Professional Documents
Culture Documents
Tester
Penetration Tester:
Organization:
Date: Location:
Target Organization
URL
List of cities the 1.
company is located 2.
3.
4.
5.
Companys Website 1.
Links 2.
3.
4.
5.
External Resource of 1.
the Targets 2.
Networks
3.
4.
5.
Companys Partner, 1.
Board of Directors, 2.
Employee
Information, and 3.
Contact Details 4.
5.
IP Address 1.
2.
3.
4.
5.
Domain Names 1.
2.
3.
4.
5.
Network Range 1.
2.
3.
4.
5.
Other Information 1.
Recovered 2.
3.
4.
5.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Create Topological LAN/WAN Design
Map of the Network
Peer-to-Peer (P2P)
Network Topologies
Network Cabling
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
TCP Traffic Path to
the Destination is Yes No
located Successfully
IP Address Traced
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Physical location of Hosted by
IP Address City Located Country
the target Servers Vendor
1.
2.
3.
4.
5.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Name of the ISP
Pricing Plans 1.
2.
3.
Services Provided 1.
2.
3.
4.
Tools/Services Used 1.
2.
3.
4.
Results Analysis:
Target Organization
URL
IP Addresses probed 1.
for IPV6 2.
3.
4.
5.
List of IP addresses 1.
using IPv6 2.
3.
4.
5.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Netblock
Server OS Last Seen IP Address Uptime
Owner
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
OS Server Last Seen IP Address Netblock Owner
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Command Used
Performed ICMP
Scanning on the Yes No
Target Successfully
Response Received
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Test 10: Port scan every port (65,536) on the targets network
Target Organization
URL
IP Address Tested
Performed Complete
Port Scan of the Target Yes No
Network Successfully
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
IP Address Tested
List the Ports that are 1.
Open 2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
12.
13.
14.
12.
13.
14.
Tools/Services Used 1.
2.
3.
4.
Results Analysis:
Test 12: Use connect scan (Full open scan) on the target and see the response
Target Organization
URL
IP Address Scanned
Command Used
Performed Connect
Scan on the Target Yes No
Successfully
Response Received
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Test 13: Use SYN scan (Half-open scan) on the target and see the response
Target Organization
URL
IP Address Scanned
Command Used
Performed SYN
Scan on the Target Yes No
Successfully
Response Received
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Test 14: Use XMAS scan on the target and see the response
Target Organization
URL
IP Address Scanned
Command Used
Performed XMAS
Scan on the Target Yes No
Successfully
Response Received
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Test 15: Use FIN scan on the target and see the response
Target Organization
URL
IP Address Scanned
Command Used
Performed FIN
Scan on the Target Yes No
Successfully
Response Received
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Test 16: Use NULL scan on the target and see the response
Target Organization
URL
IP Address Scanned
Command Used
Performed NULL
Scan on the Target Yes No
Successfully
Response Received
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Test 17: Use ACK flag probe scan on the target and see the response
Target Organization
URL
IP Address Scanned
Command Used
Performed ACK flag
probe Scan on the Yes No
Target Successfully
Response Received
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Test 18: Use UDP scan on the target and see the response
Target Organization
URL
IP Address Scanned
Command Used
Performed UDP
Scan on the Target Yes No
Successfully
Response Received
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
IP Address Scanned
Command Used
Performed
Fragmentation
Yes No
Scan on the Target
Successfully
Response Received
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Target Servers IP Address Operating System Used
1.
2.
3.
4.
5.
6.
7.
8.
9.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Captured the Banner of
Yes No
HTTP Server Successfully
Identified HTTP Web
Server
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Captured the Banner of
Yes No
SMTP Server Successfully
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Captured the Banner of
Yes No
POP3 Server Successfully
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Captured the Banner of
Yes No
FTP Server Successfully
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Test 25: Firewalk on the routers gateway and guess the access list
Target Organization
URL
IP Address Firewalked
Response Received
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
IP Address Tested
Command Used
Sequence Numbers 1.
Predicted 2.
3.
4.
5.
6.
7.
8.
9.
10.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
IP Address Tested
IPID number predicted 1.
2.
3.
4.
5.
6.
7.
8.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
IP Address Tested
Standard Protocols 1.
Used 2.
3.
4.
5.
Non-Standard 1.
Protocols Used 2.
3.
4.
5.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Test 29: Download applications from the companys website and reverse engineer the
binary code
Target Organization
URL
Downloaded Application
Name of the Application Type of Application
from URL
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
Information looked at 1.
by Reverse Engineering 2.
the Binary Code
3.
4.
5.
6.
7.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Test 30: List programming languages used and application software to create various
programs from the target server
Target Organization
URL
Type of Application Commercial In-House
Programming AppleScript
Languages Used by
Web Application C
AWK
C++
JavaScript
C#
PERL
COBOL
PHP
Java
Python
J++
Ruby
J#
Tcl
PowerBuilder
VBScript
Visual Basic
Others: _________________________
_________________________
Tools/Services Used 1.
2.
3.
4.
Results Analysis:
Target Organization
URL
List of Tested URL 1.
Strings 2.
3.
4.
5.
6.
7.
8.
Error Message 1.
Location URLs 2.
3.
4.
Content of the
Message
Tools/Services Used 1.
2.
3.
4.
Results Analysis:
Target Organization
URL
Main Domain
List of Sub Domain 1.
Names and their 2.
Responses
3.
4.
5.
6.
7.
8.
9.
10.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Website URL tested
Session variable Value
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Web Application URL Encoding
Attack Type Buffer Overflow
Cross Site Scripting (XSS)
Other
URL Encoding
Web Page URL Encodings Response Received
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
12.
Tools/Services Used 1.
2.
3.
4.
5.
Buffer Overflow
Buffer Overflow Text
Web Page Response Received
Attempted
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
12.
Tools/Services Used 1.
2.
3.
4.
7.
8.
9.
10.
11.
