.

Penetration Testing Ninjitsu

<<

venom77

User avatar

Hero Member
Hero Member

Posts: 1905

Joined: Mon Dec 11, 2006 3:23 pm

Post Wed Feb 20, 2008 8:00 pm

Penetration Testing Ninjitsu

I received this in my email today and thought I'd pass it along here for all those interested. It definitely sounds like it'll be something worth listening to.

------------------------------------------------------------------------------
WEBCAST
“Penetration Testing Ninjitsu” with Ed Skoudis of SANS
Wednesday, February 27 at 2:00 PM EST (GMT -5:00, New York)
http://www.coresecurity.com/index.php5?module=Form&action=webinar&campaign=ninjitsu

**Register to receive 20% off an upcoming SANS penetration testing course. Attend
for your chance to win free tuition! (see below for details)
------------------------------------------------------------------------------

Do you know how to create an automated, iterative reverse DNS lookup tool in a
single Windows command? How about a ping sweeper in a single Windows command?
A password guesser?

Please join Core Security and Ed Skoudis, SANS instructor and founder of
Intelguardians, to learn about these penetration testing techniques and more
in this not-to-be-missed webcast:

“Penetration Testing Ninjitsu”
**Register here:
http://www.coresecurity.com/index.php5?module=Form&action=webinar&campaign=ninjitsu

We’ll begin by looking at some of the motivations for proactively identifying
and exploiting security flaws before the bad guys do – and then take a deep dive
into useful tips that you can use in your own testing initiatives. Specifically,
you’ll learn techniques for leveraging the Windows command shell on a compromised
machine to scan and test other systems on the network.

This all-new take on Skoudis’ popular “Windows Command-Line Kung Fu” presentation
is specially focused on penetration testing. Whether you’re a red team member,
a finder and fixer, or a third-party consultant, this webcast is sure to add to
your security testing toolkit.

Register and receive 20% off an upcoming SANS penetration testing course.
One webcast attendee will also win free tuition to the next course at SANS 2008
in Orlando – a $3,695 value!

**Register here:
http://www.coresecurity.com/index.php5?module=Form&action=webinar&campaign=ninjitsu


Hope some of you attend as well :)

Bill
<<

bigwhiff

Newbie
Newbie

Posts: 14

Joined: Mon Jan 28, 2008 2:29 am

Location: Alaska

Post Wed Feb 20, 2008 8:12 pm

Re: Penetration Testing Ninjitsu

Bill,

You got that on the board quick.  I was just reading through the email message when the Ethical Hacker Forum notified me of this porting.  I would like to tell everyone that if you have never had a class with Ed Skoudis it truly is a pleasure.  In addition this webcast is FREE!  Ya can't beat free. 

-jack
Jack Campbell
CCNP CCDP GCIH GHTQ C|EH
http://secauditor.wordpress.com
<<

g00d_4sh

User avatar

Sr. Member
Sr. Member

Posts: 394

Joined: Tue Sep 18, 2007 1:50 pm

Location: Guayaquil, Ecuador

Post Wed Feb 20, 2008 8:56 pm

Re: Penetration Testing Ninjitsu

Heh... yeah I'm already signed up for that.  I got that email earlier today as well.   Since they're planning to give it out to people who attend the webinar, I was planning on sending the presentation to anyone interested.
"Bad.. Good?  I'm the guy with the gun"
<<

LSOChris

Post Wed Feb 20, 2008 9:42 pm

Re: Penetration Testing Ninjitsu

------------------------------------------------------------------------------

Do you know how to create an automated, iterative reverse DNS lookup tool in a
single Windows command?


nope but i can do it in bash...

#!/bin/bash

cat iprange.txt | while read IP;
do echo ${IP} && host ${IP} nameserverIP;
done >> hostoutput.txt
<<

venom77

User avatar

Hero Member
Hero Member

Posts: 1905

Joined: Mon Dec 11, 2006 3:23 pm

Post Wed Feb 27, 2008 1:51 pm

Re: Penetration Testing Ninjitsu

This webinar is starting within the next 10 minutes... anyone else attending?
<<

don

User avatar

Administrator
Administrator

Posts: 4226

Joined: Sun Aug 28, 2005 10:47 pm

Location: Chicago

Post Wed Feb 27, 2008 2:51 pm

Re: Penetration Testing Ninjitsu

I'm on.

