This website is currently being updated. Functionality may be limited until updates are complete. expected completion day is 09/06/25

Brachyura Bombshell

by Attack Attack!

Ethical Hacking

& Penetration Testing

Based in Central FL | Testing Worldwide

Safe Phishing

by | July 9, 2021 | News | 0 Comments

Safe social engineering tactics to audit your Workforce. Call today for a consultation.
Read More

Amazon Sidewalk

by | June 10, 2021 | News | 0 Comments

It has begun, if you own an Amazon device look for Sidewalk Settings in the App and decide whether or not to allow the new feature addition. The quick knowledge on this is Amazon Sidewalk lets your neighbors Sidewalk enabled device use your internet if they experience an internet outtage and vice versa.
Read More

Safe, Non-Destructive Security Testing

Real World Threat Acting & Attack Simulations Performed by a Certified Professional

Healthcare | Meet HIPAA Compliance

Contact me about Risk Analysis today

Contact

Recognized by U.S. Department of Defense, Fulfilling CyberSecurity Directive 8570

Confidentiality
Only the Authorized entity(s) can view the information

Integrity
Data remains unchanged, keeping the original representation of the Data accurate

Availability
The Data is accessible to those Authorized at all times

Learn More
Testing Scopes

What is Penetration Testing? (Pentesting)

Penetration Testing & Ethical Hacking is security focused testing of computer systems, networks, applications, & people. These tests are performed by security professionals following a methodology. Here at iCyber Attack!, I follow what is known as the Pentest Methodology, though other Methods exist as well.

I am an Ethical Hacker. I abide by local & national laws. I ALWAYS obtain written permission from Clients & any applicable Cloud Service Providers before Testing

About Me

Strategies

White Box Testing | Full Knowledge

  • Full knowledge of Client’s Assets (Infrastructure, Network, & Systems)
  • Any applicable support resources are given to Pentester

Grey Box Testing | Partial Knowledge

  • Some knowledge of the Client’s Assets
  • Good for simulating an insider attack

Black Box Testing | No Knowledge

  • No prior knowledge of the Client’s Assets
  • Simulates Attack from the outsider’s perspective

Methodology

Plan & Scope

Planning starts a discussion with the Client to understand their Needs, Objectives, Budget & Rules of Engagement. This will escalate Planning into Scoping to determine the Testing Strategy, Assessment Type, & any Resources required.

Vulnerability Identification

Utilizing the Plan & Scope, Reconnaissance begins. Open Source Intelligence (OSINT), Active Scanning, Enumeration and Packet Inspection are among the list of Sources used to Gather Information & Identify Vulnerabilities. My Toolkit is determined by the devised Plan & Scope.

Attack & Exploit

Based upon vulnerabilities found and the Scope of the assessment, Exploitation begins. All successful and non successful Attacks are logged. The log will be included as part of the end of test Report.

Report

I will provide a written report with an overall risk score to the entity. I will verbally navigate the entity through the results of the Pentest Report, explaining any technical details. This results in a clear understanding of the entity’s Risk Baseline, as well as provide the order of remediation for found vulnerabilities.

About Me

Ryan Worthington

Founder

CompTIA Network+ ce Certification

CompTIA Network+ ce Certification

Issued by CompTIA
Earners of the CompTIA Network+ certification have the skills needed to troubleshoot, configure, and manage wired and wireless networks found in companies around the world. CompTIA Network+ professionals have demonstrated the ability to design and implement functional networks, configure, manage, and maintain essential network devices, implement network security, and troubleshoot network problems.
 
View – Ryan Worthington CompTIA Network+ Certificate PDF

Verify Certification

Skills

  • BCDR
  • Cloud Networking
  • DHCP
  • Domain Name System (DNS)
  • Network Management
  • Network Security
  • Network Troubleshooting
  • Routing And Switching
  • Software Defined Networking
  • System/Network Configuration
  • Virtualization
  • Virtual Private Networking (VPN)
  • Vulnerability Management
  • Wide Area Network (WAN)
  • Wireless Technologies

 

CompTIA PenTest+ ce Certification

CompTIA PenTest+ ce Certification

Issued by CompTIA

Earners of the CompTIA PenTest+ certification have the knowledge and skills necessary to perform hands-on penetration testing to identify, exploit, report, and manage vulnerabilities on a network. CompTIA PenTest+ professionals have demonstrated the hands-on ability and knowledge to test devices in new environments such as the cloud and mobile, in addition to traditional desktops and servers.

View – Ryan Worthington CompTIA Pentest+ Certificate PDF

Verify Certification

Skills

  • Attacks And Exploits
  • Exfiltration
  • Information Gathering
  • Penetration Testing
  • Planning And Scoping
  • Reconnaissance
  • Red Teamer
  • Reporting And Communication
  • Vulnerability Assessment
  • Vulnerability Identification
  • Vulnerability Management

Web App Security Testing

OWASP Top 10:

Injection, Broken Auth, Sensitive Data Exposure, XML External Entities XXE, Broken Access Control, Security Misconfiguration, XSS, Insecure Deserialization, Components with Known Vulnerabilities, Insufficient Logging and Monitoring

Compliance Based Testing

HIPAA classified information needs to be encrypted in transit and at rest

Social Engineering

People are the #1 weakness when it comes to Cyber Security. Social Engineering / People Hacking, is a great way to find out who needs security awareness training & retraining

SQL Database Testing

SQL Injection is the top vulnerability found in web applications and can have some serious consequences

Safe Phishing Campaigns

Awareness for your Teams and Workforce. Safely audit staff security awareness through phishing emulations

WiFi Threat Analysis

Unfortunately many Wifi AP’s are vulnerable to MITM Attacks, Deauth, and snooping

Have you been hacked?

CRIME & CRIMINAL PROCEDURE

Hacking is covered under United States Code, Title 18, Chapter 47, Sections 1029 and 1030 (Crimes and Criminal Procedure)

§1029 | Fraud & related activity w/ access devices

● Prosecute those who knowingly and with intent to defraud, produce, use, or traffic in one or more counterfeit access devices.
● Access devices can be an application or hardware that is created specifically to generate any type of access credentials

§1030 | Fraud and related activity with computers

● Covers just about any computer or device connected to a network
● Mandates penalties for anyone who accesses a computer in an unauthorized manner or exceeds one’s access rights
● Can be used to prosecute employees using capability and accesses provided by their company to conduct fraudulent activity