12.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Test 35: Check for directory consistency and page naming syntax of the web pages
Target Organization
URL
Directory Consistency
Web Page URL
and Page Naming Syntax
1. Logical directory
Files named based on naming
conventions
Repository for images, pdf, and other
documents
Repository for sensitive information
Structured links and pages
Site outline
2. Logical directory
Files named based on naming
conventions
Repository for images, pdf, and other
documents
Repository for sensitive information
Structured links and pages
Site outline
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Test 36: Look for sensitive information in web page source code
Target Organization
URL
Website URL Tested
Source Code Leakage 1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Test 37: Record and replay the traffic to the target web server and note the response
Target Organization
URL
Website URL
Recorded Browser 1.
Sessions 2.
3.
4.
5.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Website URL Tested
Tested Strings ' or 1=1--
" or 1=1--
or 1=1--
' or 'a'='a
" or "a"="a
') or ('a'='a
") or ("a"="a
Attempted Locations Form fields
Directly in URL
Login screens
Feedback forms
Guestbook
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Web Page Include Command Web Server Directory
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Test 40: Examine e-commerce and payment gateways handled by the web server
Target Organization
URL
In-house built
e-commerce gateway
Outsourced
e-commerce gateway
Program Logic
How Payments are
Handled
Confirmation Emails
Minimum Order Amount
Account and Merchant ID
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Test 41: Examine welcome messages, error messages, and debug messages
Target Organization
URL
Web Application
Welcome Message
Web Application Error 1.
Messages 2.
3.
4.
Web Application 1.
Intrusion Warning 2.
Messages
3.
4.
Web Application 1.
Debugging Messages 2.
3.
4.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Mail Sent to
SMTP Bounced Back the
Yes No
Mail
Search in the Bounce Server Name:
Mail Version:
Services Running on Server:
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Web Extensions 1.
Discovered 2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Encapsulated Traffic
using HTTPS Tunnel Yes No
Successfully
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Command Used
Target System
Port State Service
IP Address
1.
2.
3.
4.
5.
6.
7.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Command Used
Target System
Port State
IP Address
1.
2.
3.
4.
5.
6.
7.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Command Used
Target System
Port State Service
IP Address
1.
2.
3.
4.
5.
6.
7.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Command Used
Target System
Port State Service
IP Address
1.
2.
3.
4.
5.
6.
7.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Command Used
Target System
Port State Service
IP Address
1.
2.
3.
4.
5.
6.
7.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Command Used
Target System
Port LDAP Query Response
IP Address
1.
2.
3.
4.
5.
6.
7.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Command Used
Target System
Port State Service
IP Address
1.
2.
3.
4.
5.
6.
7.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Test 52: Test for SQL server ports (Port 1433, 1434)
Target Organization
URL
Command Used
Target System
Port State Service
IP Address
1.
2.
3.
4.
5.
6.
7.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Command Used
Target System
Port State Service
IP Address
1.
2.
3.
4.
5.
6.
7.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Command Used
Target System
Port State Service
IP Address
1.
2.
3.
4.
5.
6.
7.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Command Used
Target System
Port State Service
IP Address
1.
2.
3.
4.
5.
6.
7.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Test 56: Test for Compaq, HP Inside Manager ports (Port 2301, 2381)
Target Organization
URL
Command Used
Target System
Port State Service
IP Address
1.
2.
3.
4.
5.
6.
7.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Command Used
Target System
Port State Service
IP Address
1.
2.
3.
4.
5.
6.
7.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Command Used
Target System
Port State Service
IP Address
1.
2.
3.
4.
5.
6.
7.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Command Used
Target System
Port State Service
IP Address
1.
2.
3.
4.
5.
6.
7.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Command Used
Target System
Port State Service
IP Address
1.
2.
3.
4.
5.
6.
7.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Command Used
Target System
Port State Service
IP Address
1.
2.
3.
4.
5.
6.
7.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Command Used
Target System
Port State Service
IP Address
1.
2.
3.
4.
5.
6.
7.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Command Used
Target System
Port State Service
IP Address
1.
2.
3.
4.
5.
6.
7.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Command Used
Target System
Port State Service
IP Address
1.
2.
3.
4.
5.
6.
7.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Command Used
Target System
Port State Service
IP Address
1.
2.
3.
4.
5.
6.
7.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Command Used
Target System
Port State Service
IP Address
1.
2.
3.
4.
5.
6.
7.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Command Used
Target System
Port State Service
IP Address
1.
2.
3.
4.
5.
6.
7.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Vulnerability
Assessment Timeline
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Penetration Tester:
Organization:
Date: Location:
Target Organization
URL
List of Internal 1.
Resource 2.
3.
4.
5.
Companys Partner, 1.
Board of Directors, 2.
Employee
Information, and 3.
Contact Details 4.
5.
IP Address 1.
2.
3.
4.
5.
Domain Names 1.
2.
3.
4.
5.
Network Range 1.
2.
3.
4.
5.
ISPs 1.
2.
3.
4.
5.
Other Information 1.
Recovered 2.
3.
4.
5.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
List the Network Devices Discovered Make and Model
Hubs
Switches
Servers
Printers
Workstations
Wireless Access Points
Firewalls
Proxy Servers
No. of Client Computers
Others 1. ---------------------------------------
2. ---------------------------------------
3. --------------------------------------
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Subnet scanned
List the IP Address of 1.
live hosts 2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
12.
13.
14.
15.
16.
17.
18.
19.
20.
21.
22.
23.
24.
25.
26.
27.
28.
29.
30.
31.
32.
33.
34.
35.
36.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
IP Address Machine Name Ports Open
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
12.
13.
14.
15.
16.
17.
18.
19.
20.
21.
22.
23.
24.
25.
26.
27.
28.
29.
30.
31.
32.
33.
34.
35.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
IP Address Tested
Machine Name
Vulnerability 1.
Exploited 2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
12.
13.
14.
15.
16.
17.
18.
19.
20.
21.
22.
23.
24.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
IP Address Tested
Machine Name
Is Null Session
Yes No
Attempted Successful?
If Successful, list the 1.
Enumerated 2.
Usernames and Other
Information here 3.
4.
5.
6.
7.
8.
9.
10.
11.
12.
13.
14.
15.
16.
17.
18.
19.
20.
21.
22.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
IP Address Tested
Machine Name
Enumerating Users,
Password Policies, and
Group Policies based Yes No
on the Established Null
Session is Successful
If Successful, list the 1.
Information Obtained 2.
here
3.
4.
5.
6.
7.
