SlideShare a Scribd company logo

Ethical Hacking - Ferramentas Open Source para Pentest - Mateus Buogo - Tchelinux Caxias 2018

Download as PPTX, PDF
Tchelinux
Tchelinux

Ethical Hacking - Ferramentas Open Source para Pentest - Mateus Buogo - Tchelinux Caxias 2018

Technology
1 of 14
Ethical Hacking Ferramentas OpenSource para Pentest
Quem sou eu? Nome: Mateus Buogo Formação: Redes de Computadores – UNIFTEC / MBA Administração de TI – UNISINOS / Mestrando em Educação - UCS Cursos: ITIL Avançado; ISO27001 e ISO27002; Configuring and Troubleshooting a Windows Server; Administração de Servidores Linux; Ethical Hacking, Enterprise Security Fundamentals, IIT Support: Cloud Fundamentals; Microsoft Azure Virtual Networks; Windows Server 2016: Azure for On- Premises Administrators, Windows Server 2016 Infrastructure, Windows Sever 2016 Network Advanced. Experiência Profissional: Analista de Suporte de Infraestrutura de TI Experiência Acadêmica: Segurança em Redes, Sistemas Operacionais, Governança de TI, Serviços de Redes e Segurança da Informação
Ethical Hacking Vulnerability management is a core element in modern information technology (IT) compliance. IT compliance is defined as the adherence to legal, corporate and contractual rules and regulations as they relate to IT infrastructures. Within its context IT compliance mainly relates to information security, availability, storage and privacy. Companies and agencies have to comply with many legal obligations in this area. http://www.openvas.org/
Ethical Hacking The control and improvement in IT security is an ongoing process that consists at a minimum of these three steps: ● Discovery of the current state ● Taking actions to improve the current state ● Review of the measures taken http://www.openvas.org/
Ethical Hacking ● Technology lag ● Application development security ● Skill gap ● Asymmetry of attack and defense ● Increasing availability and sophistication of attack tools ● Monetization of malware ● Automation of Detection ● Internet of Things ● Transition to the cloud ● Increasing regulation INF246x - Enterprise Security Fundamentals - edx.org
Ethical Hacking When considering the cybersecurity landscape, it’s important to note that the versions of products that organizations have deployed exist on a spectrum, with a small number of organizations running the latest versions, most organizations running older but still supported versions, and a substantial number of organizations running information systems that are no longer supported by the vendor. It’s usually the organizations running outdated or unsupported products that you hear about when a large cybersecurity incident occurs. For example, the 2017 WannaCry ransomware attack disproportionally impacted organizations that had servers running the Windows Server 2003 operating system where the ports that are used for SMB storage protocol were exposed to the internet. INF246x - Enterprise Security Fundamentals - edx.org
Ethical Hacking The recent Global Information and Security Workforce Study by the Center for Cyber Safety and Education projected a global shortfall of 1.8 million information security workers by 2022. INF246x - Enterprise Security Fundamentals - edx.org
Ethical Hacking Um Hacker Ético é um especialista em sistemas e redes de computadores que conhece as técnicas e métodos utilizados para se encontrar vulnerabilidades de segurança em softwares e redes corporativas. Antes de mais nada, um hacker é um especialista em sistemas e redes de computadores. Ele conhece muito bem a base teórica e prática do funcionamento de sistemas e redes. http://profissaohacker.com/
Ethical Hacking Pen Tester: Salário médio de 2015: R$6.500 – 14.000 Desenvolvedor: Salário médio de 2015: R$6.500 – 12.000 Profissional de infraestrutura: Salário médio de 2015: R$4.000 – 7.000 http://aratuonline.com.br/noticias/mundo-hacker-conheca-os-perfis-salarios-e-como-esta-o-mercado-para-profissionais-da- tecnologia/?utm_content=bufferbc9f4&utm_medium=social&utm_source=facebook.com&utm_campaign=buffer
Ethical Hacking Nível 1 – Júnior - Tool based Penetration Nível 2 - Pleno Coding based Penetration Nível 3 – Sênior Vulnerability Researcher
Ethical Hacking 24 horas de exame.
Ferramentas ● DIG ● DIRB ● NMAP ● NETCAT ● SN1PER
Ethical Hacking Finish him!

