Presentation is loading. Please wait.

Presentation is loading. Please wait.

Mano ‘dash4rk’ Paul r3c0n to r00t - Security and Soul

Published byRoman Hodgin Modified over 9 years ago

Similar presentations

Presentation on theme: "Mano ‘dash4rk’ Paul r3c0n to r00t - Security and Soul"— Presentation transcript:

1 Mano ‘dash4rk’ Paul r3c0n to r00t - Security h@Xs and Soul h@Xs

2 whois [Querying whois.org] Name: manoranjan paul > mano paul > @manopaul [IDENTITY] Primary: Follower of Jesus Christ (Christian) DOB: 09/30-1990 [TECHNICAL] Advisor: (ISC) 2, Software Assurance Books: The 7 Qualities of Highly Secure Software; Official (ISC) 2 Guide to CSSLP CEO: SecuRisk Solutions [OTHER] Researcher: Shark Biology (dash4rk) Creds: CSSLP, CISSP, MCSD, MCAD, CompTIA Network+, ECSA Record created on 03-03-19.. Record expires on tbd Database last updated on 07-12-2013 www.hackformers.org 2 wen u c me, tweet #/@HackFormers

3 What is the topic/series about? Security h@Xs – Pentesting processes from r3c0n to r00t – Intro to security tools in the Kali Linux OS Soul h@Xs – Exploits that impact the soul – Intro to tools in the Bible and the protection in Jesus Christ www.hackformers.org 3 It is one thing to get r00ted in security; It is far worse to get r00ted in life

4 Agenda Teach Security Teach Christ Teach Security In Christ www.hackformers.org 4

5 Security h@xs -- getting r00ted in security -- Teach Security

6 Pentesting? Answers the question: – Can some entity penetrate your security defenses? Attestation of your overall security posture Before ogres h@x0rs do Attest Security Controls (safeguards, countermeasures) www.hackformers.org 6

7 Pentesting? (contd.) Rules of engagement – Scope defined – Get out of Jail card Structured process – Discovery to Exploit to Post-exploitation Internal/External scenarios www.hackformers.org 7

8 Pentesting – what it is NOT? www.hackformers.org 8

9 In the “r3c0n to r00t” series I will cover the various tools in the Kali Linux pentest distro/OS to perform the 3 steps pentest process – Step 1: r3c0n – Step 2: r3sili3ncy attestation – Step 3: r00t www.hackformers.org 9

10 What is Kali Linux? Debian based OS distro – dpkg –i file.deb Favorite OS for h@X0rs, pentesters and forensics Trivia – Other Names – Kali – Backtrack – Whax – Whoppix – Knoppix 300+ security tools www.hackformers.org 10

11 Tools, Tools, and more Tools www.hackformers.org 11

12 Step 1: r3c0n Identify live hosts Enumerate Discover Gather Info/Intelligence www.hackformers.org 12

13 r3c0n - Quotes Know your enemy – The Art of War; Sun Tzu Know your victim – Mano ‘dash4rk’ Paul www.hackformers.org 13

14 r3c0n Tool Categories Identification – Live host – IDS/IPS Scanning – Network Fingerprinting – OS – Services Analysis – DNS – OSINT – Route – SMB – SMTP – SNMP – SSL – Telephony – Traffic – VoIP – VPN www.hackformers.org 14

15 Step 2: r3sili3ncy attestation Evaluate attack surface Analyze vulnerability Check exploit www.hackformers.org 15

16 r3sili3ncy attestation - Quotes The art of being wise is the art of knowing what to overlook. – American Philosopher and Psychologist, William James (1842-1910) The art of being wise is the art of knowing what to look over. – Mano ‘dash4rk’ Paul (19.. – Forever) www.hackformers.org 16

17 Step 3: r00t Run exploit Getting pwn3d www.hackformers.org 17

18 Tell me, and I’ll forget Show me, and I may remember Involve me, and I’ll understand www.hackformers.org 18

19 Demo Step 1: r3c0n – 1.a. Who is out there alive? Live host identification – netdiscover – 1.b. What can we find out about the living? 1.b.1. Scanning (enumeration, discovery) – dmitry – nmap – zenmap – dnmap_server – dnmap_client 1.b.2. Fingerprinting – miranda www.hackformers.org 19