8.
9.
10.
11.
12.
13.
14.
15.
16.
17.
18.
19.
20.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Is Sniffing the Network
Yes No
Successful?
Interesting Traffic 1.
Traversing on the Network 2.
3.
4.
5.
6.
7.
8.
9.
10.
4.
5.
6.
7.
8.
9.
10.
11.
12.
13.
14.
15.
16.
17.
18.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Command Used
Performed ICMP
Scanning on the Yes No
Target Successfully
Response Received
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Victim IP Address
Targeted
Original Message
Captured
Replayed Messages
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Victim IP Address
Poisoned IP Address
Victim MAC Address
Poisoned MAC Address
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Is Flooding the Network
with Bogus MAC Yes No
Addresses Successful?
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Victim Machine
Target Machine
MITM Machine
Intercepted the
Communication Channel
Yes No
between the Victim and
the Target Successfully?
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Victim Machine
List the Hosts added 1.
into the Cache of a DNS 2.
Server to Corrupt the
DNS Tables 3.
4.
5.
6.
7.
8.
9.
10.
11.
12.
13.
14.
15.
16.
17.
Is DNS Poisoning
Yes No
Attempt Successful
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Victim Machine
Username
Default Password
Is Logging into a
Console Machine Yes No
Successful?
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Test 16: Boot the PC using alternate OS and steal the SAM file
Target Organization
URL
Victim Machine
Username Reset
Password Reset
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Test 17: Reset the local administrator or other user account passwords
Target Organization
URL
Victim Machine
Username Reset
Password Reset
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Victim Machine
Installation of Software
Keylogger on the Victim Yes No
Machine Successful
Captured Keystrokes 1.
2.
3.
4.
5.
6.
7.
8.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Victim Machine
Installation of
Hardware Keylogger
Yes No
on the Victim
Machine Successful
Captured Keystrokes 1.
2.
3.
4.
5.
6.
7.
8.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Victim Machine
Installed Spyware on
the Victim Machine Yes No
Successfully
Information Obtained 1.
2.
3.
4.
5.
6.
7.
8.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Victim Machine
Installed Trojan on
the Victim Machine Yes No
Successfully
Information Obtained 1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Victim Machine
Backdoor Account on
the Target Machine is Yes No
Created Successfully
Backdoor Behavior
Information Obtained 1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Test 23: Attempt to bypass antivirus software installed on the target machine
Target Organization
URL
Victim Machine
Anti-Virus Installed on
the Victim Machine
Details of the Program 1.
Created to bypasses 2.
the Anti-Virus rules
3.
4.
Results Analysis:
Target Organization
URL
Victim Machine
Type of Virus
Successfully sent Virus
via Target Machine to
Yes No
Spread throughout the
Network
Viruses Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Victim Machine
Type of Rootkit
Installed Rootkit on
the target machine Yes No
Successfully
Rootkits Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Victim Machine
Steganography
Technique used
Sensitive Data IP addresses
Hidden Source code
Pictures
Word documents Spreadsheets
Hacking Tools
Secret Information
Pornography images
Others
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Test 27: Hide hacking tools and other data on target machines
Target Organization
URL
Victim Machine
Steganography
Technique used
Hacking Tools and 1.
other Data Hidden 2.
3.
4.
5.
6.
7.
8.
9.
10.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Test 28: Use various steganography techniques to hide files on target machines
Target Organization
URL
Victim Machine
Steganography 1.
Techniques used 2.
3.
4.
5.
Hidden Data 1.
2.
3.
4.
5.
6.
7.
8.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Victim Machine
Escalated User
Yes No
Privileges Successfully
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Filter Used
Source ip_address
Captured Traffic
Yes No
Successfully
Description of the Time:
Packets Captured Source:
Destination:
Protocol:
Length:
Info:
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Filter Used
Destination ip_address
Captured Traffic
Yes No
Successfully
Description of the Time:
Packets Captured Source:
Destination:
Protocol:
Length:
Info:
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Filter Used
Target IP Address
Captured Traffic
Yes No
Successfully
Description of the Time:
Packets Captured Source:
Destination:
Protocol:
Length:
Info:
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Filter Used
Port Number
Captured Traffic
Yes No
Successfully
Description of the Time:
Packets Captured Source:
Destination:
Protocol:
Length:
Info:
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Filter Used
Captured POP3
Yes No
Traffic Successfully
Description of the Time:
Packets Captured Source:
Destination:
Protocol:
Length:
Info:
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Filter Used
Captured Incoming
and Outgoing SMTP Yes No
Traffic Successfully
Description of the Time:
Packets Captured Source:
Destination:
Protocol:
Length:
Info:
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Filter Used
Captured IMAP Email
Yes No
traffic Successfully
Description of the Time:
Packets Captured Source:
Destination:
Protocol:
Length:
Info:
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Test 37: Capture the communications between FTP client and FTP server
Target Organization
URL
Captured the communications
between the FTP client and Yes No
FTP server Successfully
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Filter Used
Captured HTTP
Yes No
Traffic Successfully
Description of the Time:
Packets Captured Source:
Destination:
Protocol:
Length:
Info:
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Filter Used
Captured HTTPS
Yes No
Traffic Successfully
Description of the Offset:
Packets Captured Timeline:
Duration:
Method:
Result:
Received:
Type URL:
Redirect URL:
Request Headers Info:
Response Headers Info:
Others:
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Filter Used
Captured RDP Traffic
Yes No
Successfully
Description of the Time:
Packets Captured Source:
Destination:
Protocol:
Length:
Info:
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Filter Used
Captured VoIP Traffic
Yes No
Successfully
Description of the Time:
Packets Captured Source:
Destination:
Protocol:
Length:
Info:
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Victim Machine
Spoofed the MAC
Yes No
Address Successfully
Spoofed MAC Address
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Victim Machine
Poisoned the
Victims IE Proxy Yes No
Server Successfully
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Implemented Session
Hijacking Technique on Yes No
Telnet Traffic Successfully
Telnet Commands 1.
2.
