backtrack penetration testing workshop michael holcomb, cissp upstate issa chapter
TRANSCRIPT
![Page 1: BackTrack Penetration Testing Workshop Michael Holcomb, CISSP Upstate ISSA Chapter](https://reader036.vdocuments.us/reader036/viewer/2022062304/56649dc45503460f94ab74f7/html5/thumbnails/1.jpg)
BackTrack Penetration Testing Workshop
Michael Holcomb, CISSP
Upstate ISSA Chapter
![Page 2: BackTrack Penetration Testing Workshop Michael Holcomb, CISSP Upstate ISSA Chapter](https://reader036.vdocuments.us/reader036/viewer/2022062304/56649dc45503460f94ab74f7/html5/thumbnails/2.jpg)
Agenda
Introductions Schedule Workshop Format The Attacker Methodology Penetration Testing Execution
Standard (PTES) Pentester Job Requirements
![Page 3: BackTrack Penetration Testing Workshop Michael Holcomb, CISSP Upstate ISSA Chapter](https://reader036.vdocuments.us/reader036/viewer/2022062304/56649dc45503460f94ab74f7/html5/thumbnails/3.jpg)
Disclaimer
Do not try this at home… without permission!
![Page 4: BackTrack Penetration Testing Workshop Michael Holcomb, CISSP Upstate ISSA Chapter](https://reader036.vdocuments.us/reader036/viewer/2022062304/56649dc45503460f94ab74f7/html5/thumbnails/4.jpg)
Introductions
Name Company Position Previous Experience
Windows & Linux Penetration Testing BackTrack
![Page 5: BackTrack Penetration Testing Workshop Michael Holcomb, CISSP Upstate ISSA Chapter](https://reader036.vdocuments.us/reader036/viewer/2022062304/56649dc45503460f94ab74f7/html5/thumbnails/5.jpg)
Schedule
Hours (9:00AM to 4:30PM) 10:20 to 10:30 - Break 11:00 to 12:30 – ISSA Chapter Meeting 2:45 to 3:00 - Break
![Page 6: BackTrack Penetration Testing Workshop Michael Holcomb, CISSP Upstate ISSA Chapter](https://reader036.vdocuments.us/reader036/viewer/2022062304/56649dc45503460f94ab74f7/html5/thumbnails/6.jpg)
Workshop Format
Session Materials Practice Exercises Workshop Survey
![Page 7: BackTrack Penetration Testing Workshop Michael Holcomb, CISSP Upstate ISSA Chapter](https://reader036.vdocuments.us/reader036/viewer/2022062304/56649dc45503460f94ab74f7/html5/thumbnails/7.jpg)
The Hacker Methodology
Information Gathering Vulnerability Assessment Exploitation Privilege Escalation Maintaining Access
![Page 8: BackTrack Penetration Testing Workshop Michael Holcomb, CISSP Upstate ISSA Chapter](https://reader036.vdocuments.us/reader036/viewer/2022062304/56649dc45503460f94ab74f7/html5/thumbnails/8.jpg)
Penetration Testing Execution Standard (PTES)
Pre-engagement Interactions Intelligence Gathering Threat Modeling Vulnerability Analysis Exploitation Post Exploitation Reporting
![Page 9: BackTrack Penetration Testing Workshop Michael Holcomb, CISSP Upstate ISSA Chapter](https://reader036.vdocuments.us/reader036/viewer/2022062304/56649dc45503460f94ab74f7/html5/thumbnails/9.jpg)
Pentester Job Requirements
System and application scanning using analysis tools
Validate automated testing results Conduct manual analysis Evaluate and communicate risk Provide feedback and guidance Certifications (CEH, CISA, CISSP,
OCSP)
![Page 10: BackTrack Penetration Testing Workshop Michael Holcomb, CISSP Upstate ISSA Chapter](https://reader036.vdocuments.us/reader036/viewer/2022062304/56649dc45503460f94ab74f7/html5/thumbnails/10.jpg)
Physical Security
Most overlooked area of Information Security
If you can touch it, you can p0wn it!
![Page 11: BackTrack Penetration Testing Workshop Michael Holcomb, CISSP Upstate ISSA Chapter](https://reader036.vdocuments.us/reader036/viewer/2022062304/56649dc45503460f94ab74f7/html5/thumbnails/11.jpg)
www.securitywizardry.com/radar.htm
![Page 12: BackTrack Penetration Testing Workshop Michael Holcomb, CISSP Upstate ISSA Chapter](https://reader036.vdocuments.us/reader036/viewer/2022062304/56649dc45503460f94ab74f7/html5/thumbnails/12.jpg)
Bookmarks
VMware (vmware.com) BackTrack 5 R3 (backtrack-linux.org) Metasploitable (offensive-security.com) Web Security Dojo (mavensecurity.com) Pauldotcom (pauldotcom.com) OCSP (offensive-security.com) Katana (hackfromacave.com)