Recommended

SMB Network Security Checklist
SMB Network Security Checklist SMB Network Security Checklist
SMB Network Security Checklist
Mobeen Khan
 
Embracing Cybersecurity on Cloud Computing
Embracing Cybersecurity on Cloud ComputingEmbracing Cybersecurity on Cloud Computing
Embracing Cybersecurity on Cloud Computing
PECB
 
Network infrastructure security management solution - A holistic approach in ...
Network infrastructure security management solution - A holistic approach in ...Network infrastructure security management solution - A holistic approach in ...
Network infrastructure security management solution - A holistic approach in ...
Twinkle Sebastian
 
Information Security Lecture #1 ppt
Information Security Lecture #1 pptInformation Security Lecture #1 ppt
Information Security Lecture #1 ppt
vasanthimuniasamy
 
Review of Information Security Concepts
Review of Information Security ConceptsReview of Information Security Concepts
Review of Information Security Concepts
primeteacher32
 
Cybersecurity Interview Questions and Answers | CyberSecurity Interview Tips ...
Cybersecurity Interview Questions and Answers | CyberSecurity Interview Tips ...Cybersecurity Interview Questions and Answers | CyberSecurity Interview Tips ...
Cybersecurity Interview Questions and Answers | CyberSecurity Interview Tips ...
Edureka!
 
Insider Threat Protection | Seclore
Insider Threat Protection | SecloreInsider Threat Protection | Seclore
Insider Threat Protection | Seclore
Seclore
 
Navigating Cybersecurity
Navigating CybersecurityNavigating Cybersecurity
Navigating Cybersecurity
Segun Ebenezer Olaniyan
 

Recommended

SMB Network Security Checklist
SMB Network Security Checklist SMB Network Security Checklist
SMB Network Security Checklist
Mobeen Khan
 
Embracing Cybersecurity on Cloud Computing
Embracing Cybersecurity on Cloud ComputingEmbracing Cybersecurity on Cloud Computing
Embracing Cybersecurity on Cloud Computing
PECB
 
Network infrastructure security management solution - A holistic approach in ...
Network infrastructure security management solution - A holistic approach in ...Network infrastructure security management solution - A holistic approach in ...
Network infrastructure security management solution - A holistic approach in ...
Twinkle Sebastian
 
Information Security Lecture #1 ppt
Information Security Lecture #1 pptInformation Security Lecture #1 ppt
Information Security Lecture #1 ppt
vasanthimuniasamy
 
Review of Information Security Concepts
Review of Information Security ConceptsReview of Information Security Concepts
Review of Information Security Concepts
primeteacher32
 
Cybersecurity Interview Questions and Answers | CyberSecurity Interview Tips ...
Cybersecurity Interview Questions and Answers | CyberSecurity Interview Tips ...Cybersecurity Interview Questions and Answers | CyberSecurity Interview Tips ...
Cybersecurity Interview Questions and Answers | CyberSecurity Interview Tips ...
Edureka!
 
Insider Threat Protection | Seclore
Insider Threat Protection | SecloreInsider Threat Protection | Seclore
Insider Threat Protection | Seclore
Seclore
 
Navigating Cybersecurity
Navigating CybersecurityNavigating Cybersecurity
Navigating Cybersecurity
Segun Ebenezer Olaniyan
 
CYBERSECURITY - Best Practices,Concepts & Case Study (Mindmap)
CYBERSECURITY - Best Practices,Concepts & Case Study (Mindmap)CYBERSECURITY - Best Practices,Concepts & Case Study (Mindmap)
CYBERSECURITY - Best Practices,Concepts & Case Study (Mindmap)
WAJAHAT IQBAL
 
