RSSJ. Peltier

Core Impact Tutorial

| May 16, 2006

digg this story

Discuss in Forums {mos_smf_discuss:J. Peltier}

By Justin Peltier, Chief Technology Officer, Peltier Associates

How tough is it to really compromise a system? In a previous column we answered that question with a tutorial using MetaSploit™ to penetrate a common vulnerability, RPC-DCOM. This month we will look to perform another common vulnerability penetration using the Core Impact utility. In future columns we will look at other common penetration testing utilities and conclude the series with a Shoot Out Review of each framework in a head-to-head test. NOTE: While not a free utility like MetaSploit™, demo versions of the product are available from the manufacturer as well as a chance to WIN A FREE COPY OF CORE IMPACT!

Continue Reading

Metasploit Tutorial – A New Day for System Exploits

| January 21, 2006

Metasploit Tutorial LogoMetasploit Tutorial by Justin Peltier, CTO, Peltier Associates

How tough is it to really compromise a system? As an ethical hacking instructor, that is a question that I get asked quite frequently. My usual response to this type of question is to encourage the questioner to try to compromise a system, which they own, to find out the time and skill necessary to compromise a system. There is real value in getting a true sense of what it really takes to actually defeat common security measures. This provides first hand experience that cannot really be duplicated from listening to an industry expert or from reading articles and books. The main reason for this is that there is a lot of misinformation, some intentional and some not, available. The easiest way to determine just how difficult something like compromising systems or defeating wireless encryption is – is to try it for yourself in this Metasploit Tutorial.

Continue Reading

Making Testing Easier With BiDiBLAH

| November 30, 2005

Discuss in Forums {mos_smf_discuss:J. Peltier}

By Justin Peltier, CTO, Peltier Associates

If you did not get a chance to go to the Black Hat/Defcon conference this year you have probably not heard of BiDiBLAH yet. BiDiBLAH is a new pseudo utility from the folks at SensePost (http://www.sensepost.com). For quite some time now the talented developers of SensePost have been involved in the Google Hacking community and they have released a number of scripts/utilities that very handy for trolling for information from Google.

Continue Reading