3.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Implemented
Session Hijacking
Yes No
Technique on FTP
Traffic Successfully
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Implemented
Session Hijacking
Yes No
Technique on HTTP
Traffic Successfully
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Penetration Tester:
Organization:
Date: Location:
Target Organization
URL
Information
Available
Companys Name
Server
Topographic
Information
Target IP Address
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Domain Name
Domain Name
Servers
IP Address
IP Location
ASN
NetRange
CIDR
Handle
Parent
Net Type
RESTful Link
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Open Ports
7 Echo 109 Post Office Protocol 2 (POP2)
13 DayTime 110 Post Office Protocol 3 (POP3)
17 Quote of the Day (QOTD) 113 IDENT
20 and 21 File Transfer Protocol (FTP) 115 Simple File Transfer Protocol (SFTP)
22 Secure Socket Shell (SSH) 137, 138, and 139 NetBIOS
23 Telnet 143 Internet Message Access Protocol
(IMAP)
25 SMTP 161 and 162 Simple Network Management
Protocol
53 Domain Name System (DNS) 194 Internet Relay Chat (IRC)
63 Whois 443 HTTPS
66 SQL*net (Oracle) Other Ports:
70 Gopher
79 Finger
80 HTTP
88 Kerberos
101 Host Name Server
Tools/Services Used 1.
2.
3.
4.
Results Analysis:
Target Organization
URL
Firewall Location
Firewall IP Address
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Firewall Location
Firewall IP Address
Network Topology
Routers
Filtering Devices
Protocols Allowed
Protocols Denied
IP Addresses Hoped
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
12.
13.
14.
15.
16.
17.
18.
19.
20.
21.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Banner Message
Firewall Vender 1.
2.
3.
Firewall Version 1.
2.
3.
Running Services 1.
2.
3.
4.
5.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
IP of Tested Firewall
S. No. Custom Packet Response
1.
2.
3.
4.
5.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
IP of Tested Firewall
Access Controls 1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
IP of Tested Firewall
Firewall Architecture
Details
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Firewall Configuration Policy is Available Yes No
Firewall is Configured as par Policy Yes No
Firewall Policy Defines All Expected Standard Configuration Yes No
Gap Between Policy
and Firewall
Implementation
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Firewalking Traceroute Scanning
Technique used
IP of Tested Firewall
Internal IPs 1.
Discovered 2.
3.
4.
5.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
IP of Tested Firewall
Port Redirection
Results
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
IP of Tested Firewall
Unauthorized connections from the internal network to Yes No
the Internet can be created
Vulnerabilities 1.
identified by 2.
scanners
3.
4.
5.
Reaction of the
firewall to
fragmented and
spoofed packets
Identified Firewall 1.
Rules 2.
3.
4.
5.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
IP of Tested Firewall
Unauthorized Connections from the Internal Network to Yes No
the Internet can be Created
Vulnerabilities 1.
Identified by 2.
Scanners
3.
4.
5.
Reaction of the
Firewall to
Fragmented and
Spoofed Packets
Identified Firewall 1.
Rules 2.
3.
4.
5.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
IP of Tested Firewall
Successfully installed Backdoor on a Victim Machine inside Yes No
the Network
Successfully Established Reverse Connection to a Machine Yes No
Outside the Firewall
Successfully Bypassed Firewall and Router Security Yes No
Restrictions
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
IP of Tested Firewall
Unauthorized Connections from the Internet to the Yes No
Internal Network can be Created
Vulnerabilities 1.
Identified by 2.
Scanners
3.
4.
5.
Reaction of the
Firewall to
Fragmented and
Spoofed packets
Identified Firewall 1.
Rules 2.
3.
4.
5.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
IP of Tested Firewall
Modified Addressing
Information
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
IP of Tested Firewall
TCP packets header
information
IDS filter rules 1.
2.
3.
4.
5.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Test 19: Try to bypass the firewall using IP address in place of URL
Target Organization
URL
IP of Tested Firewall
Domain Names 1.
2.
3.
4.
5.
IP Address of the
Blocked Website
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Test 20: Try to bypass the firewall using anonymous website surfing sites
Target Organization
URL
IP of Tested Firewall
Anonymous Website 1.
Surfing Sites 2.
3.
4.
5.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
IP of Tested Firewall
IP Address of the
Proxy Server
Port Number
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
IP of Tested Firewall
Address Information Modified Address Information
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
IP of Tested Firewall
Company has a public web server with port 80 used for Yes No
HTTP traffic
Firewall examines the payload of an HTTP packet Yes No
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
IP of Tested Firewall
ICMP Tunneling
Technique Results
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
IP of Tested Firewall
ACK Tunneling
Technique Results
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
IP of Tested Firewall
SSH Tunneling
Technique Results
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
IP of Tested Firewall
DNS server
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
IP of Tested Firewall
Malicious Content
Used against Firewall
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
IP of Tested Firewall
List Product Specific 1.
Exploits against Firewall 2.
Vulnerabilities
3.
4.
5.
Results Analysis:
Penetration Tester:
Organization:
Date: Location:
Target Organization
URL
Port Database uses
Is the Port open? Yes No
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Target IP Addresses 1.
2.
3.
4.
5.
Number of Database
Connections
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Databases Present 1.
on the Network 2.
3.
4.
5.
Default accounts 1.
2.
3.
4.
5.
Other threats 1.
2.
3.
4.
5.
6.
7.
8.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Database errors 1.
2.
3.
4.
5.
Databases 1.
Connected to the 2.
Network
3.
4.
5.
Database 1.
Vulnerabilities 2.
3.
4.
5.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Test 5: Exploit web applications to retrieve information about Oracle databases running at
the backend
Target Organization
URL
Retrieved Database 1.
Information via Error 2.
Messages in
Vulnerable Web 3.
Applications 4.
5.
Oracle database
version used at the
backend
List of all Usernames 1.
in Oracle(11g) 2.
Database
3.
4.
5.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Version Information
of the Oracle
Database
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Determined Oracle
Version
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Number of Weak
Passwords
List of Accounts 1.
having Weak 2.
Passwords
3.
4.
5.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Identified Execution 1.
of Public Privileges 2.
on Oracle
3.
4.
5.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Identified Privilege 1.
Escalation Using 2.
Cursor Technique in
Oracle Database 3.
4.
5.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Identified Public 1.
Privileges from 2.
Object Types
3.
Oracle Audited 1.
Entries 2.