Ics & computer security for nuclear facilities
Ics & computer security for nuclear facilitiesIcs & computer security for nuclear facilities
Ics & computer security for nuclear facilities
omriyad
 
Cybersecurity concepts & Defense best practises
Cybersecurity concepts & Defense best practisesCybersecurity concepts & Defense best practises
Cybersecurity concepts & Defense best practises
WAJAHAT IQBAL
 
Benefits of investing in network security for it business
Benefits of investing in network security for it businessBenefits of investing in network security for it business
Benefits of investing in network security for it business
Vijilan IT Security solutions
 
Seclore For Microsoft 365 | Seclore
Seclore For Microsoft 365 | SecloreSeclore For Microsoft 365 | Seclore
Seclore For Microsoft 365 | Seclore
Seclore
 
Cloud Security is not equal to Cloud Data Security
Cloud Security is not equal to Cloud Data SecurityCloud Security is not equal to Cloud Data Security
Cloud Security is not equal to Cloud Data Security
Seclore
 
Ch01
Ch01Ch01
Ch01
Joe Christensen
 
Email Security Solutions | Seclore
Email Security Solutions | SecloreEmail Security Solutions | Seclore
Email Security Solutions | Seclore
Seclore
 
Basic Security Requirements
Basic Security RequirementsBasic Security Requirements
Basic Security Requirements
Steven Cahill
 
Network Security
Network SecurityNetwork Security
Network Security
Techknow Book
 
Web application firewall
Web application firewallWeb application firewall
Web application firewall
Aju Thomas
 
Progress towards security in the Cloud-Héctor Sánchez, Microsoft
Progress towards security in the Cloud-Héctor Sánchez, MicrosoftProgress towards security in the Cloud-Héctor Sánchez, Microsoft
Progress towards security in the Cloud-Héctor Sánchez, Microsoft
Mind the Byte
 
Cybersecurity Career Paths | Skills Required in Cybersecurity Career | Learn ...
Cybersecurity Career Paths | Skills Required in Cybersecurity Career | Learn ...Cybersecurity Career Paths | Skills Required in Cybersecurity Career | Learn ...
Cybersecurity Career Paths | Skills Required in Cybersecurity Career | Learn ...
Edureka!
 
Chapter 3, Data Protection vs Ransomware
Chapter 3, Data Protection vs RansomwareChapter 3, Data Protection vs Ransomware
Chapter 3, Data Protection vs Ransomware
Adi Saputra
 
Inbound Data Protection
Inbound Data ProtectionInbound Data Protection
Inbound Data Protection
Seclore
 
Cyber security-briefing-presentation
Cyber security-briefing-presentationCyber security-briefing-presentation
Cyber security-briefing-presentation
sathiyamaha
 
Compliance regulations with Data Centric Security | Seclore
Compliance regulations with Data Centric Security | SecloreCompliance regulations with Data Centric Security | Seclore
Compliance regulations with Data Centric Security | Seclore
Seclore
 
презентация1
презентация1презентация1
презентация1
sagidullaa01
 
OSI Security Architecture
OSI Security ArchitectureOSI Security Architecture
OSI Security Architecture
university of education,Lahore
 
Sizing the Cyber Skills Gap
Sizing the Cyber Skills GapSizing the Cyber Skills Gap
Sizing the Cyber Skills Gap
Stephen Cobb
 
CompTIA CySA+ Domain 2 Software and Systems Security.pptx
CompTIA CySA+ Domain 2 Software and Systems Security.pptxCompTIA CySA+ Domain 2 Software and Systems Security.pptx
CompTIA CySA+ Domain 2 Software and Systems Security.pptx
Infosectrain3
 
All About Network Security & its Essentials.pptx
All About Network Security & its Essentials.pptxAll About Network Security & its Essentials.pptx
All About Network Security & its Essentials.pptx
Infosectrain3
 

