1 / 5

Module 6 – Penetration

Module 6 – Penetration. Phase II  Controls Assessment  Scheduling Information Gathering Network Mapping Vulnerability Identification Penetration Gaining Access & Privilege Escalation Enumerating Further Compromise Remote Users/Sites Maintaining Access Cover the Tracks.

knoton
Télécharger la présentation

Module 6 – Penetration

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Module 6 – Penetration • Phase II  Controls Assessment  Scheduling • Information Gathering • Network Mapping • Vulnerability Identification • Penetration • Gaining Access & Privilege Escalation • Enumerating Further • Compromise Remote Users/Sites • Maintaining Access • Cover the Tracks Heorot.net

  2. Penetration • Purpose behind Penetration • To provide proof of vulnerabilities or exploits • Conducted in an isolated environment (lab)‏ • High risk to continued operation of target • Not necessary for “Blue Team” hacking • Requires higher level of programming skill and TCP/IP stack knowledge Heorot.net

  3. Penetration • Find proof of concept code/tool • Develop tools/scripts • Test proof of concept code/tool • Customize proof of concept code/tool • Test proof of concept code/tool in an isolated environment • Use proof of concept code against target • Verify or disprove the existence of vulnerabilities Heorot.net

  4. Penetration • Find proof of concept code/tool OR • Develop tools/scripts • PenTest Lab • Test proof of concept code/tool • Customize proof of concept code/tool • Development Lab • Test proof of concept code/tool in an isolated environment • Production System • Use proof of concept code against target • Verify or disprove the existence of vulnerabilities Heorot.net

  5. Module 6 – Conclusion • Phase II  Controls Assessment  Scheduling • Information Gathering • Network Mapping • Penetration • Find proof of concept code/tool • Develop tools/scripts • Test • PenTest Lab • Development Lab • Production System • Verify or disprove the existence of vulnerabilities Heorot.net

More Related