3.
4.
5.
SQL Statement 1.
Submitted by the 2.
Database
3.
4.
5.
Information 1.
Gathered from 2.
Audited Tables
3.
4.
5.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Identified Oracle 1.
Java Vulnerabilities 2.
in SQL Injection
3.
4.
5.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Techniques Used to 1.
Determine the 2.
Service ID
3.
Determined Oracle 1.
Service ID (SID) Using 2.
Metasploit
3.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Test 14: Identify attack into database target DB by using a simulated user
Target Organization
URL
Script to Detect Flaws
of the
DBMS_METADATA.GE
T_DDL Function in
Oracle
Identified Attack into
Database Target DB
by Using a Simulated
User
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Test 15: Scan for other default ports used by the Oracle database
Target Organization
URL
Default Ports Used 1. 21.
by the Oracle 2. 22.
Database
3. 23.
4. 24.
5. 25.
6. 26.
7. 27.
8. 28.
9. 29.
10. 30.
11. 31.
12. 32.
13. 33.
14. 34.
15. 35.
16. 36.
17. 37.
18. 38.
19. 39.
20. 40.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Test 16: Scan for non-default ports used by the Oracle database
Target Organization
URL
List of Non-Default 1. 11.
Ports Used by the 2. 12.
Oracle Database
3. 13.
4. 14.
5. 15.
6. 16.
7. 17.
8. 18.
9. 19.
10. 20.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Test 17: Identify the instance names used by the Oracle database
Target Organization
URL
Unique Names 1.
Specified While 2.
Configuring an
Instance of the 3.
Notification Services
Identified Instance 1.
Database Objects 2.
3.
4.
Instance Name 1.
Criteria 2.
3.
4.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Test 18: Attempt to brute-force password hashes from the Oracle database
Target Organization
URL
Passwords Identified
from the Database
Using Brute-Force
Password Hashes
Location of Oracle 1.
Password Hashes 2.
3.
4.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Test 19: Check the status of the TNS Listener running at Oracle server
Target Organization
URL
Status of the TNS
Listener Running at
Oracle Server
SID Retrieved for
Unprotected Listener
Files that Control the 1.
Listener 2.
3.
4.
5.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Attempted Log in Using Default Account Passwords
Account Password
1. 1.
2. 2.
3. 3.
4. 4.
5. 5.
6. 6.
Attempted Login Successful YES NO
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Default User Names and Passwords after SID Enumeration
User Names Passwords
1. 1.
2. 2.
3. 3.
4. 4.
5. 5.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Command Used to
Establish a
Connection to a
Remote User
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
SQL server database
information
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Directly Accessed
Data Structures
Special Queries Used
to Directly
Interrogate the
Database
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Referral Services
Provided for
Multiple Server
Instances Running on
the Same Machine
UDP port 1434 Scan
Results for SQL
Server Resolution
Service
Hidden Database 1.
Instances 2.
3.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Unchecked Buffer in
the Password
Encryption
Procedure
Identified Incorrect
Permission on the
SQL Server Service
Account Registry Key
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Scan Results for the 1.
UDP port 1434 at the 2.
firewall
3.
4.
5.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Test 28: Test for buffer overflows in the extended stored procedures
Target Organization
URL
List the Extended
Stored Procedures
that Cause Stack
Buffer Overflow
Publicly Accessible
Database Queries
Loaded and Executed
Database Query that
Calls One of the
Affected Functions
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Test Results for the 1.
Altered SQL Service 2.
Account Registry Key
3.
4.
5.
Escalated Privileges
that Weaken the
Security Policy of
SQL Server
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Test Results for the 1.
Stored Procedure to 2.
Run Web Tasks
3.
4.
5.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Code Injection 1.
Performed to Gain 2.
Unauthorized
Command Line 3.
Access 4.
5.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
List of Login 1.
Accounts on MS SQL 2.
Server Database
3.
4.
5.
Windows Login 1.
Accounts 2.
3.
4.
5.
Windows Group 1.
Login Accounts 2.
3.
4.
5.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Retrieved Password
by Brute-forcing SA
Account
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Test 34: Extract the version of the MySQL server database being used
Target Organization
URL
Extracted Version of
the MySQL server
Database Being Used
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Attempted Login Using Default/ Common Passwords
User Names Passwords
1. 1.
2. 2.
3. 3.
4. 4.
5. 5.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Brute-forced
Accounts Using
Dictionary Attack
Methods Used to Brute-Force Accounts
Manually Making Use of Software and Database
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Test 37: Extract system and user tables from the database
Target Organization
URL
Extracted System and User Table Information from the Database
System Information User Table Information
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Penetration Tester:
Organization:
Date: Location:
Target Organization
URL
IP address of the
router
Hostname of the
router
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Open Ports
7 Echo 113 IDENT
13 DayTime 115 Simple File Transfer Protocol (SFTP)
17 Quote of the Day (QOTD) 137 NetBIOS
20 File Transfer Protocol (FTP) 138 NetBIOS
21 File Transfer Protocol (FTP) 139 NetBIOS
22 Secure Socket Shell (SSH) 143 Internet Message Access Protocol
(IMAP)
23 Telnet 161 Simple Network Management Protocol
25 SMTP 162 Simple Network Management Protocol
53 Domain Name System (DNS) 194 Internet Relay Chat (IRC)
63 Whois 443 HTTPS
66 SQL*net (Oracle) Other Ports:
70 Gopher
79 Finger
80 HTTP
88 Kerberos
101 Host Name Server
109 Post Office Protocol 2 (POP2)
110 Post Office Protocol 3 (POP3)
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
IP address of the
router tested
Operating System
and its version
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
IP address of the
router tested
Protocols running
RIP OSPF
RIPv2 BGP
IGRP Others
EIGRP
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
IP address of the
router tested
Package Leak YES NO
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
IP address of the
router tested
Is the router
YES NO
misconfigured?
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
IP address of the
router tested
Is console access
possible?Is the
YES NO
router console
accessible?
