ticowarehouse
asked on
Ethical Hacker - Penetration Testing -Examples - security examples, exploits
Experts,
I have setup active directory, firewalls, sniffer updates and all that i can think of for security purposes on my network. I realized that all this is useless if i don't have a way to test.
I have seen many tools to test my network but I really don't know how to use them.
Can any one point me to some good websites that have some step by step documentation and preferably video tutorial and how to perform internal lab testing exploits.
I.E.
1- Taking control of pcs
2- Ethical hacking
3- Ownership, escalating priveleges etc etc
Some good video tutorials to secure my internal network, gain knowledge and try to keep "some" bad guys away.
thanks
I have setup active directory, firewalls, sniffer updates and all that i can think of for security purposes on my network. I realized that all this is useless if i don't have a way to test.
I have seen many tools to test my network but I really don't know how to use them.
Can any one point me to some good websites that have some step by step documentation and preferably video tutorial and how to perform internal lab testing exploits.
I.E.
1- Taking control of pcs
2- Ethical hacking
3- Ownership, escalating priveleges etc etc
Some good video tutorials to secure my internal network, gain knowledge and try to keep "some" bad guys away.
thanks
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
the way to hack some web app, pc and server are so much...
if you want a complete o.s. or doing this i can advice you
Linux BACKTRACK
is a wonderfull o.s. for doing all that you want about pen testing
you can download it from here
http://www.backtrack-linux.org/downloads/
and there is a forum with a wonderfull community that can help you...
or question about this o.s. you can contact me with no problem
have a nice day
Paz!
if you want a complete o.s. or doing this i can advice you
Linux BACKTRACK
is a wonderfull o.s. for doing all that you want about pen testing
you can download it from here
http://www.backtrack-linux.org/downloads/
and there is a forum with a wonderfull community that can help you...
or question about this o.s. you can contact me with no problem
have a nice day
Paz!
you won't go wrong with metasploit
Also try Samurai from http://samurai.inguardians.com/
I would also suggest attending SANS SEC504, then SEC560. These courses teach exactly what you are looking for.
I would also suggest attending SANS SEC504, then SEC560. These courses teach exactly what you are looking for.
call me old or repetetive....but backtrack is unbeatable.....
I was wrong about Offensive Security's online courses. They're not free and you can't get the course material without paying for the lab time. Still, I've been told that the PWB course is fantastic.
You can get the course syllabus:
http://www.offensive-security.com/documentation/penetration-testing-with-backtrack.pdf
which might be a useful guide to the 'what'.
And Paz - the question was about documentation and video tutorials - not tools. You repetitive old repetitive old person you.
You can get the course syllabus:
http://www.offensive-security.com/documentation/penetration-testing-with-backtrack.pdf
which might be a useful guide to the 'what'.
And Paz - the question was about documentation and video tutorials - not tools. You repetitive old repetitive old person you.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
A youtube channel:
http://www.youtube.com/livehacking
http://www.youtube.com/livehacking
ASKER
Thanks
Also get to know TCPDump and Wireshark, understand how their filters work and how to raise and lower the detail in captures. Above all it's recommended that while you're getting to know any tools that actively attack the network you test everything in a test (possibky virtualised) environment first to make sure you don't *actually* break anyhing...