HackingTheUniverse

You are browsing the archives of penetration testing.

The Metasploit Framework is a framework that enables penetration testing by combining modular packages of exploit code, payloads and tools such as Meterpreter that allow the tester to maintain access, collect information on the target system and execute pivot attacks against other systems. This script helps the tester by maintaining backdoor access.
Meterpreter Persistence - [...]

Penetration testing efforts don’t always get launched from a room full of computers with a crew busily working on them. Like wireless wardriving, it can go mobile. Here are two devices that can help put your pen-testers in motion and right in the thick of the action, even inside the physical perimeter. [...]

The Mid-Atlantic CCDC (Collegiate Cyber Defense Competition) for 2009 is over and the University of Pittsburgh team is the winner and will represent the Mid-Atlantic region in the national finals in San Antonio, TX in April.
Systems for the college teams (blue teams) were upated this year to include more robust active directory services and a [...]

Cyber attack and defense gaming environments are becoming more commonplace as the realization grows that there is a serious need for training and skills development in this area and skills that go beyond abstract “book learning” and need hands-on lab time. Virtual environments makes this easier to accomplish.
What is a Cyber Exercise? - [sans.org]
A [...]

Shmoocon.org
Before Shmoocon:
I absolutely hate the Shmoocon ticketing process! Every year, I have to wait with great anticipation for the magical ticketing hour and then bang like crazy on my keyboard and mouse to try to get a ticket and then wallow in anxiety for a while, not knowing if anything went through and usually end [...]

dradis is an information sharing tool for penetration testing teams. It runs on linux and Windows (a Mac version is coming soon) and requires Ruby, Rake, RubyGemes, and SQLite3. Any penetration testing team will eventually have to figure out the best way to share information across the team during the test. As [...]

Mid-Atlantic CCDC 2009 - Collegiate Cyber Defense Competition
The preliminary elimination rounds of the Mid-Atlantic CCDC were held on Sat 17 Jan and Sat 24 Jan at White Wolf Security in Lancaster, PA. The Red Cell team was larger this year, with about ten members participating, including a few that were at remote locations. [...]

I’ve been invited to participate in the 2009 Mid-Atlantic CCDC as a member of the Red Cell (attacking team). The mission of the red team is to emulate hackers attacking a business network. The game conditions change a bit from year to year and even from the preliminary rounds to the final rounds [...]

The CCDC is a national competition for college students designed to promote learning about cyber defense. The Mid-Atlantic CCDC is a regional semi-final event that feeds into the national competition later in the year.
National Collegiate Cyber Defense Competition
Competition Overview
You have just been hired as the network and security administrators at a small [...]

Nessus is a security and vulnerability scanner created by Renaud Deraison in 1998. It was free and open source for several years, but in 2005 was changed to closed source and now charges fees for some levels of commercial use. It is available from Tenable.
Nessus network security scanner
The Nessus® vulnerability scanner, is the [...]