Upload File

everyoneshouldbea pen tester - scale · you have never had a pen tester come in and try to break...

  • Home
  • Documents
  • EveryoneShouldBeA PEN Tester - SCALE · You have never had a PEN tester come in and try to break into your systems. Like most IT/Network/DevOps people you have to learn new skills
7
Please view my linked-in page (under See more) to get a copy of this presenta<on. I can’t post the names companies I work do consul<ng for much of the <me; because they are trying to shore up their systems before bad things happen. If you have any ques<ons, please contact me via email. Thanks, Ty 1 SCALE 15x (c) 2017 Ty Shipman Everybody should be a PEN tester

Upload: others

Post on 25-Aug-2020

0 views

Category:

Documents


0 download

Report

TRANSCRIPT

Page 1: EveryoneShouldBeA PEN Tester - SCALE · You have never had a PEN tester come in and try to break into your systems. Like most IT/Network/DevOps people you have to learn new skills

Pleaseviewmylinked-inpage(underSeemore)togetacopyofthispresenta<on.Ican’tpostthenamescompaniesIworkdoconsul<ngformuchofthe<me;becausetheyaretryingtoshoreuptheirsystemsbeforebadthingshappen.Ifyouhaveanyques<ons,pleasecontactmeviaemail.Thanks,Ty

1SCALE15x(c)2017TyShipman

EverybodyshouldbeaPENtester

Page 2: EveryoneShouldBeA PEN Tester - SCALE · You have never had a PEN tester come in and try to break into your systems. Like most IT/Network/DevOps people you have to learn new skills

Pleaseholdques<onstotheend.ThisaLIGHTINGtalkwithlotsofinfo.Slideswillbepostedbytheconferenceteam,orlookonmylinked-inprofile(under“Seemore…”)foralinktodownload.Doyouknowhowwellyouareprotec<ngyoursystems,canyouproveit? Canyouthinklikeahacker?ThistalkisaresultofalessonIlearnedaXertakingaPENtesttrainingclassoneweekend.MoretrainingandworkaXerthatwasrequiredtobecomeamoderatelysuccessfulPENtester.Idon’tdoPENtes<ngforalivingyet;IjustusemyinadequateskillstoscaremyclientsintohiringgreatPENtestersandadop<ngsomeofthesolu<onsIsuggestaXerIauditthem.1)  IcontendthatifyoudonoknowthebasicsofPENtes<ng(a[ack),youcannot

adequatelyprotect(defend)yourenvironment.Nordoyouunderstandwhyyouaredoingsomeofthetasksyouaredoingtodaytotrytoprotectyourenvironment.

2)  MostpeopleinthisroomorreadingtheseslideseitherITorDevOpsprofessionals.Youarewearingmanyhats;youroverworked,andmaybeevenbeunderpaid.ButifyoucannotPENtestyourhostsandapplica<onsatabasiclevel;thusaler<ngyourteamoryourselftothevulnerabili<esthatascriptkiddymayfindyouarenotdoinganadequatejob.

3)  Mypresenta<onwilllayoutanargumentthatIhopewillcauseyoutogoandseekaweekendsworth(ormore)ofPENtesteduca<on.Why,youareaprofessionalandneedtokeepyouskillscurrent,soaddanewbolttoyourquiverandmaybeevengetaraise.WhoknowsyoumightevenjumptoPENtes<ngasyournextcareer.

2SCALE15x(c)2017TyShipman

EverybodyshouldbeaPENtester

Page 3: EveryoneShouldBeA PEN Tester - SCALE · You have never had a PEN tester come in and try to break into your systems. Like most IT/Network/DevOps people you have to learn new skills

TheplanbothhackersandPENtestersisroughlythesame.Bothwanttogetinandreachtheirdesiredgoal.ThePENtester’sgoalistoprovetheywereonyoursystem(screendumpofroot/Adminlogin);hackerswant…–youmaketheguess.Iwillsaythis--ifadedicatedhackerteam(organizedcrime,na<onstate)wantsin,theywillfindaway.Youwanttomakeithardersoyoudon’tendupavic<mofasmashandgrabhack;e.g.addbartothewindowsanddoors,outsidelights,aroamingsecurityguard,dogs,aminefield,….•Reconnaissanceoftarget

nmap,studyAPI,applica<ons,VULScanOldOS/soXware,vulnerableconfigura<ononswitchesandsoXware--findweakness

•Exploita<onofvulnerability

Applyoneoftheknownexploits(Metasploitmodule),ordevelopanewone•Escalate

Gettoroot/adminaccountsotheyownmachine•MoveLaterally(expandaccess)

Godeeperintoenvironment•Repeatun<l…Desiredgoalreach

3SCALE15x(c)2017TyShipman

EverybodyshouldbeaPENtester

Page 4: EveryoneShouldBeA PEN Tester - SCALE · You have never had a PEN tester come in and try to break into your systems. Like most IT/Network/DevOps people you have to learn new skills