More Related Content

What's hot

Basic Security Requirements
Basic Security RequirementsBasic Security Requirements
Basic Security Requirements
Steven Cahill
 
Progress towards security in the Cloud-Héctor Sánchez, Microsoft
Progress towards security in the Cloud-Héctor Sánchez, MicrosoftProgress towards security in the Cloud-Héctor Sánchez, Microsoft
Progress towards security in the Cloud-Héctor Sánchez, Microsoft
Mind the Byte
 
Cyber security-briefing-presentation
Cyber security-briefing-presentationCyber security-briefing-presentation
Cyber security-briefing-presentation
sathiyamaha
 

What's hot (20)

CYBERSECURITY - Best Practices,Concepts & Case Study (Mindmap)
CYBERSECURITY - Best Practices,Concepts & Case Study (Mindmap)CYBERSECURITY - Best Practices,Concepts & Case Study (Mindmap)
CYBERSECURITY - Best Practices,Concepts & Case Study (Mindmap)
 
Ics & computer security for nuclear facilities
Ics & computer security for nuclear facilitiesIcs & computer security for nuclear facilities
Ics & computer security for nuclear facilities
 
Cybersecurity concepts & Defense best practises
Cybersecurity concepts & Defense best practisesCybersecurity concepts & Defense best practises
Cybersecurity concepts & Defense best practises
 
Benefits of investing in network security for it business
Benefits of investing in network security for it businessBenefits of investing in network security for it business
Benefits of investing in network security for it business
 
Seclore For Microsoft 365 | Seclore
Seclore For Microsoft 365 | SecloreSeclore For Microsoft 365 | Seclore
Seclore For Microsoft 365 | Seclore
 
Cloud Security is not equal to Cloud Data Security
Cloud Security is not equal to Cloud Data SecurityCloud Security is not equal to Cloud Data Security
Cloud Security is not equal to Cloud Data Security
 
Ch01
Ch01Ch01
Ch01
 
Email Security Solutions | Seclore
Email Security Solutions | SecloreEmail Security Solutions | Seclore
Email Security Solutions | Seclore
 
Basic Security Requirements
Basic Security RequirementsBasic Security Requirements
Basic Security Requirements
 
Network Security
Network SecurityNetwork Security
Network Security
 
Web application firewall
Web application firewallWeb application firewall
Web application firewall
 
Progress towards security in the Cloud-Héctor Sánchez, Microsoft
Progress towards security in the Cloud-Héctor Sánchez, MicrosoftProgress towards security in the Cloud-Héctor Sánchez, Microsoft
Progress towards security in the Cloud-Héctor Sánchez, Microsoft
 
Cybersecurity Career Paths | Skills Required in Cybersecurity Career | Learn ...
Cybersecurity Career Paths | Skills Required in Cybersecurity Career | Learn ...Cybersecurity Career Paths | Skills Required in Cybersecurity Career | Learn ...
Cybersecurity Career Paths | Skills Required in Cybersecurity Career | Learn ...
 
Chapter 3, Data Protection vs Ransomware
Chapter 3, Data Protection vs RansomwareChapter 3, Data Protection vs Ransomware
Chapter 3, Data Protection vs Ransomware
 
Inbound Data Protection
Inbound Data ProtectionInbound Data Protection
Inbound Data Protection
 
Cyber security-briefing-presentation
Cyber security-briefing-presentationCyber security-briefing-presentation
Cyber security-briefing-presentation
 
Compliance regulations with Data Centric Security | Seclore
Compliance regulations with Data Centric Security | SecloreCompliance regulations with Data Centric Security | Seclore
Compliance regulations with Data Centric Security | Seclore
 
презентация1
презентация1презентация1
презентация1
 
OSI Security Architecture
OSI Security ArchitectureOSI Security Architecture
OSI Security Architecture
 
