 |
| |
| |
|
Who's Online |
|
We have 40 guests and 1 member online |
|
| |
|
|
 |
|
Review by Jason Haddix, Security Aegis
 Nmap is indispensable.
OK, that was obvious. There is no doubt that Fyodor and contributors have made the de-facto standard of network scanners, but when it comes down to learning the ins and outs and the power of Nmap, where should you put your hard earned cash?
Let’s neglect the support documentation (man pages) for a second, and assume you don’t really use Nmap on a day-to-day basis. Why? Over at http://www.professormesser.com/, James “Professor” Messer has put together a 232-page eBook proving that one doesn’t have to be a networking guru to learn how to use Nmap effectively in your organization.
But what about the $197 video companion to this $47 book? How does it stack up against Fyodor’s own book on Nmap (See EH-Net Review by JP Bourget)? Stick around my friends as the answers you seek are only minutes away.
|
|
Read more...
|
|
|
 Ryan Linn is back with another video for your learning pleasure. This time he gives a video tutorial of an existing toolset, the Pass-The-Hash Toolkit by Hernan Ochoa (Core Security Technologies). Core describes it as, "The Pass-The-Hash Toolkit contains utilities to manipulate the Windows Logon Sessions mantained by the LSA (Local Security Authority) component. These tools allow you to list the current logon sessions with its corresponding NTLM credentials (e.g.: users remotely logged in thru Remote Desktop/Terminal Services), and also change in runtime the current username, domain name, and NTLM hashes (YES, PASS-THE-HASH on Windows!)."
So what does all that mean? As with his other videos, Ryan tackles this topic in a very easy to follow process. So watch along as he integrates the PTH Toolkit in a makeshift penetration test, and shows how an attacker can utilize credentials without ever having to crack a single password. Oh by the way, he cracks them, too. This way he can impersonate a legitimate user without knowing their password, and then again while knowing their password. Ryan then goes one step further with his talk at ChicagoCon 2009s on May 9 with fellow EH-Net Columnists, Brian Wilson, when they team up for Cain BeEF Hash: Snagging Passwords without Popping Boxes. They not only show you some of their cutting-edge research results, but also perform it in a live demo! Click for Conference Details.
|
|
Read more...
|
|
|
 By Chris Gates, CISSP, GCIH, C|EH, CPTS
Welcome Back! In Maltego Part I we performed Personal Reconnaissance with Maltego to see what we could find out on the net about our Editor-in-Chief, Don. With the personal details tucked safely away in our notebook, lets see what we can gather in regards to his network infrastructure.
Any organization that has an Internet presence needs to have some form of infrastructure to support their presence. During Infrastructure Enumeration you attempt to discover how much of it exists, what type of infrastructure is used, where it is located, what technology is used and how it is structured. This type of information is interesting for:
* Security assessments (as this is the first and most tedious phase of any external assessment).
* Getting an idea of the organization’s Internet and geographical presence.
* Gaining insight into the technology used by the organization.
* Making connections between seemingly unconnected organizations (as they might be sharing common infrastructure).
* Getting a list of brands or affiliations supported by the organization.
Be sure to catch Chris at ChicagoCon 2009s on May 9 as he presents Attacking Layer 8: Client Side Penetration Testing with Vince Marvelli (g0ne). Get Conference Details HERE!
|
|
Read more...
|
|
|
 Register Here! | Q&A in Forums
EH-Net is pleased to announce the complimentary webcast, “Network Reconstructive Surgery,” Part III of the Pen Testing Perfect Storm webcast trilogy – featuring the return of SANS Pen Testing swashbucklers Ed Skoudis, Josh Wright and Kevin Johnson. The third and final installment of this popular webcast trilogy will focus on assessing the outside-in attack process, leveraging a seemingly innocuous website bug for full-scale control over the target network infrastructure. You'll learn how to take advantage of powerful tools including Ratproxy, the soon-to-be-released Yokoso! project and a recent browser exploit, as well as how a pentester can manipulate the not-so-helpful features in enterprise wireless networking systems. Combining concepts from web app, network, wireless and social-engineering attack techniques, this webcast will present practical tips for succeeding in a penetration test in ways that exceed that of independent analysis steps. In this finale webcast, you'll also gain insight into predictions by the pentest luminary team on the future of combined penetration tests, including the concept of "no holes barred" pentesting and the effect it will have on the future of enterprise security.
The third and final webcast in this series will take place Tues March 24, 2009 @ 1:00 PM EST. Following the webcast, attendees are invited to keep the conversation going with Kevin, Josh and Ed from InGuardians during discussions hosted by The Ethical Hacker Network (EH-Net), a free online magazine for security professionals. For at least one week after each webcast, the crew will make themselves available to answer your questions directly and candidly in EH-Net’s Community Forums. All discussions will remain freely available on EH-Net for your continued reference.
|
|
Read more...
|
|
|
 It's a fact, Jack. Nearly 100% of social engineering engagements will involve the use of language.
Yes, that was trite and obvious. But it's also true. Which means that if you want to engage an organization or individual as a target for a social engineering attack, your ability to use language will be a significant factor in the success or failure of your attack. Even more precisely, you have to know the different ways that language can be used, and the differences in the language patterns and formats for each of those uses. Only then will you be empowered to structure your language in such a way as to have maximum impact.
