Skript Kiddie Tools Exposed

Juan Luis Munoz Director of Sales Latin America

Agenda

Intro: Why look at attack tools?

Three Hacker Profiles

Hacking Phases 101

Attack Demos (using free tools)

Defense Tips

Why Study Attack Tools?

Figure out defense Penetration Testing

Seeing is believing Hacking is too easy

Know thy enemy - Sun Tzu

Three Cyber Attacker Profiles

Hacking Process 101

• Research

• Scanning

• Fingerprinting

Recon Phase

• Social Eng.

• Server hacks

• Client hacks

• Web app hacks

Attack Phase

• Cover tracks

• Rootkits

• Lateral attacks

Stealth Phase

Steal data

& profit

Looting Phase

Hacker’s Favorite Toolset

Backtrack is a Linux distribution for

pen-testers and ”hackers.” It contains

countless hacking tools and exploit

libraries. In short, almost all you need to

breach networks (for good or evil).

Some tools include:

Metasploit

Nmap (Zenmap)

OpenVAS

Hping

SQLmap

Aircrack-ng

Fast-Track

Evilgrade

…and many, many more

Demo Attack Environment

Attacker Victims Firewall

BackTrack 5 (192.168.39.128)

WinXP FTP (10.0.1.10)

Win 7 Web (10.0.1.20)

Ext -1

92.1

68.3

9.1

4

Trust – 1

0.0

.1.1

No NAT, for simplicity