Iamgoingtomakealotofassump<onshere,notallofthemwillbecorrect,butsomewillbe.Ifanyoneoftheseistrue,thenyoulikelyhavevulnerabili<esinyourenvironmentthatcanbeexploited.Youdon’tworkfora250+personcompanyandlikelydon’thaveadedicatedsecurityperson/teamtohelpyouprotectyourenvironment.YouhaveneverhadaPENtestercomeinandtrytobreakintoyoursystems.LikemostIT/Network/DevOpspeopleyouhavetolearnnewskillsallthe<meandmostsolu<onsaretakingsnippetsofcode/configura<on/knowledgefromGoogleresultsandapplyingthem–soyoumightnothaveafullpictureoftheissuesathandwhenitcomestosecurity.Youdon’tconfigureyoursystems,applica<onstacksusinganystandards.Didyouknowtherearegoodsecurity/hardeningstandardsforWindowsServers,Apache,andLinux/Unixavailable?LookupCIShardeningstandards.Youoryourmanagementthinkyourfirewallwillkeepthebadguysout.YouneedtoaddIDS,AVSsystembasedonbehavior,FIMandlogmanagement,monitoringandaler<ngsystems.YouoryourmanagementthinkyourIDSwillhelpyoustophackers–itonlyalertyoumostofthe<me.Youdon’taggressivelypatchyoursystemsandapplica<onstacks.

Whenwasthelast+meyourestartedallyourLinux2.xor3.xkernelsystems?AreyouonLinuxKernel4.0orhavealivepatchinginstalled?

4SCALE15x(c)2017TyShipman

EverybodyshouldbeaPENtester

Page 5: EveryoneShouldBeA PEN Tester - SCALE · You have never had a PEN tester come in and try to break into your systems. Like most IT/Network/DevOps people you have to learn new skills

1).Oldsystemscanbeownedbybadactorsinminutes,youlearnhowtoownahostintheAMpartofabasicPENtes<ngclass.Anyonehaveanoldcardkeymanagementsystemaround?Howaboutthefrontdesksecurityguardsta<onhost?2).Failuretoinstallcri<calsecuritypatchesislikeleavingawindowopenwhenyouhavebarsonthefrontdoor.Onceavulnerabilityisannounced,thereisusuallyanexploitavailablewithin2-3weeksontheDarkWeb.Theearlyversionscostseveralhundreddollars,latertheygodowntothe10s.Ihaveheardsta<csthatsayyoucanrentaBotnetsfor$1000-2000thatyoucanscantheInternetinlessthan24hoursforasinglevulnerability.3).BruteforcingpasswordsonhostsandVPNarenowanorm.DoyoulockoutaXer6a[empts?4).NMAPALLyourexternalIPaddress,findoutwhatisopen.RunningonAWS,GoogleorAsure–reviewsecurityrules.5/6).SCALE15XsitereceivedanA,mymedicalhistorysitereceivedaCbeforeIreportedissue,nowA-.7/8)..DTP–DynamicTruckingProtocol–abadactorcanskiparoundyourVLANSifnotlockeddown.Seeh[ps://digi.ninja/blog/abusing_dtp.phpformoreinfo.

Lastly,ifyoucandoit,setswitchestoacceptonly1MACaddress(Lookup‘S+ckyMAC’or‘port-securitymac-address’)–becarefulhere.

5SCALE15x(c)2017TyShipman

EverybodyshouldbeaPENtester

Page 6: EveryoneShouldBeA PEN Tester - SCALE · You have never had a PEN tester come in and try to break into your systems. Like most IT/Network/DevOps people you have to learn new skills

BothKaliandMetasploithavecommunityversionsthatarefreetouse,theyaremaintainedbysecuritycompaniesthatspecializeinoffensivePENtes<ng.ncènetcatMetasploitisagreatpackage.Ithassomanyofthebasicexploits(exploitsarehowtoabuseavulnerability,theyinclude0-day,remotea[acks,shellcodehacks).YouneedtodoPENtes<ngthatitisusedbymanyscriptkiddiestobreakintosystemallovertheplace.Learningthebasicstakesafewhours,toreallygetagoodgrasponthesystemyouneedabout30hours.

Vendor VUL

MicrosoX 4700+Oracle 4100+Apple 3600+PHP 550+Google 2300+

6SCALE15x(c)2017TyShipman

EverybodyshouldbeaPENtester

Page 7: EveryoneShouldBeA PEN Tester - SCALE · You have never had a PEN tester come in and try to break into your systems. Like most IT/Network/DevOps people you have to learn new skills

NowthatIhavescared,letmetellyouwhereyoucangetsomeskillstobecomeaPENtestertohelpyouplugtheleaksinyourenvironment.IfyouarenotintheSouthernCaliforniaarea,IsuggestyoulookonlinefortrainingbylocalOWASP,IEEE,ISSAandACMchapters.BeyondthelinkslistedaboveyoushouldsubscribetotheNVDlistthatsendoutweeklyandzerodayalerts:h[ps://nvd.nist.gov/

7SCALE15x(c)2017TyShipman

EverybodyshouldbeaPENtester


Minwax Polyurethane Pen FinishTutorial.wpscontent.penturners.org/library/techniques/minwaxfinish.pdf · 2011. 3. 18. · Minwax Polyurethane Pen Finish By Les Elm I have experimented

Have your binder. Have a piece of loose leaf paper. Have a pen or pencil

4. TRI-Tone / PEN-Tone 5. Have fun! - AMPTEK.ES

Soeks Nitate Tester, Food Tester - Radiation News

Safe Machine Parameters - Tester SMP Tester Hardware Short Historic Version 1 - LabVIEW tester

The Costs of Manifest Destiny Does anyone have a pen?

