Information gath

Tags:

Preview:

Click to see full reader

DESCRIPTION

 

Citation preview

INFORMATION GATHERING IN A PENTEST

By : Syarif @fl3xu5

Cybercrime Investigation Center Mabes Polri Jakarta, 28 Januari 2012

Agenda

About Pentest ( Penetration Testing )

Pentest Phase

How Important do Information Gathering

Passive & Active Information Gathering

Google Hack

Netcraft

Whois

host

dig

About Pentest ( Penetration Testing )

A method to evaluate the security of computer system / network

Practice ( attacking ) an IT System like a ‘hacker’ do

Find a security holes ( systemic weaknesses )

By pass security mechanism

compromise an Organization’s IT System Security

Must have a permission from IT System owner

~ The Person is called a Pentester ~

Pentest Phase

Information Gathering

Vulnerability Analysis

Exploitation

Post Exploitation

Reporting

How Important do Information Gath.

Information Gath. Chance of Successful attack~

Passive & Active Information Gathering

Passive Information Gathering Active Information Gathering

Google Hacking

Netcraft

Whois

Nslookup

Port Scanning

Service Scanning

Nmap

Metasploit

Google Hack

was introduced by Johnny Long

based on google basic usage information :http://www.google.com/help/basics.html!

More : http://www.google.com/help/operators.html

http://www.google.com/help/basics.html
http://www.google.com/help/operators.html

Google Hack ( cont’d )

Google basic search help

Google Hack ( cont’d )

Operators and More Search help

Google Hack ( cont’d )

Examples :

Google Hack ( cont’d )

Examples :

Google Hack ( cont’d )

Examples :

Google Hack ( cont’d )

Other Examples :

Google Hack ( cont’d )

Other Examples :

Google Hack ( cont’d )

More Examples :

Netcraft

an Internet monitoring company based on England

Uptimes

OS detection

web server

Netcraft ( cont’d )

Whois

host

dig

REFERENCES

http://www.pentest-standard.org/index.php/PTES_Technical_Guidelines

http://www.metasploit.com/about/penetration-testing-basics/

Metasploit The Penetration Tester’s Guide : David Kennedy , Jim O’Gorman, Devon Kearns, Mati Aharoni

GHDB , http://johnny.ihackstuff.com/ghdb/

http://www.pentest-standard.org/index.php/PTES_Technical_Guidelines
http://www.metasploit.com/about/penetration-testing-basics/
http://johnny.ihackstuff.com/ghdb/

Recommended

Outfield - Daniel Gath Homes · Outfield is a small new development of six select semi-detached and detached houses in Sessay by Daniel Gath Homes. Each home combines stylish contemporary
Documents
Six Giant Assassins. Goliath Was Only the First. of: Goliath’s home town, the Philistine city of Gath. With David in the Serpent’s lair, the queen of Gath trying to seduce him,
Documents
NAOSITE: Nagasaki University's Academic Output SITEnaosite.lb.nagasaki-u.ac.jp/dspace/bitstream/10069/... · number of deep potential concavities (arrow) gath- ered together at the
Documents
Comparison of Antimicrobial Resistance Detected in ...downloads.hindawi.com/journals/bmri/2020/4254530.pdfbial Resistance Monitoring System (NARMS) has been gath-ering data from human
Documents
ΑΔΑ: ΒΛ9Γ9-8ΒΣ - sch.grattik.pde.sch.gr/sym06-gath/DATA/agglika_lykeiou_anakoinwsi.pdf · 10 practice tests for the michigan ecce 1 ... 15 practice tests pte general level
Documents
N. rIORRESPONDENCE Home Made · 2019. 12. 10. · rIORRESPONDENCE i 1¦ ¦ ¦¦"—i-¦¦ »'»¦' —— mm ——— NEWS HAPPENINGS OF THE COUNTY GATH-ERED BY A COMPETENT CORPS
Documents
d 1 Samuel 21 God Sends David to Gath
Documents
03030 DECEMBER Access · health, grades K-6, law, literature, sciences and social sciences. These subject areas were created based on information gath-ered from feedback groups held
Documents
OPPORTUNITIES FOR SERVICE November 26 December 1, 2018 · volunteer in the magazine process, but I know all day-to-day operations and information gath-ering need to be in the hands
Documents
unverbindliche 59,99 - Fachmarkt Gath · • innovativer HiSpin Motor mit aerodynamischen Motorblättern • PerfectProtect System – für langanhaltende Reinigungsleistung • Hygienefilter
Documents
MICAH #1 - BaptistvilleMICAH #1 Micah 1:1 MICAH, THE MAN WHO ASKED THE SAME QUESTION OVER AND OVER Introduction: Micah was from Moresheth-Gath. God put this information in so that
Documents
The Northwest Coast: Complex Hunter-Gatherers, Ecology ...web.pdx.edu/~amesk/images/pdfs/Ames_NWC_ANREV.pdf · interest: 1. the existence and socioeconomic evolution of complex hunter-gath-erers
Documents
Gath A-P Act Revision Utah GS 2015
Documents
SPC Software - Quality Digest companies that provide SPC software to help with data gath-ering, statistical analysis, ... Dimensional Inspection Labs Newark, CA 94560
Documents
INSIDE TODAY S EDITION FRIES GETS NEW SIGNS Page 3 … · stopped by Det. J.B. Greer and Capt. James Cox after information was gath- ... tor Jonathan Sweet said that the hearing is
Documents
San Jose State UniversityCOVARRUBIAS disparate within-group educational outcomes. Armed with this information, gath- ered only through a quantitative intersectional analysis, practitioners,
Documents
Psalm 84 How Lovely is Your Tabernacle. Background To the chief musician upon Gittith (instrument of Gath) The sons of Korah – temple singers, doorkeepers
Documents
Introduction to Inequalities - University College Cork...Introduction to Inequalities IMO Training at UCC, August 2017 Eugene Gath (University of Limerick) Basic definitions Supposeaandbare
Documents
Selected Reference Books of 1984-85 · zines. The information included was gath ered by examining each issue of each title that was available in cooperating libraries throughout the
Documents
conferences.mau.ac.inconferences.mau.ac.in/law/pdf_files/law.pdf · Panchkula REACH US C hand i gath Siswan Dam 10 km Mr. Nitin Lasta vishaIkaIyan30@gmaiI.com 82618 61019 Mr Abhishek
Documents