16

Jan'16

PenTest OPEN: Penetration testing and vulnerability analysis. Trends in 2016

We would like to proudly present you the newest issue of PenTest Open, which is free to download for everyone …

Read More

10

Dec'15

Workshop’s eBook: Penetration Testing Apps for Android Devices. How to capture and analyze network traffic on Android devices

Understand the Android ecosystem and application architecture. Understand components of the Android data storage and security models. Identify specific threats and risks associated with the Android mobile platform. Perform a hands-on penetration test and reverse engineer an Android application. Use your powerfull Android device. Perform profetional security analysis of your network, or your business network, from point zero. Understand all the risks and vulnerabilities that your business network can have, how to find them, and how to secure them, with step-by-step tutorials.

Read More

30

Nov'15

Workshop’s E-Book: IDS Systems, VoIP Systems, XSS Vulnerability, Metasploit Framework

Inside IDS systems with SNORT and OSSIM: use your knowledge of network architecture and hardware to customize placement of IDS sensors and sniff traffic off the wire. Exploiting VoIP Systems: theoretical and practical aspects about VoIP attacks and relatives countermeasures. Journey In The World of The XSS: Impress your customers with awesome Proof of Concept far beyond the classic pop-up. Metasploit Framework: how to apply the incredible capabilities of the Metasploit Framework in a comprehensive penetration testing and vulnerability assessment regimen, according to a thorough methodology for performing effective tests.

Read More

23

Sep'15

Workshop’s eBook: Advanced wireless penetration testing. How to do a professional security test?

Workshop’s eBook: This issue will teach you how to do a professional security test. The ranges progress in difficulty and reflect an enterprise level architecture. There will be defenses to defeat and challenges to overcome. As the range levels increase you will encounter the top defenses of today and learn the latest evasion techniques.

Read More

29

Aug'15

Workshop’s eBook: PenTest Advanced Training. Reconnaissance and information gathering, network scanning, SQL Injection, Cross-Site Scripting

Dear Reader, In this new issue, an advanced PenTest Training is introduced for you on the basis of our experts practical experiences. Our newly developed training includes main five modules in addition to the side tutorials as follows: Module 01 – Reconnaissance and information gathering Module 02 – Network Scanning: The Basics Module Module 03 – Exploitation Module Module 04 – Post exploitation Module Module 05 – Basics of SQL Injection for different databases Cross-Site Scripting tutorial

Read More

28

Jul'15

PENTESTING TUTORIALS: LEARN “HOW TO”. The best practical guide for everyone who’d like to become an expert in penetration testing field!

The best practical guide for everyone who’d like to become an expert in penetration testing field! Exploiting VoIP Systems: understand the Session Initiation Protocol and Real Time Protocol; wireless Client side Attacks; how to capture and analyze network traffic on Android devices and extract sensitive information and files from a packet capture from an Android device; learn risk mitigation strategies, install and configure Kali Linux, and understand the penetration testing standards; Session Hijacking and more...

Read More

09

Jun'15

Penetration Testing in Practice: develop your skills!

This issue is very practical guide that will show you how to become an expert in that field. It includes ONLY practical materials! Inside, you will find a few interesting tutorials that will help you develop your skills: Sample Penetration Testing Report; Try to write your own rule for detecting concrete signatures in network traffic in SnortIDS or SurricataIDS; How to detect the vulnerabilities used in XSS attacks; Broken Authentication and Session Management; Deploy a fully sand boxed network running on Virtualbox to do all the testing you need; Configure and deploy a fully working Cisco Router and more...

Read More

19

May'15

Workshop’s eBook: Inside IDS Systems with SNORT and OSSIM. Learn the principles of intrusion detection process, algorithms used in IDS

Install Snort by yourself and make sure of detecting basic attacks; configure and run open-source Snort and write Snort signatures; configure and run open-source Bro to provide a hybrid traffic analysis framework; use open-source traffic analysis tools to identify signs of an intrusion; write your own rule for detecting concrete signatures in network traffic in SnortIDS or SurricataIDS; test anomaly detection preprocessor for Snort – PHAD; install OSSIM (opensource SIEM) and setup it to collect events. Setup event correlation; write tcpdump filters to selectively examine a particular traffic trait; use the open-source network flow tool SiLK to find network behavior anomalies; use your knowledge of network architecture and hardware to customize placement of IDS sensors and sniff traffic off the wire.

Read More

11

Apr'15

Workshop’s eBook: Exploiting VoIP Systems. Understand the Session Initiation Protocol and Real Time Protocol

Understand the Session Initiation Protocol and Real Time Protocol: This issue will introduce the VoIP world to the reader, with a particular focus on the network protocols used by VoIP systems and the security holes belonging to them. The reader will see both theoretical and practical aspects about VoIP attacks and relatives countermeasures. Several activities will be explained step by step in the following lessons. In particular, after this workshop the reader will be able to: setting up a Private Branch eXchange (PBX) – such as Asterisk – and softphones – such as ZoIPer and X-Lite -, in order to set up a basic VoIP telephone call between two end points; understanding the Session Initiation Protocol (SIP) and Real Time Protocol (RTP). These are the two main network protocol and they’re used by all VoIP systems; knowing about several VoIP attacks and performing some of that.

Read More

22

Mar'15

Workshop’s eBook: Journey In The World of The XSS. The mechanics behind Cross-Site Scripting vulnerabilities and attacks.

The mechanics behind Cross-Site Scripting vulnerabilities and attacks: detect and exploit XSS vulnerability; understand the real risk behind this kind of of vulnerability; impress your customers with awesome Proof of Concept far beyond the classic pop-up; useful Javascript functions to exploit XSS; write your first XSS exploit; detect the vulnerabilities that allow you to perform XPS attacks; common tools useful during a pentest to perform XSS attacks.

Read More

© HAKIN9 MEDIA SP. Z O.O. SP. K. 2013