Don
CISSP, MCSE, CSTA, Security+ SME
<<

venom77

User avatar

Hero Member
Hero Member

Posts: 1905

Joined: Mon Dec 11, 2006 3:23 pm

Post Wed Feb 27, 2008 2:56 pm

Re: Penetration Testing Ninjitsu

Reminds me a lot of the 'Frosty the Snow Crash' challenge :)

That's the first time I've heard a presentation by Ed Skoudis. He sounds like an excellent instructor and I'm definitely going to look into taking this course sometime in the future (as I'm sure it's quite costly).
Last edited by venom77 on Wed Feb 27, 2008 3:05 pm, edited 1 time in total.
<<

venom77

User avatar

Hero Member
Hero Member

Posts: 1905

Joined: Mon Dec 11, 2006 3:23 pm

Post Wed Feb 27, 2008 3:26 pm

Re: Penetration Testing Ninjitsu

That was a great webinar... I'm looking into the course now, it definitely sounds like something worth taking. Does anyone know if SANS offers financing for classes? Off to check the site... :)
<<

g00d_4sh

User avatar

Sr. Member
Sr. Member

Posts: 394

Joined: Tue Sep 18, 2007 1:50 pm

Location: Guayaquil, Ecuador

Post Wed Feb 27, 2008 3:44 pm

Re: Penetration Testing Ninjitsu

It was definately interesting to listen to.  I had wondered at the easiest way to create a ping sweeper/hostname resolver via command line.  That's kind of nifty.  I guess personally I wish he would have been able to spend more time on other little nifty 'meats and potatos' techi things like that, but if he did we wouldn't be as motivated to pay for the class if we heard it all eh?  Yeah, he sounds like a great teacher, that was worth my time.
"Bad.. Good?  I'm the guy with the gun"
<<

rance

User avatar

Full Member
Full Member

Posts: 212

Joined: Thu Jan 03, 2008 5:24 pm

Location: Earth

Post Wed Feb 27, 2008 5:35 pm

Re: Penetration Testing Ninjitsu

Bummer, missed this one.  Looks like it would have been a neat one to attend.
Poking at security since 1986.  +++ATH
<<

blackazarro

User avatar

Sr. Member
Sr. Member

Posts: 368

Joined: Sun Aug 13, 2006 5:31 pm

Post Wed Feb 27, 2008 7:13 pm

Re: Penetration Testing Ninjitsu

Hey rance, I think I heard that this presentation was being recorded so you could probably view it later.

This was the first time I heard Skoudis speak live and I must say that this guy can teach and at the same time make it real entertaining. Looking forward to his second webcast (3 part series) on May 20th.
Security+, OSCP, CEH
<<

Mr. Roboto

User avatar

Jr. Member
Jr. Member

Posts: 67

Joined: Thu Feb 14, 2008 9:57 am

Location: Ohio

Post Thu Feb 28, 2008 12:22 am

Re: Penetration Testing Ninjitsu

blackazarro wrote:
Hey rance, I think I heard that this presentation was being recorded so you could probably view it later.


Anyone know where they'll post the presentation?  It doesn't seem to be online yet.
A+, Security+, HDI Support Center Analyst, MCTS: Vista
<<

venom77

User avatar

Hero Member
Hero Member

Posts: 1905

Joined: Mon Dec 11, 2006 3:23 pm

Post Thu Feb 28, 2008 9:14 am

Re: Penetration Testing Ninjitsu

I'm not sure, but they should be sending an email to the attendees with that information. I'm sure one of us will post it once received.
<<

RoleReversal

User avatar

Hero Member
Hero Member

Posts: 928

Joined: Fri Jan 04, 2008 8:54 am

Location: UK

Post Thu Feb 28, 2008 9:29 am

Re: Penetration Testing Ninjitsu

I was unable to attend this event as it classed with a live BCS event was attending. Hopefully there will be a recording of the presentation released as I was interested before hand (and moreso after reading comments from those that attended).

Unfortunately from previous experience with Core Security they are usually fairly quick to get the recordings out.

If I hear anything else or get a link I will let you all know
<<

Dengar13

User avatar

Sr. Member
Sr. Member

Posts: 380

Joined: Tue Sep 20, 2005 8:43 am

Location: The Steel City

Post Thu Feb 28, 2008 10:03 am

Re: Penetration Testing Ninjitsu

RoleReversal wrote:I was unable to attend this event as it classed with a live BCS event was attending. Hopefully there will be a recording of the presentation released as I was interested before hand (and moreso after reading comments from those that attended).

Unfortunately from previous experience with Core Security they are usually fairly quick to get the recordings out.

If I hear anything else or get a link I will let you all know


Thanks.  I too was unable to attend and would like to review it as well.
A+, Net+, MCP, CEH
MCSE: Security/Messaging
MCSA: Security/Messaging
Former U.S. Marine and damn proud of it!
Next

Return to Network Pen Testing

Who is online

Users browsing this forum: No registered users and 0 guests

cron
.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software