SlideShare a Scribd company logo

Practical White Hat Hacker Training - Vulnerability Detection

PRISMA CSI
PRISMA CSI

This presentation part of Prisma CSI's Practical White Hat Hacker Training v1 PRISMA CSI • Cyber Security and Intelligence www.prismacsi.com This document can be shared or used by quoted and used for commercial purposes, but can not be changed. Detailed information is available at https://creativecommons.org/licenses/by-nc-nd/4.0/legalcode.

Education
1 of 31
www.prismacsi.com © All Rights Reserved. 1 Practical White Hat Hacker Training #4 Vulnerability Detection This document may be quoted or shared, but cannot be modified or used for commercial purposes. For more information, visit https://creativecommons.org/licenses/by-nc-nd/4.0/legalcode.tr
www.prismacsi.com © All Rights Reserved. 2 Topics • What’s a vulnerability? • What are the sources of vulnerabilities? • Vulnerability Management Cycle • Automated Vulnerability Scanners • Vulnerability Databases • Frequently used tools • Applications
www.prismacsi.com © All Rights Reserved. 3 What is a Vulnerability? • Vulnerabilites are defined as conditions in an application, service or protocol, previously or recently discovered in research work, that give a cyber attacker the opportunity to execute any type of attack which may affect the normal operation of a system. • [Senaryo]
www.prismacsi.com © All Rights Reserved. 4 What are the sources of vulnerabilities? • Old versions/ out of date applications and services • Patch failures • Incorrect configurations • Secure software development process shortcomings • Insecure Network Architecture Designs • Insider, unintentional actions
www.prismacsi.com © All Rights Reserved. 5 Vulnerability Management Cycle
www.prismacsi.com © All Rights Reserved. 6 Vulnerability Scanners • Netsparker • Acunetix • Burpsuite • Appscan • Webinspect • W3af • Arachni • Nikto • Sqlmap • Nessus • Nexpose • OpenVAS • Qualys • Core Impact • Vega • Skipfish • Commix • nmap
www.prismacsi.com © All Rights Reserved. 7 What’s the point of Vulnerability Scanning? • Identify risks! • Manage risks! • Prevent possible cyber attacks! • The case of Wannacry! • Learn lessons from past cyber attack incidents!
www.prismacsi.com © All Rights Reserved. 8 Key Words • POLICY: It is the name given to special configurations done before performing a scan. For example the POLICY used in network scanning and the POLICY used in web application scanning are different. • PLUGIN: Small tools / scripts developed for security checks. • SCAN: The scanning process.
www.prismacsi.com © All Rights Reserved. 9 Vulnerability Databases • Vulnerability databases are storage points where discovered vulnerabilities are kept. • https://nvd.nist.gov/ • https://www.cvedetails.com/
www.prismacsi.com © All Rights Reserved. 10 Security Scanners • All In One logic • Better for discovering vulnerabilities on a network • More often used in controlling server/client based vulnerabilities • Compatibility, configuration vulnerability tests • Counters false positive events • Significantly shortens test time
www.prismacsi.com © All Rights Reserved. 11 OpenVAS Security Scanner - DEMO • Open-source vulnerability scanning tool. • Contains advanced features. • Can be used as an alternative to Nessus.
www.prismacsi.com © All Rights Reserved. 12 Nmap NSE - DEMO • Vulnerability scanning with Nmap Scripting Engine is possible. • Open source software. You can also contribute and develop modules on top of it. • Allows fast scanning. • Generally, all tests begin with nmap vulnerability scans.
www.prismacsi.com © All Rights Reserved. 13 Nessus - Demo • The most commonly used vulnerability scanning tool. • Return to Penetration testing and vulnerability scanning! • Licensed and Free versions are available. • You can also perform many security checks with the free version. • Includes options like Web, Network, SCADA Compatibility Scanning. • Often used in network scans.
www.prismacsi.com © All Rights Reserved. 14 Nessus - Demo • Starting a New Scan • Policy • Advanced Scan • Configurable • You can customize the scan and make advanced configurations.
www.prismacsi.com © All Rights Reserved. 15 Nessus - Demo • New Scan • Target Systems • Plugins • Schedule configurations • Brute-force attacks • Advanced settings
www.prismacsi.com © All Rights Reserved. 16 Nessus - Demo • Scan results are presented in many different formats. A large network can be easily analyzed with these outputs. • Detailed Analysis • Criticality Levels
www.prismacsi.com © All Rights Reserved. 17 Nessus - Demo
www.prismacsi.com © All Rights Reserved. 18 Nessus - Demo
www.prismacsi.com © All Rights Reserved. 19 Nessus - Demo • The scan report is available in the following formats and can be integrated with other penetration testing tools. • Formats • XML • HTML • Nessus
www.prismacsi.com © All Rights Reserved. 20 Core Impact - Demonstration • Security Scanner • Includes a lot of advanced security checkers and has its own unique tools. • Contains special exploits. • Has its very own special Zeroday team. • It’s a licensed tool J
www.prismacsi.com © All Rights Reserved. 21 Web Security Scanners • Used for security scans of web applications and services • There are several that also allow users manual tests • Netsparker is accepted worldwide as one the most successful vulnerability scanner. • Burp suite is the most critical tool!
www.prismacsi.com © All Rights Reserved. 22 Netsparker - Demo • Web application security scanning tool • Licensed and Free version available • Specifically developed for web technologies. • Is a more advanced and integrated solution with Netsparker Cloud
www.prismacsi.com © All Rights Reserved. 23 Burpsuite - Demo • Web application Proxy tool and Security Scanner • Licensed and Free version available • Specific to Web technologies • Most frequently used tool. • Hackers and Pentesters’ most valuable tool
www.prismacsi.com © All Rights Reserved. 24 Nikto Security Scanner - Demo • Web application and server security scanner. • Frequently used practical application. • Used via command line.
www.prismacsi.com © All Rights Reserved. 25 W3af Web Scanner - Demo • Is a web application security scanner. • Developed by OWASP. • Includes various policies and customized scans can be performed. • Even though not frequently utilized it is very useful.
www.prismacsi.com © All Rights Reserved. 26 Sqlmap – SQL Injection Scanner – Demo • Developed specifically for SQL Injection attacks.. • Developed in Python programming language. • Open source • Contains advanced parameters and attack methods
www.prismacsi.com © All Rights Reserved. 27 Are vulnerabilities only scanned remotely? • A scan does not only have to be performed remotely for web applications or for a server. • It is also possible to gain entry into a server and scan the operating system. (RDP, SSH login -> internal scanning) • Compatibility or configuration checks can be performed. • Static code analysis can be done
www.prismacsi.com © All Rights Reserved. 28 Summary: • We have a lot of intelligence data we've collected from the beginning.. • Now we know existing systems that are up. • We discovered open ports in these systems and we know the software running on these ports. • We have noted the vulnerabilities we have discovered on the applications that are running on these software or that we have discovered on the services. • Now we need to understand how to use these vulnerabilities to our advantage!
www.prismacsi.com © All Rights Reserved. 29 Applications
www.prismacsi.com © All Rights Reserved. 30 Questions?
www.prismacsi.com © All Rights Reserved. 31 www.prismacsi.com info@prismacsi.com 0 850 303 85 35 /prismacsi Contacts

