Presentation is loading. Please wait.

Presentation is loading. Please wait.

Module 6 – Penetration  Phase II  Controls Assessment  Scheduling ○ Information Gathering ○ Network Mapping ○ Vulnerability Identification ○ Penetration.

Published byGeorgiana Charles Modified over 9 years ago

Similar presentations

Presentation on theme: "Module 6 – Penetration  Phase II  Controls Assessment  Scheduling ○ Information Gathering ○ Network Mapping ○ Vulnerability Identification ○ Penetration."— Presentation transcript:

1 Module 6 – Penetration  Phase II  Controls Assessment  Scheduling ○ Information Gathering ○ Network Mapping ○ Vulnerability Identification ○ Penetration ○ Gaining Access & Privilege Escalation ○ Enumerating Further ○ Compromise Remote Users/Sites ○ Maintaining Access ○ Cover the Tracks Heorot.net

2 Penetration  Purpose behind Penetration To provide proof of vulnerabilities or exploits Conducted in an isolated environment (lab)‏ High risk to continued operation of target  Not necessary for “Blue Team” hacking  Requires higher level of programming skill and TCP/IP stack knowledge Heorot.net

3 Penetration  Find proof of concept code/tool  Develop tools/scripts  Test proof of concept code/tool  Customize proof of concept code/tool  Test proof of concept code/tool in an isolated environment  Use proof of concept code against target  Verify or disprove the existence of vulnerabilities Heorot.net

4 Penetration  Find proof of concept code/tool OR  Develop tools/scripts  PenTest Lab Test proof of concept code/tool Customize proof of concept code/tool  Development Lab Test proof of concept code/tool in an isolated environment  Production System Use proof of concept code against target  Verify or disprove the existence of vulnerabilities Heorot.net

5 Module 6 – Conclusion  Phase II  Controls Assessment  Scheduling ○ Information Gathering ○ Network Mapping ○ Penetration Find proof of concept code/tool Develop tools/scripts Test -PenTest Lab -Development Lab -Production System Verify or disprove the existence of vulnerabilities Heorot.net

Download ppt "Module 6 – Penetration  Phase II  Controls Assessment  Scheduling ○ Information Gathering ○ Network Mapping ○ Vulnerability Identification ○ Penetration."

Similar presentations

Are We Cool? A Unit Portfolio Presentation in Mathematics.

Are We Cool? A Unit Portfolio Presentation in Mathematics.
ETHICAL HACKING A LICENCE TO HACK

ETHICAL HACKING A LICENCE TO HACK
and Mitigations Brady Bloxham

and Mitigations Brady Bloxham
PROCESS FRAMEWORK Lecture - 3. Topics covered PROCESS FRAMEWORK PROCESS MODELS DIFFERENCE.

PROCESS FRAMEWORK Lecture - 3. Topics covered PROCESS FRAMEWORK PROCESS MODELS DIFFERENCE.
Network Mapping  Identify Live Hosts  Determine running Services TCP Port Scanning UDP Port Scanning Banner Grabbing ARP Discovery  Identify Perimeter.

Network Mapping  Identify Live Hosts  Determine running Services TCP Port Scanning UDP Port Scanning Banner Grabbing ARP Discovery  Identify Perimeter.
Penetration Testing & Countermeasures Paul Fong & Cai Yu CS691 5 May 2003.

Penetration Testing & Countermeasures Paul Fong & Cai Yu CS691 5 May 2003.
Module 2 – PenTest Overview

Module 2 – PenTest Overview
Risk Management a Case Study DATALAWS Information Technology Law Consultants Presented by F. F Akinsuyi (MSc, LLM)MBCS.

Risk Management a Case Study DATALAWS Information Technology Law Consultants Presented by F. F Akinsuyi (MSc, LLM)MBCS.
Penetration Testing Anand Sudula, CISA,CISSP SSA Global Technologies, India Anand Sudula, CISA,CISSP SSA Global Technologies, India.

Penetration Testing Anand Sudula, CISA,CISSP SSA Global Technologies, India Anand Sudula, CISA,CISSP SSA Global Technologies, India.
INDEX  Ethical Hacking Terminology.  What is Ethical hacking?  Who are Ethical hacker?  How many types of hackers?  White Hats (Ethical hackers)

INDEX  Ethical Hacking Terminology.  What is Ethical hacking?  Who are Ethical hacker?  How many types of hackers?  White Hats (Ethical hackers)
Rochester Institute of Technology Secure IT 2007 Security Auditing Course Development Rochester Institute of Technology Yin Pan

Rochester Institute of Technology Secure IT 2007 Security Auditing Course Development Rochester Institute of Technology Yin Pan
Network Security Testing Techniques Presented By:- Sachin Vador.

Network Security Testing Techniques Presented By:- Sachin Vador.
BSBPMG507A Manage Project Communications Manage Project Communications Unit Guide Diploma of Project Management 17872 Qualification Code BSB51507 Unit.

BSBPMG507A Manage Project Communications Manage Project Communications Unit Guide Diploma of Project Management Qualification Code BSB51507 Unit.
Vulnerability Assessment & Penetration Testing By: Michael Lassiter Jr.

Vulnerability Assessment & Penetration Testing By: Michael Lassiter Jr.
Detailed Design Review of Magnetic Field Centering Device Project # P08028 “Develop a Design and Methodology to Ensure the Concentricity between the Magnetic.

Detailed Design Review of Magnetic Field Centering Device Project # P08028 “Develop a Design and Methodology to Ensure the Concentricity between the Magnetic.
1 Presentation ISS Security Scanner & Retina by Adnan Khairi 100183586.

1 Presentation ISS Security Scanner & Retina by Adnan Khairi
Penetration Testing Chao-Hsien Chu, Ph.D. College of Information Sciences and Technology The Pennsylvania State University University Park, PA 16802

Penetration Testing Chao-Hsien Chu, Ph.D. College of Information Sciences and Technology The Pennsylvania State University University Park, PA 16802
The Business of Penetration Testing

The Business of Penetration Testing
Penetration Testing.

Penetration Testing.
Penetration Testing Edmund Whitehead Rayce West. Introduction - Definition of Penetration Testing - Who needs Penetration Testing? - Penetration Testing.

Penetration Testing Edmund Whitehead Rayce West. Introduction - Definition of Penetration Testing - Who needs Penetration Testing? - Penetration Testing.

Similar presentations

Ads by Google