TRIDENT offers our services in the field of cyber security to help you protect your organization effectively from cyberattacks and data breaches. You will benefit from our certified security experts' broad expertise in vulnerability assessment, penetration testing and security audit. Find and fix vulnerabilities first before the hackers do to safeguard your interests.
Since the dawn of the Internet, we have had to balance connectivity with security in our organization. Fortunately, with our experienced and GIAC certified penetration tester teams, we would simulate a real-world attack on your networks through a systematic process of manual network penetration testing.
The primary objective of network penetration tests is to identify exploitable vulnerabilities in your network, hosts and network devices before hackers are able to discover and exploit them.
This type of assessment is an attack simulation carried out by our highly-trained security consultants in an effort to:
  • Identify security flaws present in the Internet facing network environment
  • Understand the level of risk for your organization
  • Help address and fix identified network security flaws
Trident Technologies network penetration testing service follows PTES (Penetration Testing Execution Standard) to identify critical network-centric vulnerabilities that exist on all in-scope networks, systems and hosts. The approach is broken into the following phases.
1. Pre-engagement Interactions
Pre-engagement interactions are all the meetings and documentation that must occur prior to any penetration testing actions. The importance of properly documenting the penetration test cannot be emphasized enough. In this phase, we try to establish the following:
  1. Scope
  2. Goals
  3. Testing Terms and Definitions
  4. Establishing Lines of Communication
  5. Rules of Engagement
  6. Capabilities and Technologies Implemented
  7. Permission to perform the test
2. Intelligence Gathering
Intelligence Gathering is performing reconnaissance against a target to gather as much information as possible to be utilized when penetrating the target during the vulnerability assessment and exploitation phases. Activities performed include:
  • Open Source Intelligence (OSINT)
  • Mapping network infrastructure via:
    1. Zone Transfers
    2. DNS Bruting
    3. Reverse DNS
    4. Ping Sweeps
    5. Port Scanning
    6. SNMP Sweeps
    7. SMTP Bounce Back
    8. Banner Grabbing
  • OS Fingerprinting
  • Social Engineering
3. Threat Modeling
Threat Modeling is the use of abstractions to aid in thinking about risks. It can help us to generate a list of prioritized threats applicable to the system that we are analyzing, as well as inform about the risk management process.
4. Vulnerability Analysis
Vulnerability Analysis is the process of discovering flaws in systems and applications which can be leveraged by an attacker. These flaws can range from host and service misconfiguration, or insecure application design. We utilize both automated tools as well as passive testing to detect vulnerabilities. The automated tools include but not limited to:
  1. Open Vulnerability Assessment System (OpenVAS) (Linux)
  2. Nessus (Windows/Linux)
The tools that we utilize in passive testing includes:
  1. Wireshark
  2. Tcpdump
  3. Metasploit Scanners
5. Exploitation
The exploitation phase focuses soley on establishing access to the system or resource by bypassing security restrictions. After determining a collection of vulnerabilities that exist within the system, suitable targets are identified to begin an intrusive attack to test the system's defences. The activities that comprises the exploitation phase includes:
  • Anti-Virus Bypass
  • Fuzzing
  • Sniffing via Wireshark and Tcpdump
  • Password Cracking, Password Guessing
  • Network Pivoting, Network Service Exploitation
6. Post-Exploitation
The purpose of Post-Exploitation phase is to determine the value of the machine compromised and to maintain control of the machine for later use. The activities that comprises the post-exploitation phase includes:
  • Extracting blind files
  • Finding Important Files
  • Remote System Access
  • Binary Planting
  • Uninstalling Software
  • Obtaining Password Hashes in Windows
7. Reporting
Finally, a report summarising the penetration testing process, analysis and commentary of vulnerabilities identified would be submitted. Critical vulnerabilities identified should be addressed immediately to the overseeing management.
Our approach consists of about 80% manual testing and about 20% automated testing. Actual results may vary slightly. While automated testing tools affords the test team greater efficiency on repetitive testing tasks, we strongly believe that an effective and comprehensive penetration test can only be realized through a rigorous manual driven approach.
Contact us for a quote now
Web applications play a vital role in every modern organization and majority of security attacks are aimed at the web application layer. In this service, we also adopt PTES (Penetration Testing Execution Standard) as depicted under "Network Penetration Testing". We will examine your web applications against the following OWASP Top 10 (2017) vulnerabilities:
  • A1 - Injection Flaws
  • A2 - Broken Authentication & Session Management
  • A3 - Cross-Site Scripting (XSS)
  • A4 - Broken Access Control
  • A5 - Security Misconfiguration
  • A6 - Sensitive Data Exposure
  • A7 - Insufficient Preparation for Attacks
  • A8 - Cross-Site Request Forgery (CSRF)
  • A9 - Using Components with Known Vulnerabilities
  • A10 - Underprotected APIs
We utilize the following tools for our web penetration testing:
  1. Netsparker
  2. Burp Suite
  3. Metasploit
  4. Port Scanners
  5. SQLMap
We will attempt to penetrate the web application based on the vulnerability discovered to reflect the impact of the risk involved based on the industry standard OWASP web application testing methodology.
You may choose a Web Application Vulnerability Assessment as a lower cost alternative to Web Application Penetration Testing where we will only report on the vulnerability without exploitation.
Contact us for a quote now
Wireless is growing in deployment and utilization with wireless LAN technology and Wi-Fi as well as with other applications, including cordless telephones, smart homes, embedded devices and more. Our Wireless Penetration Testing services include:
1. Signal Coverage & Overextended Network