Sizing the Cyber Skills Gap
Sizing the Cyber Skills GapSizing the Cyber Skills Gap
Sizing the Cyber Skills Gap
 

Similar to Ethical Hacking - Ferramentas Open Source para Pentest - Mateus Buogo - Tchelinux Caxias 2018

Network Security Is Important For Protecting Your Computer
Network Security Is Important For Protecting Your ComputerNetwork Security Is Important For Protecting Your Computer
Network Security Is Important For Protecting Your Computer
Angie Willis
 
BISS - 11nov2011
BISS - 11nov2011BISS - 11nov2011
BISS - 11nov2011
Agora Group
 
Toward Continuous Cybersecurity with Network Automation
Toward Continuous Cybersecurity with Network AutomationToward Continuous Cybersecurity with Network Automation
Toward Continuous Cybersecurity with Network Automation
E.S.G. JR. Consulting, Inc.
 
Toward Continuous Cybersecurity With Network Automation
Toward Continuous Cybersecurity With Network AutomationToward Continuous Cybersecurity With Network Automation
Toward Continuous Cybersecurity With Network Automation
Ken Flott
 
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security BriefingRamnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
guestb099f64c
 

Similar to Ethical Hacking - Ferramentas Open Source para Pentest - Mateus Buogo - Tchelinux Caxias 2018 (20)

CompTIA CySA+ Domain 2 Software and Systems Security.pptx
CompTIA CySA+ Domain 2 Software and Systems Security.pptxCompTIA CySA+ Domain 2 Software and Systems Security.pptx
CompTIA CySA+ Domain 2 Software and Systems Security.pptx
 
All About Network Security & its Essentials.pptx
All About Network Security & its Essentials.pptxAll About Network Security & its Essentials.pptx
All About Network Security & its Essentials.pptx
 
Cyber security for Developers
Cyber security for DevelopersCyber security for Developers
Cyber security for Developers
 
What i learned at issa international summit 2019
What i learned at issa international summit 2019What i learned at issa international summit 2019
What i learned at issa international summit 2019
 
Network Security Is Important For Protecting Your Computer
Network Security Is Important For Protecting Your ComputerNetwork Security Is Important For Protecting Your Computer
Network Security Is Important For Protecting Your Computer
 
Information security[277]
Information security[277]Information security[277]
Information security[277]
 
AUTOMATING CYBER RISK DETECTION AND PROTECTION WITH SOC 2.0
AUTOMATING CYBER RISK DETECTION AND PROTECTION WITH SOC 2.0AUTOMATING CYBER RISK DETECTION AND PROTECTION WITH SOC 2.0
AUTOMATING CYBER RISK DETECTION AND PROTECTION WITH SOC 2.0
 
Application Security: Safeguarding Data, Protecting Reputations
Application Security: Safeguarding Data, Protecting ReputationsApplication Security: Safeguarding Data, Protecting Reputations
Application Security: Safeguarding Data, Protecting Reputations
 
BISS - 11nov2011
BISS - 11nov2011BISS - 11nov2011
BISS - 11nov2011
 
Toward Continuous Cybersecurity with Network Automation
Toward Continuous Cybersecurity with Network AutomationToward Continuous Cybersecurity with Network Automation
Toward Continuous Cybersecurity with Network Automation
 
Toward Continuous Cybersecurity With Network Automation
Toward Continuous Cybersecurity With Network AutomationToward Continuous Cybersecurity With Network Automation
Toward Continuous Cybersecurity With Network Automation
 
CompTIA CySA Domain 1 Threat and Vulnerability Management.pptx
CompTIA CySA Domain 1 Threat and Vulnerability Management.pptxCompTIA CySA Domain 1 Threat and Vulnerability Management.pptx
CompTIA CySA Domain 1 Threat and Vulnerability Management.pptx
 
The new era of Cyber Security IEC62443
The new era of Cyber Security IEC62443The new era of Cyber Security IEC62443
The new era of Cyber Security IEC62443
 
