[Editor's Note: Jeff McJunkin shares some insight into building a good virtualization infrastructure for practicing your pen test skills, evaluating tools, and just plain becoming a better penetration tester, all without breaking the bank. Nice! --Ed.]
By Jeff McJunkin
Practical, hands-on experience is a good thing, right? As good as it is though, it doesn't excuse accidentally taking down your employer's production environment while doing some testing.
While NetWars (obligatory plug for my new employer) is great for getting this experience, it doesn't fit every situation. For example, if one of your servers crashed while being scanned by Nessus, you might want to isolate exactly which plugin is causing the crash, while avoiding future production outages.
Having a home lab with a trial version of the software creates a safe environment for otherwise disruptive testing and facilitates fast
[Editor's Note: In this post, theunparalleledSeth Misenar tackles the question of whether it's OK for a security professional to walk the line between offense and defense, or whether someone should take the plunge on one of these two sides. He lays bare hisverysoul as he debates the options before us all.]
By Seth Misenar
I was recently asked by Ed Skoudis and Mike Poor to serve on a panel discussion at SANS Security West 2014. The panel topic is Offense Informs Defense, and is kind of a face off wherein SANS Pen Test instructors shoot out a bunch of new techniques and SANS Cyber Defense instructors discuss practical ways of handling the onslaught.
Sounds fun, so I immediately confirmed. Only later did it occur to me, that I wasn't sure which side I was supposed to rep. Hmm...my security ADD seems to rear its ugly head again.
I often joke with students that I appear to
Josh Wright and I presented a webcast a few months back that is chock full of useful pen testing techniques from the mobile and network arenas. Based on the new SANS course, SEC561: Intense Hands-on Skill Development for Pen Testers, this webcast covers numerous useful techniques, such as:
- Exploiting and automating data harvesting from iOS devices
- Extracting stored secrets from iTunes backups
- Effective Anti Virus evasion with Veil
- Windows host compromise and privilege escalation, along with UAC bypass
The slides below cover all the tools and techniques for doing all that great stuff, and more.
The SANS SEC 561 course is 80% hands-on skill development, showing how security personnel such as penetration testers, vulnerability assessment personnel, and auditors can leverage in-depth techniques to
[Editor's Note: Here is our final installment of tips from the SANS Pen Test Poster, this time focussed on Pulling It All Together in your pen tests. If youare interested in this type of information, you should know that I'm going to be teaching my SANS SEC 560 course on network penetration testing & ethical hacking in New Orleans in January 2014. From January 20 to 25, we'll cover in-depth technical approaches for penetration testing, plus tons of tips for maximizing your effectiveness as a pen tester. If you are looking to take a SANS course where the student-to-instructor ratio is fairly low so we can have more detailed and personalized discussions, this is a great one to register for. Plus, New Orleans is a fantastic town, with lotsa wonderful restaurants and fascinating history. It's gonna be a GREAT time. Registration details are
[Editor's Note: Here is the fifth in our series of penetrating testing tips drawn from the UltimateSANS Pen Test Poster. This time, our focus is on specific recommendations from Kevin Johnson about web app pen test tips, tools, resources, and other recommendations. Really helpful stuff. Thanks, Kevin!
For earlier posts in this series, feel free to check out:
John Strand's tips for network pen testing.
Steve Sims' tips for exploit development.
Josh Wright's tips for mobile device pen