Pen Test Perfect Storm Trilogy - Part 2!!!
January 21, 2009 at 1pm EST / 10am PST (GMT -5:00, New York)
Sign up here at Core Security
InGuardians is pleased to announce the release of the slides from Part 2 of the Pen Testing Perfect Storm webcast trilogy - featuring the return of SANS Pen Testing swashbucklers Ed Skoudis, Josh Wright and Kevin Johnson.
Covering network, web app and wireless pen testing techniques, the second installment of Perfect Storm trilogy focuses on assessing the enterprise-wide fallout from a seemingly innocuous endpoint compromise - including how an exposed low-level Windows Vista box can quickly open the hatch to full-scale network subversion.
During the webcast, you'll learn how to proactively test your network's vulnerability to sinking at the hands of a Client-Side Mutiny - and how to emulate what can happen after the initial compromise, including: discovering wireless devices from exploited hosts with Josh Wright's newly released VistaRFMON scanning and exploiting web applications with w3af exploiting systems with Metasploit's integrated pass-the-hash functionality Building on the premise that cyberthreats don't exist in a vacuum, the Perfect Storm webcast series presents tips for replicating real-world attacks that traverse multiple layers of infrastructure using combined network, web app, and wireless attack techniques.
Pen Test Perfect Storm Trilogy - Part 1!!!
The Pen Testing Perfect Storm webcast series brings you a deluge of security assessment tactics and strategies from the combined forces of three penetration testing experts: Kevin Johnson: web guru and senior security analyst Josh Wright: wireless wizard and senior security researcher Ed Skoudis: network security penetration tester This trio of experts will show you how to assess an organization's real business risks by taking a holistic, comprehensive look at your information security - just as determined and skilled attackers do in the wild. You'll learn techniques for safely replicating chains of threats that can pivot throughout your infrastructure, including: Web -- SQL injection, cross-site scripting, remote file inclusion, etc. Wireless -- wireless LAN discovery, crypto and protocol attacks, client duping, etc. Network -- port scanning, service compromise, client-side exploitation, etc. This webcast series is ideal for anyone seeking to go beyond point-focused, "tunnel-vision" assessments to real-world penetration testing - mimicking the sophisticated, multi-staged threats that pose the most significant information security risks to organizations today. Download the slides from the first installment of this webcast trilogy here: Pen Test Perfect Storm Trilogy - Part 1!!!