Projects Services Products Contact About  
 
 
 

Today's 

News Articles Exploits Advisory

News

content of News

more news >>

Articles

content of Articles

more news >>

Exploits

content of Exploits

more news >>

Advisory

content of Advisory

more news >>

 

 
 

HackTrack Services

Today’s Internet security threats, cyber-attacks and intrusions can be eliminated by proper implementation of a variety of traditional point solutions like firewalls, antivirus systems, Intrusion Detection Systems (IDS), security packages, and especially by a good security policy.

HackTrack™ presents a portfolio of products and services tailored to meet everyday Internet security needs. HackTrack™ introduces a variety of products made not only by benchmark security companies, but also its own products, and especially its own customized solutions that were proven by a variety of successful deployments and implementations. The HackTrack™ team considers the most recent security threats and intrusions through an ongoing R&D process.

HackTrack™ offers following security products:

 

HackTrack™ offers following security services:

Penetration Tests

In scope of this service, HackTrack™ team provides an Internet connection security testing, which also includes all services provided by Internet such as Mail Server, WWW Server. Among others, HackTrack™ team also tests a resistance of anti-virus protection against Internet malware.

HackTrack™ offers the following Penetration Tests:

1. External Penetration Test (EPT)

External Penetration Test screens a level of system security to external attacks. External Penetration Test execution is in accordance with the following methodology approaches:

  • Penetration Test with limited liability – This approach assumes no or limited knowledge of client’s environment. This simulates hacker’s intrusion.
  • Penetration Test with a complete knowledge – This method assumes a detailed knowledge of client’s environment such as network topology, details of used applications, and description of security mechanisms.
  • Hidden Penetration Test – This approach aims to test readiness for penetration attempt and for real attack reaction mechanisms. In this scenario, the employees of client’s system support are not informed about test implementation.
  • Cooperative Penetration Test – This test expects a mutual cooperation and achievement of high level efficiency while simulating an attack. The employees of client’s system support are fully informed about test implementation.

2. Internal Penetration Test (IPT)

Internal Penetration Test evaluates system security to unauthorized operations within the system. The HackTrack™ team simulates users, connected to Intranet, who attempt an unauthorized access to confidential information either intentionally (for instance: obtaining corporate data with an intention to sale them to competitors), or unintentionally (for instance: due to errors in IS implementation). This simulation tests internal security mechanisms of organization.

3. Complex Penetration Test (CPT)

Complex Penetration Test is a combination of Internal and External Penetration Tests.

4. Social Engineering Test (SET)

Social Engineering Test evaluates a security breaches caused by human beings’ failures. Any company with firewalls, authentication processes, network monitoring software, and VPNs are vulnerable to an attack, especially if employees unwittingly give away critical information in an email and by answering questions over the phone with someone they do not know.

The output of each Penetration Test concludes a Closure Report with the following content:

  • Test Assignment
  • Test Plan
  • Applied Methods and Approaches
  • Test Procedure Information
  • Test Outcome and Evaluation
  • Specific Measure Recommendations and Suggestions to eliminate weak points

Security Audits

Security Audit is a complex survey and classification of a customer’s security level including weak point detection and security leaks. The HackTrack™ team carries out audits in cooperation with audited company. On the contrary to the Penetration Test, this audit is not carried out from the intruder’s point of view; rather, it evaluates other factors such as the Presence of Security Policy, Standards, and Crisis Plans.

Each Security Audit results in a Survey Report that describes a security level and its detected inefficiency. A part of the audit could also serve as a proposal of suggested solutions for inefficiency elimination. The HackTrack™ Security Audit procedures are in agreement with the internationally accepted standards and methodologies, particularly with the British security standard BS 7799:1999 (ISO 17799) and technical report CSN ISO/IEC TR 13335 Information Technology -- Directives for IT security practices according to the COBIT standard.

In scope of this service, HackTrack™ offers execution of the following audits:

  • Security Policy Audit reports adequacy and complexity of information security at the highest possible level. A part of this audit is the evaluation of the entire security standards, procedures and measures related to the best IT practice and crisis plans efficiency revision.
  • Information System Security Audit reports security protection of information processed by the Information System, including the evaluation of system input and output (e-mail, hard copy, and other form).
  • Communication Infrastructure Security Audit includes evaluation of network security concept with a particular attention to the communication security with the external environment such as the Internet communication, key active network elements, and devices ensuring a secure communication -- firewall.
  • Security Servers and Stations Audit reports security of servers and selected working stations, including notebooks and mobile stations. This audit identifies security weak points of the installed OS settings Windows 9x/NT/2000/XP/2003/Vista, UNIX, Novell Netware and evaluates a security level of operating applications.

Security Subscription / Outsourcing

This service is particularly beneficial to the small size companies that do not find it economical to have an experienced in-house administrator. Security Subscription includes a remote monitoring, administration of server security conditions, and client’s software installation in accordance with contract conditions. The standard part of this service includes patches implementation as well. In addition, the client has access to an on-line system that provides a complete survey of all performed interventions. Also, a client can consult entire security related issues through this on-line system with the HackTrack™ security experts.

Communication between client and the HackTrack™ team is secured by SSL and PGP technology. Client is notified about all new facts via automatics e-mail alert system.

HackTrack™ offers Security Subscription for the following Operation Systems:

  • Windows 2000 Server Edition
  • Windows 2000 Professional
  • Windows 9x (support closed at 1.10.2010)
  • Windows XP
  • Windows 2003
  • Windows Vista
  • Linux Debian , Gentoo
  • Linux Redhat , Fedora Core
  • Linux Mandrake, Mandriva

and for the following companies:

  • Oracle
  • Cisco
  • Novell
  • MySQL
  • Microsoft
  • IPSwitch
  • Kerio
  • Software602
  • Sybase

And others know software Total Commander, WinRar, WinSCP, Skype, Apache, PHP, Adobe Acrobat, Pspad Flash plugin, Firefox, Opera, FlashGet, TheBat, Gaim, MSN, ICQ, MiRC, Netscape Terminal Services Client, putty, PGSQL, 7Pack,WinZip, WinHEx,Cpu-z, InfanViewer, Foobar2000,Miranda

IT Systems Security

In scope of this service, and according to client’s request, HackTrack™ offers:

  • Complete networks security
  • Individual network elements security (Servers, Workstations, Printers, Web Cameras, and other network devices)
  • Implementation of anti-virus security systems
  • Implementation of backup data systems
  • Implementation of protection systems against errors
  • Establishment of company security policy
  • Company security policy workshops and employees training

HackTrack™ highly recommends combining of IT Systems Security service with Penetration Test or Security Audit services that detect strong and weak points of customers’ security systems. Test or audit results help to apply better security measures according to the customers’ needs.

IT systems security is such a broad issue that the HackTrack™ team could not cover here all HackTrack™ available professional security services and expertise. HackTrack™ team offers the implementation of custom solutions; therefore, do not hesitate to contact us with your request for specific information.

System Recovery

This service includes procedures leading to a system recovery after hackers and malware attacks. The success of such procedures mainly depends on “backup” methods that were used by clients prior to the attacks.

The HackTrack™ team is capable of system resetting and its functionalities recovery from available “backup” sources by utilizing proprietary tools. In addition, the HackTrack™ team provides a data recovery from HD, portable CD, floppy discs, and other “backup” devices. Indeed, this service offers the recovery of data attacked by malware.