Penetration Testing for End-Users
It’s clear that direct, email-based attacks on employees and contractors pose one of the greatest threats to information security today. Once compromised, end-user workstations not only expose local data to cybercriminals, but also can provide them with access to other, more sensitive systems on the same network.
Our End-User Penetration Testing makes it easy for you to frequently assess your organization’s susceptibility to phishing, spear phishing and other social engineering techniques. Using our End-User Penetration Testing capabilities, you can safely replicate real-world email-based attacks that test end-user security policies and identify systems requiring patches and other updates. Each test is backed by comprehensive reports that can assist with compliance initiatives and help you pinpoint ways to strengthen data security.
Quickly Identify Social Engineering Test Targets
Social engineering attacks target end-user computers otherwise protected by perimeter defenses. The user must therefore inadvertently expose their computer to attack by clicking on an email link or opening an attachment – or sometimes simply by opening or previewing the email message itself. In the cases of phishing and spear phishing, this begins with acquiring an email address. iNet|Detect offers a number of methods for gathering email addresses from your organization, including:
- Crawl a website to harvest addresses published on the site
- Leverage major search engines to locate addresses for a given domain
- Scan online documents for email addresses to target
- Find addresses in PGP and Whois databases
You can also provide your own list of email addresses to test.
Safely Launch Phishing and Spear Phishing Attacks
With End-User Penetration Testing, you can test your email-user security awareness by replicating realistic phishing attacks with or without attempting to exploit the endpoint system.
- Assess security awareness by identifying users who click links in phishing emails
- Set web forms phishing traps to flag data leakage risks
- Test end-user machines for exploitable vulnerabilities and pivot to other network systems
The service utilizes common phishing threats, and we can create custom spear phishing emails that leverage inside knowledge of your organization.
Our extensive library of client-side exploits cover threats that target:
- Endpoint applications: e.g., web browsers, email clients, instant messaging, media players, business applications and productivity tools
- Endpoint security solutions: e.g., antivirus, anti-phishing, anti-malware, host-based intrusion detection and prevention systems
- Endpoint operating systems and services: e.g., Windows, Mac, Linux
Assess the Consequences of Successful Social Engineering
By replicating real-world attacks, End-User Penetration Testing allows you to see and report on the potential consequences of a compromised end-user system. While conducting a social engineering test, iNet|Detect runs a web server that launches your selected client-side exploit when end users click on the email link.
Once the payload of the attack is successfully deployed, we can interact with the end user’s computer and emulate the type of access an attacker could achieve, including:
- View the local file system and mapped drives
- Upload and download files to and from the end-user system
- Open and interact with files on the compromised system
- Gather user names and passwords from endpoint applications
- Take a screenshot of current activity on end-user’s desktop
- Harvest email addresses from mail clients
- Deploy a keylogger that tracks the user’s keystrokes
- Perform a password dump from the user’s web browser
As a result, you gain indisputable evidence of the threats posed by vulnerabilities on end-user systems.
Determine the Risks of Inside Access
In addition to interacting with files on a compromised end-user system, you can use End-User Penetration Testing to leverage it as a beachhead from which to run subsequent network penetration tests on other systems in the end-user’s network. This pivoting capability enables you to exploit trusted relationships and fully understand the “ripple effect” of threats that can occur when a single end-user system is compromised, replicating the steps attackers actually take.
Monitor End-User Response and Evaluate Security Awareness
iNet|Detect records each GET request as users respond to phishing tests, and test results are then aggregated into two reports:
- Client-Side Penetration Test Report: a full audit trail of each attack, including the email template sent, exploit launched, test result (success or fail), and details about compromised systems
- User Report: a report of which links were clicked, when they were clicked, and by whom
Using the reports, you can quickly identify and address gaps in your security awareness programs.