Description:

Detect wireless signal coverage within the intended area, mitigate the risk of attacking and eavesdropping from remote uncontrolled location.

Method:

War driving the area and draw the signal heat map to illustrate the signal coverage and report the overextended signal.

Goals:

The goals of this activity include:
  • Signal Coverage
  • Devices hardware model, software or firmware version disclosed
  • Network infrastructure

Standard Compliance

  • OWISAM Top 10
2. Wireless Authentication & Encryption Testing

Description:

Detect insecure key generation algorithms and weak passphrase.

Method:

  • WEP replay attack
  • WPA(2) - PSK key exchange sniffing and dictionary/brute-forcing attack.
  • WPS enabled detection and PIN brute-forcing
  • Insecure authentication mechanisms (LEAP, PEAP-MD5..) and attack.

Goals:

The goals of this activity include:
  • Recovered key and insecure encryption
  • Dictionary/Brute-forcing duration for evaluating passphrase strength.
  • WPS enabled device and recovered PIN

Standard Compliance

  • OWISAM Top 10
  • NIST 800-153
  • NIST 800-97
3. Open Wireless Network & Controller Testing

Description:

Identify risk of open wireless network, detect vulnerabilities of controller server.

Method:

  • Sniff open network packet
  • Session haijacking.
  • Impersonate controller/workstation.
  • Vulnerabilities scanning controller server/web portal.
  • Penetrate controller server.

Goals:

The goals of this activity include:
  • Controller server/web app vulnerabilities.
  • Controller server fingerprinting detail.
  • Sniffing/Haijacking process.

Standard Compliance

  • OWISAM Top 10
  • NIST 800-153
  • NIST 800-97
4. Insecure Network Not Authorized By The Organization

Description:

Test the security configuration compliance for the wireless network.

Method:

  • Setup rogue access point.
  • Impersonate AP to interact client machine.
  • Fake RADIUS server authentication

Goals:

The goals of this activity include:
  • Review security configuration compliance

Standard Compliance

  • OWISAM Top 10
  • NIST 800-153
  • NIST 800-97
  • Wireless Communication Standard
5. Detect Rogue Access Point

Description:

Search the premises for rogue access points.

Method:

  • Wardriving

Standard Compliance

  • NIST 800-153
  • NIST 800-97
6. DDos Attack Testing

Description:

Test whether the network is vulnerable to Distributed Denial-of-Service attack.

Method:

  • Utilize File2air, or any other 802.11 frame-generating tool to flood the wireless network­
  • Send spoofed deassociation and deauthentication frames floods

Standard Compliance

  • NIST 800-153
  • NIST 800-97
Contact us for a quote now
Effective auditing that brings value to your organization requires the identification of where the biggest risks are and placing effective controls, policy or procedures that can mitigate and inform about those risks. With these in place, a security audit will provide the means of measuring them against industry best practices to determine if there is a need for improvement at a level higher than the application or system level.
We are proficient in the following areas:
  • Auditing Networking Devices & Services
    Focus on auditing common network devices and services, including routers, switches, wireless infrastructure, virtualized services, VoIP, mail DNS, and remote access services.
  • Auditing Unix Systems
    Audit Unix based on existing security accreditation process or industry best practices in terms of configuration, services running, account management, monitoring controls, etc.
  • Auditing Windows Systems
    Audit Windows system against an existing baseline or industry best practices in terms of the configuration, services running, password and security policy, monitoring controls, etc.
  • Web Application Security
    Audit web applications, including their configuration, authentication, session management, data security at rest and in transit, and vulnerabilities to common attack
Contact us for a quote now
Expertise