim to prevent and address various cybercrimes, including hacking, identity theft, fraud,
malware distribution, online harassment, and other illegal activities conducted in cyberspace.
Cybercrime laws may encompass offenses, penalties, investigation procedures, and international
cooperation mechanisms to combat cyber threats.

"Cybercrime Prevention Act of 2012″.

The "Cybercrime Prevention Act of 2012" is a law in the Philippines that aims to address offenses
committed through the use of computer systems and the internet. It was enacted to combat various
forms of cybercrime and provide mechanisms for prevention, investigation, suppression, and the
imposition of penalties.

• The law, officially known as Republic Act No. 10175, covers a wide range of cybercrimes and
includes provisions related to the following:
• Offenses: The law identifies and penalizes various cybercrimes, including hacking, data
interference, identity theft, online fraud, cybersex, child pornography, cyber bullying, and other
similar offenses.
• Cybersecurity: It establishes provisions to enhance the security and integrity of computer
systems and networks, promoting measures to prevent cyber threats, and encouraging
cooperation between government agencies and private entities.
• Investigation and Enforcement: The law provides authorities with powers to investigate
cybercrimes, including the preservation and disclosure of computer data. It also outlines
procedures for search and seizure of computer data, surveillance, and other necessary actions
for law enforcement.
• Penalties: The law specifies penalties for different cybercrimes, with corresponding
imprisonment terms and fines depending on the severity of the offense. It also includes
provisions for liability of juridical persons (organizations or corporations) involved in cybercrime
activities.
• International Cooperation: The law establishes provisions for international cooperation in
addressing cybercrimes, including mutual assistance and extradition of offenders.
GCash Issue May 2023

After users experienced illicit withdrawals from their personal accounts, e-wallet giant GCash reassured
its more than 81 million users that the service is still safe to use. In a statement, GCash said that it had
restored the fund balances of customers who had been harmed by what looked to be a deliberate
attempt by as-yet-unidentified people to steal money from its clientele. Yesterday, GCash had a brief
outage that restricted user access to the app and prevented users from accessing their cash in the e-
wallet. Several GCash customers discovered that illicit transfers totaling tens of thousands of pesos had
been made into their accounts. GCash looked into the pattern and said that there had been no hacking,
although it omitted to explain why some consumers had lost their money. By three in the afternoon,
GCash had finished correcting the impacted users' fund balances. Additionally, it stuck by its conclusions,
rejecting any hacking of any kind and asserting that the app is still a safe platform for currency
transactions. GCash advised users to restart their phones to avoid any complications and reminded them
to keep their passwords to themselves. As part of precautionary steps to safeguard funds, GCash asks
users to enter their MPIN in order to activate their account in the app and an OTP in order to execute a
financial transaction. Also, requires to never share their MPIN (mobile personal identification number)
and OTP (one-time pin) to anyone.