hanyhasan

Forum Replies Created

Viewing 15 posts - 1 through 15 (of 16 total)
  • Author
    Posts
  • #53360
     hanyhasan 
    Participant
  • #53434
     hanyhasan 
    Participant

    Web Application Pentesting on 15th September 2013 ;D can’t wait

  • #53395
     hanyhasan 
    Participant

    Hi , early this year i took a class with him ” 2 days ” first day was Network Pentest and 2nd day was web-app pentest , currently am taking with him Cyberwar2014 “Beta” .And ill take the 200 $ package next month from Stratgeic Sec Pentest lab . He is so Pro in his information his class is live using citrix web2go and giving all the metrials ( pdf , vid , vm , …etc ) he start explain and testing and hacking live in his Lab then give us access to his online lab thru VPN connection for 30 days . Webapp , IDS , IPS ,WAF , loadbalancer evasion techniques with proxy chain ,ssl scripts he explain it as ICDL things i mean make it look’s easy .. By the way his never use backtrack or kali , he is doing all this by using ubuntu 12.04 with all the tools used for the lab , and he is giving the link to download this vm as wel … watch some of this videos before registering . I know my English is :- …

  • #53267
     hanyhasan 
    Participant

    Thanks Superkojiman , also he can check presentation from Joe Mccray it was a webinar but i don’t found the video .

  • #53237
     hanyhasan 
    Participant

    @unicap2700 wrote:

    I’m doing this for home users in their homes. I need to use CDs on-site. How do I get them legally, rebuild the system with them, and add the customer’s existing keys.

    How do i get them legally ? It depends on the customer if they need a copy or original . Then using any imagining software ( Norton Ghost , Acronis .. ) but look this will be for one machine due security signature or security id per copy i don’t remember .

  • #53235
     hanyhasan 
    Participant

    Hi
    look in our government sector we have an account with Microsoft with all ISOand we have KMS server ” Key Management Service (KMS) This approach establishes a local activation service hosted in your own environment. To do this, you must configure a system on your network to serve as the KMS host by installing and activating a KMS host key. Client systems throughout your organization then connect to the local Office 2010 KMS host for activation ” …
    So after installing any windows or office we join the Pc to the domain and issuing this commands
    C:Usersusername>slmgr -skms companynamedhcp
    C:Usersusername>slmgr -ato
    So if the user resigned and took the laptop or he lost it, i mean if he stay away for like 30 days not joining the Domain his windows and office will ask for activation

  • #53192
     hanyhasan 
    Participant

    Hi

    check this write up about worldmail 3.0
    http://www.bnxnet.com/2012/10/01/seh-worldmail-example/

  • #53046
     hanyhasan 
    Participant

    @batz21 wrote:

    Enumeration is the Key it seems can you guys share any useful link or point me to a Book

    Which Enumeration Tools should master , Right now I am relyin heavily on namp,netcat,rpclient 😛

    regards

    Hi Batz21 .
    Going through those books fast and use the Enumeration tools which they mention
    1.Advanced Penetration Testing for Highly-Secured Environments: The Ultimate Security Guide
    2.Backtrack 5 cookbook
    3.BackTrack 4: Assuring Security by Penetration Testing..Old but believe me has many many tools and how to use them .. try the tools in the lab and compare the results a tool like fierce for DNS enumeration is better than both Dig and Host !!
    4.Nmap Cookbook: The Fat-free Guide to Network Scanning
    5.The Basics of Hacking and Penetration Testing
    Currently am preparing also for OSCP by taking some crash course on PT from Joe Maccry weekend boot cam and its by 100$ only and have like 30 days on the lab next weekend he have Exploit Dev again 2 days by 100$ only . Have a look to this video about Exp_Dev
    http://www.youtube.com/watch?v=eNSWUAVxbzk
    from BSides Rhode Island Con was on 15-6-2013.
    All the best and keep update us

  • #53008
     hanyhasan 
    Participant

    Gentle Reminder ;D
    Still asking for username & password

  • #53076
     hanyhasan 
    Participant

    Finally Congrats Man . In 12 Hours nice

  • #53038
     hanyhasan 
    Participant

    @superkojiman
    I think this is your blog ” http://www.iodigitalsec.com/blog/ “.
    also plz update your signature  😉 you are OSCE now

    @batz21
    have a look at his blog and read his review about OSCP . He signed for 60 days but end up using only 36 and finish the final challenge in 8 hours  8)

  • #53034
     hanyhasan 
    Participant

    Hi batz21 , ok am not senior member yet , but am also planning to take the OSCP before Dec2013 . I read many many reviews from here EH and google search . I found that the key to this certificate by mastering this topics .
    Bashing skills = to automate tasks = reduce time .
    Enumeration , Enumeration ===  found it in many reviews
    Scanning = nmap & unicornscan ,make it a habit to scan the 65535 ports
    Privilege escalation =  g0tma1k have a nice article about it and every one recommend it
    Exploitation  = corlan.de = Python + C .. usually modifying the code of the exploit 
    Finally writing the Report  .. keep it ready from now , make a template.

  • #53032
     hanyhasan 
    Participant

    Hi Matt
    Tracing who is doing this will not solve the problem this website is it personal or belong to the Ministry .In both cases change the hosting company if you host your site on unknown one I mean go for famous once “Godady.. hostgatoe  . Are you web developer? Are using CMS “ joomla , wordpress , ..etc” ?
    My advice to you just give this work to any web developing company , shop whatever and they give you access only to update the content of the website
    Regard your 2 PC just format them .

  • #52971
     hanyhasan 
    Participant

    Hi , take some time and watch this webinar from elearnsecurity by Armando .
    http://www.elearnsecurity.com/collateral/webinar/pentesting_beginners/
    ..
    It will answer all your question in you head, its almost 1 hour . i download it convert it to mp3 so i listen it like 3 or 4 times then i decide what i want be in ” info sec” .

  • #52865
     hanyhasan 
    Participant

    Hi , have a look at  Gray Hat Python book  released on 2009 , this is a review from Ryan Lin
    http://www.ethicalhacker.net/content/view/262/2/
    also i found a videos series based on this book on youtube , this is the channel http://www.youtube.com/user/jstrosch. They are 4 parts

Viewing 15 posts - 1 through 15 (of 16 total)

Copyright ©2019 Caendra, Inc.

Contact Us

Thoughts, suggestions, issues? Send us an email, and we'll get back to you.

Sending

Sign in with Caendra

Forgot password?Sign up

Forgot your details?