BackTrack Penetration Testing Workshop Michael Holcomb, CISSP Upstate ISSA Chapter.

12
BackTrack Penetration Testing Workshop Michael Holcomb, CISSP Upstate ISSA Chapter

TAGS:

Transcript of BackTrack Penetration Testing Workshop Michael Holcomb, CISSP Upstate ISSA Chapter.

Page 1: BackTrack Penetration Testing Workshop Michael Holcomb, CISSP Upstate ISSA Chapter.

BackTrack Penetration Testing Workshop

Michael Holcomb, CISSP

Upstate ISSA Chapter

Page 2: BackTrack Penetration Testing Workshop Michael Holcomb, CISSP Upstate ISSA Chapter.

Agenda

Introductions Schedule Workshop Format The Attacker Methodology Penetration Testing Execution

Standard (PTES) Pentester Job Requirements

Page 3: BackTrack Penetration Testing Workshop Michael Holcomb, CISSP Upstate ISSA Chapter.

Disclaimer

Do not try this at home… without permission!

Page 4: BackTrack Penetration Testing Workshop Michael Holcomb, CISSP Upstate ISSA Chapter.

Introductions

Name Company Position Previous Experience

Windows & Linux Penetration Testing BackTrack

Page 5: BackTrack Penetration Testing Workshop Michael Holcomb, CISSP Upstate ISSA Chapter.

Schedule

Hours (9:00AM to 4:30PM) 10:20 to 10:30 - Break 11:00 to 12:30 – ISSA Chapter Meeting 2:45 to 3:00 - Break

Page 6: BackTrack Penetration Testing Workshop Michael Holcomb, CISSP Upstate ISSA Chapter.

Workshop Format

Session Materials Practice Exercises Workshop Survey

Page 7: BackTrack Penetration Testing Workshop Michael Holcomb, CISSP Upstate ISSA Chapter.

The Hacker Methodology

Information Gathering Vulnerability Assessment Exploitation Privilege Escalation Maintaining Access

Page 8: BackTrack Penetration Testing Workshop Michael Holcomb, CISSP Upstate ISSA Chapter.

Penetration Testing Execution Standard (PTES)

Pre-engagement Interactions Intelligence Gathering Threat Modeling Vulnerability Analysis Exploitation Post Exploitation Reporting

Page 9: BackTrack Penetration Testing Workshop Michael Holcomb, CISSP Upstate ISSA Chapter.

Pentester Job Requirements

System and application scanning using analysis tools

Validate automated testing results Conduct manual analysis Evaluate and communicate risk Provide feedback and guidance Certifications (CEH, CISA, CISSP,

OCSP)

Page 10: BackTrack Penetration Testing Workshop Michael Holcomb, CISSP Upstate ISSA Chapter.

Physical Security

Most overlooked area of Information Security

If you can touch it, you can p0wn it!

Page 11: BackTrack Penetration Testing Workshop Michael Holcomb, CISSP Upstate ISSA Chapter.

www.securitywizardry.com/radar.htm

Page 12: BackTrack Penetration Testing Workshop Michael Holcomb, CISSP Upstate ISSA Chapter.

Bookmarks

VMware (vmware.com) BackTrack 5 R3 (backtrack-linux.org) Metasploitable (offensive-security.com) Web Security Dojo (mavensecurity.com) Pauldotcom (pauldotcom.com) OCSP (offensive-security.com) Katana (hackfromacave.com)


Backtrack Manual Part6

Backtrack Manual Part6

HOLCOMB YMCA

HOLCOMB YMCA

BackTrack Linux

BackTrack Linux

Rocky Holcomb

Rocky Holcomb

Wifi Backtrack 2038

Wifi Backtrack 2038

Backtrack Manual Part7

Backtrack Manual Part7

Manual Backtrack

Manual Backtrack

Taller Backtrack

Taller Backtrack

Cheryl Holcomb-McCoy, Ph.D., NCC I. PERSONAL …education.gsu.edu/files/2014/02/Holcomb-McCoy-Cheryl-CV-GSU-COE.pdfCV: Holcomb-McCoy Page 1 Cheryl Holcomb-McCoy, Ph.D., NCC School

Cheryl Holcomb-McCoy, Ph.D., NCC I. PERSONAL …education.gsu.edu/files/2014/02/Holcomb-McCoy-Cheryl-CV-GSU-COE.pdfCV: Holcomb-McCoy Page 1 Cheryl Holcomb-McCoy, Ph.D., NCC School

Backtrack Manual Part9

Backtrack Manual Part9

Misty holcomb

Misty holcomb

Backtrack (I)

Backtrack (I)

Backtrack Manual Part3

Backtrack Manual Part3

Configuring BackTrack Michael Holcomb, CISSP Upstate ISSA Chapter.

Configuring BackTrack Michael Holcomb, CISSP Upstate ISSA Chapter.

My backtrack

My backtrack

BACKTRACK ALKTHROUGH - cyberburn.files.wordpress.com · GETTING BACKTRACK 5 R3 There are two ways to get up and running quickly with Backtrack 5 R3. If you are already running Backtrack

BACKTRACK ALKTHROUGH - cyberburn.files.wordpress.com · GETTING BACKTRACK 5 R3 There are two ways to get up and running quickly with Backtrack 5 R3. If you are already running Backtrack

BACKTRACK 2012 Installation Guide - Supportsupport.efficientbi.com/wp-content/uploads/BACKTRACK-Installation... · BACKTRACK install, a message appears to inform you that BACKTRACK

BACKTRACK 2012 Installation Guide - Supportsupport.efficientbi.com/wp-content/uploads/BACKTRACK-Installation... · BACKTRACK install, a message appears to inform you that BACKTRACK

Configuring BackTrack

Configuring BackTrack

Holcomb y Ashcraft CIRUGÍA PEDIÁTRICA Holcomb BUSCABLE ...

Holcomb y Ashcraft CIRUGÍA PEDIÁTRICA Holcomb BUSCABLE ...

Backtrack Tutorial

Backtrack Tutorial