Josh Wright and I presented a webcast a few months back that is chock full of useful pen testing techniques from the mobile and network arenas. Based on the new SANS course, SEC561: Intense Hands-on Skill Development for Pen Testers, this webcast covers numerous useful techniques, such as:
- Exploiting and automating data harvesting from iOS devices
- Extracting stored secrets from iTunes backups
- Effective Anti Virus evasion with Veil
- Windows host compromise and privilege escalation, along with UAC bypass
The slides below cover all the tools and techniques for doing all that great stuff, and more.
The SANS SEC 561 course is 80% hands-on skill development, showing how security personnel such as penetration testers, vulnerability assessment personnel, and auditors can leverage in-depth techniques to
by Ed Skoudis
This morning, I had the honor of presenting at DerbyCon. My talk focused on the ability to cause physical impact through hacking computers and networks. I call it "Kinetic Pwnage". The slides are available below, and the talk touches on several themes of the recent work my team and I have focused on, including CyberCity, a miniature city with a real power grid and other computer controlled components used to build capabilities of cyber warriors.
By the way, right after the talk, lotsa people asked me how they could do CyberCity missions. If you are interested in participating in CyberCity missions hands-on, we'll be running our first ever CyberCity missions at a public conference event during the SANS Pen Test Hackfest Summit & Training event, in Washington DC on November 7-14. If you take a full six-day class there, you can join us for one whole evening of CyberCity missions hands-on, plus four evenings devoted to NetWars. Oh,
By Ed Skoudis
Below are the slides for my talk called "The Bad Guys Are Winning, So Now What?" It's my most requested talk ever.
In my job, I write two or three new presentations per year, and deliver each of them two or three times at various conferences before retiring the talk and moving onto another topic. My butterfly attention span doesn't let me stay on a particular topic for longer than that. In the past year, I've written talks titled "Please Keep Your Brain Juice Off My Enigma" (Debuted at SANS in Sept 2012 and posted here), "Unleashing the Dogs of Cyber War" (Debuted at BruCON in Sept 2012), and "Kinetic Pwnage: Obliterating the Line Between Computers and the Physical World" (Debuted at SOURCE Boston in April 2013 a week and a half ago).
But, of all the talks I've ever written, there is one that I get more requests for than ever: my talk titled "The Bad Guys Are Winning, So Now What". I originally wrote the talk a couple of years ago, and have
[Editor's Note: Last Friday, Josh Wright did an awesome webcast on how penetration testers can extract sensitive information from mobile devices during an ethical hacking project, simulating what could happen if a bad guy snags a device and uses it to gather info to attack an organization. Josh provides some commentary as well as his slides below. These slides are a sampling of Josh's brand-new 575 course on Mobile Device Security and Ethical Hacking. I have to say -- the new course is completely amazing! It gives folks the knowledge they need to help protect their organizations against the onslaught of new mobile devices popping up everywhere -- iPhones, iPads, Android devices, RIM Blackberries, and Windows Phone are all covered. The course is selling out wherever SANS offers it, usually a month or two in advance. Course details are available
[Editor's Note: Tim "My Shell Makes Your Shell Cry Like a Little Baby" Medin did a presentation at SANS Orlando called "PowerShell for Pen Testers". It's really good. It starts out with an overview of PowerShell for the uninitiated, and then quickly jumps to some really effective use cases of PowerShell for penetration testers and ethical hackers. Wanna know how to do a port scan, ping sweep, and file transfer, using only PowerShell with no extra installs? Tim covers it. He also provides tips for post-exploitation on Windows boxes, and goes further by addressing PowerCLI for VMware as well as some tricks for Exchange servers. He's even sprinkled in some tips and techniques that are useful in incident handling and digital forensics. Well played, Jake! --Ed.]
By Tim Medin