Recommended

Practical White Hat Hacker Training - Exploitation
Practical White Hat Hacker Training - ExploitationPractical White Hat Hacker Training - Exploitation
Practical White Hat Hacker Training - ExploitationPRISMA CSI
 
Practical White Hat Hacker Training - Introduction to Cyber Security
Practical White Hat Hacker Training - Introduction to Cyber SecurityPractical White Hat Hacker Training - Introduction to Cyber Security
Practical White Hat Hacker Training - Introduction to Cyber SecurityPRISMA CSI
 
Practical White Hat Hacker Training - Active Information Gathering
Practical White Hat Hacker Training - Active Information GatheringPractical White Hat Hacker Training - Active Information Gathering
Practical White Hat Hacker Training - Active Information GatheringPRISMA CSI
 
Practical White Hat Hacker Training - Post Exploitation
Practical White Hat Hacker Training - Post ExploitationPractical White Hat Hacker Training - Post Exploitation
Practical White Hat Hacker Training - Post ExploitationPRISMA CSI
 
Detection Rules Coverage
Detection Rules CoverageDetection Rules Coverage
Detection Rules CoverageSunny Neo
 
DC612 Day - Hands on Penetration Testing 101
DC612 Day - Hands on Penetration Testing 101DC612 Day - Hands on Penetration Testing 101
DC612 Day - Hands on Penetration Testing 101dc612
 
Infosecurity.be 2019: What are relevant open source security tools you should...
Infosecurity.be 2019: What are relevant open source security tools you should...Infosecurity.be 2019: What are relevant open source security tools you should...
Infosecurity.be 2019: What are relevant open source security tools you should...B.A.
 
Lateral Movement: How attackers quietly traverse your Network
Lateral Movement: How attackers quietly traverse your NetworkLateral Movement: How attackers quietly traverse your Network
Lateral Movement: How attackers quietly traverse your NetworkEC-Council
 

Recommended

Practical White Hat Hacker Training - Exploitation
Practical White Hat Hacker Training - ExploitationPractical White Hat Hacker Training - Exploitation
Practical White Hat Hacker Training - ExploitationPRISMA CSI
 
Practical White Hat Hacker Training - Introduction to Cyber Security
Practical White Hat Hacker Training - Introduction to Cyber SecurityPractical White Hat Hacker Training - Introduction to Cyber Security
Practical White Hat Hacker Training - Introduction to Cyber SecurityPRISMA CSI
 
Practical White Hat Hacker Training - Active Information Gathering
Practical White Hat Hacker Training - Active Information GatheringPractical White Hat Hacker Training - Active Information Gathering
Practical White Hat Hacker Training - Active Information GatheringPRISMA CSI
 
Practical White Hat Hacker Training - Post Exploitation
Practical White Hat Hacker Training - Post ExploitationPractical White Hat Hacker Training - Post Exploitation
Practical White Hat Hacker Training - Post ExploitationPRISMA CSI
 
Detection Rules Coverage
Detection Rules CoverageDetection Rules Coverage
Detection Rules CoverageSunny Neo
 
DC612 Day - Hands on Penetration Testing 101
DC612 Day - Hands on Penetration Testing 101DC612 Day - Hands on Penetration Testing 101
DC612 Day - Hands on Penetration Testing 101dc612
 
Infosecurity.be 2019: What are relevant open source security tools you should...
Infosecurity.be 2019: What are relevant open source security tools you should...Infosecurity.be 2019: What are relevant open source security tools you should...
Infosecurity.be 2019: What are relevant open source security tools you should...B.A.
 
Lateral Movement: How attackers quietly traverse your Network
Lateral Movement: How attackers quietly traverse your NetworkLateral Movement: How attackers quietly traverse your Network
Lateral Movement: How attackers quietly traverse your NetworkEC-Council
 
Coporate Espionage
Coporate EspionageCoporate Espionage
Coporate EspionageUTD Computer Security Group
 
Web security for developers
Web security for developersWeb security for developers
Web security for developersSunny Neo
 
Threat Con 2021: What's Hitting my Honeypots
Threat Con 2021: What's Hitting my HoneypotsThreat Con 2021: What's Hitting my Honeypots
Threat Con 2021: What's Hitting my HoneypotsAPNIC
 
Csw2016 freingruber bypassing_application_whitelisting
Csw2016 freingruber bypassing_application_whitelistingCsw2016 freingruber bypassing_application_whitelisting
Csw2016 freingruber bypassing_application_whitelistingCanSecWest
 
CSW2017 Kyle ehmke lots of squats- ap-ts never miss leg day
CSW2017 Kyle ehmke lots of squats- ap-ts never miss leg dayCSW2017 Kyle ehmke lots of squats- ap-ts never miss leg day
CSW2017 Kyle ehmke lots of squats- ap-ts never miss leg dayCanSecWest
 
CSW2017 Yuhao song+Huimingliu cyber_wmd_vulnerable_IoT
CSW2017 Yuhao song+Huimingliu cyber_wmd_vulnerable_IoTCSW2017 Yuhao song+Huimingliu cyber_wmd_vulnerable_IoT
CSW2017 Yuhao song+Huimingliu cyber_wmd_vulnerable_IoTCanSecWest
 
Introduction to red team operations
Introduction to red team operationsIntroduction to red team operations
Introduction to red team operationsSunny Neo
 
Security events in 2014
Security events in 2014Security events in 2014
Security events in 2014Chong-Kuan Chen
 
Shamoon
ShamoonShamoon
ShamoonShakacon
 
Sticky Keys to the Kingdom
Sticky Keys to the KingdomSticky Keys to the Kingdom
Sticky Keys to the KingdomDennis Maldonado
 
Outlook and Exchange for the bad guys
Outlook and Exchange for the bad guysOutlook and Exchange for the bad guys
Outlook and Exchange for the bad guysNick Landers
 
External to DA, the OS X Way
External to DA, the OS X WayExternal to DA, the OS X Way
External to DA, the OS X WayStephan Borosh
 
Csw2016 chaykin having_funwithsecuremessengers_and_androidwear
Csw2016 chaykin having_funwithsecuremessengers_and_androidwearCsw2016 chaykin having_funwithsecuremessengers_and_androidwear
Csw2016 chaykin having_funwithsecuremessengers_and_androidwearCanSecWest
 
