I perform Tests for Telecomms,Institutions and Companies. My work is thorough and detailed supported by reports.This Includes:
1. Planning and reconnaissance - Defining the scope and goals of a test, including the systems to be addressed and the testing methods to be used.Gathering intelligence (e.g., network and domain names, mail server) to better understand how a target works and its potential vulnerabilities.
2. Scanning:
Static analysis – Inspecting an application’s code to estimate the way it behaves while running. These tools can scan the entirety of the code in a single pass.
Dynamic analysis – Inspecting an application’s code in a running state. This is a more practical way of scanning, as it provides a real-time view into an application’s performance.
3. Gaining Access -This stage uses web application attacks, such as cross-site scripting, SQL injection and backdoor, to uncover a target’s vulnerabilities. Tester then trys and exploit these vulnerabilities,typically by escalating privileges,stealing data, intercept.
4. Maintaining access - Goal of this stage is to see if the vulnerability can be used to achieve a persistent presence in the exploited system.
5. Analysis,Reports