Penetration test / red team
Synacktiv assesses the overall security of your organization through real-world testing
These so-called "Red Team" assessments rely on an in-depth knowledge of existing technologies, combined with a high degree of stealth. To increase the credibility of these tests, the SOC and the administration teams are often voluntarily kept in the dark.
We also offer penetration testing assessments on more narrow scopes (internal network, applications, embedded systems, etc.).
EXAMPLE OF COMPROMISE
- Compromise of a website exposed on the Internet via SQL injection
- Setup of a communication channel towards the remote internal network
- Compromise of a workstation and retrieval of authentication secrets (also possible via spear-phishing)
- Compromise of an administration workstation
- Bounce on the industrial network via this administration station
impacket, pypykatz, ssf, Python scripting / Bash / PowerShell