-
Key goal of an external pentest is to test security from an outside perspective.
-
While breaking into the network and getting administrator access is great, the vulnerabilities found during the pentest are equally important.
-
Maintain a checklist for pentesting. Examples of tasks in a checklist for an external pentest include:
- Ensure RoE is signed by client
- Verify customer scope
- Conduct vulnerability scanning with Nessus
- Validate scanning tool vulnerabilities
- Escalate privileges from external to internal
- Cleanup
-
Rules of Engagement document lays out a high-level overview of what is allowed and what is not allowed as an external pentester.
-
It includes the roles & responsibilities for the pentest; it also mentions the scope, and out-of-scope items.
-
The RoE has to be signed in order for the pentest to begin officially.
-
Other aspects such as Verification of scope and client communication are equally important.
-
External pentests are analogous to home security - lower chances of RCE, higher chances of weak passwords; OSINT is another useful technique.
-
Vulnerability scanning should be one of the initial processes in an external pentest as it is a time-consuming process.
-
The result of the vulnerability scan needs to be reviewed & extracted to required formats.