|
Title: CEH v5 Module 22: Penetration Testing Post by: don on November 16, 2006, 05:04:48 PM Introduction to Penetration Testing
Categories of Security Assessments Vulnerability Assessment Limitations of Vulnerability Assessment Types of Penetration Testing Risk Management Do-it-Yourself Testing Outsourcing Penetration Testing Services Terms of Engagement Project Scope Pentest Service Level Agreements Testing Points Testing Locations Automated Testing Manual Testing Using DNS Domain Name and IP Address Information Enumerating Information about Hosts on Publicly-Available Networks Testing Network-Filtering Devices Enumerating Devices Denial of Service Emulation Tools o Appscan o HackerShield o Cerberus Internet Scanner o Cybercop Scanner o FoundScan Hardware Appliances o Nessus o NetRecon o SAINT o SecureNET Pro o SecureScan o SATAN o SARA o Security Analyzer o STAT Analyzer o VigilENT o WebInspect Evaluating Different Types of Pentest Tools Asset Audit Fault Trees and Attack Trees GAP Analysis Threat Business Impact of Threat Internal Metrics Threat External Metrics Threat Calculating Relative Criticality Test Dependencies Defect Tracking Tools o Web-based Bug/Defect Tracking Software o SWB Tracker o Advanced Defect Tracking Web Edition Disk Replication Tools o Snapback DUP o Daffodil Replicator o Image MASSter 4002i DNS Zone Transfer Testing Tools o DNS analyzer o Spam blacklist Network Auditing Tools o eTrust Audit (AUDIT LOG REPOSITORY) o iInventory o Centennial Discovery Trace Route Tools and Services o Ip Tracer 1.3 o Trellian Trace Route Network Sniffing Tools o Sniff’em o PromiScan Denial-of-Service Emulation Tools o FlameThrower® o Mercury LoadRunner™ o ClearSight Analyzer Traditional Load Testing Tools o WebMux o SilkPerformer o PORTENT Supreme System Software Assessment Tools o Database Scanner o System Scanner o Internet Scanner Operating System Protection Tools o Bastille Linux o Engarde Secure Linux Fingerprinting Tools o Foundstone o @Stake LC 5 Port Scanning Tools o Superscan o Advanced Port Scanner o AW Security Port Scanner Directory and File Access Control Tools o Abyss Web Server for windows o GFI LANguard Portable Storage Control o Windows Security Officer - wso File Share Scanning Tools o Infiltrator Network Security Scanner o Encrypted FTP 3 Password Directories o Passphrase Keeper 2.60 o IISProtect Password Guessing Tools o Webmaster Password Generator o Internet Explorer Password Recovery Master o Password Recovery Toolbox Link Checking Tools o Alert Link Runner o Link Utility o LinxExplorer Web Testing-based Scripting Tools o Svoi.NET PHP Edit o OptiPerl o Blueprint Software Web Scripting Editor Buffer Overflow Protection Tools o StackGuard o FormatGuard o RaceGuard File Encryption Tools o Maxcrypt o Secure IT o Steganos Database Assessment Tools o EMS MySQL Manager o SQL Server Compare o SQL Stripes Keyboard Logging and Screen Reordering Tools o Spector Professional 5.0 o Handy Keylogger o Snapshot Spy System Event Logging and Reviewing Tools o LT Auditor Version 8.0 o ZVisual RACF o Network Intelligence Engine LS Series Tripwire and Checksum Tools o SecurityExpressions o MD5 o Tripwire for Servers Mobile-Code Scanning Tools o Vital Security o E Trust Secure Content Manager 1.1 o Internet Explorer Zones Centralized Security Monitoring Tools o ASAP eSMART™ Software Usage by ASAP Software o WatchGuard VPN Manager o Harvester Web Log Analysis Tools o AWStats o Azure Web Log o Summary Forensic Data and Collection Tools o Encase tool o SafeBack o ILook Investigator Security Assessment Tools o Nessus Windows Technology o NetIQ Security Manager o STAT Scanner Multiple OS Management Tools o Multiple Boot Manager o Acronis OS Selector o Eon Phases of Penetration Testing o Pre-Attack Phase o Attack Phase o Post-Attack Phase Penetration Testing Deliverables Templates Source: http://www.eccouncil.org/EC-Council%20Education/ceh-course-outline.htm Don
Powered by SMF 1.1.7 |
SMF © 2006-2008, Simple Machines LLC
Joomla Bridge by JoomlaHacks.com |