Pentera v6.1 Release Notes

Questions and Answers

What is the main focus of the Ransomware Emulation test in Pentera v6.1?

• Assessing vulnerabilities in non-standard TCP ports
• Testing with LockBit 2.0 on Windows hosts
• Testing with LockBit 3.0 on Linux hosts (correct)
• Simulating phishing attacks on Linux systems

Which methods can be used for authentication during ransomware emulation tests on Linux hosts?

• Local accounts and SSH credentials only
• Only SSH keys
• SSH keys and Windows domain accounts
• SSH credentials and SSH keys (correct)

What new feature has been added regarding non-standard TCP ports in Pentera v6.1?

• Only standard ports can be used in tests
• Tests can only use one non-standard port
• Non-standard ports can be included in test templates (correct)
• Port ranges are no longer supported

What enhancement supports residue cleanup on Linux machines in Pentera v6.1?

SSH keys can be used for cleanup (C)

What is the maximum number of ports that can be added in a single test template in Pentera v6.1?

1,024 ports (B)

What campaign can currently be executed on Linux hosts as per Pentera v6.1?

LockBit 3.0 (C)

Which of the following best describes Dynamic Attack Node (DAN) enhancements in Pentera v6.1?

They introduce more flexible deployment options (B)

Where can SSH key options be applied for residue cleanup in Pentera v6.1?

In the Environment and template settings (B)

What is one method of connecting Pentera to the DAN?

Using SMB via port 445 (B)

What new capability does Pentera Cloud include?

Ability to scan workloads for vulnerabilities (A)

What does the recent update to the Domain Recon engine provide?

New achievements and updated names for existing ones (A)

How can Pentera obtain credentials for cloud resources?

By validating selected SQL connection strings (D)

Which new components are specifically discovered by Pentera in Azure Cloud?

Azure App Services, Azure Storage Accounts, and Azure AKS Clusters (A)

What was a specific enhancement noted in the bug fixes for Pentera?

Improved performance in longer tests and larger environments (B)

What type of IP assignment can now be done for the parent node?

Both static and dynamic IP assignment (C)

What change is reflected in the appearance of cloud asset vulnerabilities?

The color represents the severity of vulnerabilities found (C)

Flashcards

LockBit 3.0 Emulation for Linux

Pentera v6.1 now supports simulating LockBit 3.0 ransomware attacks on Linux hosts. This helps organizations test their security against a formidable ransomware threat.

SSH Access for Linux Testing

You can now use SSH credentials or SSH keys to connect to Linux machines during ransomware emulation tests.

SSH Key-Based Residue Cleanup on Linux

Pentera v6.1 allows you to clean up test residues on Linux machines using SSH keys, in addition to traditional methods.

Non-Standard Port Testing

This feature enables you to target services using non-standard TCP ports, expanding the coverage of your penetration tests.

DAN Flexibility

Pentera v6.1 provides more options for deploying Dynamic Attack Nodes (DANs) within your test environments.

Multiple Non-Standard Ports

You can now include multiple non-standard TCP ports or port ranges within your test scenarios.

Maximum Port Limit

The new feature allows you to add up to 1,024 non-standard ports during a single test.

Backwards Compatibility with Non-Standard Ports

This enhancement allows for backward compatibility, so you can add non-standard ports to your existing test templates.

SSH Connection

This option allows for a secure and direct connection to the DAN using the SSH protocol over port 22 or a custom port.

Cloud Workload Scanning

Using this feature, you can scan workloads running within a cloud environment for vulnerabilities. It leverages a third-party tool for scanning and is enabled by default.

Enhanced Domain Recon

An updated version of the Domain Recon engine for analyzing domains on a large scale, providing insights into domain data.

Enhanced Asset Discovery in Azure

Pentera Cloud now identifies and tests Azure assets including App Services, Storage Accounts, and AKS Clusters. This enhances the cloud testing scope by targeting critical assets. Once credentials are obtained, accessible assets can be discovered.

Validating Database Connection Strings

By obtaining necessary permissions, Pentera analyzes cloud resource configurations, extracts and validates selected SQL connection strings, and uses them to connect to databases like Amazon RDS and Azure SQL Server. This provides comprehensive data analysis capabilities.

Performance Optimization

Core components of Pentera have been refined and optimized for better performance, especially noticeable in lengthy tests and larger environments.

Cloud Asset Color Representation

An issue concerning the representation of vulnerability severity in cloud assets was addressed, ensuring that asset colors accurately reflect the severity of discovered vulnerabilities.

Bug Fixes and Maintenance

Pentera continues to resolve user-reported issues and optimize its platform. This version includes fixes and enhancements to core components, leading to significant performance improvements.

Study Notes

Pentera v6.1 Release Notes

• Pentera's Ransomware Emulation test supports LockBit 3.0 for Linux hosts

• LockBit 3.0 is an evolution of LockBit 2.0, with the highest number of victims across various industries.

• Pentera allows running ransomware emulation tests on Linux hosts via SSH protocol.

• Authentication can be done using SSH credentials or SSH keys.

• LockBit 3.0 campaign can now be run on Linux hosts.

• Users can test using pre-defined testing scenarios or create custom ones.

• Detailed reports are available after test runs.

• A new LockBit 3.0 wiki article provides information on the ransomware, its mitigation and remediation, especially focused on Linux targets.

• Now supports SSH keys for residue cleanup on Linux machines.

• Local/domain accounts for Windows machines are also supported.

• SSH keys can be used for authentication during residue cleanup.

• New options in the Dynamic Attack Node (DAN) settings allow greater flexibility for deployments.

• Pentera can connect to DAN via SSH (port 22 or custom port) or SMB (port 445).

• Users can assign a static IP address to the parent node.

• The flexibility includes assigning static IPs or using DHCP for IP assignment.

• Enhanced Domain Reconnaissance engine handles domains at scale.

• Updated achievements in the Domain Recon engine now have revised names and descriptions.

• New achievements offer more insights into domain data.

• Ability to include non-standard TCP ports (high/special ports) in tests for expanded coverage.

• Tests can include custom added ports or port ranges via file upload.

• This feature is backward compatible with existing templates.

• Up to 1024 ports can be added to a single test.

• Pentera Cloud can now scan for vulnerabilities in cloud workloads.

• Third party tools used to scan cloud workloads.

• Scan capabilities are enabled by default.

• Options to allow exploits (remote code execution), cloud-native intrusive actions, and cloud configuration reviews all without explicit approval;

• The cloud configuration review identifies misconfigurations as vulnerabilities.

• Pentera scans all assets within the cloud regardless of type.

• Pentera Cloud can now discover Azure App Services, Azure Storage Accounts, and Azure AKS Clusters in cloud testing scenarios.

• Azure assets are common targets for attackers.

• Validating database connection strings to obtain credentials.

• Once permissions granted, Pentera harvests and validates SQL connection strings to connect to databases like Amazon RDS and Azure SQL Server.

• Validated credentials result in a new achievement in Attack Vector, enabling further data extraction.

• Bug fixes and optimizations, especially noticeable in long/large tests.

• The severity of vulnerabilities in cloud tests is now represented by the asset's color.

• An issue uploading custom password dictionaries has been addressed.

• Support for Pentera versions 5.9 and above. Customers with older versions should upgrade.

Description

Explore the features of Pentera v6.1, which includes support for the LockBit 3.0 ransomware emulation test on Linux hosts. This release highlights key enhancements like SSH authentication and residue cleanup options, making security testing more robust. Discover detailed reporting capabilities and customizable testing scenarios for improved cybersecurity practices.