Presentation is loading. Please wait.

Presentation is loading. Please wait.

Penetration Testing By Blaze Sterling. Roadmap What is Penetration Testing How is it done? Penetration Testing Tools Kali Linux In depth included tools.

Published byMae French Modified over 8 years ago

Similar presentations

Presentation on theme: "Penetration Testing By Blaze Sterling. Roadmap What is Penetration Testing How is it done? Penetration Testing Tools Kali Linux In depth included tools."— Presentation transcript:

1 Penetration Testing By Blaze Sterling

2 Roadmap What is Penetration Testing How is it done? Penetration Testing Tools Kali Linux In depth included tools Conclusion

3 What is Penetration Testing? An attack on a computer system with the intention of finding security weaknesses Used to determine the feasibility of a set of attacks Used to identity security vulnerabilities Testing the ability of network defenders to respond to attacks Can be used to help security Used by security professionals to harden systems

4 Steps to Penetration Testing Start with list of potential vulnerabilities Possible open ports, old software, or week passwords Rank the list in order of criticality. Most damaging possible attack to least Device a test for each possible vulnerability. Port scans, password crackers, find software versions. Run tests on possible vulnerabilities. Fix issues that were found.

5 Penetration Testing Tools Kali Linux Nmap, Fragrouter, Fern Wifi Cracker, HydraGTK Websites Port scanners, web vulnerability checkers, DNS checkers Metasploit Exploit tester, GUI interface, test web apps and networks Wireshark Monitor network traffic, packets W3af Web attack and audit framework

6 What is Kali Linux? Advanced penetration testing and security auditing linux distribution 300+ build in penetration testing tools Free / Open source FHS (File Hierarchy Standard) compliant Secure development environment Spin off of Backtrack

7 Using Kali Linux Install to hard disk 10 GB disk space USB / CD-DVD Live USB Install 2GB capacity Win32 Disk Imager Android 2.1 + devices 5 GB free space Network install Virtual Machine Run in side another OS

8 Included Kali Tools Information Gathering Dnsdict6 Nmap Urlcrazy IDS/IPS (Intrusion Detection/Protection System) Fragrouter Network Scanners Dnmap Netdiscover Traffic Analysis intrace

9 Included tools continued Vulnerability Analysis Cisco tools Yersinia Web Vulnerability Scanner ProxyStrike Cadaver Wireless Attacks Bluelog Spooftooph Wireless Tools Aircrack

10 Information Gathering Tools DNSDICT6 Finds all sub-domains of a website or web server Enumerates all IPv4 and IPv6 addresses to extract dumps Sub-domains IP information Powerful for extracting sub domains that are restricted Tutorials Online Google Youtube

11 Information Gathering Tools NMap Security Scanner Gordon Lyon Discovers hosts and services on a computer network and creates a map of the network Special Packets Analyzes reponses Host discovery Service discovery Operating system detections

12 IDP / IPS Fragrouter Intercepts, Modifies, and rewrites traffic destined for a specified host Routes network traffic in a way that eludes IDS Uses Test IDS timeout and reassembly Test TCP/IP scrubbing Test firewalls Evade Passive OS fingerprinting

13 Network Scanners DNMap Framework for distributing nmap scans among many clients Client/Server architecture Server knows what to do Clients do it Clients work when server is offline Real time statistics of the clients and their targets Scans very large networks quickly

14 Traffic Analysis Intrace Works along the same lines as Fragrouter Enumerates IP hops exploiting TCP connections to display the path of packets over the network Network reconnaissance Who is connected to who Firewall bypassing

15 Vulnerability Analysis Cisco Auditing Tool Perl script that scans cisco routers for common vulnerabilities Default passwords, usernames Easy to guess names and passwords IOS bug history Hijack a router Test router security Password username

16 Web Vulnerability Scanner ProxyStrike Active web application proxy designed to find vulnerabilities while browsing a web application Mainly javascript Sql injection and XSS plugins Listens to port 8008 and analyzes all the parameters of applications running in the port for vulnerabilities

17 Conclusion Security focused Linux Distribution 300+ security tools Spin off of popular backtrack Multiple ways to run Hard drive USB / Live CD Virtual Machine Detailed Look at some tools To many to cover them all

18 References http://www.hackingloops.com/2013/03/dnsdict6-hack-tool-tutorial- know-your-backtrack.html http://www.hackingloops.com/2013/03/dnsdict6-hack-tool-tutorial- know-your-backtrack.html http://www.kali.org/official-documentation/ http://zer0byte.com/2013/03/19/kali-linux-complete-tools-list- installation-screen-shots/ http://zer0byte.com/2013/03/19/kali-linux-complete-tools-list- installation-screen-shots/ http://en.wikipedia.org/wiki/Nmap http://www.monkey.org/~dugsong/fragroute/ http://santoshdudhade.blogspot.com/2012/10/cisco-auditing-tool-v1- perl-script.html http://santoshdudhade.blogspot.com/2012/10/cisco-auditing-tool-v1- perl-script.html http://en.wikipedia.org/wiki/Penetration_test http://www.softwaretestinghelp.com/penetration-testing-tools/

Download ppt "Penetration Testing By Blaze Sterling. Roadmap What is Penetration Testing How is it done? Penetration Testing Tools Kali Linux In depth included tools."