Asset Discovery in India – Redhunt Labs
Asset Discovery in India – Redhunt LabsAsset Discovery in India – Redhunt Labs
Asset Discovery in India – Redhunt Labs
 
Security Risks: The Threat is Real
Security Risks: The Threat is RealSecurity Risks: The Threat is Real
Security Risks: The Threat is Real
 
Ethical Hacking Course
Ethical Hacking CourseEthical Hacking Course
Ethical Hacking Course
 
Anatomy of a cyber attack
Anatomy of a cyber attackAnatomy of a cyber attack
Anatomy of a cyber attack
 
Ramnish Singh Platform Security Briefing
Ramnish Singh Platform Security BriefingRamnish Singh Platform Security Briefing
Ramnish Singh Platform Security Briefing
 
ITrust Cybersecurity Services - Datasheet EN
ITrust Cybersecurity Services - Datasheet ENITrust Cybersecurity Services - Datasheet EN
ITrust Cybersecurity Services - Datasheet EN
 
"Evolving Cybersecurity Strategies" - Identity is the new security boundary
"Evolving Cybersecurity Strategies" - Identity is the new security boundary"Evolving Cybersecurity Strategies" - Identity is the new security boundary
"Evolving Cybersecurity Strategies" - Identity is the new security boundary
 

More from Tchelinux

Do Zero ao YouTube em menos de 10 softwares livres - Vinícius Alves Hax - Tch...
Do Zero ao YouTube em menos de 10 softwares livres - Vinícius Alves Hax - Tch...Do Zero ao YouTube em menos de 10 softwares livres - Vinícius Alves Hax - Tch...
Do Zero ao YouTube em menos de 10 softwares livres - Vinícius Alves Hax - Tch...
Tchelinux
 
Insegurança na Internet - Diego Luiz Silva da Costa - Tchelinux 2019 Rio Grande
Insegurança na Internet - Diego Luiz Silva da Costa - Tchelinux 2019 Rio GrandeInsegurança na Internet - Diego Luiz Silva da Costa - Tchelinux 2019 Rio Grande
Insegurança na Internet - Diego Luiz Silva da Costa - Tchelinux 2019 Rio Grande
Tchelinux
 
Explorando Editores de Texto Open Source - Gabriel Prestes Ritta - Tchelinux ...
Explorando Editores de Texto Open Source - Gabriel Prestes Ritta - Tchelinux ...Explorando Editores de Texto Open Source - Gabriel Prestes Ritta - Tchelinux ...
Explorando Editores de Texto Open Source - Gabriel Prestes Ritta - Tchelinux ...
Tchelinux
 
Desenvolvendo Jogos com PyGame - Jerônimo Medina Madruga - Tchelinux 2019 Rio...
Desenvolvendo Jogos com PyGame - Jerônimo Medina Madruga - Tchelinux 2019 Rio...Desenvolvendo Jogos com PyGame - Jerônimo Medina Madruga - Tchelinux 2019 Rio...
Desenvolvendo Jogos com PyGame - Jerônimo Medina Madruga - Tchelinux 2019 Rio...
Tchelinux
 
APIs, REST e RESTful: O que os programadores precisam saber? - Marcos Echevar...
APIs, REST e RESTful: O que os programadores precisam saber? - Marcos Echevar...APIs, REST e RESTful: O que os programadores precisam saber? - Marcos Echevar...
APIs, REST e RESTful: O que os programadores precisam saber? - Marcos Echevar...
Tchelinux
 
Shell Script: Seu melhor amigo na automatização de instalações e configuraçõe...
Shell Script: Seu melhor amigo na automatização de instalações e configuraçõe...Shell Script: Seu melhor amigo na automatização de instalações e configuraçõe...
Shell Script: Seu melhor amigo na automatização de instalações e configuraçõe...
Tchelinux
 
