Difference between revisions of "Security Workshop"
From Gridkaschool
m (→Material) |
m (→Abstract) |
||
| (6 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
| + | === Abstract === |
||
| + | |||
| + | We will change ends and take the role of computer hackers. We attack a fictitious company, abuse their web servers, sniff passwords, and try to get full administrative access to their network. |
||
| + | |||
== Requirements == |
== Requirements == |
||
| Line 4: | Line 8: | ||
* An SSH client (OpenSSH, [http://the.earth.li/~sgtatham/putty/latest/x86/putty.exe PuTTY]) is necessary. |
* An SSH client (OpenSSH, [http://the.earth.li/~sgtatham/putty/latest/x86/putty.exe PuTTY]) is necessary. |
||
| − | == |
+ | == Agenda == |
* ''Part I'' - '''Introduction''' |
* ''Part I'' - '''Introduction''' |
||
| Line 22: | Line 26: | ||
** Exploits |
** Exploits |
||
** Payloads |
** Payloads |
||
| + | ** Post-Exploitation scripts |
||
| − | ** |
||
== Course Material == |
== Course Material == |
||
| − | |||
| − | '''Slides:'''<br> |
||
| − | ... |
||
'''Handout:'''<br> |
'''Handout:'''<br> |
||
| − | + | Whatever your notes will be ;-) (we can provide written handouts, but only in German) |
|
Latest revision as of 13:22, 20 August 2014
Abstract
We will change ends and take the role of computer hackers. We attack a fictitious company, abuse their web servers, sniff passwords, and try to get full administrative access to their network.
Requirements
- You need to bring your own notebook (BYOD), Unix-based preferred.
- An SSH client (OpenSSH, PuTTY) is necessary.
Agenda
- Part I - Introduction
- What is "hacking"?
- How do hackers (and white hat pentesters) break into computers?
- Our lab environment
- Part II - Webhacking
- Injection Attacks (SQL, OS commands, ...)
- Cross-site Scripting (XSS)
- Inclusion Attacks
- Attacks on browsers
- Part III - Man in the Middle-Attacks
- ARP Spoofing
- DNS Spoofing
- MitM in IPv6 networks
- Part IV - Metasploit Framework
- Exploits
- Payloads
- Post-Exploitation scripts
Course Material
Handout:
Whatever your notes will be ;-) (we can provide written handouts, but only in German)