Similar presentations

 Dynamic policies o Change as system security state/load changes o GAA architecture  Extended access control lists  Pre-, mid- and post-conditions,

 Dynamic policies o Change as system security state/load changes o GAA architecture  Extended access control lists  Pre-, mid- and post-conditions,
Hands-On Ethical Hacking and Network Defense Second Edition Chapter 5 Port Scanning.

Hands-On Ethical Hacking and Network Defense Second Edition Chapter 5 Port Scanning.
Hands-On Ethical Hacking and Network Defense Chapter 5 Port Scanning.

Hands-On Ethical Hacking and Network Defense Chapter 5 Port Scanning.
Hands-On Ethical Hacking and Network Defense Chapter 5 Port Scanning Last updated 9-18-08.

Hands-On Ethical Hacking and Network Defense Chapter 5 Port Scanning Last updated
System Security Scanning and Discovery Chapter 14.

System Security Scanning and Discovery Chapter 14.
Penetration Testing Presented by: Elham Hojati Advisor: Dr. Akbar Namin July 2014.

Penetration Testing Presented by: Elham Hojati Advisor: Dr. Akbar Namin July 2014.
Vulnerability Analysis Borrowed from the CLICS group.

Vulnerability Analysis Borrowed from the CLICS group.
CSCI 530L Vulnerability Assessment. Process of identifying vulnerabilities that exist in a computer system Has many similarities to risk assessment Four.

CSCI 530L Vulnerability Assessment. Process of identifying vulnerabilities that exist in a computer system Has many similarities to risk assessment Four.
How Clients and Servers Work Together. Objectives Learn about the interaction of clients and servers Explore the features and functions of Web servers.

How Clients and Servers Work Together. Objectives Learn about the interaction of clients and servers Explore the features and functions of Web servers.
Computer Security and Penetration Testing

Computer Security and Penetration Testing
Hands-On Ethical Hacking and Network Defense Second Edition Chapter 6 Enumeration.

Hands-On Ethical Hacking and Network Defense Second Edition Chapter 6 Enumeration.
Networking in a Linux Environment Pete Eby Dan Thomas Robert Zurawski.

Networking in a Linux Environment Pete Eby Dan Thomas Robert Zurawski.
Penetration Testing.

Penetration Testing.
Penetration Testing Edmund Whitehead Rayce West. Introduction - Definition of Penetration Testing - Who needs Penetration Testing? - Penetration Testing.

Penetration Testing Edmund Whitehead Rayce West. Introduction - Definition of Penetration Testing - Who needs Penetration Testing? - Penetration Testing.
Sam Cook April 18, 2013. Overview What is penetration testing? Performing a penetration test Styles of penetration testing Tools of the trade.

Sam Cook April 18, Overview What is penetration testing? Performing a penetration test Styles of penetration testing Tools of the trade.
Nikto LUCA ALEXANDRA ADELA. Nikto  Web server assessment tool  Written by Chris Solo and David Lodge  Released on December 27, 2001  Stable release:

Nikto LUCA ALEXANDRA ADELA. Nikto  Web server assessment tool  Written by Chris Solo and David Lodge  Released on December 27, 2001  Stable release:
Team BAM! Scott Amack, Everett Bloch, Maxine Major.

Team BAM! Scott Amack, Everett Bloch, Maxine Major.
W3af LUCA ALEXANDRA ADELA – MISS 1. w3af  Web Application Attack and Audit Framework  Secures web applications by finding and exploiting web application.

W3af LUCA ALEXANDRA ADELA – MISS 1. w3af  Web Application Attack and Audit Framework  Secures web applications by finding and exploiting web application.
Hands-on Networking Fundamentals

Hands-on Networking Fundamentals
JMU GenCyber Boot Camp Summer, 2015. Network Sniffing Sometimes it is possible observe/record traffic traveling on a network Network traffic may contain.

JMU GenCyber Boot Camp Summer, Network Sniffing Sometimes it is possible observe/record traffic traveling on a network Network traffic may contain.

Similar presentations

Ads by Google