Pentesting tutorial slide bbvbbbbbbbbbbbbbb
vijayc2021
24 views
25 slides
Aug 26, 2024
Slide 1 of 25
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
About This Presentation
Pen testing tutorial
Slide Content
The Business of
Penetration Testing
Jacolon Walker
Penetration Testing
Jacolon Walker
Agenda
●
Introduction about me
●
Penetration testing Methodology
●
Pentesting Frameworks
●
Customizing your tool set
●
Engagement Prep
●
Post Engagement
●
Wrapping it all up
●
Introduction about me
●
Penetration testing Methodology
●
Pentesting Frameworks
●
Customizing your tool set
●
Engagement Prep
●
Post Engagement
●
Wrapping it all up
The about me stuff
●
6 years in InfoSec
●
My talk not sponsored by employers
●
Write code, exploits, reverse malware for fun
and sometimes profit
●
Have Certs
●
Placed 2
nd
in Sans Netwars
●
Disclaimer on ideology
●
6 years in InfoSec
●
My talk not sponsored by employers
●
Write code, exploits, reverse malware for fun
and sometimes profit
●
Have Certs
●
Placed 2
nd
in Sans Netwars
●
Disclaimer on ideology
Ethical Pentesting
Methodology?
●
No such thing if you want to be successful
●
You need to think like a hacker
●
Pentesting methodologies cover all
grounds and help win assessments
●
Attention to details and organization skills
●
Push the envelope but do not cross the line
Methodology?
●
No such thing if you want to be successful
●
You need to think like a hacker
●
Pentesting methodologies cover all
grounds and help win assessments
●
Attention to details and organization skills
●
Push the envelope but do not cross the line
Penetration Methodology
●
5 step process
●
Reconnaissance
●
Scanning & Enumeration
●
Gaining Access
●
Maintaining Access
●
Covering Tracks
●
5 step process
●
Reconnaissance
●
Scanning & Enumeration
●
Gaining Access
●
Maintaining Access
●
Covering Tracks
Reconnaissance
Penetration Methodology
Cont.
●
Reconnaissance
–Gathering information passively
–Not actively scanning or exploiting anything
–Harvesting information
●
Bing, google, yahoo, yandex
●
Way back machine (archive)
●
Social media etc
Cont.
●
Reconnaissance
–Gathering information passively
–Not actively scanning or exploiting anything
–Harvesting information
●
Bing, google, yahoo, yandex
●
Way back machine (archive)
●
Social media etc
Penetration Methodology
Cont.
●
Scanning & Enumeration
–Target discovery
–Enumerating
–Vulnerability mapping
Cont.
●
Scanning & Enumeration
–Target discovery
–Enumerating
–Vulnerability mapping
DEMO
●
Maltego
●
Recon-ng
●
Theharvester
●
Nmap
●
Maltego
●
Recon-ng
●
Theharvester
●
Nmap
OSINT ALL THE DATA
Penetration Methodology
Cont.
●
Gaining Access
–Mapped vulns
–Important to penetrate gaining user and escalating
privs
–Try multiple vectors. This is actually a decently
easy part
–Web application, wifi, social engineer.
–Use your research
Cont.
●
Gaining Access
–Mapped vulns
–Important to penetrate gaining user and escalating
privs
–Try multiple vectors. This is actually a decently
easy part
–Web application, wifi, social engineer.
–Use your research
Penetration Methodology
Cont.
●
Maintaining Access
–Keeping account access
–Privilege escalation
–Pivoting to own all
–ET phone home
Cont.
●
Maintaining Access
–Keeping account access
–Privilege escalation
–Pivoting to own all
–ET phone home
DEMO
●
Metasploit
●
Post scripts
●
Metasploit
●
Post scripts
Broken? No luck?
Penetration Methodology
Cont.
●
Covering Tracks
–Removing tools
–Backdoors, ET phone homes
–Clearing logs
– Windows security, application and system logs
–Linux /var/log/*
–Remove audit logs carefully!!!!!
Cont.
●
Covering Tracks
–Removing tools
–Backdoors, ET phone homes
–Clearing logs
– Windows security, application and system logs
–Linux /var/log/*
–Remove audit logs carefully!!!!!
