by ./Chucks
Information Risk Consultant, Black Box Penetration Testing Specialist
chuksjonia.blogspot.com
What's Blackbox Penetration Testing?
• This requires no information provided and usually takes the approach an uninformed intruder would use, therefore simulating a very realistic scenario
Scenarios Penetration Testers would use:
• Insider Threat
• Government Spying
• Covert Evidence Acquiring (Cops)
• Fraud
• Theft
• Social Engineering
• Theft
• Organized Crime
• Espionage
• Hacktivism
Blackbox Penetration Testing has several types of assessments; common ones:
• Social Engineering Assessment
• Wireless Security Assessment
• RedTeam Assessment
• Surveillance and Recovery Assessment
• Web Application Security Assessment
• Advanced Persistence Threat Assessment
• External Security Assessment
• Covert Data Acquisition Assessment
• Database Security Assessment
• Social Media and Online Security Assessment
Wireless Security Assessment
• Testing wireless infrastructure
• Ensuring its hardened against unauthorized access
• Use other forms of Assessment e.g Red Team, SE etc
Red Team Assessment
• Term used by Military to test friendly infrastructures
• Used during Blackbox to test Assets on ground, simulate the company infrastructure and perform a fully motivated and funded adversarial attack
Surveillance and Recovery Assessment
• Commonly used before a Red Team Assessment
• Find as much information as possible especially about the organization employees
• May....
Author
- BlogSeptember 23, 2023Leveraging AI in Cybersecurity: Transforming Threat Detection, Prevention, and Beyond
- BlogAugust 24, 2023How Simply Browsing The Internet Gives Scammers An Advantage – And What You Can Do About It
- BlogJuly 1, 2022WEF - WiFi Exploitation Framework
- BlogMay 19, 2022Osmedeus is a Workflow Engine for Offensive Security