Phase 2 - Enumeration: Finding Attack Vectors
During the enumeration phase, possible entry points into the tested systems are identified.
The information collected during the reconnaissance phase is put to use here.
The Planning Phase
A big 'thank you' to RedTeam Pentesting for the professional advice (on short notice) and the subsequent pentest of one of our most important new applications. We can now go live in good conscience.
In contrast to the reconnaissance phase, pentesters actively query specific systems during enumeration, to gather as much information as possible. In a network test, this can be the obligatory portscan, directly querying single services or the identification of the tested systems' individual security weaknesses. Other problems can also be found in a company's physical security concept, for example concerning publicly accessible areas, radio links between buildings or access control systems.
Discovering Weaknesses
During enumeration, information is systematically collected and individual systems are identified. The pentesters examine the systems in their entirety. This allows to evaluate security weaknesses that not necessarily stem from a technical problem. A technically secure password protection can for example prove to be worthless if attackers are able to see a user's password entry through a window. During the enumeration, the pentesters collect information about potential weaknesses that are either verified or disproved during the exploitation phase.
The Toolbox
RedTeam Pentesting uses a broad variety of software and specialized hardware. In the software area, free and commercial, as well as programs developed in-house are available. On the hardware side, devices such as keyloggers or special wireless hardware are used. But hard- and software are only a penetration tester's toolbox. A successful penetration test thrives from the pentesters' know-how and creativity. As the enumeration phase oftentimes prepares the actual attacks, creativity in finding ways to access the target systems is imperative. RedTeam Pentesting always works in teams, to optimally bundle and apply the pentesters' individual creativity. For the customer, this approach pays off in the end.
All potential problems identified in this phase are verified in the next step. Now, during the exploitation phase, real attacks are performed under inclusion of the knowledge gained from the collected information.