LOW PRESSURE FUEL EVAPORATIVE TESTER … PRESSURE FUEL EVAPORATIVE TESTER (LPFET) SPECIFICATION ... LOW PRESSURE FUEL EVAPORATIVE TESTER (LPFET) ... The clock shall have a battery

Matthew Hughes. Who am I? Pen tester Coder Blogger All around nice guy

Hello, i have your quill ballpoint pen

Unit4 i have a pen pal——Debrone1981

AirCheck Wi-Fi Tester - Cloudinaryg...AirCheck Wi-Fi Tester Wi-Fi is a complex technology, but testing it doesn’t have to be. The AirCheck Wi-Fi tester allows network professionals

Pen Testing with Confidence - Lenny Zeltser...Pen Testing with Confidence: Planning and Executing to Achieve the Desired Results Lenny Zeltser NYMISSA - 03.14.2007 Pen tests have become

Unit4 i have a pen pal

Happy Tuesday! Have out a pen and a grading pen. Check your new grades on Academy Central!

SECTION “I” TESTING INSTRUMENTS - Sabana · PDF filePage 75 RITZ TESTER MICRO TESTER FASE TESTER GLOVE TESTER ISOLÔMETRO Electric portable insulation-tester for hot sticks, grip-all

LABORATORY MANUAL: TESTER LPS04 - Telenet Systems · LAB MANUAL Tester LPS04: Numerical Aperture, ... In this Lab Manual, the applications of Tester LPS04 have been extended to study

pen if you want a regrade!!!! Note: You must have your

Your HAL Tester - Seaward · Clare Hal 100 Tester Clare Hal 101 Tester Clare Hal 102 Tester Clare Hal 103 Tester Clare Hal 104 Tester Manufactured by: Seaward Electronic Ltd, Bracken

Instrumentation Catalog - Finning · VIBRATION TESTERS Fluke 805 Portable Vibration Meter Pen Fluke 810 Portable Vibration Tester . Juneau Manitoba Saskatchewan ALASKA …

Cable Performance Tester - Amazon S3 · Cable Performance Tester Operation Manual ... IDEAL INDUSTRIES shall have no responsibility for any defect or ... Figure 3-1 Job Tab

Part A Let’s learn 1. I have …. 我有 … 2. pen pal 笔友 I have a pen pal

Tensile Strength Tester - Asian Test Equipments Tester Sublimation Tester ... Coated Fabric Equipments List Box Compression Tester ... Schildknecht Flex Tester Tearing Tester Tensile

Becoming a better pen tester overview

Certified Tester Expert Level Syllabus Test … Level Syllabus Test Management ... Certified Tester Expert Level ... The Expert Level qualification is aimed at people who have already

Cold tester - 平田機工株式会社 · 3 ----- Cold tester Features 4 ----- Cold tester Features 5 ----- Cold tester Features NVH 6 ----- Cold tester Features ID 7 ----- Cold tester

Metasploit - asecuritysite.com · Metasploit x Understand how a Pen Tester can generate vulnerabilities and test using the Metasploit framework . x Define the options and …

MULTI-FUNCTION TESTER...MULTI-FUNCTION TESTER (INSULATION & EARTH RESISTANCE) • 9000 MF multi-function tester is a combination of insulation tester and earth resistance tester •

Assessing a pen tester: Making the right choice when choosing a third party Pen Test Firm

UNIVERSAL HARDNESS TESTER Univer–187.5D STANDARD · Multi-function digital display universal hardness tester have high degree of automation, stable and reliable performance, equipped

Harness Assembly Aid / Tester with Pull Tester Model …futuras.com/PDF/HAAP-96_MANUAL_1_2_0706.pdf · Harness Assembly Aid / Tester with Pull Tester Model ... advisable to have a

#BLACKALPS17 · Managing consultant at Defendza Pen Tester/Security Consulting Tweets are welcome @digitalamli #BlackAlps17 Hacktivity, BlackAlps ☺, Bsides, BlackHat USA 2015 Sometimes

The Transistor Tester assembly instructions - img.banggood.com€¦ · The Transistor Tester assembly instructions This article is a guide to help . when you have received the Transistor

What Have to Consider When Selecting a Hardness Tester

ISEB Certified Tester Foundation Level Tester

Certified Tester Foundation Level Syllabus Usability Tester