Pentera v6.1 Release Notes

Questions and Answers

What is the main focus of the Ransomware Emulation test in Pentera v6.1?

Assessing vulnerabilities in non-standard TCP ports

Testing with LockBit 2.0 on Windows hosts

Testing with LockBit 3.0 on Linux hosts (correct)

Simulating phishing attacks on Linux systems

Which methods can be used for authentication during ransomware emulation tests on Linux hosts?

Local accounts and SSH credentials only

Only SSH keys

SSH keys and Windows domain accounts

SSH credentials and SSH keys (correct)

What new feature has been added regarding non-standard TCP ports in Pentera v6.1?

Only standard ports can be used in tests

Tests can only use one non-standard port

Non-standard ports can be included in test templates (correct)

Port ranges are no longer supported

What enhancement supports residue cleanup on Linux machines in Pentera v6.1?

SSH keys can be used for cleanup

What is the maximum number of ports that can be added in a single test template in Pentera v6.1?

1,024 ports

What campaign can currently be executed on Linux hosts as per Pentera v6.1?

LockBit 3.0

Which of the following best describes Dynamic Attack Node (DAN) enhancements in Pentera v6.1?

They introduce more flexible deployment options

Where can SSH key options be applied for residue cleanup in Pentera v6.1?

In the Environment and template settings

What is one method of connecting Pentera to the DAN?

Using SMB via port 445

What new capability does Pentera Cloud include?

Ability to scan workloads for vulnerabilities

What does the recent update to the Domain Recon engine provide?

New achievements and updated names for existing ones

How can Pentera obtain credentials for cloud resources?

By validating selected SQL connection strings

Which new components are specifically discovered by Pentera in Azure Cloud?

Azure App Services, Azure Storage Accounts, and Azure AKS Clusters

What was a specific enhancement noted in the bug fixes for Pentera?

Improved performance in longer tests and larger environments

What type of IP assignment can now be done for the parent node?

Both static and dynamic IP assignment

What change is reflected in the appearance of cloud asset vulnerabilities?

The color represents the severity of vulnerabilities found

Study Notes

Pentera v6.1 Release Notes

• Pentera's Ransomware Emulation test supports LockBit 3.0 for Linux hosts

• LockBit 3.0 is an evolution of LockBit 2.0, with the highest number of victims across various industries.

• Pentera allows running ransomware emulation tests on Linux hosts via SSH protocol.

• Authentication can be done using SSH credentials or SSH keys.

• LockBit 3.0 campaign can now be run on Linux hosts.

• Users can test using pre-defined testing scenarios or create custom ones.

• Detailed reports are available after test runs.

• A new LockBit 3.0 wiki article provides information on the ransomware, its mitigation and remediation, especially focused on Linux targets.

• Now supports SSH keys for residue cleanup on Linux machines.

• Local/domain accounts for Windows machines are also supported.

• SSH keys can be used for authentication during residue cleanup.

• New options in the Dynamic Attack Node (DAN) settings allow greater flexibility for deployments.

• Pentera can connect to DAN via SSH (port 22 or custom port) or SMB (port 445).

• Users can assign a static IP address to the parent node.

• The flexibility includes assigning static IPs or using DHCP for IP assignment.

• Enhanced Domain Reconnaissance engine handles domains at scale.

• Updated achievements in the Domain Recon engine now have revised names and descriptions.

• New achievements offer more insights into domain data.

• Ability to include non-standard TCP ports (high/special ports) in tests for expanded coverage.

• Tests can include custom added ports or port ranges via file upload.

• This feature is backward compatible with existing templates.

• Up to 1024 ports can be added to a single test.

• Pentera Cloud can now scan for vulnerabilities in cloud workloads.

• Third party tools used to scan cloud workloads.

• Scan capabilities are enabled by default.

• Options to allow exploits (remote code execution), cloud-native intrusive actions, and cloud configuration reviews all without explicit approval;

• The cloud configuration review identifies misconfigurations as vulnerabilities.

• Pentera scans all assets within the cloud regardless of type.

• Pentera Cloud can now discover Azure App Services, Azure Storage Accounts, and Azure AKS Clusters in cloud testing scenarios.

• Azure assets are common targets for attackers.

• Validating database connection strings to obtain credentials.

• Once permissions granted, Pentera harvests and validates SQL connection strings to connect to databases like Amazon RDS and Azure SQL Server.

• Validated credentials result in a new achievement in Attack Vector, enabling further data extraction.

• Bug fixes and optimizations, especially noticeable in long/large tests.

• The severity of vulnerabilities in cloud tests is now represented by the asset's color.

• An issue uploading custom password dictionaries has been addressed.

• Support for Pentera versions 5.9 and above. Customers with older versions should upgrade.

Description

Explore the features of Pentera v6.1, which includes support for the LockBit 3.0 ransomware emulation test on Linux hosts. This release highlights key enhancements like SSH authentication and residue cleanup options, making security testing more robust. Discover detailed reporting capabilities and customizable testing scenarios for improved cybersecurity practices.