Penetration Testing mailing list archives
Security Skills Assessment (Comments Requested)
From: Joseph McCray <joe () learnsecurityonline com>
Date: Mon, 23 Oct 2006 01:17:23 -0400
Hey guys for quite some time now I've been working on Security Skills assessment network. It integrates a scoring system that uses perl scripts to perform checks on each of the host machines in the lab in order to determine if the required task was successfully completed by the user. I'm submitting this generic outline to this list to ask for comments on it. Basically let me know if you think there are things that are missing, skills that you feel are more important than others, etc. This network test the users in the following skill areas: I.Unix Command-line Basics a.Basic Commands b.Taring/Untaring c.Compiling II.Windows Command-line Basics a.Basic Commands b.Cygwin III.Cryptography Tools a.SSH b.SCP c.SFTP d.Secure POP/Secure SMTP/Secure IMAP e.PGP f.GPG g.StrongSWAN h.MD5SUM i.SHA1SUM j.STUNNEL IV.TCP/IP For Security a.Packet Reading Basics b.Port Scanning c.Passive OS Fingerprinting d.Layer 2 Attacks e.Intrusion Detection Systems f.Firewalls g.Packet Crafting V.Testing Methodologies a.OSSTMM b.OWASP c.CEH VI.Security Tools a.Footprinting Tools i.Samspade.org ii.Google.com b.Scanning Tools i.NMap ii.Xprobe iii.Hping c.Enumeration Tools i.Netcat ii.Smbclient iii.User2Sid/Sid2User d.Vulnerability Scanners i.Nessus ii.Nitko e.Penetration Tools i.Password crackers ii.Metasploit f.Utility/Multi-purpose Tools i.Netcat ii.PSTools Suite g.Sniffing Tools i.TCPDump ii.Dsniff Suite iii.Ettercap h.Maintaining Access Tools i.Backdoors ii.Log Cleaners iii.RootKits i.Host Hardening Tools i.Unix 1.Bastille ii.Windows 1.MSBA 2.IIS LockDown VII.Programming For Security a.C i.Language Basics ii.C sockets iii.In-line ASM b.Basic Exploitation i.Stack Overflows ii.Heap Overflows iii.Format Strings c.Shellcoding i.Linux ii.Windows iii.Mac OS X d. Scripting Languages i.Perl i.Language Basics ii.Network Programming With Perl iii.Example Security Uses iv.Vulnerability Checking v.Exploits i.Python i.Language Basics ii.Network Programming With Python iii.Example Security Uses iv.Vulnerability Checking v.Exploits e.NASL f.Metasploit i. Ruby i.Language Basics ii.Network Programming With Python iii.Example Security Uses iv.Vulnerability Checking v.Exploits g.Web Languages i.HTML ii.Javascript iii.VBscript iv.PHP v.ASP h.Databases i.MySQL ii.MS SQL iii.Oracle i.Web Application Security VIII.Host Hardening a.Unix Hardening b.Unix Patch Management c.Windows Hardening d.Windows Patch Management e.Windows Anti-Virus IX.Network Hardening a.Firewall b.IDS c.IPS d.Patch Management e.Anti-Virus X.Incident Response/Forensics a.Windows i.Live Incident Response ii.Forensics b.Unix i.Live Incident Response ii.Forensics -- Joe McCray Toll Free: 1-866-892-2132 Email: joe () learnsecurityonline com Web: https://www.learnsecurityonline.com Learn Security Online, Inc. * Security Games * Simulators * Challenge Servers * Courses * Hacking Competitions * Hacklab Access
Attachment:
signature.asc
Description: This is a digitally signed message part
Current thread:
- Security Skills Assessment (Comments Requested) Joseph McCray (Oct 24)
- Re: Security Skills Assessment (Comments Requested) Jerome Athias (Oct 25)