Ethical Hacker - Penetration Testing -Examples - security examples, exploits


I have setup active directory, firewalls, sniffer updates and all that i can think of for security purposes on my network. I realized that all this is useless if i don't have a way to test.
I have seen many tools to test my network but I really don't know how to use them.
Can any one point me to some good websites that have some step by step documentation and preferably video tutorial and how to perform internal lab testing exploits.
1- Taking control of pcs
2- Ethical hacking
3- Ownership, escalating priveleges etc etc
Some good video tutorials to secure my internal network, gain knowledge and try to keep "some" bad guys away.

Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

you might want to go through the CEH exam review guide and tackle each of the topics in there in turn.  It's not too detailed but it does give enough insight to allow you to go and research the hundreds of techniques and tools it suggests separately. In particular you might want to read up on OpenVAS and Nessus, Metasploit, Nmap and familiarise yourselve with these tools.

Also get to know TCPDump and Wireshark, understand how their filters work and how to raise and lower the detail in captures.  Above all it's recommended that while you're getting to know any tools that actively attack the network you test everything in a test (possibky virtualised) environment first to make sure you don't *actually* break anyhing...
Irongeek has some good video demonstrations of techniques and tools:

There's an online course which sounds very good (for those with a determination to learn)- I believe that the online (as opposed to the live) version is free - just requires registration.  I recommend you sign-up and wait for registration to see if it really is free.

and if you don't have backtrack, a linux distro designed for pentesting, I heartily recommend you get it and either install it on a linux host or get the virtual machine.

you'll see backtrack used alot in the videos at securitytube.
Powerful Yet Easy-to-Use Network Monitoring

Identify excessive bandwidth utilization or unexpected application traffic with SolarWinds Bandwidth Analyzer Pack.

the way to hack some web app, pc and server are so much...
if you want a complete o.s. or doing this i can advice you


is a wonderfull o.s. for doing all that you want about pen testing

you can download it from here

and there is a forum with a wonderfull community that can help  you...

or question about this o.s. you can contact me with no problem
have a nice day
you won't go wrong with metasploit
Also try Samurai from

I would also suggest attending SANS SEC504, then SEC560. These courses teach exactly what you are looking for.
call me old or repetetive....but backtrack is unbeatable.....
I was wrong about Offensive Security's online courses.  They're not free and you can't get the course material without paying for the lab time.  Still, I've been told that the PWB course is fantastic.

You can get the course syllabus:
which might be a useful guide to the 'what'.

And Paz - the question was about documentation and video tutorials - not tools.  You repetitive old repetitive old person you.
madunix (Fadi SODAH)Commented:
look @
i use nikto......Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 3500 potentially dangerous files/CGIs, versions on over 900 servers, and version specific problems on over 250 servers. Scan items and plugins are frequently updated and can be automatically updated (if desired).

i use Backtrack for vulnerability, i use opensource tools and my own scripts(perl/python), maybe you could use BackTrack, a nice distro with a lot of security tools....

1.      Nessus (Linux if you can)
2.      Nikto (Linux)
3.      Paros proxy (Linux if you can)
4.      Ike-scan (Linux)
5.      SARA (Security Auditor's Research Assistant) (Linux)
6.      MBSA (discutable)


Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
ticowarehouseAuthor Commented:
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
OS Security

From novice to tech pro — start learning today.