You are here: Home

Learn Security Online

Jun07

June's Training Special: So You Wanna Be A Pentester

administrator
E-mail Print PDF

WHOHOOOO!!!!!!!!!!!! The LSO Attack Lab Network is back online, and better than ever!!!!!!!!! I'm so excited!!!!!!

Here is the description of our first Hack Lab Course called "So You Wanna Be A Pentester".

So You Wanna Be A Pentester?

Description
This course will cover some of the newer aspects of penetration testing
such as Open Source Intelligence Gathering with Maltego and other Open
Source tools.

Advanced Scanning, Enumeration, Exploitation (remote and client-side),
and Post-Exploitation relying heavily on the features included in the
Metasploit Framework will also be covered.

Emphasis throughout the entire workshop will be placed on being as
stealthy as possible, and dealing with popular defensive technologies
such as:

  • Network Intrusion Detection/Prevention Systems
  • Host-Based Intrusion Detection/Prevention Systems
  • Web Application Firewalls
  • Anti-Virus
  • Content-Filtering Proxies

Read more...
 
Apr26

Interview With Johnny Long

administrator Blogs - admin
E-mail Print PDF

Meeting Johnny Long was such a great experience. I have so much respect for him as a security professional, and even more as a person. I sincerely hope that people enjoy this interview with him.

I encourage you to check out:

http://hackersforcharity.org/

and I also want to thank Marcus Carey for his friendship, and for just being Marcus - thanks for everything bro - you are changing the security industry.

Check out: blog.marcusjcarey.com


 
Mar28

Advanced SQL Injection Presentation at DojoSec

administrator Content - News
E-mail Print PDF

DojoSec Monthly Briefings - February 2009 - Joseph McCray from Marcus Carey on Vimeo.


 
Mar22

It's not nmap but it gets the job done -- portqry

Chris Gates Content - News
E-mail Print PDF

Scanning once you are on the LAN can pose a problem. Nmap requires installing pcap and usually an interactive install (metacab is an option depending on scope) and some AV's will flag on those types of things (which is understandable).

Since there is no native scanning capability in windows you are forced to either install something or upload a standalone binary. Foundstone's scanline is one option but its not one of my favorites.

You can write your own and upload that but I'd hate to have some custom code submitted to some AV vendor by some motivated admin. Or you can upload Microsoft's portqry.

C:\>portqry -n server1.company.com -e 3389
Querying target system called:
server1.company.com 
Attempting to resolve name to IP address...
Name resolved to 10.1.1.1
querying...
TCP port 3389 (unknown service): LISTENING


Read more...