300 likes | 489 Views
Penetration Testing with Opensource Tools. Wiswat Aswamenakul CITEC Evolution Co., Ltd. CITEC Evolution Co., Ltd. Mobile Application Development Security Consult Penetration Testing Incident Response Secure Application Development. Me. Bsc, Com Eng, Kasetsart University
E N D
Penetration Testing with Opensource Tools Wiswat Aswamenakul CITEC Evolution Co., Ltd.
CITEC Evolution Co., Ltd. • Mobile Application Development • Security Consult • Penetration Testing • Incident Response • Secure Application Development
Me • Bsc, Com Eng, Kasetsart University • Master, Digital Forensics, Edith Cowan University • Everything ab0ut s3curity (*0*) • Penetration Tester • Incident Response • Malware Analysis • Blog: http://thaicomsec.citec.us
Hacker Motivation • Money !!!! • Fun (www.zone-h.org)
Glossary • Vulnerability • Exploit
Security Testing Process • Information Gathering • Search Engine • Social Network • Scanning • Service Scanning (Nmap) • Vulnerability Scanning (Openvas & NSE) • Exploitation (Metasploit) • POST Exploitation (John the ripper)
Nmap • Created by Fyodor • www.nmap.org
Scanning Types • Connect Scan • SYN Scan • Ping Scan • ACK Scan • UDP Scan • Idle Scan • FTP Bounce Scan
Openvas • Vulnerability Scanner • www.openvas.org • Sponsored by Greenbone Networks
Nmap Scripting Engine • Nmap Scripting Engine (NSE) • Bring nmap to level 7 scanning • LUA language
Vulnerability Database • The Open Source Vulnerability Database (www.osvdb.org) • Common Vulnerabilities and Exposures (cve.mitre.org) • Exploits Database (www.exploit-db.com) • National Vulnerability Database (nvd.nist.gov)
Metasploit • Created by HD Moore • Acquired by Rapid7 • www.metasploit.com
msfconsole • msfupdate
John The Ripper • Created by “Alexander Peslyak” (Solar Designer) • www.openwall.com
Web App Audit ?? • Personally not recommend for automated auditing • Assessment Tools • wpscan (http://code.google.com/p/wpscan/) • OWASP Joomla Vulnerability Scanner • Created by Aung Khant From YGN Ethical Hacker Group • Nikto (http://cirt.net/nikto2) • OWASP • My Favorite • Firefox with add-ons • Live HTTP Header • Advanced Cookie Manager • Tamper Data • Python
Backtrack • Backtrack 5 R2 • www.backtrack-linux.org
Web Pentest & Incident Response http://citecclub.org/th/course/PTIR