NETWORK-VULNERABILITY ASSESSMENT AND
PENETRATION TESTING SERVICES

CRAW SECURITY also provide NETWORK-VULNERABILITY ASSESSMENT AND PENETRATION SERVICES to different organisation.  Vulnerability  Assessment in any system can be  defined as  Systematic and methodical evaluation of exposure of assets to attackers, forces of nature, and any other entity that could cause potential harm and to correct those vulnerability is doing penetration testing. Craw security has gained great exposure  in the field of  network va-pt.

OUR APPROACH FOR NETWORK VA/PT

STAGE 1:- PLANNING AND INFORMATION GATHERING
  • Share the assessment methodology documents with the client.
  • Ask for details of the web applications in scope for the assessment.
  • scope to decide potential impact of scanning activities.
  • Share contact details of Team Leads and Project Manager from company.
STAGE 2 -
  • White Box Testing
  • Black Box Testing
  • Grey Box Testing
STAGE 3: APPLICATION SECURITY ASSESSMENT
  • Conduct a knowledge transfer exercise to the technical team
  • Present the findings to the technical and management teams
  • Hand over final set of deliverable s to the client

TOOLS FOR NETWORK-VAPT

Nmap
  • Nmap (“Network Mapper)utility for network discovery and security auditing. It is useful TOOL for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime.
  • Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering,
Nessus
  • Nessus scan your personal home network (up to 16 IP addresses per scanner) with the same high-speed, in-depth assessments and agentless scanning convenience.
GFI LanGuard
  • GFI LanGuard provides a detailed analysis of the state of your network. This includes applications or default configurations posing a security risk.
SPARTA
  • SPARTA is a python GUI application which simplifies network infrastructure penetration testing by aiding the penetration tester in the scanning and enumeration phase.
Metasploit
  • The Metasploit Framework contains a suite of tools that you can use to test security vulnerabilities, enumerate networks, execute attacks, and evade detection. At its core, the Metasploit Framework is a collection of commonly used tools that provide a complete environment for penetration testing and exploit development.
DMitry
  • (Deepmagic Information Gathering Tool) is a UNIX/(GNU)Linux Command Line Application coded in C. DMitry has the ability to gather as much information as possible about a host. Base functionality is able to gather possible subdomains, email addresses, uptime information, tcp port scan, whois lookups, and more
Nikto
  • It checks for server configuration items such as the presence of multiple index files, HTTP server options, and will attempt to identify installed web servers and software. Scan items and plugins are frequently updated and can be automatically updated.
Wireshark
  • Wireshark is very similar to tcpdump, but has a graphical front-end, plus some integrated sorting and filtering options.

SUMMERY

Craw Security will be performing Network- penetration testing  effectively at client place and giving complete satisfaction from the vulnerabilities.

We are  finalizing the After the successful penetration into the system, privilege escalation technique is used to identify and escalate access to gain higher privileges, such as registry/root access or administrative privileges to that particular its environment system or network.Finally  binding it up with reports and documentation.

For More Information Contact us

Head Office

  • 1st Floor, Plot no. 4, Lane no. 2, Kehar Singh Estate
    Westend Marg Behind Saket Metro Station
    New Delhi – 110030

Laxmi nagar

  • E-61, 3rd floor, Near Hira sweets, Laxmi Nagar
    New Delhi - 110092
    Landmark : Metro pillar no 46