Before talking about how to use language, you have to be aware of language. While most of us are not aware of it, language has two (and only two) distinct actions: the movement of information and the act of influence on another person.
|
|
Read more...
|
|
|
Jack Koziol of Shellcoder's Handbook fame spoke at ChicagoCon last year on heap overflow exploitation, so we thought we'd share the entire audio recording and slide deck with you as an example of the type of talks you'll see at the next ChicagoCon in May 2009.
As defined by Wikipedia, "A heap overflow is a type of buffer overflow that occurs in the heap data area. Like all buffer overflows, a heap overflow may be introduced accidentally by an application programmer, or it may result from a deliberate exploit. In either case, the overflow occurs when an application copies more data into a buffer than the buffer was designed to contain. A routine is vulnerable to exploitation if it copies data to a buffer without first verifying that the source will fit into the destination. A deliberate exploit may result in data at a specific location being altered in an arbitrary way, or in arbitrary code being executed."
So what does all that mean and how do you do it? Find out in Jack's talk on "the most common type of heap overflow exploits for Linux and Windows. He will briefly explain how dynamically allocated memory works, its interaction with the heap memory structure, and how a normal heap operates. Jack will then demonstrate how heap overflows occur, and how they can be exploited on Linux, Windows 2000 and Windows XP SP2 with Data Execution Prevention (DEP) enabled. Unfortunately, the Vista portion of the talk had to be withdrawn. Expect to laugh, cry, and be entertained!"
|
|
Read more...
|
|
|
Review by JP Bourget, CISSP, MCSE, MS
|
Once again, my company had acquired some new networks for us to take over, and of course, the documentation was from 3 years ago. As part of our due diligence, I had to quickly and accurately figure out everything on the network. How did I accomplish this? With a network mapping utility; and the de facto standard in this area is Nmap! Nmap by Gordon Lyon AKA Fyodor not only saves you time, but, if you really know how to unleash it’s power, it can be your friend for network audit’s, discovering new devices, and even part of the network reconnaissance phase of a Pen Test. Another cool use I just learned from the Fyodor /. Interview was that the Chinese use it to scan for open proxies to bypass the Great Firewall of China. With that kind of flexibility, it is clearly the right tool for this job and many others. But what’s the quickest way to get that power working in my favor?
Info on getting half the book for free is available below.
|
|
The obvious choice would be an in-depth tome from the author himself, but, after over 10 years in use around the globe, such a book didn’t exist. But after seeing Fyodor’s talk at Defcon 16 in August of 2008 and seeing an actual pre-release copy of his forthcoming book, I couldn’t wait to get my hands on it. Fast forward to January of 2009 when Fyodor sent me a review copy of what is one of the most well written reference books I have had the chance to use to date. Before you even get to chapter one, you get a comprehensive table of contents followed by a list of tables and examples. Every book should do this! It’s also important to note that this book is filled with out-of-the-box command line examples that should be in any pen tester’s toolkit.
|
|
Read more...
|
|
|
 In the very first webcast produced by The Ethical Hacker Network, world-renowned social engineers, Chris Nickerson of TruTV's Tiger Team and noted expert and international speaker, Mike Murray, prepared you for the future of pen testing. For those of you who couldn't attend the live event, here's the webcast in its entirety. Don't forget to look for the coupon code & special pricing announcement for Chris & Mike's Social Engineering Master Class to be held for the very first time at ChicagoCon 2009s May 4 - 8. The webcast took place on March 10 and was described as:
The world of Information Security is changing. Budgets are tighter, attacks are more sophisticated, and the corporate network is no longer the low hanging fruit. That leaves web-enabled applications as the vector-du-jour, but that well is quickly drying up for organized crime as well. As they creep up the OSI Model looking for easier ways to steal your corporate assets, they are quickly making their way up the stack to the unspoken 8th layer, the end user. So what is the next step in the never-ending escalation of this cyber war?
To find out, we must do as Sun Tzu taught. "Think like our enemy!" That is, after all, the primary tenet of penetration testing AKA ethical hacking, isn't it? After years of hardening physical systems, networks, OSs, and applications, we have now come full circle to a new dawn of attack. People are now the target of the advanced hacker, and the cross-hairs are focused squarely on their foreheads... literally. It is only a matter of time before corporations feel the pain of wetware hacking requiring a new approach to testing and defense.
|
|
Read more...
|
|
|
Mike Murray was also at the last ChicagoCon in the fall of 2008. Since he is now going to be a regular columnist on The Ethical Hacker Network, this seems like an appropriate place to publish the slide deck and audio recordings from his talk. If you've never heard Mike speak on Social Engineering, then you're in for a treat. Not only will you be entertained but also educated. The description of the talk is as follows:
"Information security has seen some major changes in the paradigms of attackers through the past 15 years. From the early days of social engineering, through the golden age of server hacking, and to the present times where the human is once again the target, we have seen significant changes in the way that attackers exploit targets. Mike Murray, Former Director of Neohapsis Labs and social engineering expert, will detail those changes and provide a detailed understanding of the types of skills that are being used to exploit human targets today, as well as examples of strategies that you can take to defend against skilled social engineers."
|
|
Read more...
|
|
| | << Start < Prev 11 12 13 14 15 16 17 18 Next > End >>
| | Results 157 - 169 of 224 |
|
|
|
|
del.icio.us
(1) 
General Certification : Red Team/Blue Team
