Network Assessment:

• Wifi security: We shall be testing the wifi of an organization or individual for various flaws that can be exploited by a hacker. The primary goal for this test is to make the wifi network secure from any kind of outsider interference and to avoid any unauthorized connectivity. The steps we are as follows
  1. Password strength: checking the characters of passwords
  2. Encryption: to check the encryption being used on the wifi
• ARP / DHCP security: In ARP/DHCP security we are going to test the network for any kind of outdated hardware system. We will check if packets are going unencrypted across the network and if someone can maliciously inject arbitrary codes in them.
• Packet Sniffing: In packet sniffing tests we shall conduct a test of sniffing packets travelling on the network if they are easily accessible and if they can be decrypted to know the actual data being transmitted. We shall also test if MITM attacks or any similar attacks are possible due to lack of encryption.
• Worm and Malicious codes: Once a worm enters the network it can create many problems and also jeopardize personal information of the organization or individual. We shall check for any kind of infection on a network and also check for the broadcasting towards other emails or exploitable packets being injected to different computers.

Website Assessment

• FTP: we shall be checking if your websites FTP is strong and secure. Also if there is possibility of anonymous login and mailing from the same. We shall also check if the security protocols are in place and if there is no insecure communication happening between the server and clients.
• Services: We shall audit the website for services that are not required or can be exploited by hackers. If there are any such services, we shall provide the report and solution to the same.
• Port Scans: We shall scan the ports of your website for any open port that may be utilized by a hacker at any given time to damage the website. We shall check for the common ports used for communication and also if there are any other ports that may be insecure.
• Scripts: we shall test the scripts implemented on a website for any kind of exploitable script or code injection possible via scripting on the web server. We shall also check for any kind of outdated scripts or scripting services running on the server that can compromise the security of the website.
• SQL Data: we shall test for any type of sql data that can be read by hackers and if the sql data can be compromised. We shall also check for sql exploits and vulnerabilities possible for your server.
• Spam Test: we shall test your mailing system and website if it can be compromised by spam mailers to forward their spam via your email server setup. Along with that we will also check if someone can spam mail you and that all your anti spam mechanism is properly working.

For more information; please contact us on info@initiativelimited.com