OFFICE ADDRESS:
Ministry of Hack (Admin Office 365)
38 Turner St,
London, UK
E1 2AS

COMPANY REGISTERED IN ENGLAND & WALES: 11921368
COPYRIGHT© | MINISTRY OF HACK™ 1997 | ALL RIGHTS RESERVED BY: NAUSHAD.

CYBER INTELLIGENCE | THREAT HUNTING & DISCOVERY

Back to Top

MoH SECURITY LAB

  • Internal Penetration Test
  • £ T&C
  • An internal penetration test emulates an attacker on the inside of your network. This could be either an attacker who is successful in breaching the perimeter through another method or a malicious insider. The goal of the engineer in this module is to gain root and/or domain administrator level access on the network, and gain access to sensitive files. Activities include:

    • Active and Passive network reconnaissance including traffic sniffing, port scanning, LDAP enumeration, SMB enumeration, etc.
    • Vulnerability scan on all in-scope targets
    • Spoofing attacks such as ARP cache poisoning, LLMNR/NBNS spoofing, etc.
    • Manual and automated exploit attempts
    • Shared resource enumeration
    • Password attacks
    • Pivoting attacks
  • External Penetration Test
  • £ T&C
  • An external penetration test emulates an attacker trying to break into your network from the outside. The goal of the engineer performing this assessment is to breach the perimeter and prove they have internal network access. This test includes:

    • Open source reconnaissance against the organisation
    • Full port scan covering all TCP ports and the top 1,000 UDP ports of the targets in scope
    • Full vulnerability scan of the targets
    • Manual and automated exploit attempts
    • Password attacks
  • Wireless Penetration Test
  • £ T&C
  • A wireless penetration test is a comprehensive evaluation of the wireless networks in your organisation using automated and manual methods. Areas covered include:

    • Password attacks
    • WEP/WPA cracking
    • Guest wireless segmentation checks
    • Traffic sniffing attacks
    • SSID spoofing
    • Rogue access point discovery
  • Web Application Penetration Test
  • £ T&C
  • A web application penetration test is an in-depth penetration test on both the unauthenticated and authenticated portions of your website. The engineer will test for all of the OWASP Top-10 critical security flaws, as well as a variety of other potential vulnerabilities based on security best practice. Activities include:

    • Website mapping techniques such as spidering
    • Directory enumeration
    • Automated and manual tests for injection flaws on all input fields
    • Directory traversal testing
    • Malicious file upload and remote code execution
    • Password attacks and testing for vulnerabilities in the authentication mechanisms
    • Session attacks, including hijacking, fixation, and spoofing attempts
    • Other tests depending on specific site content and languages

SUBSCRIBE TO NEWSLETTER