Introdução à programação funcional com Clojure - Victor Hechel Colares - Tche...
Introdução à programação funcional com Clojure - Victor Hechel Colares - Tche...Introdução à programação funcional com Clojure - Victor Hechel Colares - Tche...
Introdução à programação funcional com Clojure - Victor Hechel Colares - Tche...
Tchelinux
 
Bikeshedding - Márcio Josué Ramos Torres - Tchelinux 2019 Rio Grande
Bikeshedding - Márcio Josué Ramos Torres - Tchelinux 2019 Rio GrandeBikeshedding - Márcio Josué Ramos Torres - Tchelinux 2019 Rio Grande
Bikeshedding - Márcio Josué Ramos Torres - Tchelinux 2019 Rio Grande
Tchelinux
 
A tecnologia no futuro e nas mãos de quem ela estará - Jaqueline Trevizan, Ne...
A tecnologia no futuro e nas mãos de quem ela estará - Jaqueline Trevizan, Ne...A tecnologia no futuro e nas mãos de quem ela estará - Jaqueline Trevizan, Ne...
A tecnologia no futuro e nas mãos de quem ela estará - Jaqueline Trevizan, Ne...
Tchelinux
 

More from Tchelinux (20)

Do Zero ao YouTube em menos de 10 softwares livres - Vinícius Alves Hax - Tch...
Do Zero ao YouTube em menos de 10 softwares livres - Vinícius Alves Hax - Tch...Do Zero ao YouTube em menos de 10 softwares livres - Vinícius Alves Hax - Tch...
Do Zero ao YouTube em menos de 10 softwares livres - Vinícius Alves Hax - Tch...
 
Insegurança na Internet - Diego Luiz Silva da Costa - Tchelinux 2019 Rio Grande
Insegurança na Internet - Diego Luiz Silva da Costa - Tchelinux 2019 Rio GrandeInsegurança na Internet - Diego Luiz Silva da Costa - Tchelinux 2019 Rio Grande
Insegurança na Internet - Diego Luiz Silva da Costa - Tchelinux 2019 Rio Grande
 
Explorando Editores de Texto Open Source - Gabriel Prestes Ritta - Tchelinux ...
Explorando Editores de Texto Open Source - Gabriel Prestes Ritta - Tchelinux ...Explorando Editores de Texto Open Source - Gabriel Prestes Ritta - Tchelinux ...
Explorando Editores de Texto Open Source - Gabriel Prestes Ritta - Tchelinux ...
 
Desenvolvendo Jogos com PyGame - Jerônimo Medina Madruga - Tchelinux 2019 Rio...
Desenvolvendo Jogos com PyGame - Jerônimo Medina Madruga - Tchelinux 2019 Rio...Desenvolvendo Jogos com PyGame - Jerônimo Medina Madruga - Tchelinux 2019 Rio...
Desenvolvendo Jogos com PyGame - Jerônimo Medina Madruga - Tchelinux 2019 Rio...
 
Me formei. E agora? - Matheus Cezar - Tchelinux 2019 Rio Grande
Me formei. E agora? - Matheus Cezar - Tchelinux 2019 Rio GrandeMe formei. E agora? - Matheus Cezar - Tchelinux 2019 Rio Grande
Me formei. E agora? - Matheus Cezar - Tchelinux 2019 Rio Grande
 
APIs, REST e RESTful: O que os programadores precisam saber? - Marcos Echevar...
APIs, REST e RESTful: O que os programadores precisam saber? - Marcos Echevar...APIs, REST e RESTful: O que os programadores precisam saber? - Marcos Echevar...
APIs, REST e RESTful: O que os programadores precisam saber? - Marcos Echevar...
 
Shell Script: Seu melhor amigo na automatização de instalações e configuraçõe...
Shell Script: Seu melhor amigo na automatização de instalações e configuraçõe...Shell Script: Seu melhor amigo na automatização de instalações e configuraçõe...
Shell Script: Seu melhor amigo na automatização de instalações e configuraçõe...
 
