1 / 12

Offensive Security Part 1 Basics of Penetration Testing

Dennis (Linuz) Maldonado. Offensive Security Part 1 Basics of Penetration Testing. About me. Dennis Maldonado , AKA Linuz My Blog: http://kernelmeltdown.org/blog / Tutorials/Walkthroughs News and Events Recordings/ Powerpoints Twitter https:// twitter.com/dennismald IRC

nascha
Télécharger la présentation

Offensive Security Part 1 Basics of Penetration Testing

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Dennis (Linuz) Maldonado Offensive Security Part 1Basics of Penetration Testing

  2. About me • Dennis Maldonado, AKA Linuz • My Blog: http://kernelmeltdown.org/blog/ • Tutorials/Walkthroughs • News and Events • Recordings/Powerpoints • Twitter • https://twitter.com/dennismald • IRC • irc.freenode.net -- #CougarCS • Email • dennis@kernelmeltdown.org

  3. Definitions • A vulnerability is a weakness in a computer system that an attacker can take advantage of. • Vulnerability assessment is the act of identifying vulnerabilities for a specific computer or network. • An exploit is the code that allows the attacker to take advantage of the vulnerability.

  4. Definitions • A payloadis code or a program that runs after an exploit is successfully executed. • A backdoor a method of bypassing normal authentication. • A shell allows us to interface with a system, typically through a command line.

  5. Steps in a Penetration Test • Information Gathering • Information on the server • Any web server? • Nmap • Vulnerability Identification • Nmap version scans/OS scans • Other scanning tools • Exploitation • Bruteforcing • Remote Exploits • Post Exploitation • Reverse shells • Persistence • Anti-Forensics • Etc…

  6. Tools • BackTrack Linux 5 R2/R3 – Our attacker machine • Nmap Network Scanner – Used for identifying ports and services our victim is running • Metasploit Framework – Used for exploiting, generating the payload, and establishing a session with our victim.

  7. The Metasploit Project • Metasploit is an open-source framework used for Security development and testing • Information gathering and fingerprinting • Exploitation/Penetration testing • Payload generation and encoding • Fuzzing • And much more…

  8. Steps in compromising Port Scan/Version scans Fingerprint / Open Ports Exploit + Payload Reverse Shell alpapacas

  9. Demo/Workshop • ...

  10. How to secure yourself • Set up a firewall • Windows Firewall • Comodo Personal Firewall • Install and update your Anti-Virus • Microsoft Security Essentials • Nod32 • Keep your system up to date • Actually apply that flash update • Be cautious • Watch where you internet • Don’t just download anything!

  11. Want to learn more? • Kernel Meltdown Blog • Learn how to use Linux • Download BackTrack Linux • Learn networking and the tools • Use the command line interface • Online Resources • Metasploit Unleashed (Metasploit Guide) • Also check out some forums • Security Tube • Security Podcasts • Security Now by Steve Gibson • PaulDotCom Security Weekly • Others… • Come talk to me

  12. Sources • BackTrack-Linux • http://www.backtrack-linux.org/ • The Metasploit Project • http://www.metasploit.com/ • Nmap • http://nmap.org/ • Metasploit Unleashed • http://www.offensive-security.com/metasploit-unleashed/Main_Page • Security Tube • http://www.securitytube.net/

More Related