1 / 9

DerbyCon

DerbyCon. Louisville, KY 9/30 to 10/2/2011. Attendees. Penetration Testers Social Engineers Hackers HD Moore – Metasploit founder Johnny Long – Google Hacking Kevin Mittnick – Social Engineer. Penetration Test. Hired by a company to test its information security

christopher-moss
Télécharger la présentation

DerbyCon

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. DerbyCon Louisville, KY 9/30 to 10/2/2011

  2. Attendees • Penetration Testers • Social Engineers • Hackers • HD Moore – Metasploit founder • Johnny Long – Google Hacking • Kevin Mittnick – Social Engineer

  3. Penetration Test • Hired by a company to test its information security • Hard to break into a system • Easier with social engineering

  4. Reconnaissance • LinkedIn • Facebook • Spokeo

  5. Social Engineering • Smoking area • Comcast shirt, hard hat, clipboard, measuring stick • Can facilitate an attack • Employees are helpful and trusting • Do employees following policies and procedures?

  6. Software Engineering Toolkit • Email attack using SET • http://www.youtube.com/watch?v=hsmi2P70DQY&feature=related • Website attack with SET • http://www.youtube.com/watch?v=xgukKj6q5PY&feature=related

  7. Metasploit • Open source penetration testing framework • http://metasploit.com/ • Metasploit: The Penetration Testers Guide • http://www.amazon.com/Metasploit-Penetration-Testers-David-Kennedy/dp/159327288X

  8. Metasploit • How to hack using Metasploit • http://www.youtube.com/watch?v=TfZt70TYujg

  9. Pen Testing Standards • http://www.pentest-standard.org/index.php/Main_Page

More Related