How it works
INFRA has a smart engine to analyze all services offered by any computer in a network. All TCP and all UDP services will be checked as well as the possibility to use ICMP and IGMP protocols. Even if the ports are not standards or the services are hidden or the banners are modified, INFRA is able to recognize them as well as the operative system running in the machine. This first operation is very important to define what other checks the core engine will do. For every service, INFRA will automatically decide the tests to run, if there is a login for example, the core scanner of INFRA will recognize the service and the protocol, will check the update of the release, validate the encryption and test for usernames and passwords, as well as specific tests for cookies, tokens, bruteforce and more.
The difference with the other Security Scanners in the market is that INFRA is more specific for user logins, web applications and Data Bases. The embedded web application security scanner for example is a program which communicates with a web application through the web front-end in order to identify potential security vulnerabilities in the web application and architectural weaknesses. It performs a black-box test.
Unlike source code scanners, INFRA doesn't have access to the source code and therefore detects vulnerabilities by actually performing attacks. Web applications are highly popular because they allow users to have an interactive experience on the Internet, rather than just view static web pages, users are able to create personal accounts, add content, query databases and complete transactions. In the process of providing an interactive experience web applications frequently collect, store and use sensitive personal data to deliver their service. Customers benefit from the convenience of these applications, while tacitly taking on risk that private information stored in web applications will be compromised through hacker attacks.
INFRA facilitates the automated review of a web application with the expressed purpose of discovering security vulnerabilities. It can look for a wide variety of vulnerabilities, including:
Specific application problems
Server configuration mistakes / errors / version
The scanner simulate a malicious user by attacking and probing, and seeing what results are not part of the expected result set.
It is able to scan JAVA/JSP, PHP or any other engine driven web application.
The most common application vulnerabilities in recently tested applications include:
NFRA modules are programs that make possible each test and are divided into 8 groups:
1. IG – Information Gathering
Modules that allow to search the required information in other security modules and also in intelligent modules in order to run deeper target and company analysis.
2. SA – Service Assessment Modules focused on searching the required information in other security modules, identifying the doors, services and OS, software versions and creating rules to launch other modules over revealed services.
3. US – User & Session Modules created to search vulnerabilities related to users, cookies, login, multi- session, etc.
4. VA – Vulnerability Assessment Modules that search vulnerabilities related to system and network, such as configuration, buffer overflow, software obsolescence and system-related problems, services and network.
5. WA - Web Assessment Modules that search vulnerabilities related to servers, services and web applications. All OWASP top 10 vulnerabilities are tested very carefully.
6. DB – Data Base Assessment Modules that search database-related vulnerabilities.
7. IF – Intelligence Framework extra modules This group contains all modules to look for the required information for other security modules.
8. EM - External Modules INFRA can also be connected to other vulnerability scanning software, commercial and open source, to get more information that will be used in his modules, reporting the final results in a single report so that the analysis is deeper and true, checking vulnerabilities more times. Among others, INFRA can connect to the following (optional) softwares
- Network VA: Tenable Nessus, Rapid7 Nexpose, OpenVAS, Nmap, Amap
- Web App/Services VA: Acunetix WVS, Nikto, OWASP ZAP, OWASP DirBuster, Burp Suite
- Network Penetration Test: Rapid7 Metasploit
- URL Manipulation: Burp Suite, OWASP ZAP, Acunetix WVS, W3af
- DataBase Security: SQLninja, SQLmap
- Password guessing: THC Hydra, Nmap
- Password cracking: John the Ripper
Not all software are listed here, and other modules and software will be added in the future, due to the continuous development of INFRA.
The Core, not only will autonomously decide what test to perform, but also will adapt the scan according to the available bandwidth and the server responses to do not affect the availability and reliability of the services. From its configuration panel is anyway possible to select the intensity of the scans, as well as the time when to perform all operations. INFRA can detect vulnerabilities of your application or infrastructure giving you executive and technical reports.