• Home

  • Documents

  • BackTrack Penetration Testing Workshop Michael Holcomb, CISSP Upstate ISSA Chapter
12
BackTrack Penetration Testing Workshop Michael Holcomb, CISSP Upstate ISSA Chapter

BackTrack Penetration Testing Workshop Michael Holcomb, CISSP Upstate ISSA Chapter

Tags:

Embed Size (px)

Citation preview

Page 1: BackTrack Penetration Testing Workshop Michael Holcomb, CISSP Upstate ISSA Chapter

BackTrack Penetration Testing Workshop

Michael Holcomb, CISSP

Upstate ISSA Chapter

Page 2: BackTrack Penetration Testing Workshop Michael Holcomb, CISSP Upstate ISSA Chapter

Agenda

Introductions Schedule Workshop Format The Attacker Methodology Penetration Testing Execution

Standard (PTES) Pentester Job Requirements

Page 3: BackTrack Penetration Testing Workshop Michael Holcomb, CISSP Upstate ISSA Chapter

Disclaimer

Do not try this at home… without permission!

Page 4: BackTrack Penetration Testing Workshop Michael Holcomb, CISSP Upstate ISSA Chapter

Introductions

Name Company Position Previous Experience

Windows & Linux Penetration Testing BackTrack

Page 5: BackTrack Penetration Testing Workshop Michael Holcomb, CISSP Upstate ISSA Chapter

Schedule

Hours (9:00AM to 4:30PM) 10:20 to 10:30 - Break 11:00 to 12:30 – ISSA Chapter Meeting 2:45 to 3:00 - Break

Page 6: BackTrack Penetration Testing Workshop Michael Holcomb, CISSP Upstate ISSA Chapter

Workshop Format

Session Materials Practice Exercises Workshop Survey

Page 7: BackTrack Penetration Testing Workshop Michael Holcomb, CISSP Upstate ISSA Chapter

The Hacker Methodology

Information Gathering Vulnerability Assessment Exploitation Privilege Escalation Maintaining Access

Page 8: BackTrack Penetration Testing Workshop Michael Holcomb, CISSP Upstate ISSA Chapter

Penetration Testing Execution Standard (PTES)

Pre-engagement Interactions Intelligence Gathering Threat Modeling Vulnerability Analysis Exploitation Post Exploitation Reporting

Page 9: BackTrack Penetration Testing Workshop Michael Holcomb, CISSP Upstate ISSA Chapter

Pentester Job Requirements

System and application scanning using analysis tools

Validate automated testing results Conduct manual analysis Evaluate and communicate risk Provide feedback and guidance Certifications (CEH, CISA, CISSP,

OCSP)

Page 10: BackTrack Penetration Testing Workshop Michael Holcomb, CISSP Upstate ISSA Chapter

Physical Security

Most overlooked area of Information Security

If you can touch it, you can p0wn it!

Page 11: BackTrack Penetration Testing Workshop Michael Holcomb, CISSP Upstate ISSA Chapter

www.securitywizardry.com/radar.htm

Page 12: BackTrack Penetration Testing Workshop Michael Holcomb, CISSP Upstate ISSA Chapter

Bookmarks

VMware (vmware.com) BackTrack 5 R3 (backtrack-linux.org) Metasploitable (offensive-security.com) Web Security Dojo (mavensecurity.com) Pauldotcom (pauldotcom.com) OCSP (offensive-security.com) Katana (hackfromacave.com)


Lacey holcomb

Lacey holcomb

Documents
Backtrack & Oracle

Backtrack & Oracle

Documents
Fortran Novella Holcomb

Fortran Novella Holcomb

Documents
Holcomb y Ashcraft CIRUGÍA PEDIÁTRICA Holcomb BUSCABLE

Holcomb y Ashcraft CIRUGÍA PEDIÁTRICA Holcomb BUSCABLE

Documents
Backtrack tutorial

Backtrack tutorial

Technology
Rocky Holcomb

Rocky Holcomb

Documents
Guia backtrack

Guia backtrack

Documents
BackTrack Wiki

BackTrack Wiki

Documents
Instalar Backtrack

Instalar Backtrack

Documents
Magnetotherapy.spellgen.comzMT2003 Holcomb

Magnetotherapy.spellgen.comzMT2003 Holcomb

Documents
Cheryl Holcomb-McCoy, Ph.D., NCC I. PERSONAL …education.gsu.edu/files/2014/02/Holcomb-McCoy-Cheryl-CV-GSU-COE.pdfCV: Holcomb-McCoy Page 1 Cheryl Holcomb-McCoy, Ph.D., NCC School

Cheryl Holcomb-McCoy, Ph.D., NCC I. PERSONAL …education.gsu.edu/files/2014/02/Holcomb-McCoy-Cheryl-CV-GSU-COE.pdfCV: Holcomb-McCoy Page 1 Cheryl Holcomb-McCoy, Ph.D., NCC School

Documents
Backtrack 5

Backtrack 5

Documents
US v Holcomb

US v Holcomb

Documents
Backtrack 3

Backtrack 3

Documents
HOLCOMB YMCA

HOLCOMB YMCA

Documents
backtrack 4

backtrack 4

Documents
Manual Backtrack

Manual Backtrack

Documents
About Backtrack

About Backtrack

Technology
update - Upstate Medical University | SUNY Upstate Medical

update - Upstate Medical University | SUNY Upstate Medical

Documents
BACKTRACK 2012 Installation Guide - Supportsupport.efficientbi.com/wp-content/uploads/BACKTRACK-Installation... · BACKTRACK install, a message appears to inform you that BACKTRACK

BACKTRACK 2012 Installation Guide - Supportsupport.efficientbi.com/wp-content/uploads/BACKTRACK-Installation... · BACKTRACK install, a message appears to inform you that BACKTRACK

Documents
BACKTRACK ALKTHROUGH - cyberburn.files.wordpress.com · GETTING BACKTRACK 5 R3 There are two ways to get up and running quickly with Backtrack 5 R3. If you are already running Backtrack

BACKTRACK ALKTHROUGH - cyberburn.files.wordpress.com · GETTING BACKTRACK 5 R3 There are two ways to get up and running quickly with Backtrack 5 R3. If you are already running Backtrack

Documents
Linux BackTrack

Linux BackTrack

Documents
BACKTRACK LINUX AUDITORIA E TESTE DE … · CAPÍTULO I 3 Conhecendo o BackTrack 5 O Que é BackTrack 5 Instalando o BackTrack 5 em uma Virtualbox 7 Iniciando o BackTrack 5 em Modo

BACKTRACK LINUX AUDITORIA E TESTE DE … · CAPÍTULO I 3 Conhecendo o BackTrack 5 O Que é BackTrack 5 Instalando o BackTrack 5 em uma Virtualbox 7 Iniciando o BackTrack 5 em Modo

Documents
Configuring BackTrack

Configuring BackTrack

Documents
BackTrack 5 Wireless Penetration Testing Beginner's …cdn.ttgtmedia.com/...BackTrack-5-Wireless-Penetration-Testing-eBook... · BackTrack 5 Wireless Penetration Testing Beginner's

BackTrack 5 Wireless Penetration Testing Beginner's …cdn.ttgtmedia.com/...BackTrack-5-Wireless-Penetration-Testing-eBook... · BackTrack 5 Wireless Penetration Testing Beginner's

Documents
Misty holcomb

Misty holcomb

Documents
2009 Holcomb SRAM

2009 Holcomb SRAM

Documents
Backtrack Manual

Backtrack Manual

Documents
BackTrack Linux

BackTrack Linux

Documents
01 Backtrack

01 Backtrack

Documents