|
Title: CPTE Module 8: Internal Pen Testing Post by: don on May 25, 2006, 11:16:27 AM Once inside the external defenses, the penetration tester has a whole different set of techniques and tools to use. This module is dedicated to internal testing. It is sub-sectioned into:
- Database Servers - Network Attacks - Password Retrieval and Cracking Having a direct connection to a database server will allow many more attack vectors such as database discovery, enumeration and direct exploits like buffer overflows. We cover the market leading database servers (MS SQL, Oracle etc) and also talk about hardening these servers. Laboratory: ARP Cache Poisoning, SSH/SSL Man-In-The-Middle Attacks, Voice Over IP interception and DNS Poisoning, Protocol Analysis, Password Cracking (Dictionary/Brute Force/Hybrid/Rainbow Tables), Buffer Overflow/Heap Overflow/Stack Overflow Exploits are just some of the attacks in this module, all of which will enable the penetration tester to expose the weaknesses of the network. Source: http://www.mile2.com/Certified_Pen_Testing_Expert_CPTE.html Don
Powered by SMF 1.1.7 |
SMF © 2006-2008, Simple Machines LLC
Joomla Bridge by JoomlaHacks.com |