Carregar apresentação
A apresentação está carregando. Por favor, espere
1
HOW TO LEARN A MAKE A PENTEST
2
SCHEDULE WHAT IS A PENTEST
YOUR PHASES * RECONNAISSANCE | SCANNING | GAINING ACCESS | MAINTAINING ACCESS | CLEANING TRACKS HOW TO BYPASS AV | HOW TO HACK WINDOWS 7 | REMOTE HOW TO HACK – FACEBOOK HOW TO AVOID SOME ATACKS ? DEMO
3
FELIPE ZUCKERMAN ENTHUSIAST IN IT FOCUSED ON SAFETY
4
WHAT IS A PENTEST ?
5
YOUR PHASES
6
RECONNAISSANCE This phase consist in obtain the maximum of information about the target such as: OS System Topology Network Address, Presence of Firewall, AV Enumeration about the services and your version use auxiliary/scanner/smb/smb_version nmap --script smb-os-discovery.nse <target> ttl value windows= 128 Linux = 64
7
LET’S SEE ?
9
GAINING ACCESS
11
NETSH ADVFIREWALL SET PUBLICPROFILE STATE OFF
13
SCANNING The scanning process can be divided into three steps:
Determining if a system is active. Port scanning the system. Scanning the system for vulnerabilities Ex: USAGE #nmap [Scan Type(s)] [Options] {target specification}
14
MAINTAINING ACCESS
16
NETCAT
18
BELOW IS SHOWN SOME WAYS TO DETECT INTRUDERS IN YOUR SYSTEM
%AllUsersProfile%\Application Data\ HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
19
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\SpecialAccounts\UserList
20
DISABLE SOME SERVICES TELNET REMOTE DESKTOP REMOTE REGISTRY
21
Nessus é um dos melhores scanners de vulnerabilidades e pode ser encontrado tanto na versão comercial quanto na versão doméstica, que é grátis. Além do Nessus temos também o OpenVAS e Nexpose que também são ótimos scanners de vulnerabilidades que abordaremos em breve.
22
PenETRATION TEST ?
23
Configuração do Computador > Configurações do Windows > Configurações de Segurança > Políticas Locais > Política de Auditoria.
24
PRIVILEGE ESCALATION Local privilege escalation happens when one user acquires the system rights of another user. Network intruders have many techniques for increasing privileges once they have gained a foothold on a system
25
LINK: http://www.exploit-db.com/exploits/15609/
PRIVILEGE LOCAL PRIVILEGE REMOTE LINK:
27
HACKING WINDOWS 7 WITH POWERSHELL
29
BYPASSING ANTIVIRUS Veil-Evasion is a tool to generate payload executables that bypass common antivirus solutions.
30
2 1 O ANTIVIRUS DETECTOU MEU ARQUIVO 3 3 4
31
6 5 NO COMENTS 8
32
CLEARING TRACKS
33
CLEARING TRACKS
34
PENETRATION TEST DEMO
37
REFERENCES 1. Metasploit http://www.metasploit.com 2. Pen Tester
3. NETWORK COMPUTERS 4. INSTRODUTION TO TCP/IP 5. VIRTUALIZATION 6. Keylogging 7. Backdoor
38
CONTACT @FelipeZuckerman Felipezuckerman
Apresentações semelhantes
© 2024 SlidePlayer.com.br Inc.
All rights reserved.