Quantcast

How not to suck at pen testing 6: Penetration testers code of ethics

Black Hills Information Security’s John Strand lists the essential rules, which are intended to make pen testing more efficient as the industry is moving on. John Strand: The whole gist of this entire presentation is...

Remove CryptoWall 3.0 ransomware and mitigate the file damage

While the individuals behind CryptoWall 3.0 virus remain pinned to the “most wanted” cybercriminals list, their infamous product has been up and running for months on end. Anyone who is unfortunate enough to fall...

How not to suck at pen testing 5: Hunt teaming

This part is about a really interesting, highly effective take on network penetration testing advocated by John Strand and his colleague Joff Thyer. John Strand: So, let’s talk about trying to find new areas, and...

How not to suck at pen testing 4: Bit9 issues and ISR Evilgrade attacks

John Strand dwells on a few nontrivial vectors applicable for compromising target organization’s IT infrastructure and bypassing technologies like Bit9. Also, there’s data loss prevention. As I said, we’re in...

How not to suck at pen testing 3: Mitigating structural weaknesses

The author of the presentation moves on to express his viewpoint on the correct way of handling structural vulnerabilities found during a security assessment. Another kind of offset one was antivirus. I know that this...

How not to suck at pen testing 2: Thinking beyond the Reds

Some information security engagements described by John Strand demonstrate that the Criticals in pen test reports are not the only things to look at. A number of years ago Ethan Robish, who was with Black Hills...

How not to suck at pen testing – John Strand

John Strand, the owner of Black Hills Information Security, shares his perspective upon what the present-day penetration testing should be like. The name of this presentation is “How not to suck at pen...

Adaptive Penetration Testing 8: The Social-Engineer Toolkit Works Wonders

In the closing part of the presentation, Dave Kennedy reviews some cool features of the new version of SET, and Kevin Mitnick demonstrates his famous whistle. Dave: Now I want to go into the Social-Engineer Toolkit...
Recent from News
Recent from How to ...