Skript Kiddie Tools Exposed - INFOSECURITY VIP WATCHGUARD... · 2013-09-15 · Skript Kiddie Tools...
Transcript of Skript Kiddie Tools Exposed - INFOSECURITY VIP WATCHGUARD... · 2013-09-15 · Skript Kiddie Tools...
Skript Kiddie Tools Exposed
Juan Luis Munoz Director of Sales Latin America
Agenda
Intro: Why look at attack tools?
Three Hacker Profiles
Hacking Phases 101
Attack Demos (using free tools)
Defense Tips
Why Study Attack Tools?
Figure out defense Penetration Testing
Seeing is believing Hacking is too easy
Know thy enemy - Sun Tzu
Three Cyber Attacker Profiles
Hacking Process 101
• Research
• Scanning
• Fingerprinting
Recon Phase
• Social Eng.
• Server hacks
• Client hacks
• Web app hacks
Attack Phase
• Cover tracks
• Rootkits
• Lateral attacks
Stealth Phase
Steal data
& profit
Looting Phase
Hacker’s Favorite Toolset
Backtrack is a Linux distribution for
pen-testers and ”hackers.” It contains
countless hacking tools and exploit
libraries. In short, almost all you need to
breach networks (for good or evil).
Some tools include:
Metasploit
Nmap (Zenmap)
OpenVAS
Hping
SQLmap
Aircrack-ng
Fast-Track
Evilgrade
…and many, many more
Demo Attack Environment
Attacker Victims Firewall
BackTrack 5 (192.168.39.128)
WinXP FTP (10.0.1.10)
Win 7 Web (10.0.1.20)
Ext -1
92.1
68.3
9.1
4
Trust – 1
0.0
.1.1
No NAT, for simplicity