Ch 6: Attacking Authentication
Ch 6: Attacking AuthenticationCh 6: Attacking Authentication
Ch 6: Attacking AuthenticationSam Bowne
 
Lateral Movement - Phreaknik 2016
Lateral Movement - Phreaknik 2016Lateral Movement - Phreaknik 2016
Lateral Movement - Phreaknik 2016Xavier Ashe
 
Anatomy of a Cloud Hack
Anatomy of a Cloud HackAnatomy of a Cloud Hack
Anatomy of a Cloud HackNotSoSecure Global Services
 
CMS Hacking Tricks - DerbyCon 4 - 2014
CMS Hacking Tricks - DerbyCon 4 - 2014CMS Hacking Tricks - DerbyCon 4 - 2014
CMS Hacking Tricks - DerbyCon 4 - 2014Greg Foss
 
After School cyber security class slides - Pat
After School cyber security class slides - PatAfter School cyber security class slides - Pat
After School cyber security class slides - PatDan Winson
 
Internal Pentest: from z3r0 to h3r0
Internal Pentest: from z3r0 to h3r0Internal Pentest: from z3r0 to h3r0
Internal Pentest: from z3r0 to h3r0marcioalma
 
OSX/Pirrit: The blue balls of OS X adware
OSX/Pirrit: The blue balls of OS X adwareOSX/Pirrit: The blue balls of OS X adware
OSX/Pirrit: The blue balls of OS X adwareAmit Serper
 
Web App Security Presentation by Ryan Holland - 05-31-2017
Web App Security Presentation by Ryan Holland - 05-31-2017Web App Security Presentation by Ryan Holland - 05-31-2017
Web App Security Presentation by Ryan Holland - 05-31-2017TriNimbus
 
Cyber security - It starts with the embedded system
Cyber security - It starts with the embedded systemCyber security - It starts with the embedded system
Cyber security - It starts with the embedded systemRogue Wave Software
 

More Related Content

What's hot

Web security for developers
Web security for developersWeb security for developers
Web security for developersSunny Neo
 
Threat Con 2021: What's Hitting my Honeypots
Threat Con 2021: What's Hitting my HoneypotsThreat Con 2021: What's Hitting my Honeypots
Threat Con 2021: What's Hitting my HoneypotsAPNIC
 
Csw2016 freingruber bypassing_application_whitelisting
Csw2016 freingruber bypassing_application_whitelistingCsw2016 freingruber bypassing_application_whitelisting
Csw2016 freingruber bypassing_application_whitelistingCanSecWest
 
CSW2017 Kyle ehmke lots of squats- ap-ts never miss leg day
CSW2017 Kyle ehmke lots of squats- ap-ts never miss leg dayCSW2017 Kyle ehmke lots of squats- ap-ts never miss leg day
CSW2017 Kyle ehmke lots of squats- ap-ts never miss leg dayCanSecWest
 
CSW2017 Yuhao song+Huimingliu cyber_wmd_vulnerable_IoT
CSW2017 Yuhao song+Huimingliu cyber_wmd_vulnerable_IoTCSW2017 Yuhao song+Huimingliu cyber_wmd_vulnerable_IoT
CSW2017 Yuhao song+Huimingliu cyber_wmd_vulnerable_IoTCanSecWest
 
Introduction to red team operations
Introduction to red team operationsIntroduction to red team operations
Introduction to red team operationsSunny Neo
 
Sticky Keys to the Kingdom
Sticky Keys to the KingdomSticky Keys to the Kingdom
Sticky Keys to the KingdomDennis Maldonado
 
Outlook and Exchange for the bad guys
Outlook and Exchange for the bad guysOutlook and Exchange for the bad guys
Outlook and Exchange for the bad guysNick Landers
 
External to DA, the OS X Way
External to DA, the OS X WayExternal to DA, the OS X Way
External to DA, the OS X WayStephan Borosh
 
Csw2016 chaykin having_funwithsecuremessengers_and_androidwear
Csw2016 chaykin having_funwithsecuremessengers_and_androidwearCsw2016 chaykin having_funwithsecuremessengers_and_androidwear
Csw2016 chaykin having_funwithsecuremessengers_and_androidwearCanSecWest
 
Ch 6: Attacking Authentication
Ch 6: Attacking AuthenticationCh 6: Attacking Authentication
Ch 6: Attacking AuthenticationSam Bowne
 
Lateral Movement - Phreaknik 2016
Lateral Movement - Phreaknik 2016Lateral Movement - Phreaknik 2016
Lateral Movement - Phreaknik 2016Xavier Ashe
 
CMS Hacking Tricks - DerbyCon 4 - 2014
CMS Hacking Tricks - DerbyCon 4 - 2014CMS Hacking Tricks - DerbyCon 4 - 2014
CMS Hacking Tricks - DerbyCon 4 - 2014Greg Foss
 
After School cyber security class slides - Pat
After School cyber security class slides - PatAfter School cyber security class slides - Pat
After School cyber security class slides - PatDan Winson
 
Internal Pentest: from z3r0 to h3r0
Internal Pentest: from z3r0 to h3r0Internal Pentest: from z3r0 to h3r0
Internal Pentest: from z3r0 to h3r0marcioalma
 
OSX/Pirrit: The blue balls of OS X adware
OSX/Pirrit: The blue balls of OS X adwareOSX/Pirrit: The blue balls of OS X adware
OSX/Pirrit: The blue balls of OS X adwareAmit Serper
 

What's hot (20)

Coporate Espionage
Coporate EspionageCoporate Espionage
Coporate Espionage
 
Web security for developers
Web security for developersWeb security for developers
Web security for developers
 
Threat Con 2021: What's Hitting my Honeypots
Threat Con 2021: What's Hitting my HoneypotsThreat Con 2021: What's Hitting my Honeypots
Threat Con 2021: What's Hitting my Honeypots
 
Csw2016 freingruber bypassing_application_whitelisting
Csw2016 freingruber bypassing_application_whitelistingCsw2016 freingruber bypassing_application_whitelisting
Csw2016 freingruber bypassing_application_whitelisting
 
CSW2017 Kyle ehmke lots of squats- ap-ts never miss leg day
CSW2017 Kyle ehmke lots of squats- ap-ts never miss leg dayCSW2017 Kyle ehmke lots of squats- ap-ts never miss leg day
CSW2017 Kyle ehmke lots of squats- ap-ts never miss leg day
 
CSW2017 Yuhao song+Huimingliu cyber_wmd_vulnerable_IoT
CSW2017 Yuhao song+Huimingliu cyber_wmd_vulnerable_IoTCSW2017 Yuhao song+Huimingliu cyber_wmd_vulnerable_IoT
CSW2017 Yuhao song+Huimingliu cyber_wmd_vulnerable_IoT
 
Introduction to red team operations
Introduction to red team operationsIntroduction to red team operations
Introduction to red team operations
 
