0 valutazioniIl 0% ha trovato utile questo documento (0 voti)
13K visualizzazioni5 pagine
Malware PenTest Magazine The Implication of Malware in Penetration Testing Workshop Massimiliano Sembiante is an Author and an Independent Security Researcher at RIFEC Security. He has more than 20 years background in information technology, covering multiple roles and responsibilities for customers such as: governments, military, Enterprise and Corporations. In this workshop, you will Be able to: understand the mechanisms that malwares employ to exploit the local OS vulnerabilities Be able to establish their command and control server, managing to obtain full control on
Malware PenTest Magazine The Implication of Malware in Penetration Testing Workshop Massimiliano Sembiante is an Author and an Independent Security Researcher at RIFEC Security. He has more than 20 years background in information technology, covering multiple roles and responsibilities for customers such as: governments, military, Enterprise and Corporations. In this workshop, you will Be able to: understand the mechanisms that malwares employ to exploit the local OS vulnerabilities Be able to establish their command and control server, managing to obtain full control on
Malware PenTest Magazine The Implication of Malware in Penetration Testing Workshop Massimiliano Sembiante is an Author and an Independent Security Researcher at RIFEC Security. He has more than 20 years background in information technology, covering multiple roles and responsibilities for customers such as: governments, military, Enterprise and Corporations. In this workshop, you will Be able to: understand the mechanisms that malwares employ to exploit the local OS vulnerabilities Be able to establish their command and control server, managing to obtain full control on
PenTest Magazine | The Implication of Malware in Penetration Testing Workshop
2 By the the end of this WORKSHOP, you will: Understand the mechanisms that malwares employ to exploit the local OS vulnerabilities Be able to establish their command and control server, managing to obtain full control on the conquered victims device. The Implication of Malware in Penetration Testing Workshop YOUR INDIVIDUAL TUTOR: Massimiliano Sembiante is an Author and an Independent Security Researcher at RIFEC Security (Research Institute of Forensic and E-Crimes) focusing on: Stealth, polymorphic and armored malware, reverse engineering, digital forensic, investigating new attack vectors, advanced approaches to bypass protection mechanisms, new intrusion methodologies, antivirus adaptation and detection avoidance, sandbox, Pen-Test, BotNet analysis, code exploitation and corruption, vulnerability and bugs discovery, tools and scripts development. Massimiliano holds a Master Degree in Computer Security from the University of Liverpool (UK). He has more than 20 years background in Information Technology, covering multiple roles and responsibilities for customers such as: Governments, Military, Enterprise and Corporations, Financial institutions, Power and Telecommunication companies. During the last 8 years, Massimiliano has been employed at UBS Bank, working with the global security and risk team as an IT Security and Risk Expert. Malware | PenTest Magazine The Implication of Malware in Penetration Testing Workshop | PenTest Magazine 3 We will present extensive and novel knowledge of Malware techniques and describe its practical methods and procedures from both perspectives: Defense and Attack. In this workshop, we are going to: Discuss the malicious codes and look peering through the Penetration testing that are closely related, Uniquely focus on how we can analyze the malicious codes to understand how to efficiently & in a timely manner detect the rogue applications and how they can infect a system, Focus on how those codes propagate themselves inside the victims system bypassing the system-employed computer and network protections and how they communicate through the network, creating the so called BotNets. Furthermore: We will do an extensive review on the mobile malwares that target Android and IOS operating systems. Ultimately, this workshop will initially provide you with: A strong overview of the most common and effective protection methodologies and their practical applications, Explanation on how a malware can defeat and bypass all the efforts and smartness being used to maintain security in the victims system. This training attempts to simulate a full realistic Penetration Testing using Malware experience by exposing the students to diverse and practical system environment. If you are interested in exposing yourself to a diverse and a practical experience in the field, Hurry Up and subscribe for our workshop to start your challenging career experience in Penetration Testing!!! Workshop Prerequisites The minimum prior knowledge required for your success in this workshop is as follows: Computer Security knowledge (Advanced level) Programming and Development (Basic level) Operating Systems (Admin level) Networking (Basic level) Want to learn enthusiastically in a way that will grow and challenge your career in the Penetration Testing field and defeat any learning difficulties THIS WORKSHOP: Is designed to PURELY MEET THE PRACTICAL EXPERIENCES in the penetration testing field that are currently essential for security auditors and researchers, Is especially designed and compacted for those who are in need of acquainting themselves with the unique world of Malware in penetration testing. PenTest Magazine | Malware PenTest Magazine | The Implication of Malware in Penetration Testing Workshop 4 What will you learn in This Workshop? The workshop will run for four consecutive weeks (four modules); each has specific topics and materials to cover. By the end of each module, students will have to take a challenging test to assess their understanding of the topics covered in each module. The modules are organized in a way that ensures the best understanding of the whole topic. Below are the modules: Week 1 Introduction Malware history Definitions and classifications Propagation and Infection Malware identification Current protection architectures (Antivirus, firewall, IDS etc) Malware attack vector Test Week 2 Virus Compiled, Interpreted, Resident and Non-resident Obfuscation Techniques Malware analysis 1 (Trojans, Worms, Sypwares, keyloggers, backdoors) Malware analysis 2 (RootKit, Ransomware, Botnet) Virtualization Malwares Examples (Stuxnet, Ransomware, Cryptolocker, etc) AV Evasion techniques Exploit-as-a-Service Test Week 3 Mobile Devices threat Malware Analysis on Android part 1 Malware Analysis on Android part 2 Malware Analysis on IOS part 1 Malware Analysis on IOS part 2 Mobile device assessment and penetration Test Mobile Device Threats, Policies, and Security Models Test Week 4 Penetration Test Methodologies (focus will be on Malwares) Network analysis and malwares Local threat analysis Honeypot and malware detection Infection evaluation with Sandbox Creating and using Malware for Pen-Test purposes Metasploit Framework Attack and Defense (using Malware) Future trends Final Test