Phase 2 - Enumeration: Finding Attack Vectors
During the enumeration phase, possible entry points into the tested systems are identified.
The information collected during the reconnaissance phase is put to use here.
The Planning Phase
RedTeam Pentesting gave us an extremely professional service, and each year they find new issues to check for and new ways to exploit Software weaknesses. We have the impression they are helping us to stay ahead of the curve in the fight to avoid hackers successfully compromising any of our sites. We particularly like the fact that they are very easy to work with, without sacrificing any professionalism or competence. Their demonstration sessions in report meetings of weaknesses can be devastating - but this is exactly the effect needed to show developers and non-technical people about the dangers of bad code on the Internet.
In contrast to the reconnaissance phase, pentesters actively query specific systems during enumeration, to gather as much information as possible. In a network test, this can be the obligatory portscan, directly querying single services or the identification of the tested systems' individual security weaknesses. Other problems can also be found in a company's physical security concept, for example concerning publicly accessible areas, radio links between buildings or access control systems.
Discovering Weaknesses
During enumeration, information is systematically collected and individual systems are identified. The pentesters examine the systems in their entirety. This allows to evaluate security weaknesses that not necessarily stem from a technical problem. A technically secure password protection can for example prove to be worthless if attackers are able to see a user's password entry through a window. During the enumeration, the pentesters collect information about potential weaknesses that are either verified or disproved during the exploitation phase.
The Toolbox
RedTeam Pentesting uses a broad variety of software and specialized hardware. In the software area, free and commercial, as well as programs developed in-house are available. On the hardware side, devices such as keyloggers or special wireless hardware are used. But hard- and software are only a penetration tester's toolbox. A successful penetration test thrives from the pentesters' know-how and creativity. As the enumeration phase oftentimes prepares the actual attacks, creativity in finding ways to access the target systems is imperative. RedTeam Pentesting always works in teams, to optimally bundle and apply the pentesters' individual creativity. For the customer, this approach pays off in the end.
All potential problems identified in this phase are verified in the next step. Now, during the exploitation phase, real attacks are performed under inclusion of the knowledge gained from the collected information.