Security events in 2014
Security events in 2014Security events in 2014
Security events in 2014
 
Shamoon
ShamoonShamoon
Shamoon
 
Sticky Keys to the Kingdom
Sticky Keys to the KingdomSticky Keys to the Kingdom
Sticky Keys to the Kingdom
 
Outlook and Exchange for the bad guys
Outlook and Exchange for the bad guysOutlook and Exchange for the bad guys
Outlook and Exchange for the bad guys
 
External to DA, the OS X Way
External to DA, the OS X WayExternal to DA, the OS X Way
External to DA, the OS X Way
 
Csw2016 chaykin having_funwithsecuremessengers_and_androidwear
Csw2016 chaykin having_funwithsecuremessengers_and_androidwearCsw2016 chaykin having_funwithsecuremessengers_and_androidwear
Csw2016 chaykin having_funwithsecuremessengers_and_androidwear
 
Ch 6: Attacking Authentication
Ch 6: Attacking AuthenticationCh 6: Attacking Authentication
Ch 6: Attacking Authentication
 
Lateral Movement - Phreaknik 2016
Lateral Movement - Phreaknik 2016Lateral Movement - Phreaknik 2016
Lateral Movement - Phreaknik 2016
 
Anatomy of a Cloud Hack
Anatomy of a Cloud HackAnatomy of a Cloud Hack
Anatomy of a Cloud Hack
 
CMS Hacking Tricks - DerbyCon 4 - 2014
CMS Hacking Tricks - DerbyCon 4 - 2014CMS Hacking Tricks - DerbyCon 4 - 2014
CMS Hacking Tricks - DerbyCon 4 - 2014
 
After School cyber security class slides - Pat
After School cyber security class slides - PatAfter School cyber security class slides - Pat
After School cyber security class slides - Pat
 
Internal Pentest: from z3r0 to h3r0
Internal Pentest: from z3r0 to h3r0Internal Pentest: from z3r0 to h3r0
Internal Pentest: from z3r0 to h3r0
 
OSX/Pirrit: The blue balls of OS X adware
OSX/Pirrit: The blue balls of OS X adwareOSX/Pirrit: The blue balls of OS X adware
OSX/Pirrit: The blue balls of OS X adware
 

Similar to Practical White Hat Hacker Training - Vulnerability Detection

Web App Security Presentation by Ryan Holland - 05-31-2017
Web App Security Presentation by Ryan Holland - 05-31-2017Web App Security Presentation by Ryan Holland - 05-31-2017
Web App Security Presentation by Ryan Holland - 05-31-2017TriNimbus
 
Cyber security - It starts with the embedded system
Cyber security - It starts with the embedded systemCyber security - It starts with the embedded system
Cyber security - It starts with the embedded systemRogue Wave Software
 
AWS Community Day - Vitaliy Shtym - Pragmatic Container Security
AWS Community Day - Vitaliy Shtym - Pragmatic Container SecurityAWS Community Day - Vitaliy Shtym - Pragmatic Container Security
AWS Community Day - Vitaliy Shtym - Pragmatic Container SecurityAWS Chicago
 
CyberCrime in the Cloud and How to defend Yourself
CyberCrime in the Cloud and How to defend Yourself CyberCrime in the Cloud and How to defend Yourself
CyberCrime in the Cloud and How to defend Yourself Alert Logic
 
Programming languages and techniques for today’s embedded andIoT world
Programming languages and techniques for today’s embedded andIoT worldProgramming languages and techniques for today’s embedded andIoT world
Programming languages and techniques for today’s embedded andIoT worldRogue Wave Software
 
Nomura UCCSC 2009
Nomura UCCSC 2009Nomura UCCSC 2009
Nomura UCCSC 2009dnomura
 
Thick client pentesting_the-hackers_meetup_version1.0pptx
Thick client pentesting_the-hackers_meetup_version1.0pptxThick client pentesting_the-hackers_meetup_version1.0pptx
Thick client pentesting_the-hackers_meetup_version1.0pptxAnurag Srivastava
 
Web application vulnerability assessment
Web application vulnerability assessmentWeb application vulnerability assessment
Web application vulnerability assessmentRavikumar Paghdal
 
Zero Trust And Best Practices for Securing Endpoint Apps on May 24th 2021
Zero Trust And Best Practices for Securing Endpoint Apps on May 24th 2021Zero Trust And Best Practices for Securing Endpoint Apps on May 24th 2021
Zero Trust And Best Practices for Securing Endpoint Apps on May 24th 2021Teemu Tiainen
 
Using Analyzers to Resolve Security Problems
Using Analyzers to Resolve Security ProblemsUsing Analyzers to Resolve Security Problems
Using Analyzers to Resolve Security Problemskiansahafi
 
Application Explosion How to Manage Productivity vs Security
Application Explosion How to Manage Productivity vs SecurityApplication Explosion How to Manage Productivity vs Security
Application Explosion How to Manage Productivity vs SecurityLumension
 
Threat Modeling the CI/CD Pipeline to Improve Software Supply Chain Security ...
Threat Modeling the CI/CD Pipeline to Improve Software Supply Chain Security ...Threat Modeling the CI/CD Pipeline to Improve Software Supply Chain Security ...
Threat Modeling the CI/CD Pipeline to Improve Software Supply Chain Security ...Denim Group
 
Is code review the solution?
Is code review the solution?Is code review the solution?
Is code review the solution?Tiago Mendo
 
Developing for Industrial IoT with Linux OS on DragonBoard™ 410c: Session 4
Developing for Industrial IoT with Linux OS on DragonBoard™ 410c: Session 4Developing for Industrial IoT with Linux OS on DragonBoard™ 410c: Session 4
Developing for Industrial IoT with Linux OS on DragonBoard™ 410c: Session 4Qualcomm Developer Network
 
AppSec in an Agile World
AppSec in an Agile WorldAppSec in an Agile World
AppSec in an Agile WorldDavid Lindner
 
Open Audit
Open AuditOpen Audit
Open Auditncspa
 
Security Framework from SANS
Security Framework from SANSSecurity Framework from SANS
Security Framework from SANSJeffrey Reed
 
Develop, Test & Maintain Secure Systems (While Being PCI Compliant)
Develop, Test & Maintain Secure Systems (While Being PCI Compliant)Develop, Test & Maintain Secure Systems (While Being PCI Compliant)
Develop, Test & Maintain Secure Systems (While Being PCI Compliant)Security Innovation
 
Software for Finding vulnerabilities in programs.pdf
Software for Finding vulnerabilities in programs.pdfSoftware for Finding vulnerabilities in programs.pdf
Software for Finding vulnerabilities in programs.pdfBytecode Security
 
Aleksei Dremin - Application Security Pipeline - phdays9
Aleksei Dremin - Application Security Pipeline - phdays9Aleksei Dremin - Application Security Pipeline - phdays9
Aleksei Dremin - Application Security Pipeline - phdays9Alexey Dremin
 

