We were recently hired to perform an interesting Advanced Stealth Penetration test for a mid-sized bank.The goal of the penetration test was to penetrate into the bank’s IT Infrastructure and see how far we could get without detection.This is a bit different than most penetration tests as we weren’t tasked with identifying risks as much as we were with demonstrating vulnerability.
The first step of any penetration test is reconnaissance.Reconnaissance is the military term for the passive collection of intelligence about an enemy prior to attacking that enemy.It is technically impossible to effectively attack an enemy without first obtaining actionable intelligence about the enemy. Failure to collect good intelligence can result in significant casualties, unnecessary collateral damage and a completely failed attack.In penetration testing, damages are realized by downed systems and a loss of revenue.
Because this engagement required stealth, we focused on the social attack vectors and Social Reconnaissance.We first targeted FaceBook with our “FaceBook from the hackers perspective” methodology.That enabled us to map relationships between employees, vendors, friends, family etc.It also enabled us to identify key people in Accounts Receivable / Accounts Payable (“AR/AP”).
In addition to FaceBook, we focused on […]