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
IP address of the
router tested
Modes USER MODE PRIVILEGE MODE
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
IP address of the
router tested
SNMP Strings used
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
IP address of the
router tested
SNMP community
strings
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
IP address of the
router tested
TFTP Allowed YES NO
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
IP address of the
router tested
Finger Service
YES NO
running
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
IP address of the
router tested
CDP Protocol running YES NO
CDP Messages
Device ID (hostname) IOS software version being used
Port ID (port information about the sender) Capabilities of the router
Operating system platform Network IP address
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
IP address of the
router tested
NTP Protocol running YES NO
Router Synchronized YES NO
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
IP address of the
router tested
Is Physical console
YES NO
accessible? possible
Console access on
router is password YES NO
protected
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
IP address of the
router tested
Routing Loose Source Routing Strict Source Routing
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
IP address of the
router tested
IP Spoofing possible YES NO
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
IP address of the
router tested
Test Successful YES NO
ACLs used on the
YES NO
router
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
IP address of the
router tested
ARP spoofing is
possible against the YES NO
router
Victim IP address
Victim MAC address
Poisoned IP address
Poisoned MAC
address
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
IP address of the
router tested
Weak authentication
YES NO
present
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
IP address of the
router tested
RIP v1 Authentication:
RIP v2 Authentication:
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
IP address of the
router tested
OSPF protocol Authentication:
present
Misconfigured? Authentication:
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
IP address of the
router tested
BGP Protocol present YES NO
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
IP address of the
router tested
EIGRP Protocol
YES NO
present
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
IP address of the
router tested
Malformed
YES NO
Packet Attack
Packet
YES NO
Flood Attacks
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
IP address of the
router tested
Port Used to Connect
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
IP address of the
router tested
HSRP group
forwarded to IP YES NO
address
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Frame size relayed
Address Cache Size
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Frame Size
Traffic Rate
Data Pattern
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Number of frames
sent at once
Inter-frame gaps
Number of frames
forwarded by the
switch
Number of tests
rerun
Capacity detected
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Count the frames
that are transmitted
Frame loss equation
Measurement
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Method used
Latency detected
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Count the frames
The rate of the
offered stream
Throughput
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Frame Size
Illegal frame types
Traffic Rate
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Frame Size
Traffic Rate
Traffic Data Type
DUT setup
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Frame size
Duration
Traffic Rate
DUT-QoS
DUT-Line speed
DUT-QoS type
DUT-QoS Policies
DUT-Queue type
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Test ports
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Frame Size
Traffic Rate
OSPF Parameters
DUT setup
DUT OSPF Area
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Dynamic Trunking
Protocol
DTP States
DTP Negotiation
VLAN Hopping
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Content Addressable
Memory
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
MAC address
IP address
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Command Output
Cat2950#show vtp status
VTP Version
Configuration Revision
Maximum VLANs supported
locally
Number of existing VLANs
VTP Operating Mode
VTP Domain Name
VTP Pruning Mode
VTP V2 Mode
VTP Traps Generation
MD5 digest
Configuration last modified by
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Scanned Status for 1.
Network Devices 2.
3.
4.
5.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Penetration Tester:
Organization:
Date: Location:
Target Organization
URL
Server IP Address
tested
Impact of the test
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Server IP Address
tested
Impact of the test
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Server IP Address
tested
Impact of the test
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Server IP Address
tested
Impact of the Test
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Server IP Address
tested
Impact of the Test
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Server IP Address
tested
Impact of the test
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Server IP Address
tested
Impact of the test
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Server IP Address
tested
Impact of the test
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Server IP Address
tested
Impact of the test
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Test 10: Flood the website forms and guestbook with bogus entries
Target Organization
URL
Server IP Address
tested
Impact of the test
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Server IP Address
Tested
Service Requests
Containing Large
Payloads
Impact of the Test
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Server IP Address
Tested
Social Engineering
Techniques used to
Post the Fraudulent
Links
Impact of the Test
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Server IP Address
Tested
Unpatched DC++
(direct connect) Hubs
Non-vulnerable DC++
(direct connect) Hubs
IP Addresses to Block
and Exploit DC++
Hubs
Impact of the Test
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Server IP Address
Tested
Wildcards used to
exhaust CPU
resources
Query Execution
Time in the Database
Server
Http Log Files for
Response Time of
the Query
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Logging Mechanism
of the Host
Applications
User Account Locked YES NO
Number of Failed
Login Attempts
Access User Database using a BruteForcing Technique YES NO
Logic Behind
MachineGenerated
User Names
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Test 16: Test for buffer overflow attacks that result in denial of service
Target Organization
URL
Server IP Address
Tested
Overwrite Memory
Fragments
Arbitrary Code
Executed on the
Target Server
Code Executed to
cause Segmentation
Fault
Code Executed to
cause Memory Dump
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Server IP Address
Tested
User-Specified
Number of Objects
Allocated to the
Clients Server
Automated Script to
Exhaust Resources of
E-Commerce Sites
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Applications Loop through a Code Segment that
YES NO
Exhausts Computing Resources
Places Located
where Input Values
Exhaust Server
Resources
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Server IP Address
Tested
Data Validation
Method Records the
Failed Value
Upper Limit of Log
Dimensions and
Maximum Allocated
Space for each Log
Entry to Perform an
Attack on
Application Logs
Application Log Files Record overly large Requests Sent to
YES NO
the Host Server without any Limitation of the Length
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Server IP Address
Tested
Applications Properly Release Resources after
YES NO
they are used
Special Characters
used to Create Errors
in Applications and
Consume Memory
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Server IP Address
Tested
Target Memory
Usage
Automated Scripts
sent to Create New
Sessions on the
Server
Blocks of Data are Recorded in a Cache YES NO
Blocks of Data are Recorded in Database for User Sessions YES NO
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Penetration Tester:
Organization:
Date: Location:
Target Organization
URL
Type of Surveillance Camera Used in the Organization
Bullet Camera PC-Based Surveillance System
IP Camera All-in-One Camera Systems
Board Cameras Others
Depending on the type of surveillance camera, which of the following is used, and is
required for an organization
Hidden Cameras:
Low-Light Surveillance:
Long-Range Surveillance:
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Surveillance Equipment is Mounted in
YES NO
Critical Areas
Provides Required Area Coverage YES NO
Audio Recording Enabled YES NO
Desired Footage Tone YES NO
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Video Transmission 1.
Medium for Various 2.
Types of Security
Cameras 3.
