Cyber and Penetration Services
Why we need Cyber and Penetration Services?
Many organizations are exposed to various types of security threats and often need to contend with unauthorized access to the organization, exposure of sensitive data, data corruption, data fraud and even embezzlement, and more. Avnet provides some of the following services to prevent Cyber penetration of sensitive database warehouses and proprietary data theft.
Avnet's Cyber Service include the following
• Investigation and identification of Zero Day Attacks in the Operating System (Windows, Linux) that are not recognized by the scanning systems;
• Fast reaction to cyber security alerts from the step of detection to a complete organization threat removal.
• Reverse Engineering of existing threats, research and analysis of threat behavior;
• Writing spyware and Trojan Horses that are not identified by known AV;
• We provide threat surveys to system and manufacturing processes, such as SCADA, HMI and DCS or at the terminal level PLC's;
• Identification and analysis of Trojan Horses in cellular phones and in the organization's network;
• Cyber Forensics – Testing and analysis of work stations and servers, testing of protection and monitoring systems, testing of log files and event analysis of access and data theft;
• High skills of reverse engineering code to a human readable code, documenting and summarization of clients/protocols for quicker code flaws detection.
• Modbus, OPC protocol eavesdropping using TAP or via IP networks (ARP Poisoning Eth Bridging);
• Researching multiple technologies / protocols in order to create new attacking vectors.
Client & Web-Application Security
Avnet regularly examines access rights in the organization as a weapon against data theft, identity theft, SESSION theft, backdoor mechanisms, strength of mechanism, compartmentalization of access rights as defense against unauthorized data access, system data loss checks using multiple methods.
Avnet's Client & Web-application testing Service include the following:
• Hidden Field Manipulation – examining the entire web application forms and possible pages and parameters and exploit various vulnerabilities.
• SQL Injections – Discovery, exploitation and experience with unusual cases of error, union, blind SQLi vulnerabilities such as carriage return, blind data types and syntax injection.
• Client side Attacks – Discovery of different client side vulnerabilities which can be used to take over application’s user accounts and sensitive data.
Cross Site Scripting – Injecting a malicious code into an application in order to exploit the user’s browser and taking over user’s session.
Cross Site Request Forgery – Taking advantage over the user’s browser to perform different actions on behalf of the user.
HTML5 – discovery of localstorage weaknesses and using newest html5 elements to exploit different client side attacks over the user’s browser.
• Session Hijacking – using various methods such as client-side attacks, session fixation or session misconfiguration in order to fully Hijack user sessions and take over their accounts.
• Buffer Overflow – testing for input validation and discovering buffer overruns that can be used to execute code over a remote/local machine and take over the devices.
• Cookie Poisoning;
• HTTP Parameter Pollution – performing parameter pollution in order to exploit wrong server side parameter parsing, or bypassing data filters.
• Command Injection – Special injection methods of Operation System commands in order to take over the server that runs the application.
• Logic Flaws – Discovery of logical flaws that will reveal security related issues such as sensitive data or permission bypasses.
• Bypassing WAFs – using a unique knowledge and experience in order to bypass running Web Application Firewalls.
• Permission elevation – creative abilities to elevate permissions from low to administrative permissions.