20 Demo (contd.) Step 2: r3sili3ncy attestation – Is the system vulnerable to exploitation? metasploit framework (check) Step 3: r00t – Getting pwn3d? metasploit framework (run exploit) www.hackformers.org 20

21 Soul h@xs -- getting r00ted in life -- Teach Christ

22 r3c0n of the living Who is out there alive? – Identification of the living (live hosts) Jesus said, “I am the resurrection and the life; Anyone who believes in me will live, even after dying.” (John 11:25; NLT) Those who believe in Jesus shall live (now) and eternally; they are the ones who are spiritually alive. (John 3:16) The devil is not interested in those who are spiritually dead www.hackformers.org 22

23 Scan What can we find out about the living? – The bad: Your adversary (h@X0r), the devil is like a roaring lion (in r3c0n), seeking whom he may devour (exploit) (1 Peter 5:8) – The good: The eyes of the Lord search the whole earth (in r3c0n) to strengthen those whose hearts are fully committed to him (2 Chronicles 16:9a ; NLT) www.hackformers.org 23

24 Fingerprint Whose fingerprint is on you? – The d3v1l’s For you are the children of your father the devil, and you love to do the evil things he does. He was a murderer from the beginning. He has always hated the truth, because there is no truth in him. When he lies, it is consistent with his character; for he is a liar and the father of lies. (John 8:44; NLT) – God’s For I hold you by your right hand — I, the Lord your God. And I say to you, ‘Don’t be afraid. I am here to help you. … I am the Lord, your Redeemer. I am the Holy One of Israel.’ (Isaiah 41:13,14b; NLT) www.hackformers.org 24

25 r3sili3ncy attestation Is our life vulnerable to exploitation? – No one is righteous; no not one (Romans 3:10) – All are vulnerable. All have sinned and have fallen short of the glory of God (i.e., vulnerable and exploitable) - Romans 3:23 The wages of sin is death (getting r00ted/pwn3d) - Romans 6:23 www.hackformers.org 25

26 r00t – getting pwn3d Who 0wns you? – Are you r00ted by the devil? a slave to sin – Sin is crouching at the door, eager to control you. But you must subdue it and be its master.” (Genesis 4:7; NLT) – Are you r00ted in Christ Jesus? a servant of the Savior and Lord – And now, just as you accepted Christ Jesus as your Lord, you must continue to follow him. Let your roots grow down into him, and let your lives be built on him. Then your faith will grow strong in the truth you were taught, and you will overflow with thankfulness. (Colossians 2:6-7; NLT) www.hackformers.org 26

27 The conclusion of the matter No own wants to be pwn3d! To avoid security h@xs – one must implement security controls To avoid your soul from getting pwn3d (soul h@x), one MUST be r00ted in the one life control – Jesus Christ! www.hackformers.org 27

28 Points to Ponder Teach Security In Christ

29 Discussion Points Would you consider yourself alive or dead (spiritually)? – Born once, die twice – Born twice, die once If you are alive, you are the target! Are you r00ted by the devil (slave to sin) or are you r00ted in Christ Jesus? All who call on the name of the Lord Jesus Christ shall be saved [i.e., not have their soul h@x3d] (Joel 2:32) www.hackformers.org 29

30 Closing Thoughts www.hackformers.org 30 try { if (uLikedThisPresentationAndMtg) { subscribeViaEmail(); followAndTweet(); // @hackformers getLinkedIn(); emailUs(); // mano.paul@hackformers.orgmano.paul@hackformers.org } else { giveFeedback(); // mano.paul@hackformers.orgmano.paul@hackformers.org } catch(Temptations t) { r00tedIn(God JesusChrist); } finally { ThankUandGodBless(); }

31 Standards Pre-engagement activities Intelligence Gathering Threat Modeling Vulnerability Analysis Exploitation Post Exploitation Reporting www.hackformers.org 31 http://www.pentest-standard.org/

