If you're here, then you must have a few questions. Please allow us to clarify a few things before we get to the essentials. Below, you will learn about the different types of Penetration Testing, some tools of the trade used to test security, then lay out a few educational scenarios.
-Every home and business has locks on the doors. But these locks were not created equal. A Physical Penetration test involves a permitted, but unannounced - test of a buildings physical security - and a concerted effort to improve that security afterwards. Click here for a short video explanation.
Every network has different devices connected to it and allows those devices to communicate with each other and the outside - in a protected environment. A Digital Penetration Test challenges the security of that network in order to find and patch vulnerabilities. Click here for a short video explanation.
Digital Dropkick has a lifetime of study and usage with the tools required to test the security of different types of networks. From the early 2000's when this software was being developed, we were utilizing it to break in to our own networks for fun. Over the years as the software grew, so did we. To date, we have successfully exploited hundreds of different operating systems, software applications, networks and hardware devices.
If you want to evaluate and understand in simple terms the security of your system, allow us the pleasure of showing you.
We have intimate knowledge of programs like Metasploit, used to deliver payloads like opening a reverse shell inside your system for control from a remote locations. If this bothers you, good. It should bother you. We know how to guard against it as well as operate it. Who better than someone like us to help you? We wear the "White Hate" of the industry - Don't allow the "Black Hat" an easy path to your data. Learn Karate from a black belt.
Below are some tools regularly available on the internet. With limited technical knowledge, a bad actor can utilize these tools and successfully gain access to your systems in different ways. Not only are there tools available to meet this end, but there are people that will tailor fit an attack specifically designed for your network
All your Social Media is up there for pretty much anyone to see. Where you work - LinkedIn. What you like to do - Instagram. What/Who you care about - Facebook...And so, so much more. These sites include your email addresses. Your phone number. Sometimes even your address. You don't want to take it all down but, you don't exactly want it all up there for everyone to see either. It's a catch 22.
People that know how to look can scoop this information out of the internet easily. Search engines make it easy to find specific information about specific people - if you know how to refine your searches properly. With pieces of this information it's surprisingly easy to create a profile on someone with little effort.
Because of this, people are hacked every day of the week. User names, passwords, emails, phone numbers and addresses are more often than not, readily available on the darkweb in data breaches.
Is intelligence produced from publicly available information that is collected, exploited, and disseminated in a timely manner to an appropriate audience for the purpose of addressing a specific intelligence requirement. All this information is free, for those who know how to look.
I mention this to remind you how easily a motivated attacker can find out whatever they want for an attack against you specifically. Some people born of a certain generation...have been doing things like this they're ENTIRE lives and know not only the tricks to find people, but the ones that can best protect them also.
For more information on OSINT visit Wikipedia here.
If you don't, there are programs like Hashcat, RainbowCrack, John the Ripper, Medusa, The Hydra, CeWL, Miikats, Dirbuster, Cain and Able...I think you get the idea. There are many, many more. These programs are used to break your passwords and are easy to use.
Social Engineering is a way of gathering information, often used in conjunction with both physical and digital testing. With tools like Maltego, an "agent" can easily appear to be someone they aren't by saying all the right things at exactly the right time.
Do you have any idea how easy it is to clone a website? Like maybe a website that makes you login with your username and password? SET Tool-Kit is one such tool used to allow for this very thing...One of many tools used to collect login credentials.
Once an attacker is connected to your WiFi, they are connected to every computer on that network. Including POS machines. There are so many tools - Reaver, Kismet, AirCrack-NG, coWPAtty...the list goes on. All capable of breaking WPA/WPA2 and PSK encryption - Unless you are protected.
Don't feel bad - the majority of desktop computers run Windows. You have a business - of course you have Windows...Just be aware there are a ton of tools out there that allow for exploit and malware development like WinDBG. Real life bad actors know the business world uses Windows too.
Your phone is pretty much your the key to everything you do. Did you know we can not only clone your phone, but take it over remotely? The majority of the tools necessary require physical access at some point, but others just need you to open an email, text, or URL.
The TONs of hardware tools available for purchase on the internet that streamline these attacks. Tools like the Rubery Ducky, Lan Turtle, WiFi Pineapple and WiFi nugget can compromise your network and attack multiple vectors at the same time. If you are the target of a motivated attacker, very little technical knowledge is necessary to do more than you would ever imagine. You won't realize what happened until long after it's too late. You should learn some Digital Karate.
Being within close proximity to a target network is the easiest way in. Take a look at the picture to the right, This is a Raspberry Pi - This device, when coupled with a battery pack can give access to a system for an entire day or longer. Plenty of time to exploit your network, acquire target data and send it anywhere in the world. The only catch? You have to physically plug in.
Ideally, an attacker would break through your outer physical defenses and plug this in to an ethernet port - but Wi-Fi works too. Once connected - Everything else is the easy part.
The majority of those with important data at least try to keep it safe. Systems like RFID locks and long alphanumeric passwords come to mind. But you would be amazed at how trusted you can become by just having a physical presence where everyone ese is trusted. All it takes is a confident demeanor, a friendly disposition and some inside information. Once there, the world in your oyster. Don't believe me? Prove me wrong then.
Once on a trusted computer inside the host network, that network believes any action performed is a legitimate command from an administrator. Including sending all incoming and outgoing data to a 3rd party. Data like payment information, emails, and credit card transaction information - pretty much anything that a bad actor could want, could then be on demand and in real time taken on an on goin basis
All this - Plus - physical access grants an attacker the power to physically take whatever they want. Don't forget that part.
This is where we, with your express written permission, perform a complete security audit of your home or business. This includes both a Physical and Digital Penetration Test over the course of a before hand chosen range of dates.
Including, but not limited to - Phishing attempts, Network Penetration, Offloading of a pre selected file from your protected file server, Remote phone access attempts, and Physical location penetration attempts.
Afterward, We generate a report containing what vulnerabilities we found and apply the solutions with your permission. This is the best option as you will understand deeply how at risk you were, and will learn ongoing best practices to keep you, your employees and family safe moving forward.
Purely Digital Penetration Test. We will take every tool at our disposal and throw it at your digital presence over a predefined set of dates. What will we be able to do? Send an email from your account? Steal a pre selected file? Log in to a social media account? Maybe even invoice a customer of yours? You may be surprised.
After the attack we will generate a report outlining what vulnerabilities we found and were able to exploit- Then make recommendations as to what can be done to make sure nothing like this happens ever, ever again.
A Complete Physical Security Audit. A test of your castle's defense capabilities, with express written permission. Over the years we've learned quite a few tricks of the trade and are confident we can bypass most situations. Again, a set of dates are selected and we begin. The goal being access beyond a preselected perimeter. Normally, this means you think we can't gain access to an area, and we think we can.
Afterward, a report is generated and recommendations are given with possible solutions along with educational best practices for you and your team.