4.
5.
Components of the 1.
Surveillance System 2.
used as Effective
Means of Video 3.
Transmission 4.
5.
Results Analysis:
Target Organization
URL
Possibility of Tampering the Wire/Wireless
YES NO
Connectivity to the Cameras
Camera Resolution 1.
and the Range with 2.
Usage of Different
Lenses 3.
Weatherproofing 1.
Measures Taken to 2.
Protect the Wireless
Equipment 3.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Amount of
Bandwidth Used by
Network Surveillance
Cameras
Factors on which the 1.
Bandwidth 2.
Requirement of a
Surveillance System 3.
Depends
Dedicated Bandwidth Available for the
YES NO
Surveillance System
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Efficiency of the
Security Camera
Monitor
Type of Security Camera Monitor Used
Set-up Camera System or Main Monitor Spot Monitor
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Lighting and
Resolution of the
Footage
Image Quality Meets Minimum Legal And Policy
YES NO
Requirements
Distance Between the Camera Fixed to the Wall or
YES NO
Ceiling is Proportionate to the Clarity of the Image
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Results of Video
Formats Testing
Commonly Used
Video Formats
Used Security Surveillance Cameras are Supported
YES NO
by Certain Commonly Used Video Formats
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Scan Results for 1.
Devices Used to 2.
Monitor Video
Surveillance Cameras 3.
for Suspicious 4.
Drivers
5.
Noticed Drivers 1.
Interfere with the 2.
Working of DVR
Systems 3.
Results Analysis:
Target Organization
URL
Video Viewing
Options
Controls in the Main 1.
Screen 2.
3.
Things to be Focused 1.
on to Get the Best 2.
Images and Video
Recordings on the 3.
Security Camera 4.
5.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Test 11: Identify the possible threats while integrating video with other systems
Target Organization
URL
Identified Possible Threats while Integrating Video with Other Systems
Hardware Threats:
Electrical Threats:
Environmental Threats:
Maintenance Threats:
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Test 12: Check if the footage storage duration meets the organizations requirements
Target Organization
URL
Organization making Valid Usage of Information
YES NO
Obtained from Surveillance Camera Footage
Factors that 1.
Determine Whether 2.
to Store Bulky Data
or Video Footage 3.
Straight to the Hard 4.
Disks
5.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Features Included in Video Management System to Store Optimized Data for Security
1. 6.
2. 7.
3. 8.
4. 9.
5. 10.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Basics Steps to Check 1.
the Configuration of 2.
the DVR Network
and a Computer with 3.
Remote Viewer 4.
software
5.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Devices Checked 1.
2.
3.
4.
5.
Results Analysis:
Test 16: Check who has local and remote access to the DVR/NVR
Target Organization
URL
Determined Local
and Remote Access
to DVR/NVR Systems
through Surveillance
Policy
Analysis of DVR/NVR
Access Logs
Detected
Unauthorized
Attempt to Access
DVR/NVR Systems
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Test 17: Scan the organizations network range to detect DVR systems
Target Organization
URL
Detected DVR
Systems
Scan Results of the
Organizations
Network Range
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Access to the DVR System is Protected YES NO
Type of Access Control Mechanisms Used
Physical Security System Access
Results Analysis:
Target Organization
URL
Target IP Address
Protocol Used
Attempt to Crack the
DVR/NVR Access
Password
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Penetration Tester:
Organization:
Date: Location:
Target Organization
URL
VPN Security Policy Enforced YES NO
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Target URL
State of the UDP Port 500 Open Closed
ISAKMP Service (IPSec VPN Server) is
Yes No
Running on Port 500
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Target URL
State of the TCP Port 1723 Open Closed
PPTP Service is Running on Port 1723 Yes No
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Target URL
State of the TCP Port 443 Open Closed
Tools/Services Used 6.
7.
8.
9.
10.
Results Analysis:
Target Organization
URL
Single IP Address
Scan
Range of IP
Addresses Scanned
IPSEC Enabled
Systems
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Test 3: Fingerprinting
Target Organization
URL
VPN Vulnerabilities 1.
Detected 2.
3.
Information 1.
Gathered through 2.
Fingerprinting
3.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Host URL
Acceptable 1.
Transform Attributes 2.
from the Security
Association (SA) 3.
Payload
Combination of 1.
Transfer Attributes 2.
Tried
3.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Host URL
Implementation 1.
Guess 2.
3.
Information 1.
Gathered 2.
3.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Vendor ID Payload 1.
2.
3.
Other Information 1.
Gathered 2.
3.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Host URL
Aggressive Mode Enabled YES NO
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
IPSEC VPN: Default User Accounts and Passwords
User Accounts Passwords
1. 1.
2. 2.
3. 3.
4. 4.
5. 5.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Password File or
Registry Entry
Successfully Recovered Passwords YES NO
Recovered 1.
Passwords 2.
3.
4.
5.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
VPN Client Established to Obtain the Password YES NO
Plain-text Password
Recovered
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Response Given by 1.
the VPN Endpoint to 2.
an Authentication
Attempt 3.
List of Valid 1.
Usernames 2.
3.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Connection to VPN Tunnel Using Correct User Name and False Password
Threshold defined by the authentication
system for failed login attempts
Amount of time required to reset user
account credentials
Impact of the Test 1.
2.
3.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Sniffing Techniques
Used to Intercept
VPN Traffic
Traffic Intercepted
Before it Passes the
Tunnel
Traffic Intercepted
After it Passes the
Tunnel
Decrypt Traffic Off the Line Successful Unsuccessful
Recover Sensitive 1.
Information 2.
3.
4.
5.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Open Ports in the Firewall
1. 4.
2. 5.
3. 6.
Packets Passed 1.
through TCP and 2.
UDP Filtering in the
Firewall 3.
Results from 1.
examined Firewall 2.
Logs
3.
4.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Router Effect on the 1.
VPN Under DoS 2.
Attack
3.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Penetration Tester:
Organization:
Date: Location:
Target Organization
URL
Host Machine
Detected Virtual
Environments
Services Created on 1.
Specific Ports by 2.
Virtual Platforms
3.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Discovered Virtual
Environments
List of Computers, 1.
Routers, and Servers 2.
discovered Using
Variety of Filters 3.
