All methods of gaining access to the internal network and then compromising resources or stealing confidential information will be exploited.
The methodology used is also based on the state of the art including the TIBER-EU framework.
Creation of attack scenarios
Achievement of the mission
Acquisition of trophies
Balance sheet & deliverables
Identification and presentation of the axes used to carry out the mission (resource compromise scenarios, photos, videos, soundtracks, etc.)
Presentation of exploited trophies and scenarios (sequence of exploited vulnerabilities)
Dedicated and context-specific recommendations
The different attack vectors
Our consultants will try to physically access your infrastructures (offices, datacenter, etc.) to connect directly to the internal network in a resilient way or to retrieve information (documents, etc.).
Your entire Information System exposed to the Internet potentially constitutes a gateway to your internal network. As such, we will passively and actively seek to identify a vector of compromise / rebound.
All interactions with your collaborators can be used to develop the mission. In this context, false telephone calls, appointments, interventions, deposits of USB keys in places accessible to the public, etc. can be implemented.
Your employees will be targeted by Phishing emails aimed at recovering sensitive information such as identifiers in order to continue the operation of the mission.