We have a requirement for pentesting the Guest VLAN segment, I need some inputs as too what all stuffs could be tested and tools that can prove helpful for it, besides pentesting the wireless network in the guest VLANS.
The first thing that you need to do is making an agreement about the scope and level of pentest project otherwise you might break laws and get caught during the pentest.
Because for example your client wants you to perform pentest on their web application in order to identify security weakness, but you’ll compromise the entire server during the pentest which is ilegal in this case.
Your contract should emphasis the following items:
1- what kind of access you can get.
2- Penetration test scope.
3- Black box or white box
4- other legal aspects of the project.
About tools, i suggest you to use kali linux as platform which has a whole bunch of tools for pentest. You’ll need a place to archive gathered information about the target and i suggest you dradis framework, Leo and xmind for that.
Viewing 1 reply thread
You must be logged in to reply to this topic.
– EH-Net Live!“CISO Underrepresented“ w/ Mark Arnold and Steph Ihezukwu on Tues June 30 @ 1:00 PM US ET. Reg Open Now!