Embed Size (px)
Citation preview
ATTACK - DEFEND
Attack – Defend Computer Networks
Tools and Pratical Author: Hoang Cuong
21/01/2015 Hoàng Cường - MSEC 1
CONTENTS
PART I: TOOLS
I. Gathering Information (Footprinting ).
II. Scanning.
III. Exploited.
IV. Privilege Escalation.
V. Expansion.
VI. Backdoor.
VII. Remove Tracks.
21/01/2015 Hoàng Cường - MSEC 2
CONTENTS
PART I: TOOLS
I. Gathering Information (Footprinting ).
II. Scanning.
III. Exploited.
IV. Privilege Escalation.
V. Expansion.
VI. Backdoor.
VII. Remove Tracks.
21/01/2015 Hoàng Cường - MSEC 3
GATHERING INFORMATIONS (Footprinting).
21/01/2015 Hoàng Cường - MSEC 4
I. Web Tools.
• http://whois.domaintools.com/
• http://whois.pns.vn/
• http://www.vnnic.vn/tenmien/whois
• http://whois.gltec.com/
I. Applications.
• WHOIS Lookup Tools
• DNS Interrogation Tools
• DNS online Interrogation Tools
• Email Tracking Tools
• Google Hacking Tool
• Monitoring Web Updates Tool
• Tools to Extract Company’s Data
• Traceroute Tool
• Website Mirroring Tools
CONTENTS
PART I: TOOLS
I. Gathering Information (Footprinting ).
II. Scanning.
III. Exploited.
IV. Privilege Escalation.
V. Expansion.
VI. Backdoor.
VII. Remove Tracks.
21/01/2015 Hoàng Cường - MSEC 5
SCANNING TOOLS
1. NMAP - http://nmap.org
2. Acunetix Web Vulnerability Scanner 9.5
3. Nessus
4. OpenVAS
5. Core Impact
6. NexPose
7. Rentina
8. BurpSuite
9. W3af
10. Websecurity
21/01/2015 Hoàng Cường - MSEC 6
CONTENTS
PART I: TOOLS
I. Gathering Information (Footprinting ).
II. Scanning.
III. Exploited.
IV. Privilege Escalation.
V. Expansion.
VI. Backdoor.
VII. Remove Tracks.
21/01/2015 Hoàng Cường - MSEC 7
EXPLOITION
1. Metasploit
2. W3af
3. Sqlmap
4. Core Impact
5. Canvas
6. Social Engineer Toolkit
7. BeFF
8. Burp Suite
9. Webshell
10. Other Tool.
21/01/2015 Hoàng Cường - MSEC 8
CONTENTS
PART I: TOOLS
I. Gathering Information (Footprinting ).
II. Scanning.
III. Exploited.
IV. Privilege Escalation.
V. Expansion.
VI. Backdoor.
VII. Remove Tracks.
21/01/2015 Hoàng Cường - MSEC 9
PRIVILEGE ESCALATION
1. Exploit code
2. System vulnerabilities
3. Sofware vulnerabilities
4. Get root or Jailbreak
5. RootKit
6. Using malware
21/01/2015 Hoàng Cường - MSEC 10
CONTENTS
PART I: TOOLS
I. Gathering Information (Footprinting ).
II. Scanning.
III. Exploited.
IV. Privilege Escalation.
V. Expansion.
VI. Backdoor.
VII. Remove Tracks.
21/01/2015 Hoàng Cường - MSEC 11
EXPANTION
21/01/2015 Hoàng Cường - MSEC 12
CONTENTS
PART I: TOOLS
I. Gathering Information (Footprinting ).
II. Scanning.
III. Exploited.
IV. Privilege Escalation.
V. Expansion.
VI. Backdoor.
VII. Remove Tracks.
21/01/2015 Hoàng Cường - MSEC 13
BACKDOOR
1. Using as malware
21/01/2015 Hoàng Cường - MSEC 14
Q&A
21/01/2015 Hoàng Cường - MSEC 15
Pratical
21/01/2015 Hoàng Cường - MSEC 16
http://truongyduochanoi.edu.vn/
http://truongyduochanoi.edu.vn/error.php