Similar to Practical White Hat Hacker Training - Vulnerability Detection (20)

Web App Security Presentation by Ryan Holland - 05-31-2017
Web App Security Presentation by Ryan Holland - 05-31-2017Web App Security Presentation by Ryan Holland - 05-31-2017
Web App Security Presentation by Ryan Holland - 05-31-2017
 
Cyber security - It starts with the embedded system
Cyber security - It starts with the embedded systemCyber security - It starts with the embedded system
Cyber security - It starts with the embedded system
 
AWS Community Day - Vitaliy Shtym - Pragmatic Container Security
AWS Community Day - Vitaliy Shtym - Pragmatic Container SecurityAWS Community Day - Vitaliy Shtym - Pragmatic Container Security
AWS Community Day - Vitaliy Shtym - Pragmatic Container Security
 
CyberCrime in the Cloud and How to defend Yourself
CyberCrime in the Cloud and How to defend Yourself CyberCrime in the Cloud and How to defend Yourself
CyberCrime in the Cloud and How to defend Yourself
 
Programming languages and techniques for today’s embedded andIoT world
Programming languages and techniques for today’s embedded andIoT worldProgramming languages and techniques for today’s embedded andIoT world
Programming languages and techniques for today’s embedded andIoT world
 
Nomura UCCSC 2009
Nomura UCCSC 2009Nomura UCCSC 2009
Nomura UCCSC 2009
 
Thick client pentesting_the-hackers_meetup_version1.0pptx
Thick client pentesting_the-hackers_meetup_version1.0pptxThick client pentesting_the-hackers_meetup_version1.0pptx
Thick client pentesting_the-hackers_meetup_version1.0pptx
 
Web application vulnerability assessment
Web application vulnerability assessmentWeb application vulnerability assessment
Web application vulnerability assessment
 
Zero Trust And Best Practices for Securing Endpoint Apps on May 24th 2021
Zero Trust And Best Practices for Securing Endpoint Apps on May 24th 2021Zero Trust And Best Practices for Securing Endpoint Apps on May 24th 2021
Zero Trust And Best Practices for Securing Endpoint Apps on May 24th 2021
 
Using Analyzers to Resolve Security Problems
Using Analyzers to Resolve Security ProblemsUsing Analyzers to Resolve Security Problems
Using Analyzers to Resolve Security Problems
 
Application Explosion How to Manage Productivity vs Security
Application Explosion How to Manage Productivity vs SecurityApplication Explosion How to Manage Productivity vs Security
Application Explosion How to Manage Productivity vs Security
 
Threat Modeling the CI/CD Pipeline to Improve Software Supply Chain Security ...
Threat Modeling the CI/CD Pipeline to Improve Software Supply Chain Security ...Threat Modeling the CI/CD Pipeline to Improve Software Supply Chain Security ...
Threat Modeling the CI/CD Pipeline to Improve Software Supply Chain Security ...
 
Is code review the solution?
Is code review the solution?Is code review the solution?
Is code review the solution?
 
Developing for Industrial IoT with Linux OS on DragonBoard™ 410c: Session 4
Developing for Industrial IoT with Linux OS on DragonBoard™ 410c: Session 4Developing for Industrial IoT with Linux OS on DragonBoard™ 410c: Session 4
Developing for Industrial IoT with Linux OS on DragonBoard™ 410c: Session 4
 
AppSec in an Agile World
AppSec in an Agile WorldAppSec in an Agile World
AppSec in an Agile World
 
Open Audit
Open AuditOpen Audit
Open Audit
 
Security Framework from SANS
Security Framework from SANSSecurity Framework from SANS
Security Framework from SANS
 
Develop, Test & Maintain Secure Systems (While Being PCI Compliant)
Develop, Test & Maintain Secure Systems (While Being PCI Compliant)Develop, Test & Maintain Secure Systems (While Being PCI Compliant)
Develop, Test & Maintain Secure Systems (While Being PCI Compliant)
 
Software for Finding vulnerabilities in programs.pdf
Software for Finding vulnerabilities in programs.pdfSoftware for Finding vulnerabilities in programs.pdf
Software for Finding vulnerabilities in programs.pdf
 
Aleksei Dremin - Application Security Pipeline - phdays9
Aleksei Dremin - Application Security Pipeline - phdays9Aleksei Dremin - Application Security Pipeline - phdays9
Aleksei Dremin - Application Security Pipeline - phdays9
 

More from PRISMA CSI

Sysmon ile Log Toplama
Sysmon ile Log ToplamaSysmon ile Log Toplama
Sysmon ile Log ToplamaPRISMA CSI
 
Practical White Hat Hacker Training - Passive Information Gathering(OSINT)
Practical White Hat Hacker Training - Passive Information Gathering(OSINT)Practical White Hat Hacker Training - Passive Information Gathering(OSINT)
Practical White Hat Hacker Training - Passive Information Gathering(OSINT)PRISMA CSI
 
Beyaz Şapkalı Hacker CEH Eğitimi - Parola Kırma Saldırıları
Beyaz Şapkalı Hacker CEH Eğitimi - Parola Kırma SaldırılarıBeyaz Şapkalı Hacker CEH Eğitimi - Parola Kırma Saldırıları
Beyaz Şapkalı Hacker CEH Eğitimi - Parola Kırma SaldırılarıPRISMA CSI
 
Sızma Testi Metodolojileri
Sızma Testi MetodolojileriSızma Testi Metodolojileri
Sızma Testi MetodolojileriPRISMA CSI
 
Sızma (Penetrasyon) Testi Nedir?
Sızma (Penetrasyon) Testi Nedir?Sızma (Penetrasyon) Testi Nedir?
Sızma (Penetrasyon) Testi Nedir?PRISMA CSI
 
Beyaz Şapkalı Hacker CEH Eğitimi - Post Exploit Aşaması
Beyaz Şapkalı Hacker CEH Eğitimi - Post Exploit AşamasıBeyaz Şapkalı Hacker CEH Eğitimi - Post Exploit Aşaması
Beyaz Şapkalı Hacker CEH Eğitimi - Post Exploit AşamasıPRISMA CSI
 
Beyaz Şapkalı Hacker CEH Eğitimi - Zafiyet Keşfi
Beyaz Şapkalı Hacker CEH Eğitimi - Zafiyet KeşfiBeyaz Şapkalı Hacker CEH Eğitimi - Zafiyet Keşfi
Beyaz Şapkalı Hacker CEH Eğitimi - Zafiyet KeşfiPRISMA CSI
 
Beyaz Şapkalı Hacker CEH Eğitimi - Exploit Aşaması
Beyaz Şapkalı Hacker CEH Eğitimi - Exploit AşamasıBeyaz Şapkalı Hacker CEH Eğitimi - Exploit Aşaması
Beyaz Şapkalı Hacker CEH Eğitimi - Exploit AşamasıPRISMA CSI
 