4.
5.
Tools/Services Used
1.
2.
3.
4.
5.
Results Analysis:
Test 3: Check if a documented policy exists for creating new virtual machines
Target Organization
URL
Host Machine
Documented Policy Available to
YES NO
Create New Virtual Machines
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Host Machine
Inventory (List of All Virtual Machines)
Online VMs Offline VMs Rouge VMs
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Patch Status of Host
Operating Systems
Patch Status of Guest
Operating Systems
List all Unpatched 1.
Host and Guest 2.
Operating Systems
3.
4.
5.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Analyzed VM
Configuration
Settings
List of All Unused 1.
Emulated Hardware 2.
3.
4.
5.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Host Operating
System
Information 1.
Gathered from the 2.
Host Operating
Systems Virtual NIC 3.
on the Untrusted 4.
Network
5.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Outbound Traffic From a Virtual Machine Inbound Traffic To a Virtual Machine
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Promiscuous Mode Enabled on Virtual
Yes No
Switches and on Virtual Distributed Switches
Enabled ESX Hypervisor True False
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Memory Reliability
Input/output
Performance of VMs
Network
Performance of the
Virtual Machines
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Exploited
Hypervisors
Results of the Exploit
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Host Operating
System
Guest Virtual
Machine
Exploited VMware
Workstation
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Findings from 1.
Vulnerability 2.
Assessment of
Virtual Environment 3.
4.
5.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Penetration Tester:
Organization:
Date: Location:
Target Organization
URL
Email System 1.
Security Auditing 2.
Begins
3.
4.
5.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Directory harvest 1.
attack (DHA) is 2.
Commonly Used to
3.
4.
5.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Enabling SMTP 1.
Subsystems and 2.
Features
3.
4.
5.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Find out for Possible 1.
Vulnerabilities in the 2.
SMTP Server
3.
4.
5.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
What is NTLM (NT 1.
LAN Manager) 2.
Authentication
Mechanism 3.
4.
5.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Check with the SMTP 1.
Server Configuration 2.
3.
4.
5.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
RCPT TO: and VRFY 1.
Commands can be 2.
used for
3.
4.
5.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Find out POP3 1.
Services used for 2.
Weak Passwords
3.
4.
5.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Perform 1.
Authentication 2.
Process with the
Brute-Forcing 3.
Method 4.
5.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
How to Escalate 1.
Authentication and 2.
Post Authentication
3.
4.
5.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Test 11: Check for known vulnerabilities in mail servers and hosts
Target Organization
URL
Find out the 1.
Vulnerable Hosts and 2.
Mail Servers
3.
4.
5.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Test 12: Check the patch status of mail server and host systems
Target Organization
URL
Find out all Hosts in 1.
the Target Network 2.
are Fully Patched
3.
4.
5.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Note down the 1.
Cracked Email 2.
Address and
Passwords 3.
4.
5.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Anti-Phishing Yes No
Software is Enabled
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Anti-Spamming Tools Yes No
are Enabled
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Perform Email 1.
Bombing and List 2.
Down the Unwanted
emails you have 3.
Discovered 4.
5.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Check CLSID Yes No
Extensions are
Enabled
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Find the Virtual basic 1.
script (VBS) 2.
Attachment
Vilnerability Test 3.
4.
5.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
What is .vbs file 1.
Extensions 2.
3.
4.
5.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Check Long File 1.
Name Vulnerabilities 2.
3.
4.
5.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Try to read the .HTA 1.
in your mail 2.
Attachment
3.
4.
5.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
VBA (Visual Basic for 1.
Applications) Code 2.
and Find out the
Vulnerabilities 3.
4.
5.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
How to Bypass the 1.
Anti-Virus Filters 2.
3.
4.
5.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Find the 1.
Vulnerabilities of 2.
Long Subject
Attachments 3.
4.
5.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Accessing the
Mailbox by Sending
for Vulnerability Test
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Penetration Tester:
Organization:
Date: Location:
Target Organization
URL
PVG Team Addresses 1.
and Helps in 2.
3.
4.
5.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Check with the 1.
Security 2.
Environment
3.
4.
5.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Test 3: Check whether the organization uses automated patch management tools
Target Organization
URL
Check if Automated Yes No
Patch Management
Tools Regularly
Updated
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Explain the Process 1.
of Patch 2.
Management
3.
4.
5.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Installaing Patches 1.
on Non-Production 2.
Systems
3.
4.
5.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Find the 1.
Authentication 2.
Method of
Downloaded Patches 3.
4.
5.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Run an Anti-Virus 1.
Tool on Downloaded 2.
virus patch
3.
4.
5.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Check Newly 1.
Installed patches are 2.
Compromising and
Conflicting 3.
4.
5.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
How to check
Standard
Configurations are
Deployed
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Penetration Tester:
Organization:
Date: Location:
Target Organization
URL
Physical Availability 1.
of USB Devices in 2.
Device Manager
3.
4.
5.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
USB Drive is Enabled Yes No
or Disabled
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Enabling USB Devices 1.
2.
3.
4.
5.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Check Whether the Yes No
Device asks for
Authentication
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Check Bluetooth is Yes No
Enabled
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Check Whether the Yes No
FireWire Port is
Enabled
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Check if FTP Ports Yes No
are Enabled
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Test 8: Check whether any memory slot is available and enabled in systems
Target Organization
URL
Check Whether Any Yes No
Memory Slot is
Enabled or not
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Test 9: Check whether employees are using camera devices within the restricted areas
Target Organization
URL
Illegal use of Camera 1.
Devices Leads to 2.
3.
4.
5.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Test 10: Check whether systems have any camera driver installed
Target Organization
URL
Find in Systems that Yes No
any Camera Driver
Installed
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Anti-Spyware and Yes No
Anti-Trojans Are
Enabled
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Data Encryption 1.
Techniques Protect 2.
3.
4.
5.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Target Organization
URL
Internal Hardware Yes No
Components are
Locked
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis:
Test 14: Check whether size of mail and mail attachments is restricted
Target Organization
URL
Restrict the Size 1.
Limits for mail and 2.
mail attachments
3.
4.
5.
Tools/Services Used 1.
2.
3.
4.
5.
Results Analysis: