Pen Testing Perfect Storm Pt. II: Anatomy of a Client-Side Mutiny

| January 8, 2009

hurricane.jpgRegister Now | Join the Convo HERE on EH-Net!

EH-Net is pleased to announce the complimentary webcast, “Anatomy of a Client-Side Mutiny,” Part II of the Pen Testing Perfect Storm webcast trilogy – featuring the return of SANS Pen Testing swashbucklers Ed Skoudis, Josh Wright and Kevin Johnson. Covering network, web app and wireless pen testing techniques, the second installment of Perfect Storm trilogy will focus on assessing the enterprise-wide fallout from a seemingly innocuous endpoint compromise – including how an exposed low-level Windows Vista box can quickly open the hatch to full-scale network subversion. During the webcast, you’ll learn how to proactively test your network’s vulnerability to sinking at the hands of a Client-Side Mutiny – and how to emulate what can happen after the initial compromise, including:

• discovering wireless devices from exploited hosts with Josh Wright’s newly released VistaRFMON
• scanning and exploiting web applications with the Burp suite
• exploiting systems with Metasploit’s integrated pass-the-hash functionality

The second webcast in this series, “Anatomy of a Client-Side Mutiny,” will take place Wed January 21, 2009 @ 1:00 PM EST. Following the webcast, attendees are invited to keep the conversation going with Kevin, Josh and Ed from InGuardians during discussions hosted by The Ethical Hacker Network (EH-Net), a free online magazine for security professionals. For at least one week after each webcast, the crew will make themselves available to answer your questions directly and candidly in EH-Net’s Community Forums. All discussions will remain freely available on EH-Net for your continued reference.

Active Image
Active Image del.icio.us

Discuss in Forums {mos_smf_discuss:News Items and General Discussion About EH-Net}

Combining Network, Web App and Wireless
into the Ultimate Penetration Test

The Pen Testing Perfect Storm webcast series brings you a deluge of security assessment tactics and strategies from the combined forces of three penetration testing heavyweights in the SANS faculty:

  • Kevin Johnson: web guru and senior security analyst with InGuardians
  • Josh Wright: wireless wizard and senior security researcher with InGuardians
  • Ed Skoudis: network master and co-founder of InGuardians

This trio of experts will show you how to assess an organization’s real business risks by taking a holistic, comprehensive look at your information security – just as determined and skilled attackers do in the wild. You’ll learn techniques for safely replicating chains of threats that can pivot throughout your infrastructure, including:

  • Web — SQL injection, cross-site scripting, remote file inclusion, etc.
  • Wireless — wireless LAN discovery, crypto and protocol attacks, client duping, etc.
  • Network — port scanning, service compromise, client-side exploitation, etc.

This free webcast series is ideal for anyone seeking to go beyond point-focused, "tunnel-vision" assessments to real-world penetration testing – mimicking the sophisticated, multi-staged threats that pose the most significant information security risks to organizations today.
Sponsored by: Core Security Technologies Core Security Technologies


Pen Testing Perfect Storm Pt. II: Anatomy of a Client-Side Mutiny

Join the Convo HERE!
Q&A in EH-Net Community Forums

Category: EH-Net News

Comments are closed.