Beyaz Şapkalı Hacker CEH Eğitimi - Aktif Bilgi Toplama
Beyaz Şapkalı Hacker CEH Eğitimi - Aktif Bilgi ToplamaBeyaz Şapkalı Hacker CEH Eğitimi - Aktif Bilgi Toplama
Beyaz Şapkalı Hacker CEH Eğitimi - Aktif Bilgi ToplamaPRISMA CSI
 
Beyaz Şapkalı Hacker CEH Eğitimi - Siber Güvenlik Temelleri
Beyaz Şapkalı Hacker CEH Eğitimi - Siber Güvenlik TemelleriBeyaz Şapkalı Hacker CEH Eğitimi - Siber Güvenlik Temelleri
Beyaz Şapkalı Hacker CEH Eğitimi - Siber Güvenlik TemelleriPRISMA CSI
 
Beyaz Şapkalı Hacker CEH Eğitimi - Pasif Bilgi Toplama (OSINT)
Beyaz Şapkalı Hacker CEH Eğitimi - Pasif Bilgi Toplama (OSINT)Beyaz Şapkalı Hacker CEH Eğitimi - Pasif Bilgi Toplama (OSINT)
Beyaz Şapkalı Hacker CEH Eğitimi - Pasif Bilgi Toplama (OSINT)PRISMA CSI
 
Kaynak Kod Analiz Süreci
Kaynak Kod Analiz SüreciKaynak Kod Analiz Süreci
Kaynak Kod Analiz SüreciPRISMA CSI
 

More from PRISMA CSI (12)

Sysmon ile Log Toplama
Sysmon ile Log ToplamaSysmon ile Log Toplama
Sysmon ile Log Toplama
 
Practical White Hat Hacker Training - Passive Information Gathering(OSINT)
Practical White Hat Hacker Training - Passive Information Gathering(OSINT)Practical White Hat Hacker Training - Passive Information Gathering(OSINT)
Practical White Hat Hacker Training - Passive Information Gathering(OSINT)
 
Beyaz Şapkalı Hacker CEH Eğitimi - Parola Kırma Saldırıları
Beyaz Şapkalı Hacker CEH Eğitimi - Parola Kırma SaldırılarıBeyaz Şapkalı Hacker CEH Eğitimi - Parola Kırma Saldırıları
Beyaz Şapkalı Hacker CEH Eğitimi - Parola Kırma Saldırıları
 
Sızma Testi Metodolojileri
Sızma Testi MetodolojileriSızma Testi Metodolojileri
Sızma Testi Metodolojileri
 
Sızma (Penetrasyon) Testi Nedir?
Sızma (Penetrasyon) Testi Nedir?Sızma (Penetrasyon) Testi Nedir?
Sızma (Penetrasyon) Testi Nedir?
 
Beyaz Şapkalı Hacker CEH Eğitimi - Post Exploit Aşaması
Beyaz Şapkalı Hacker CEH Eğitimi - Post Exploit AşamasıBeyaz Şapkalı Hacker CEH Eğitimi - Post Exploit Aşaması
Beyaz Şapkalı Hacker CEH Eğitimi - Post Exploit Aşaması
 
Beyaz Şapkalı Hacker CEH Eğitimi - Zafiyet Keşfi
Beyaz Şapkalı Hacker CEH Eğitimi - Zafiyet KeşfiBeyaz Şapkalı Hacker CEH Eğitimi - Zafiyet Keşfi
Beyaz Şapkalı Hacker CEH Eğitimi - Zafiyet Keşfi
 
Beyaz Şapkalı Hacker CEH Eğitimi - Exploit Aşaması
Beyaz Şapkalı Hacker CEH Eğitimi - Exploit AşamasıBeyaz Şapkalı Hacker CEH Eğitimi - Exploit Aşaması
Beyaz Şapkalı Hacker CEH Eğitimi - Exploit Aşaması
 
Beyaz Şapkalı Hacker CEH Eğitimi - Aktif Bilgi Toplama
Beyaz Şapkalı Hacker CEH Eğitimi - Aktif Bilgi ToplamaBeyaz Şapkalı Hacker CEH Eğitimi - Aktif Bilgi Toplama
Beyaz Şapkalı Hacker CEH Eğitimi - Aktif Bilgi Toplama
 
Beyaz Şapkalı Hacker CEH Eğitimi - Siber Güvenlik Temelleri
Beyaz Şapkalı Hacker CEH Eğitimi - Siber Güvenlik TemelleriBeyaz Şapkalı Hacker CEH Eğitimi - Siber Güvenlik Temelleri
Beyaz Şapkalı Hacker CEH Eğitimi - Siber Güvenlik Temelleri
 
Beyaz Şapkalı Hacker CEH Eğitimi - Pasif Bilgi Toplama (OSINT)
Beyaz Şapkalı Hacker CEH Eğitimi - Pasif Bilgi Toplama (OSINT)Beyaz Şapkalı Hacker CEH Eğitimi - Pasif Bilgi Toplama (OSINT)
Beyaz Şapkalı Hacker CEH Eğitimi - Pasif Bilgi Toplama (OSINT)
 
Kaynak Kod Analiz Süreci
Kaynak Kod Analiz SüreciKaynak Kod Analiz Süreci
Kaynak Kod Analiz Süreci
 

Recently uploaded

Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdfInclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdfTechSoup
 
Field Attribute Index Feature in Odoo 17
Field Attribute Index Feature in Odoo 17Field Attribute Index Feature in Odoo 17
Field Attribute Index Feature in Odoo 17Celine George
 
AMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdf
AMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdfAMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdf
AMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdfphamnguyenenglishnb
 
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptx
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptxINTRODUCTION TO CATHOLIC CHRISTOLOGY.pptx
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptxHumphrey A Beña
 
Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...Jisc
 
ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...
ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...
ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...JhezDiaz1
 
Choosing the Right CBSE School A Comprehensive Guide for Parents
Choosing the Right CBSE School A Comprehensive Guide for ParentsChoosing the Right CBSE School A Comprehensive Guide for Parents
Choosing the Right CBSE School A Comprehensive Guide for Parentsnavabharathschool99
 
Global Lehigh Strategic Initiatives (without descriptions)
Global Lehigh Strategic Initiatives (without descriptions)Global Lehigh Strategic Initiatives (without descriptions)
Global Lehigh Strategic Initiatives (without descriptions)cama23
 
4.18.24 Movement Legacies, Reflection, and Review.pptx
4.18.24 Movement Legacies, Reflection, and Review.pptx4.18.24 Movement Legacies, Reflection, and Review.pptx
4.18.24 Movement Legacies, Reflection, and Review.pptxmary850239
 
GRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTS
GRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTSGRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTS
GRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTSJoshuaGantuangco2
 
