Certified Virtualization Security Expert, Part 4 of 6: PenTest Tools and DMZ
Interactive

Certified Virtualization Security Expert, Part 4 of 6: PenTest Tools and DMZ

Biz Library
Updated Jan 21, 2020

What are the tools of a penetration test? This course will answer that as well as cover vulnerability assessment, password cracking, how to disable auditing, rootkits and alternate data streams. Then it progress to 3 configurations of DMZs, hardening and isolating, layer 2 security options and separation of duties. Finally threats like SSL renegotiation and web access vulnerabilities will round out the course. This course contains the following lessons:

Lesson 1:

  • BackTrack4
  • Vulnerability Scanners
  • Nessus
  • Nessus Report
  • Saint
  • Saint Sample Report
  • OpenVAS
  • OpenVAS Infrastructure and Client
  • Demo: OpenVAS
  • Demo: Connecting to the Server
  • Demo: New Connections
  • Demo: Perform a Scan
  • Demo: Scan Continued
  • Demo: Scan Report.

Lesson 2:

  • Windows Password Cracking
  • SysKey and Cracking Techniques
  • Rainbow Tables
  • Disabling Auditing
  • Clearing the Event Log
  • NTFS Alternate Data Stream
  • Stream Explorer
  • Encrypted Tunnels
  • Port Monitoring Software
  • Rootkits
  • Utilizing Tools
  • Defense in Depth
  • Meterpreter
  • VASTO.

Lesson 3:

  • VASTO Modules
  • Fuzzers
  • Saint
  • Core Impact Overview
  • Core Impact
  • Tool Exploits from NVD
  • Wireshark and TCP Stream Reassembling
  • ARP Cache Poisoning
  • ARP Cache Poisoning in Linux
  • Cain and Abel
  • Ettercap.

Lesson 4:

  • Virtualized DMZ Networks
  • Three Typical Virtualized DMZ Configurations
  • Partially-Collapsed DMZ with Virtual Separation
  • Fully-Collapsed DMZ
  • Best Practices
  • Network Labeling
  • Layer 2 Security Options on Virtual Switches
  • Enforce Separation of Duties
  • ESX Management Capabilities.

Lesson 5:

  • Common Attack Vectors
  • How Fake Certificate Injection Works
  • Generic TLS Renegotiation Prefix Injection
  • Test Vulnerabilities
  • Vulnerability Requirements
  • Generic Example
  • Patched Server with Disabled Recognition
  • Keeping Up to Speed
  • SchmooCon 2010: Timeline
  • SchmooCon 2010: Identification
  • SchmooCon 2010: Server Log In
  • SchmooCon 2010: Vulnerability
  • SchmooCon 2010: Redirection Proxy
  • SchmooCon 2010: Vulnerable Versions
  • SchmooCon 2010: Gueststealer.