Penetration Frameworks
●
vulnerabilityassessment.co.uk
●
pentest-standard.org
●
Open Source Security Testing Methodology Manual
(OSSTMM)
●
Information Systems Security Assessment Framework
(ISSAF)
●
Open Web Application Security Project (OWASP) Top Ten
●
Web Application Security Consortium Threat Classification
(WASC-TC)
●
vulnerabilityassessment.co.uk
●
pentest-standard.org
●
Open Source Security Testing Methodology Manual
(OSSTMM)
●
Information Systems Security Assessment Framework
(ISSAF)
●
Open Web Application Security Project (OWASP) Top Ten
●
Web Application Security Consortium Threat Classification
(WASC-TC)
Customizing your toolset
●
Kali Linux – The new backtrack
●
Use your methodology to help build this
●
Recon, Scanning, Exploitation, Post
exploitation
●
Become familiar with those tools
●
Change it up to add more to your collection
●
Kali Linux – The new backtrack
●
Use your methodology to help build this
●
Recon, Scanning, Exploitation, Post
exploitation
●
Become familiar with those tools
●
Change it up to add more to your collection
My toolset
●
A few things in my tool set
●
Recon-ng / Theharvester
●
Burpsuite
●
Nmap / p0f / ncat
●
Nessus / CoreImpact / Acunetix / Saint
●
Arachni / Vega / Metasploit / Websecurify
●
Python Python Python
●
Keepnote / Lair / etherpad / (armitage *testing*)
●
A few things in my tool set
●
Recon-ng / Theharvester
●
Burpsuite
●
Nmap / p0f / ncat
●
Nessus / CoreImpact / Acunetix / Saint
●
Arachni / Vega / Metasploit / Websecurify
●
Python Python Python
●
Keepnote / Lair / etherpad / (armitage *testing*)
Toolset Demo
●
Demonstrating some of the
tools I use
●
Demonstrating some of the
tools I use
Finally the assessment
is over? No
http://nooooooooooooooo.com
is over? No
http://nooooooooooooooo.com
Pre-engagement Prep
●
You are selling a Service so....
●
Sell something
●
Tools customization
●
Knowing what offers and market rates are
●
Is this assessment for you?
●
Fixed pricing or hourly
●
What does the client want?
●
Can you provide what they want?
●
You are selling a Service so....
●
Sell something
●
Tools customization
●
Knowing what offers and market rates are
●
Is this assessment for you?
●
Fixed pricing or hourly
●
What does the client want?
●
Can you provide what they want?
Engagement Sold!!!
●
Scope of work
●
Understand what the client wants
●
Black, gray, white box testing or red teaming
●
How long assessment will take
●
What to expect from the assessment
●
Client contacts from project manager to network admins incase of emergencies
●
Use methodologies that you have created
●
Remember to log everything
●
Secure communication with clients
●
Scope of work
●
Understand what the client wants
●
Black, gray, white box testing or red teaming
●
How long assessment will take
●
What to expect from the assessment
●
Client contacts from project manager to network admins incase of emergencies
●
Use methodologies that you have created
●
Remember to log everything
●
Secure communication with clients
Post Engagement
●
Report writing
●
Any issues occur? Could they have been prevented? Can it
be fixed?
●
Did you get what you wanted from the engagement? Profit?
●
Any new tools added or methodologies?
●
Possible new techniques?
●
Was the customer satisfied?
●
Report writing
●
Any issues occur? Could they have been prevented? Can it
be fixed?
●
Did you get what you wanted from the engagement? Profit?
●
Any new tools added or methodologies?
●
Possible new techniques?
●
Was the customer satisfied?
Report Writing
●
It is the last thing the customer sees. Make it the best thing they see
●
Customers are paying for quality
●
Different reports for various teams
●
Executive Summary
●
Detailed Summary
●
I could write a whole presentation about this but I will not
●
It is the last thing the customer sees. Make it the best thing they see
●
Customers are paying for quality
●
Different reports for various teams
●
Executive Summary
●
Detailed Summary
●
I could write a whole presentation about this but I will not
Wrapping it all up
●
Pentesting has numerous components
●
Its not always about hacking its about research and
business
●
Making sure you are NICHE at what you do. Know
your target and field
●
Always improve your methods while helping your client
improve their infrastructure
●
“Dont learn to hack, Hack to learn”
●
Pentesting has numerous components
●
Its not always about hacking its about research and
business
●
Making sure you are NICHE at what you do. Know
your target and field
●
Always improve your methods while helping your client
improve their infrastructure
●
“Dont learn to hack, Hack to learn”
Tags
Categories
EducationDownload
Download Slideshow Get the original presentation fileQuick Actions
Statistics
- Views 24
- Slides 25
- Age 463 days
Related Slideshows
11
TLE-9-Prepare-Salad-and-Dressing.pptxkkk
MaAngelicaCanceran
32 views
12
LESSON 1 ABOUT MEDIA AND INFORMATION.pptx
JojitGueta
27 views
60
GRADE-8-AQUACULTURE-WEEKQ1.pdfdfawgwyrsewru
MaAngelicaCanceran
42 views
26
Feelings PP Game FOR CHILDREN IN ELEMENTARY SCHOOL.pptx
KaistaGlow
41 views
![Jeopardy_Figures_of_Speech_Template.pptx [Autosaved].pptx](https://slidepub.com/thumb/5828/284015828.jpg)
54
Jeopardy_Figures_of_Speech_Template.pptx [Autosaved].pptx
acecamero20
25 views
7
Jeopardy_Figures_of_Speech.pptxvdsvdsvsdvsd
acecamero20
25 views