Concurrency Control in Database Management system
Concurrency Control in Database Management systemConcurrency Control in Database Management system
Concurrency Control in Database Management systemChristalin Nelson
 
THEORIES OF ORGANIZATION-PUBLIC ADMINISTRATION
THEORIES OF ORGANIZATION-PUBLIC ADMINISTRATIONTHEORIES OF ORGANIZATION-PUBLIC ADMINISTRATION
THEORIES OF ORGANIZATION-PUBLIC ADMINISTRATIONHumphrey A Beña
 
HỌC TỐT TIẾNG ANH 11 THEO CHƯƠNG TRÌNH GLOBAL SUCCESS ĐÁP ÁN CHI TIẾT - CẢ NĂ...
HỌC TỐT TIẾNG ANH 11 THEO CHƯƠNG TRÌNH GLOBAL SUCCESS ĐÁP ÁN CHI TIẾT - CẢ NĂ...HỌC TỐT TIẾNG ANH 11 THEO CHƯƠNG TRÌNH GLOBAL SUCCESS ĐÁP ÁN CHI TIẾT - CẢ NĂ...
HỌC TỐT TIẾNG ANH 11 THEO CHƯƠNG TRÌNH GLOBAL SUCCESS ĐÁP ÁN CHI TIẾT - CẢ NĂ...Nguyen Thanh Tu Collection
 
MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptx
MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptxMULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptx
MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptxAnupkumar Sharma
 
Science 7 Quarter 4 Module 2: Natural Resources.pptx
Science 7 Quarter 4 Module 2: Natural Resources.pptxScience 7 Quarter 4 Module 2: Natural Resources.pptx
Science 7 Quarter 4 Module 2: Natural Resources.pptxMaryGraceBautista27
 

Recently uploaded (20)

Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdfInclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
 
Field Attribute Index Feature in Odoo 17
Field Attribute Index Feature in Odoo 17Field Attribute Index Feature in Odoo 17
Field Attribute Index Feature in Odoo 17
 
AMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdf
AMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdfAMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdf
AMERICAN LANGUAGE HUB_Level2_Student'sBook_Answerkey.pdf
 
YOUVE GOT EMAIL_FINALS_EL_DORADO_2024.pptx
YOUVE GOT EMAIL_FINALS_EL_DORADO_2024.pptxYOUVE GOT EMAIL_FINALS_EL_DORADO_2024.pptx
YOUVE GOT EMAIL_FINALS_EL_DORADO_2024.pptx
 
Raw materials used in Herbal Cosmetics.pptx
Raw materials used in Herbal Cosmetics.pptxRaw materials used in Herbal Cosmetics.pptx
Raw materials used in Herbal Cosmetics.pptx
 
FINALS_OF_LEFT_ON_C'N_EL_DORADO_2024.pptx
FINALS_OF_LEFT_ON_C'N_EL_DORADO_2024.pptxFINALS_OF_LEFT_ON_C'N_EL_DORADO_2024.pptx
FINALS_OF_LEFT_ON_C'N_EL_DORADO_2024.pptx
 
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptx
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptxINTRODUCTION TO CATHOLIC CHRISTOLOGY.pptx
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptx
 
Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...
 
ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...
ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...
ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...
 
YOUVE_GOT_EMAIL_PRELIMS_EL_DORADO_2024.pptx
YOUVE_GOT_EMAIL_PRELIMS_EL_DORADO_2024.pptxYOUVE_GOT_EMAIL_PRELIMS_EL_DORADO_2024.pptx
YOUVE_GOT_EMAIL_PRELIMS_EL_DORADO_2024.pptx
 
Choosing the Right CBSE School A Comprehensive Guide for Parents
Choosing the Right CBSE School A Comprehensive Guide for ParentsChoosing the Right CBSE School A Comprehensive Guide for Parents
Choosing the Right CBSE School A Comprehensive Guide for Parents
 
Global Lehigh Strategic Initiatives (without descriptions)
Global Lehigh Strategic Initiatives (without descriptions)Global Lehigh Strategic Initiatives (without descriptions)
Global Lehigh Strategic Initiatives (without descriptions)
 
4.18.24 Movement Legacies, Reflection, and Review.pptx
4.18.24 Movement Legacies, Reflection, and Review.pptx4.18.24 Movement Legacies, Reflection, and Review.pptx
4.18.24 Movement Legacies, Reflection, and Review.pptx
 
GRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTS
GRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTSGRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTS
GRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTS
 
Concurrency Control in Database Management system
Concurrency Control in Database Management systemConcurrency Control in Database Management system
Concurrency Control in Database Management system
 
THEORIES OF ORGANIZATION-PUBLIC ADMINISTRATION
THEORIES OF ORGANIZATION-PUBLIC ADMINISTRATIONTHEORIES OF ORGANIZATION-PUBLIC ADMINISTRATION
THEORIES OF ORGANIZATION-PUBLIC ADMINISTRATION
 
HỌC TỐT TIẾNG ANH 11 THEO CHƯƠNG TRÌNH GLOBAL SUCCESS ĐÁP ÁN CHI TIẾT - CẢ NĂ...
HỌC TỐT TIẾNG ANH 11 THEO CHƯƠNG TRÌNH GLOBAL SUCCESS ĐÁP ÁN CHI TIẾT - CẢ NĂ...HỌC TỐT TIẾNG ANH 11 THEO CHƯƠNG TRÌNH GLOBAL SUCCESS ĐÁP ÁN CHI TIẾT - CẢ NĂ...
HỌC TỐT TIẾNG ANH 11 THEO CHƯƠNG TRÌNH GLOBAL SUCCESS ĐÁP ÁN CHI TIẾT - CẢ NĂ...
 
MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptx
MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptxMULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptx
MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptx
 
Science 7 Quarter 4 Module 2: Natural Resources.pptx
Science 7 Quarter 4 Module 2: Natural Resources.pptxScience 7 Quarter 4 Module 2: Natural Resources.pptx
Science 7 Quarter 4 Module 2: Natural Resources.pptx
 
LEFT_ON_C'N_ PRELIMS_EL_DORADO_2024.pptx
LEFT_ON_C'N_ PRELIMS_EL_DORADO_2024.pptxLEFT_ON_C'N_ PRELIMS_EL_DORADO_2024.pptx
LEFT_ON_C'N_ PRELIMS_EL_DORADO_2024.pptx
 

