Pentest: Workstation

Protect Your Clients

What are entry points for attackers?

Security vulnerabilities in applications and incorrectly configured system services are ideal entry points for malware to infect individual computers or an entire network. Workstations or clients, such as Windows notebooks, are often the entry point. Successful compromise gives the attacker the rights of the logged-on user. In this situation, it is crucial for the security of the domain or the entire company that the attacker cannot obtain local or even company-wide administrator rights. This could allow him to spread further in the domain and compromise other systems.

Newly introduced enterprise-wide software or operating systems pose a particularly high risk. An important prerequisite is a secure configuration that is adapted to renowned security standards and best practices. Only in this way can unauthorized access be prevented.

icon schwachstelle orange 003

Common vulnerabilities include:

  • Vulnerabilities in software components
  • Insecure configuration of the operating system
  • Lack of hardening measures

What is our approach?

We perform pentests using a standard methodology, which is extended with specific elements for workstation pentests:

In our workstation-level pentests, our security analysts attempt to escalate privileges on the workstation or within the domain. To do this, they apply system-specific procedures for Microsoft Windows and Linux to check the possibility of expanding rights. First, regardless of the operating system used, a comprehensive picture of the installed operating system and software components, as well as the current version status of the components, is captured. Then, various checks are performed to verify the possibility of a local rights escalation. Finally, the hardening measures available on the workstation are examined and compared with current best practices.

What checks are included?

The following checks are carried out during workstation pentesting:

 

  • Analysis of Scheduled Tasks and Cronjobs
  • Checks for insecurely set file permissions
  • Search for locally stored access data
  • Write permissions to services running with higher privileges
  • Investigations of highly privileged processes that use user-controlled resources
  • Checking the configured hardening mechanisms
  • Analysis of network services
icon symbol orange 007 2

Optionally, we conduct a security audit that takes into account recognized IT security standards, best practices and the benchmarks of the Center for Internet Security (CIS). We derive  risks from the identified vulnerabilities and typical security gaps and show you ways to sustainably improve your company’s security.

usd pentest webseite IV 1

Are your systems protected against hackers?

We would be happy to advise you on your options for having your workstations checked by our security analysts. Just get in touch with us.

Contact

 

Please contact us with any questions or queries.

 

Phone: +49 6102 8631-190
Email: sales@usd.de
PGP Key
S/MIME
Contact Form

 

Daniel Heyne
usd Team Lead Sales,
Security Consultant Pentest, OSCP, OSCE