CSCI 632

Penetration Test Report

Target Inc.
December 2016

John Hopson Consulting Services, LLC

TABLE OF CONTENTS

Page 1 of 9
 CSCI 632

1. Executive Summary ..................................................................................................................3

1.1 Penetration Test Summary of Results ...............................................................................3
1.2 Phishing Exercise Summary of Results ............................................................................3

2. Penetration Testing....................................................................................................................4
2.1 Purpose ..............................................................................................................................4
2.2 Scope .................................................................................................................................4
2.3 Methodology .....................................................................................................................5
2.4 Restrictions........................................................................................................................5

3. Penetration Test Findings..........................................................................................................5

3.1 [Penetration Test Finding #1] ...........................................................................................5
3.2 [Penetration Test Finding #2] ...........................................................................................6
3.3 [Penetration Test Finding #3] ...........................................................................................6

4. Phishing Exercise Findings .......................................................................................................7

4.1 Phishing Email ..................................................................................................................7
4.2 Results ...............................................................................................................................8

Appendix A – References ................................................................................................................9

Page 2 of 9
 CSCI 632

1. EXECUTIVE SUMMARY
[Your Company Name] was engaged by [Client Name]to conduct a penetration test and
presents the business and technical findings in this report. The assessment was conducted
from [date]to [date], [year].

1.1 PENETRATION TEST SUMMARY OF RESULTS

The following was identified by[Your Company Name]during the course of the
penetration test as the greatest risks to the organization’s information and systems.
 [Input a summary description ofpenetration test finding #1, and summary
recommendation to remediate]
 [Input a summary description of penetration test finding #2, and summary
recommendation to remediate]
 [Input a summary description of penetration test finding #3, and summary
recommendation to remediate]

1.2 PHISHING EXERCISE SUMMARY OF RESULTS

The following was identified by [Your Company Name] during the course of the
phishing exercise as the greatest risks to the organization’s information and systems.
[Input a few sentences describing phishing findings and recommendations]

Page 3 of 9
 CSCI 632

2. PENETRATION TESTING

2.1 PURPOSE
The purpose of performing a penetration test is to ensure that an individual or
organization is able to identify vulnerabilities or weaknesses in networked
environments, web applications and physical premises so that they may be
addressed (Tang, 2014). Moreover, penetration test provides evidential proof of any
weaknesses that cyber-criminals could exploit, and furthermore the potential impact
that a successful breach could cause a company. It helps businesses focus on the
key security issues that they have in their systems and security policies and to iron
out any insecure working practices.

Even with robust security policies and procedures in place there is often very little
assurance that all of the controls businesses believe have put in place are actually
implemented, never mind implemented correctly. That's even before the company
actually employs a penetration testing firm to conduct attacks that are
representative of how a malicious person would set about attacking the
organisation.

Penetration testing can encompass many different areas, predominantly covering

internal networks and Internet-facing hosts, web applications, firewalls, wireless
networks and network devices. Some testing firms have the capability to go beyond
this and examine the physical security of buildings, research particular items of
information and target individuals with specific attacks. They can also review
specialised hardware, such as car security systems and burglar alarms, or even
attempt to break into offices or warehouse locations to obtain specific items.

Tang, A. (2014). A guide to penetration testing. Network Security, 2014(8), 8-11.

doi:10.1016/S1353-4858(14)70079-0

2.2 SCOPE
IP addresses included in penetration testing:
 [Input IP address range that was included]

Page 4 of 9
 CSCI 632

2.3 METHODOLOGY
[Your Company Name]’s assessment methodology [Input a paragraph describing
your methodology and the benefits to the client]

2.4 RESTRICTIONS
During this assessment, the following types of tests were not performed:
 Denial of service attacks
 Brute force attacks
 Attacks that would lower the security posture of systems

3. PENETRATION TEST FINDINGS

During the penetration test, [Your Company Name] was able to [Input a couple of
sentences describing what you were able to do]

3.1 [PENETRATION TEST FINDING #1, I.E. SHELLSHOCK VULNERABILITY

EXPLOITED TO OBTAIN REMOTE COMMAND AND CONTROL OF
SERVER]

Details
[Input detailed description of penetration test finding]

[Input a [Paste screenshot here]

description of
the screenshot
i.e. The results
to the right
show evidence
of the [Your
Company
Name]
consultant
compromising
the vulnerable
server]

Impact
[Input the impact of penetration test finding]

Page 5 of 9
 CSCI 632

Recommendation
[Input recommendation to remediate penetration test finding]

3.2 [PENETRATION TEST FINDING #2]

Details
[Input detailed description of penetration test finding]

[Input a [Paste screenshot here]

description of
the screenshot
i.e. The results
to the right
show evidence
of the [Your
Company
Name]
consultant
compromising
the vulnerable
server]

Impact
[Input the impact of penetration test finding]

Recommendation
[Input recommendation to remediate penetration test finding]

3.3 [PENETRATION TEST FINDING #3]

Details
[Input detailed description of penetration test finding]

Page 6 of 9
 CSCI 632

[Input a [Paste screenshot here]

description of
the screenshot
i.e. The results
to the right
show evidence
of the [Your
Company
Name]
consultant
compromising
the vulnerable
server]

Impact
[Input the impact of penetration test finding]

Recommendation
[Input recommendation to remediate penetration test finding]

4. PHISHING EXERCISE FINDINGS

[Your Company Name] conducted a phishing exercisethat targeted a list of 10email
addresses supplied by [Client Name]to gauge user responses and identify any
deficiencies in [Client Name] user awareness training. This exercise simulatesan
sophisticated attack similar to those common to Advanced Persistent Threats
(APT).
[Your Company Name]provides recommended remediation based on the findings
of the phishing exercise.

4.1 PHISHING EMAIL

Users received a phishing email that appeared to be from a friend but the link in the
email forwarded the user to the [Your Company Name]consultant’s listening
server.

Page 7 of 9
 CSCI 632

Once the connection was established to the consultants listening server the
consultant demonstrates accessing internal websites through this user’s browser and
logs into the user’s webmail without needing to provide any authentication.
[Paste screenshot of browser pivoting, Lab 7, Part 3, Step 51]

4.2 RESULTS
Out of 10 users 5 users opened the phishing email(50 percent) and 3 users clicked
the link (30 percent). Only one user (10 percent), Alice had a vulnerable web
browser. This vulnerability opened a remote connection into the internal network
through Alice’s workstation. It should be noted that while most users did not open
the attachment all that is needed is one user in order for an attacker to gain a
foothold inside the internal network.
[Your Company Name]recommends that [Client Name] do the following to
increase the overall security posture.
1. Guide users in effectively identifying suspicious emails.
2. Educate users on what to do and who to notify if they encounter a suspected
phishing email.
3. Educate users on what NOT to do if they receive a suspicious email.
4. [Input recommendation to remediate phishing test findings]

Page 8 of 9
 CSCI 632

APPENDIX A – REFERENCES

Page 9 of 9