Practical White Hat Hacker Training - Vulnerability Detection

  • 1. www.prismacsi.com © All Rights Reserved. 1 Practical White Hat Hacker Training #4 Vulnerability Detection This document may be quoted or shared, but cannot be modified or used for commercial purposes. For more information, visit https://creativecommons.org/licenses/by-nc-nd/4.0/legalcode.tr
  • 2. www.prismacsi.com © All Rights Reserved. 2 Topics • What’s a vulnerability? • What are the sources of vulnerabilities? • Vulnerability Management Cycle • Automated Vulnerability Scanners • Vulnerability Databases • Frequently used tools • Applications
  • 3. www.prismacsi.com © All Rights Reserved. 3 What is a Vulnerability? • Vulnerabilites are defined as conditions in an application, service or protocol, previously or recently discovered in research work, that give a cyber attacker the opportunity to execute any type of attack which may affect the normal operation of a system. • [Senaryo]
  • 4. www.prismacsi.com © All Rights Reserved. 4 What are the sources of vulnerabilities? • Old versions/ out of date applications and services • Patch failures • Incorrect configurations • Secure software development process shortcomings • Insecure Network Architecture Designs • Insider, unintentional actions
  • 5. www.prismacsi.com © All Rights Reserved. 5 Vulnerability Management Cycle
  • 6. www.prismacsi.com © All Rights Reserved. 6 Vulnerability Scanners • Netsparker • Acunetix • Burpsuite • Appscan • Webinspect • W3af • Arachni • Nikto • Sqlmap • Nessus • Nexpose • OpenVAS • Qualys • Core Impact • Vega • Skipfish • Commix • nmap
  • 7. www.prismacsi.com © All Rights Reserved. 7 What’s the point of Vulnerability Scanning? • Identify risks! • Manage risks! • Prevent possible cyber attacks! • The case of Wannacry! • Learn lessons from past cyber attack incidents!
  • 8. www.prismacsi.com © All Rights Reserved. 8 Key Words • POLICY: It is the name given to special configurations done before performing a scan. For example the POLICY used in network scanning and the POLICY used in web application scanning are different. • PLUGIN: Small tools / scripts developed for security checks. • SCAN: The scanning process.
  • 9. www.prismacsi.com © All Rights Reserved. 9 Vulnerability Databases • Vulnerability databases are storage points where discovered vulnerabilities are kept. • https://nvd.nist.gov/ • https://www.cvedetails.com/
  • 10. www.prismacsi.com © All Rights Reserved. 10 Security Scanners • All In One logic • Better for discovering vulnerabilities on a network • More often used in controlling server/client based vulnerabilities • Compatibility, configuration vulnerability tests • Counters false positive events • Significantly shortens test time
  • 11. www.prismacsi.com © All Rights Reserved. 11 OpenVAS Security Scanner - DEMO • Open-source vulnerability scanning tool. • Contains advanced features. • Can be used as an alternative to Nessus.
  • 12. www.prismacsi.com © All Rights Reserved. 12 Nmap NSE - DEMO • Vulnerability scanning with Nmap Scripting Engine is possible. • Open source software. You can also contribute and develop modules on top of it. • Allows fast scanning. • Generally, all tests begin with nmap vulnerability scans.
  • 13. www.prismacsi.com © All Rights Reserved. 13 Nessus - Demo • The most commonly used vulnerability scanning tool. • Return to Penetration testing and vulnerability scanning! • Licensed and Free versions are available. • You can also perform many security checks with the free version. • Includes options like Web, Network, SCADA Compatibility Scanning. • Often used in network scans.
  • 14. www.prismacsi.com © All Rights Reserved. 14 Nessus - Demo • Starting a New Scan • Policy • Advanced Scan • Configurable • You can customize the scan and make advanced configurations.
  • 15. www.prismacsi.com © All Rights Reserved. 15 Nessus - Demo • New Scan • Target Systems • Plugins • Schedule configurations • Brute-force attacks • Advanced settings
  • 16. www.prismacsi.com © All Rights Reserved. 16 Nessus - Demo • Scan results are presented in many different formats. A large network can be easily analyzed with these outputs. • Detailed Analysis • Criticality Levels
  • 17. www.prismacsi.com © All Rights Reserved. 17 Nessus - Demo
  • 18. www.prismacsi.com © All Rights Reserved. 18 Nessus - Demo
  • 19. www.prismacsi.com © All Rights Reserved. 19 Nessus - Demo • The scan report is available in the following formats and can be integrated with other penetration testing tools. • Formats • XML • HTML • Nessus
  • 20. www.prismacsi.com © All Rights Reserved. 20 Core Impact - Demonstration • Security Scanner • Includes a lot of advanced security checkers and has its own unique tools. • Contains special exploits. • Has its very own special Zeroday team. • It’s a licensed tool J
  • 21. www.prismacsi.com © All Rights Reserved. 21 Web Security Scanners • Used for security scans of web applications and services • There are several that also allow users manual tests • Netsparker is accepted worldwide as one the most successful vulnerability scanner. • Burp suite is the most critical tool!
  • 22. www.prismacsi.com © All Rights Reserved. 22 Netsparker - Demo • Web application security scanning tool • Licensed and Free version available • Specifically developed for web technologies. • Is a more advanced and integrated solution with Netsparker Cloud
  • 23. www.prismacsi.com © All Rights Reserved. 23 Burpsuite - Demo • Web application Proxy tool and Security Scanner • Licensed and Free version available • Specific to Web technologies • Most frequently used tool. • Hackers and Pentesters’ most valuable tool
  • 24. www.prismacsi.com © All Rights Reserved. 24 Nikto Security Scanner - Demo • Web application and server security scanner. • Frequently used practical application. • Used via command line.
  • 25. www.prismacsi.com © All Rights Reserved. 25 W3af Web Scanner - Demo • Is a web application security scanner. • Developed by OWASP. • Includes various policies and customized scans can be performed. • Even though not frequently utilized it is very useful.
  • 26. www.prismacsi.com © All Rights Reserved. 26 Sqlmap – SQL Injection Scanner – Demo • Developed specifically for SQL Injection attacks.. • Developed in Python programming language. • Open source • Contains advanced parameters and attack methods
  • 27. www.prismacsi.com © All Rights Reserved. 27 Are vulnerabilities only scanned remotely? • A scan does not only have to be performed remotely for web applications or for a server. • It is also possible to gain entry into a server and scan the operating system. (RDP, SSH login -> internal scanning) • Compatibility or configuration checks can be performed. • Static code analysis can be done
  • 28. www.prismacsi.com © All Rights Reserved. 28 Summary: • We have a lot of intelligence data we've collected from the beginning.. • Now we know existing systems that are up. • We discovered open ports in these systems and we know the software running on these ports. • We have noted the vulnerabilities we have discovered on the applications that are running on these software or that we have discovered on the services. • Now we need to understand how to use these vulnerabilities to our advantage!
  • 29. www.prismacsi.com © All Rights Reserved. 29 Applications
  • 30. www.prismacsi.com © All Rights Reserved. 30 Questions?
  • 31. www.prismacsi.com © All Rights Reserved. 31 www.prismacsi.com info@prismacsi.com 0 850 303 85 35 /prismacsi Contacts