32 Process Anatomy of an Attack - The 5Ps Probe Penetrate Persist Propagate Paralyze Official (ISC) 2 Guide to CSSLP - The 4Rs Reconnaissance – Enumeration & Discovery Resiliency Attestation – Attack & Exploitation Removal of Evidence (Cleanup) & Restoration Reporting & Recommendations www.hackformers.org 32 h@X0r’S perspective defender’s perspective

Download ppt "Mano ‘dash4rk’ Paul r3c0n to r00t - Security and Soul"

Similar presentations

We Can Rejoice in the Lord Because We Have Salvation

We Can Rejoice in the Lord Because We Have Salvation
Preparing to Share Your Story

Preparing to Share Your Story
Lesson 1: The Plan Salvation of.

Lesson 1: The Plan Salvation of.
Responding to the Shepherd John 10. Who or what are you listening to?

Responding to the Shepherd John 10. Who or what are you listening to?
Heaven Is Just Four Steps Away

Heaven Is Just Four Steps Away
Matthew 22:42 42 What think ye of Christ? Whose son is He? Matthew 16:13.

Matthew 22:42 42 What think ye of Christ? Whose son is He? Matthew 16:13.
The Hour Is Coming John 5:28-29 A Time Appointed 8/8/2010 pm

The Hour Is Coming John 5:28-29 A Time Appointed 8/8/2010 pm
Did Jesus Christ Die In Vain

Did Jesus Christ Die In Vain
ALL SCRIPTURE REFERENCES – NEW AMERICAN STANDARD BIBLE

ALL SCRIPTURE REFERENCES – NEW AMERICAN STANDARD BIBLE
Background – the Gospel, which: Paul had preached, v. 1; Acts 18:1-11. The Corinthians had received, v. 2; Acts 18:8 By which they were saved, v. 2; Romans.

Background – the Gospel, which: Paul had preached, v. 1; Acts 18:1-11. The Corinthians had received, v. 2; Acts 18:8 By which they were saved, v. 2; Romans.
Questions Jesus Asked Questions Jesus Asked! Whose Wife Will She Be or Living with resurrection eyes?

Questions Jesus Asked Questions Jesus Asked! Whose Wife Will She Be or Living with resurrection eyes?
“MIRACLES AT COLOSSAE”

“MIRACLES AT COLOSSAE”
A servant of God or of Satan

A servant of God or of Satan
An Uncommon Love Welcome and give thanks to God and brothers and sisters for allowing me to present another lesson before you. I hope that it is beneficial.

An Uncommon Love Welcome and give thanks to God and brothers and sisters for allowing me to present another lesson before you. I hope that it is beneficial.
The Appearance of Christianity Matthew 6:1-4. The Appearance of Christianity Numbers 15:1-13 (rules of Sacrifice) Numbers 15:14-17 (stranger, sacrifice.

The Appearance of Christianity Matthew 6:1-4. The Appearance of Christianity Numbers 15:1-13 (rules of Sacrifice) Numbers 15:14-17 (stranger, sacrifice.
Biblical Faith HEBREWS 11:1 NOW FAITH IS THE SUBSTANCE OF THINGS HOPED FOR, THE EVIDENCE OF THINGS NOT SEEN.

Biblical Faith HEBREWS 11:1 NOW FAITH IS THE SUBSTANCE OF THINGS HOPED FOR, THE EVIDENCE OF THINGS NOT SEEN.
Saving The Sinner James 5:19-20.

Saving The Sinner James 5:19-20.
The Wonderful Good News of Revelation

The Wonderful Good News of Revelation
God’s Simple Plan of Salvation

God’s Simple Plan of Salvation
All we need is Love. All we need is Love Introduction the Book of Love “Love” used 676 time in NASB 360 times in the New Testament Where do we go?

All we need is Love. All we need is Love Introduction the Book of Love “Love” used 676 time in NASB 360 times in the New Testament Where do we go?

Similar presentations

Ads by Google