Embed Size (px)
Citation preview
Security System Project
The first integrated vulnerability and penetration testing tool !!
Rainer Arencibia Hernandez, 2 ASI, IAIG
INDICE
• The future in Penetration Testing.• Insecurity Research.•Overview.• Pictures and Video.•Comparative Nmap and Nessus.• Benefits and Features.
• This software makes test automatically and exploits the vulnerability to find breach without a doubt.
• INSECT demonstrates how attacker could use a exploit to get into a network, and allows administrators to manage resources more efficiently.
Rainer Arencibia Hernández, 2 ASI, IAIG
• Licence- Price per Year per Named-User: Free
• Supported Platforms and Installations- Windows XP, Vista, Seven and Server 03/08.- ****(requires Python and .NET)****
• Updates- Automatic regular weekly updates
• Product Support and Maintenance- All customers have access to online support.
Rainer Arencibia Hernández, 2 ASI, IAIG
Overview INSECT
Rainer Arencibia Hernández, 2 ASI, IAIG
•Is a penetration security auditing and testing software solution.
•Allow to organizations monitor and manage the latest security threats vulnerabilities.
•Help to build a strong security posture.
•Have all the tools you need to reduce costs, find vulnerabilities, and check the of security defenses.
Main Program Picture
Rainer Arencibia Hernández, 2 ASI, IAIG
Create Project Picture
Rainer Arencibia Hernández, 2 ASI, IAIG
Program Picture
Rainer Arencibia Hernández, 2 ASI, IAIG
About Picture
Rainer Arencibia Hernández, 2 ASI, IAIG
www.insecurityresearch.comwww.youtube.com/user/InsecurityResearch
Allow test exploit securityvulnerabilities in computer networks, endpoints, web applications and Wi-Fi networks.
How you can exploit a vulnerability in Microsoft Excel.
Rainer Arencibia Hernández, 2 ASI, IAIG
Video
Rainer Arencibia Hernandez, 2 ASI, IAIG
Software ComparativeNmap (Network Mapper) was released in September 1997. Network administrators and security professionals use it to map out their networks, as well as to determine the following:
• The up or down status of a host ports.• Presence of unexpected hosts• Presence of unexpected services• Presence of a firewall
Is 100% command line. However, they create a user interface for it, called Zenmap, making it more intuitive to use.
Rainer Arencibia Hernandez, 2 ASI, IAIG
ZENMAP
Rainer Arencibia Hernandez, 2 ASI, IAIG
Software ComparativeNessus was released in 1998. It was initially developed as a free remote security scanner but later. It costs $1200/year.
Nessus' primary function is to provide security scanning capabilities to its user. Like Nmap, it can do network discovery, but unlike Nmap, it is designed to scan systems to determine their vulnerabilities.
Because of what Nessus can do, it can be applied in the following ways:
• Vulnerability analysis.• Security audits• Asset profiling• Sensitive data discovery
Rainer Arencibia Hernandez, 2 ASI, IAIG
NESSUS
• ConclusionFocus on any system vulnerabilities are discovered, without the need to hire a network and security expert. It is not free. If you are a penetration security engineer and assigned to check out a company's network, Nmap may just do the job because it is portable.
Benefits
• New level of visibility. Gives you a new level of visibility for network security. This penetration testing tools give you insight look into how your system would work against attackers.
• Quantify risk. Make reports to find the true weaknesses on your system, with this you can estimate the potential damage to your data.
• Manage resources. When you know where are the bug’s on the network, you can focus attention and resources where they are needed most.
Rainer Arencibia Hernández, 2 ASI, IAIG
Benefits• Better defend your network. At the end of each test,
INSECT provides recommendations and tools you can use to repair vulnerabilities.
Rainer Arencibia Hernández, 2 ASI, IAIG
•Ease of use. Integrated a user interface, and additional tools to test client vulnerabilities such as Web browsers, databases, and desktop applications.
•Updated exploits. Insect have a extensive, multi-platform, exploit library that provides information on the latest vulnerabilities.
Features
Exploits vulnerabilities founded automatically by INSECT vulnerability scanner.
Proves the existence of critical vulnerabilities. Includes IPv4 and IPv6 exploits. Features exploit tunneling that allows you to run penetration tests
from an exploited target. Boasts an extensive, multi-platform exploit library. Includes remote, local, and client-side exploits. Includes application, SQL, XSS, and PHP exploits. Provides automatic penetration testing. Runs individual exploits on demand. Includes the ultimate exploits in the wild.
Rainer Arencibia Hernández, 2 ASI, IAIG
THANKS FOR WATCHING !!!
Rainer Arencibia Hernández
