That a Phone in Your Pocket or Are You Scanning My Network?
Article by Ken Westin
Mobile Penetration Testing: Is That A Phone In Your Pocket Or Are You Scanning My Network?
When most people think of penetration testing, they think of a simulated external attack where the tester tries to break into a network from a remotely.
Companies focus most of the security spending and policies on keeping hackers from the outside in, from firewalls and other security hardening appliances, software and tools.
However, given the proliferation of mobile devices in the workplace and use of Wi-Fi networks inside of an office, attacking from inside the network provides unique opportunities.
Smartphones have become much more powerful over the past few years, with powerful processors and a plethora of hardware at your fingertips. Combine this power into a compact unit with the right apps you can scan a network from the inside in seconds along with several other new types of attacks and information gathering.
Your browser may not support display of this image. Mobile devices have accelerated productivity as they move to replace many of the other devices we used to carry in a small package. Most phones have Wi-Fi capability, cameras, mass storage capability and a persistent internet connection via 3G and 4G and allow a wide number of applications and if rooted provide many of the same tools as a computer, but with more hardware and network capabilities. Continue reading
1,486 total views