Attack: is the set of activity applied trying to exploit a vulnerability or a group of
vulnerabilities in order to be able to affect availability, integrity or confidentiality.
Attacks can happen without being able to reach their targets. We call the attack
that succeeded to achieve any of its target a security breach and the application
as a compromised application.
Attackers normally follow a strict step by step approach to execute attacks
because it is well known that attacks based on random approach without good
planning mainly end unsuccessfully or by attacker identity discloser.
The process steps are the following:
1- Mapping: this step is about collecting information from all available
sources
2- Analyzing: in this step the attacker gains the real added value after
analyzing and intersecting collected information.
3- Executing: this step is where the attacker will begin the penetration trial
to compromise the victim application.
4- Covering trace: as hacking is an illegal act any trace that lead to disclosing
the attacker real identity will cause him a serious problem additionally
being detected in pre-attack or during attack might cause throwing all
time invested in Mapping and analysis phases this is why the attacker
needs to cover his trace and minimize the attack detection possibility.
Trace coverage is a process that should begin with mapping phase and
finalize the whole process.
Mapping
Mapping includes all tasks done for the purpose of collecting information about
application and infrastructure of the potential victim.
Mapping infrastructure: mapping infra structure includes collecting
information about servers’ networks operating systems and DNS entries of the
potential victim.
Mapping Application: this includes creating a full profile for the application
comprising functionalities, components, flow and data.
We will cover those main tasks focusing on application mapping more than infra
structure due to the subject scope.
Mapping infrastructure
Even though that mapping infra structure is outside our course scope but it is
vital to remind with some of the main practices and tools that can be used in that
phase
0 comments: