Gathering intelligence about the organization, detection of sensitive positions and mapping of external access infrastructure. The gathering can also include active social engineering and in-depth data gathering.
Determination of the attack vector that includes the mail systems; vaults; VPN; web applications; or even users who have the ability to switch between home networks and the organization’s network. This phase also focuses on technical testing of the vector; sandbox evasion, etc.
Defense Perimeter Bypass
- Several attacks will be carried out in order to get access to the corporate network, using data obtained in the initial phase of the attack vector. The goal is to reach a position within the organization that allows us active connection via our command and control server. All of the scenarios gathered in the first stage are valid to attack and will be tested.
- A privilege escalation process will be conducted in order to gain access to sensitive information and to create a reusable access point.
Internal Network Takeover
- “Client takeover” – Bugsec will be focused on two major issues: gaining access to the domain controller servers and elevating ourselves to domain-admin; gaining and extracting of sensitive information. All actions will be done with the client and under the client’s approval and monitoring.
Distributed Denial of Service or DDoS is an attack that denies service for a prolonged period of time and can result in a significant loss of revenue and damage to reputation. As botnets are a commodity that can be rented hourly by criminals for DDoS purposes to inflict damage on websites and equipment, such forms of attack are proving to be of significant concern.
While some organizations are investing in counter-measures, most still have no real insight into the potential impact of one of the most straightforward attacks that criminals use against websites and systems – the DDoS.
BugSec team can help organizations by simulating a DDoS attack to assess how the organization’s systems respond to such an attack, and then provide solutions to mitigate such a risk in the future.
Bugsec developed a global cloud-based environment in order to provide a unique service, in which multiple cloud-computing platform providers are joined together to launch several kinds of DDoS attacks – from the basic network flood, to the more advanced cryptographically challenging SSL connection flood and even application level attacks that requires higher computing capacity.
Such attacks are fully controlled and coordinated in an out-of-band mechanism, thus allowing us to fine-tune the level of attacks, initiate, pause or completely stop them at will and within seconds.
This kind of real-world simulation enables organizations to find the real bottlenecks in their infrastructure and internal procedures, and through a more informed decision making process to invest in the right places that will provide the best value for money when preparing for such threats.