|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: Pen-Test and Social Engineering
From: Marco Ramilli (gramill
tin.it)
Date: Sun Feb 05 2006 - 12:18:15 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
burzellainwind.it wrote:
>Hi
>In yuor opinion, can a Social Engineering test be considered part of a Pen-Test?
>
>Thanks
>
>------------------------------------------------------------------------------
>Audit your website security with Acunetix Web Vulnerability Scanner:
>
>Hackers are concentrating their efforts on attacking applications on your
>website. Up to 75% of cyber attacks are launched on shopping carts, forms,
>login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
>futile against web application hacking. Check your website for vulnerabilities
>to SQL injection, Cross site scripting and other web attacks before hackers do!
>Download Trial at:
>
>http://www.securityfocus.com/sponsor/pen-test_050831
>-------------------------------------------------------------------------------
>
>
>
>
Obviously ! Social Engineering is the penTest's King.
In a final documentation is essential write about this kind of attack.
It's really a normal attack like MITM or DoS, some time Social is more
dangerous than other kind of attack.
--
*************************************
Dott. Ing. Marco Ramilli aka eth0up
Ric Security System:
- http://www.rrsecurity.info
- eth0uprrsecurity.info
- http://cesena.ing2.unibo.it
- marco.ramillistudio.unibo.it
personal:
- gramilltin.it
- marco.ramillimac.com
************************************
------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:
Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:
http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]