Multi-Tool DVD Sets: An important addition to the Incident Handler: Pen Tester's toolkit
This paper will aid the incident handling and security community by explaining and demonstrating forensically sound processes to create a powerful multi session DVD. This can be customized to contain several of the most popular Linux live CDs and a second DVD/CD that contains other tools that may not be contained on the live multisession DVD. The paper will explain the criteria used to select the tools, examine the advantages, limitations and weaknesses of the multi DVD approach and most importantly will contain a detailed walk through of the process to make a multi boot DVD.
Read the Article
|
Penetration Testing: Taking the Guesswork Out of Vulnerability Management1 hr 9 min 19 sec
IDC Webinar video with Charles Kolodgy. Penetration testing using Core Security Technologies Impact penetration testing software.
Watch the Video
|
Five Common Web Application Vulnerabilities
This article looks at five common Web application attacks, primarily for PHP applications, and then presents a case study of a vulnerable Website that was found through Google and easily exploited. Each of the attacks we'll cover are part of a wide field of study, and readers are advised to follow the references listed in each section for further reading. It is important for Web developers and administrators to have a thorough knowledge of these attacks. It should also be noted that that Web applications can be subjected to many more attacks than just those listed here.
While most of the illustrated examples in this article will discuss PHP coding due to its overwhelming popularity on the Web, the concepts also apply to any programming language. The attacks explained in this article are:
1. Remote code execution
2. SQL injection
3. Format string vulnerabilities
4. Cross Site Scripting (XSS)
5. Username enumeration
Read the Article
|
Penetration Testing: The Third Party Hacker
"Is my organization or infrastructure susceptible to compromise by a malicious attacker, unethical competitor or foreign government?" Both security consulting companies and Big Four audit companies have been trying to answer this question by offering penetration testing services to their clients in the last decades. This kind of specialized testing is a method for evaluating the security of an organization's information systems by simulating an attack.
Read the Article
|
Cisco SNMP configuration attack with a GRE tunnel
The fact that SNMP is based on UDP makes it that much more interesting. Being a connectionless protocol, UDP is vulnerable to IP spoofing attacks. With a couple of Cisco routers in your organization, you're ready to do some testing and see what can be done in Cisco land.
Read the Article
|
Exploiting Cisco Routers: (Part One)
This two-part article will focus on identifying and exploiting vulnerabilities and poor configurations in Cisco routers. We will then discuss the analysis of the router configuration file and will attempt to leverage this access into other systems. Additionally, we will cover the possibilities of what one may do once access to the device has been achieved. We chose to focus this article on Cisco routers due to their overwhelming market share.
Read the Article
|
Exploiting Cisco Routers: (Part Two)
The first article in this two-part series covered a few different methods of getting into the target router. This article will focus on what we can do once we've gotten in. For the remainder of this article, we'll assume that the only progress we've made is that we've gotten the below router config via the vulnerable HTTP server. At this point, Access Control Lists (ACLs) prevent us from logging in directly to the router.
Read the Article
|
Penetration Testing for Web Applications (Part One)
This is the first in a series of three articles on penetration testing for Web applications. The first installment provides the penetration tester with an overview of Web applications - how they work, how they interact with users, and most importantly how developers can expose data and systems with poorly written and secured Web application front-ends.
Read the Article
|
Penetration Testing for Web Applications (Part Two)
Our first article in this series covered user interaction with Web applications and explored the various methods of HTTP input that are most commonly utilized by developers. In this second installment we will be expanding upon issues of input validation - how developers routinely, through a lack of proper input sanity and validity checking, expose their back-end systems to server-side code-injection and SQL-injection attacks. We will also investigate the client-side problems associated with poor input-validation such as cross-site scripting attacks.
Read the Article
|
Penetration Testing for Web Applications (Part Three)
In the first installment of this series we introduced the reader to web application security issues and stressed the significance of input validation. In the second installment, several categories of web application vulnerabilities were discussed and methods for locating these vulnerabilities were outlined. In this third and final article we will be investigating session security issues and cookies, buffer overflows and logic flaws, and providing links to further resources for the web application penetration tester.
Read the Article
|
