|SPACE Y DUMP: Penetration Testing Report by Chrissa Constantine .pdf|
This ebook was written by our instructor Chrissa Constantine. Her online course Web Application Penetration Test Reporting is focused on practical aspects of writing a penetration testing report. The course includes a report template, reading materials for reference, and an understanding of various methodologies and ways to fit a methodology to a client’s requirement for a pentest.
Full syllabus >> Web Application Penetration Test Reporting
We would like to present you with something special today. This ebook is like nothing we published before, and we do hope that you enjoy its content. What’s it about? In short, it’s a penetration report written by our instructor Chrissa Constantine, where she presented her findings in great detail. Here is a short introduction that should catch your interest:
In September 2018, Chandra Majumdar, co-founder and CTO of ElevatedPrompt Cybersecurity Solutions, approached me to investigate network traffic from DEF CON 26, which took place August 8–12, 2018. ElevatedPrompt, in partnership with Aries Security, LLC, had captured and performed a preliminary analysis of close to one Terabyte of data over three (3) days of Internet-bound traffic from the convention, and I was asked to examine the packets.
I started my investigation by reviewing DEF CON 26’s network traffic. My biggest challenge was to not get overwhelmed by such a vast quantity of data. There is no experience like seeing DEF CON traffic, where so many participants are on one network.
The DEF CON 26 Transparency Report estimated the number of participants at 28,000+ people. According to Aries Security, the Packet Hacking Village had over 10,000 participants during the four-day convention. Imagine how much traffic is flowing over the network and you can get an idea of how daunting a task it is to review this quantity of data.
If you want to learn more, don’t hesitate to download the whole edition, all you need is a free user account.
Acknowledgements from author:
I want to gratefully acknowledge the following people who supported me on this journey:
Thanks to Chandra Majumdar who first approached me to research this data and to ElevatedPrompt for providing me access to DET3CT.
Thanks to Aries Security, who hosted the Packet Capture Villiage.
Thanks to Hakin9 for publishing this ebook and for supporting this project.
Thanks to all of the others who provided support and encouragement for this project!