Phase 1: Information Gathering
During the initial phase we try to learn as much as possible about your infrastructure by, for example, identifying subdomains and hosts. Anyone in your company may leave a web application wide open to the net in the scope of your domain. Most of the time, those applications are forgotten. We will find them.
Phase 2: Crawling
After collecting the initial information, Detectify will move on and crawl your web application to find as many unique URLs as possible within the scope of your domain. While doing this, we keep an eye on the content to make sure that it’s of no harm to you.
Phase 3: Information Analysis
During this phase we analyse the data collected in the previous phases. We look for incorrectly configured login forms, error messages, database backups and other common flaws and mistakes based on static source code analysis. We also scan for malware using VirusTotal and its many anti-virus solutions.
Phase 4: Fingerprinting
This phase is used for extended fingerprinting of the domains and the software they run. We will, for example, try to resolve the CMS (if any), the technology stack, the operating system and so forth. All this is done to customize the vulnerability scanning in the next phase.
Phase 5: Exploitation
This is what it all comes down to! Based on the information gathered in the previous phases, Detectify performs extensive tests using known pentesting methods as well as the very latest methods in web security. We add new vulnerabilities to our scanner on a regular basis to make sure it’s up to date.
Phase 6: Finalization
During this phase we finalize your report and remove any “false positives” that we could detect. When we’re done, you will get an email with a link to your report. However, if you were curious and watched the live report, this won’t be news to you!