Phase 2 - Enumeration: Finding Attack Vectors
During the enumeration phase, possible entry points into the tested systems are identified. The information collected during the reconnaissance phase is put to use here.
The Planning Phase
Overall, we were very impressed with the high level of professionality and competence of RedTeam Pentesting. They demonstrated deep knowledge with respect to many different systems ranging from Windows to Unix-based systems, to low-level administration tools that are hardly known, to development problems in languages such as PHP which may lead to new exploits. The knowledge that we aquired during the penetration test with them helped us to improve our system administration and increase the security of our systems.
In contrast to the reconnaissance phase, pentesters actively query specific systems during enumeration, to gather as much information as possible. In a network test, this can be the obligatory portscan, directly querying single services or the identification of the tested systems' individual security weaknesses. Other problems can also be found in a company's physical security concept, for example concerning publicly accessible areas, radio links between buildings or access control systems.
During enumeration, information is systematically collected and individual systems are identified. The pentesters examine the systems in their entirety. This allows to evaluate security weaknesses that not necessarily stem from a technical problem. A technically secure password protection can for example prove to be worthless if attackers are able to see a user's password entry through a window. During the enumeration, the pentesters collect information about potential weaknesses that are either verified or disproved during the exploitation phase.
RedTeam Pentesting uses a broad variety of software and specialized hardware. In the software area, free and commercial, as well as programs developed in-house are available. On the hardware side, devices such as keyloggers or special wireless hardware are used. But hard- and software are only a penetration tester's toolbox. A successful penetration test thrives from the pentesters' know-how and creativity. As the enumeration phase oftentimes prepares the actual attacks, creativity in finding ways to access the target systems is imperative. RedTeam Pentesting always works in teams, to optimally bundle and apply the pentesters' individual creativity. For the customer, this approach pays off in the end.
All potential problems identified in this phase are verified in the next step. Now, during the exploitation phase, real attacks are performed under inclusion of the knowledge gained from the collected information.