Sunday, September 14, 2008

Toorcon X Workshop

As I mentioned before, Joe and I are doing a Crash Course In Pentesting 2 day workshop at ToorconX

Here's a piece from the description:

"This course will cover some of the newer aspects of pen-testing covering; Open Source Intelligence Gathering with Maltego and other Open Source tools, Scanning, Enumeration, Exploitation (Both remote and client-side) and Post-Exploitation relying heavily on the features included in the Metasploit Framework. We'll discuss our activities from both the Whitebox and Blackbox approach keeping stealth in mind for our Blackbox activities.

Web Application penetration testing will be covered as well with focus on practical exploitation of cross-site scripting (XSS), cross-site request forgery (CSRF), local/remote file includes, and SQL Injection."

But I wanted to give a few more details.

Day 1 is network level pentesting and Day 2 is web application pentesting.

Network level is mostly my responsibility and I'll be focusing on black box information gathering, client side attacks, and post exploitation. Its hard to cover pentesting in a day, so I'll be talking heavily on client side attacks and how to implement those into your pentests and some of the tools you'll need to do it. A little bit on local/priv escalation attacks that you'll need to do once you have that userland shell and post exploitation. There is also a block on metasploit and the students will take home a copy of LSO's Metasploit Mini Course.

Web application is Joe's responsibility and it should be really good. We've had a custom web app built with vulnerabilities intentionally built in. So the students will be able run the tools he is going to discuss and then exploit the vulnerabilities they find. They also get to take the VM home with them.

If you have questions feel free to post up or email me with them.


Jhaddix said...

Hey Chris!

How did the con go?

I would have said hi except i didn't attend, my first little girl was born a week earlier and i spent that weekend bonding =)

CG said...
This comment has been removed by the author.