This year marks the 6th year (out of 7) that I attended ThatConference , and it’s also the 5th year I’ve been blessed to have been selected as a speaker. This year my session is titled HACKING THAT: REAL-WORLD PENETRATION TESTING ― and below are a variety of links I wanted to share from my talk.
EMBED SLIDES/VIDEO HERE
Kali linuxKali Linux is really the de facto penetration testing toolkit for anyone interested in this space.
Some tools that are already built-in to Kali Linux:
dnsenum : enumerates DNS information of a domain and to discover non-contiguous ip blocks dnsmap : DNS domain name brute forcing tool nmap : utility for network discovery and security auditing Burp Suite : Web vulnerability scanner and related tooling. Kali bundles the free “community edition”, but you’ll want to buy a license for Pro Maltego : a unique platform developed to deliver a clear threat picture to the environment that an organization owns and operatesA free tool you might also consider installing is:
discover : custom bash scripts developed by Lee Baird used to automate various pentesting tasks Chrome ExtensionsSome Chrome extensions I highlighted during my talk which are great for reconnaissance:
RetireJS : scanning website for vulnerable javascript libraries Shodan : tells you where the website is hosted (country, city), who owns the IP and what other services/ ports are open Wappalyzer : a cross-platform utility that uncovers the technologies used on websites Capture the Flag (i.e. vulnerable testing environments)“Capture the Flag” exercises are a fantastic way to learn and practice your penetration testing skills. The general idea is that the CTF environment is a deliberately broken application (or server) and you’re hunting for all the hidden vulnerabilities.
Hack Yourself First : a vulnerable application written by Troy Hunt (to go with his free Pluralsight training) CTF365 : interactive security training platform in which you earn points for exploiting vulnerabilities OverTheWire : free wargames to learn and practice security concepts in the form of fun-filled games OWASP Broken Web App : a collection of vulnerable web applications that is distributed on a Virtual Machine Metasploitable : actually a series of vulnerable virtual machines to use in conjunction with Rapid7’s Metasploit toolkit Books The Web Application Hacker’s Handbook Mastering Kali Linux for Web Penetration Testing Other Resources Practical Web Application Penetration Testing : a hands-on seminar by Tim Tomes. I took this course in person and it’s absolutely fantastic. If you’re looking for hands-on training, you won’t find anything better than Tim’s course. The Penetration Testing Execution StandardAboutArthur Kay
With nearly 20 years of software engineering and operations experience, Arthur Kay offers an extraordinary set of leadership skills and technical expertise to develop meaningful products and high-performing teams. He has worked with Fortune 500 companies, VC-funded startups and companies across a wide variety of industries to build cutting-edge software solutions.
Arthur is a successful entrepreneur, technology professional, and mentor. He is a full-time family man, part-time consultant and spare-time musician. He graduated from Loyola University Chicago and currently lives in greater Chicago-land.