penetration

Training – the Security Minefield

Learning something new is a wonderful thing. However, with all the security training on offer right now, how do you know what’s right for you ? Author: CHRIS RILEY Source: Hakin9 1/2009 https://hakin9.org Over the past few years, I’ve been slowly re-inventing my…

Defeating AntiVirus Software

Penetration testers are frequently called upon to upload netcat to compromised computers to gain a command line.Security professionals work with many tools that AV vendors have labeled “hacker tools.” In the interest of enforcing common corporate policy, AV vendors rigorously…

Cisco Torch

Brief Summary: One of the challenges when conducting a successful penetration test of vulnerability assessment is quickly locating and exploiting Cisco devices within the network fabric. Cisco-Torch uses several methods we will detail to execute scanning, fingerprinting and exploitation duties…

Auditing Oracle in a Production Environment

This paper is based on real penetration testing of Oracle servers on HP-UX systems and the way the auditor has to follow to combat the stringencies that come in a way. We will dissect the errors and the way to…

Simple WiFi Hacking with Eee Pc

In this article we’ll see a simple and efficient method to retrieve a WEP key from a wireless network. The interesting part is that we’ll obtain this key using an Eee Pc, the low cost netbook by Asus. After this…

Pentest Labs Using Live CDs

For those individuals interested in learning how to perform penetration testing, they quickly realize there are many tools to learn, but almost no legal targets to practice against – until now. De-ICE.net has developed LiveCDs that simulate fully-functional servers that…

Internal penetration tests

Penetration tests are one of the techniques used to expose holes in the security of an IT system. They are carried out by simulating the actions of a potential intruder. Since they are supposed to resemble what could happen in…

Episode 5

There are many ways to make money as a Security Professional. You can do good things, protecting companies, users, grandmothers and customers. You can do bad things, exploiting the proverbial weak and trusting. Which way you choose to go depends…

Analysing and Mapping Wireless Networks

Wireless technologies are getting into our daily lives more and more each day. For one it’s a craze of convenience or the decision of the different technological problems, and for others – fighting the jumping-off place where real cyberfights are…

Metasploit – exploiting framework

Do you want to know if your systems are really vulnerable? Do you want to use an easy mechanism to find out? Do you want to write your own exploits using high-quality framework? Do you want to save your money…