1 / 5

Module 6 – Penetration

This module outlines the essential phases of penetration testing, specifically focusing on Phase II, which encompasses controls assessment and vulnerability identification. Key steps include scheduling, information gathering, network mapping, gaining access, and privilege escalation. The course emphasizes verifying vulnerabilities through proof of concept tools and scripts in isolated lab environments. This approach ensures a thorough understanding of security weaknesses while minimizing risks. Participants will learn how to customize and test tools, maintaining a secure operational environment throughout the process.

knoton
Download Presentation

Module 6 – Penetration

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Module 6 – Penetration • Phase II  Controls Assessment  Scheduling • Information Gathering • Network Mapping • Vulnerability Identification • Penetration • Gaining Access & Privilege Escalation • Enumerating Further • Compromise Remote Users/Sites • Maintaining Access • Cover the Tracks Heorot.net

  2. Penetration • Purpose behind Penetration • To provide proof of vulnerabilities or exploits • Conducted in an isolated environment (lab)‏ • High risk to continued operation of target • Not necessary for “Blue Team” hacking • Requires higher level of programming skill and TCP/IP stack knowledge Heorot.net

  3. Penetration • Find proof of concept code/tool • Develop tools/scripts • Test proof of concept code/tool • Customize proof of concept code/tool • Test proof of concept code/tool in an isolated environment • Use proof of concept code against target • Verify or disprove the existence of vulnerabilities Heorot.net

  4. Penetration • Find proof of concept code/tool OR • Develop tools/scripts • PenTest Lab • Test proof of concept code/tool • Customize proof of concept code/tool • Development Lab • Test proof of concept code/tool in an isolated environment • Production System • Use proof of concept code against target • Verify or disprove the existence of vulnerabilities Heorot.net

  5. Module 6 – Conclusion • Phase II  Controls Assessment  Scheduling • Information Gathering • Network Mapping • Penetration • Find proof of concept code/tool • Develop tools/scripts • Test • PenTest Lab • Development Lab • Production System • Verify or disprove the existence of vulnerabilities Heorot.net

More Related