Penetration Testing mailing list archives
Re: How to create a penetration test lab
From: ¨˜”°º•C0D3w@lk3r•º°”˜¨ <c0d3walk3r () gmail com>
Date: Tue, 1 Sep 2009 17:16:43 +0530
The book mentioned by Javier is really good. For basics in Assembly for shellcoding check some introductory videos here: http://www.securitytube.net/Programming-Video-List.aspx Also try including DVL (Damn Vulnerable Linux) to your collection. Happy Hacking :) -- ¨˜”°º•C0D3w@lk3r•º°”˜¨ On Mon, Aug 31, 2009 at 10:07 PM, Javier Reyna<jreyna () onlinet com mx> wrote:
I will also recomend checking metasploit but for a really good introduction in the basic technics, i recommend the book Hacking from Jon Erickson (http://nostarch.com/hacking2.htm), I own the first edition and the 2nd seems to bee really good. JRP On Mon, Aug 24, 2009 at 09:46:25PM -0000, krymson () gmail com wrote:First, I second the recommendation on Metasploit. Unless you find detailed, easy-to-follow tutorials [0], Metasploit itself is probably the easiest example to look at. Second, I'd possibly suggest the Offensive Security courses [1] if you don't mind swinging some money out (it's not expensive). Part of the coursework will be walking you through your first exploit, complete with shell code (along with labs to do your own). Now, you might not be able to churn out shellcode right away, but you will get hands-on experience working with existing shellcode or having some generated for you. That initial kick-in-the-pants is usually what I need to get past the first and often largest hurdle of experience. Kinda like not knowing what is possible, being shown what is possible, and now believing it can be done so it's easier to discover your own ways as you go. It's part of my own personal beliefs on the difference between children and us adults. :) Third, you have a more extensive lab than most (w00t! esx, routers, switches, etc), so run with it! :) [0] http://www.google.com/search?hl=en&source=hp&q=writing+metasploit+exploits&aq=f&oq=&aqi=g1 [1] http://www.offensive-security.com/penetration-testing-backtrack-online-training.php <- snip -> Hello Every one, I was hoping I could get some input about creating a Penetration Testing Lab. I currently have the following: ESXi Hosting the following viruals XP Pro XP Home Vista Home Centos Fodora Unbuntu Mepis Several LAMP build Windows 2000 IIS5 Windows 2003 IIS6 The network is setup using a couple of Cisco 2500 series routers, Catalyst 3524 switch and a Pix 506. I have a laptop that I run, BackTrack 3 and 4, SamuriaWTF, etc What I want to learn is shell coding, I have some background in assembler from my time working with mainframes. Can anyone think of anything I should add? Suggestions on the best way to start? I have a couple of books that I'm using as a reference. I look forward to hearing from everyone. ::John ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
Current thread:
- Re: How to create a penetration test lab ¨˜”°º•C0D3w (Sep 02)