WebRTC: Comunicação aberta em tempo real - Nelson Dutra Junior - Tchelinux 20...
WebRTC: Comunicação aberta em tempo real - Nelson Dutra Junior - Tchelinux 20...WebRTC: Comunicação aberta em tempo real - Nelson Dutra Junior - Tchelinux 20...
WebRTC: Comunicação aberta em tempo real - Nelson Dutra Junior - Tchelinux 20...
 
Introdução à programação funcional com Clojure - Victor Hechel Colares - Tche...
Introdução à programação funcional com Clojure - Victor Hechel Colares - Tche...Introdução à programação funcional com Clojure - Victor Hechel Colares - Tche...
Introdução à programação funcional com Clojure - Victor Hechel Colares - Tche...
 
Construindo um Data Warehouse - Vítor Resing Plentz - Tchelinux 2019 Rio Grande
Construindo um Data Warehouse - Vítor Resing Plentz - Tchelinux 2019 Rio GrandeConstruindo um Data Warehouse - Vítor Resing Plentz - Tchelinux 2019 Rio Grande
Construindo um Data Warehouse - Vítor Resing Plentz - Tchelinux 2019 Rio Grande
 
Bikeshedding - Márcio Josué Ramos Torres - Tchelinux 2019 Rio Grande
Bikeshedding - Márcio Josué Ramos Torres - Tchelinux 2019 Rio GrandeBikeshedding - Márcio Josué Ramos Torres - Tchelinux 2019 Rio Grande
Bikeshedding - Márcio Josué Ramos Torres - Tchelinux 2019 Rio Grande
 
Produção de textos com Latex - Samuel Francisco Ferrigo - Tchelinux Caxias do...
Produção de textos com Latex - Samuel Francisco Ferrigo - Tchelinux Caxias do...Produção de textos com Latex - Samuel Francisco Ferrigo - Tchelinux Caxias do...
Produção de textos com Latex - Samuel Francisco Ferrigo - Tchelinux Caxias do...
 
A tecnologia no futuro e nas mãos de quem ela estará - Jaqueline Trevizan, Ne...
A tecnologia no futuro e nas mãos de quem ela estará - Jaqueline Trevizan, Ne...A tecnologia no futuro e nas mãos de quem ela estará - Jaqueline Trevizan, Ne...
A tecnologia no futuro e nas mãos de quem ela estará - Jaqueline Trevizan, Ne...
 
oVirt uma solução de virtualização distribuída opensource - Daniel Lara - Tch...
oVirt uma solução de virtualização distribuída opensource - Daniel Lara - Tch...oVirt uma solução de virtualização distribuída opensource - Daniel Lara - Tch...
oVirt uma solução de virtualização distribuída opensource - Daniel Lara - Tch...
 
Sistemas Embarcados e Buildroot - Renato Severo - Tchelinux Caxias do Sul 2019
Sistemas Embarcados e Buildroot - Renato Severo - Tchelinux Caxias do Sul 2019Sistemas Embarcados e Buildroot - Renato Severo - Tchelinux Caxias do Sul 2019
Sistemas Embarcados e Buildroot - Renato Severo - Tchelinux Caxias do Sul 2019
 
Com que ônibus eu vou? Uma gentil introdução ao Python.
Com que ônibus eu vou? Uma gentil introdução ao Python.Com que ônibus eu vou? Uma gentil introdução ao Python.
Com que ônibus eu vou? Uma gentil introdução ao Python.
 
O TCC... um dia ele chega! (The beautiful and easy LaTeX way.
O TCC... um dia ele chega! (The beautiful and easy LaTeX way.O TCC... um dia ele chega! (The beautiful and easy LaTeX way.
O TCC... um dia ele chega! (The beautiful and easy LaTeX way.
 
Não deixe para testar depois o que você pode testar antes.
Não deixe para testar depois o que você pode testar antes. Não deixe para testar depois o que você pode testar antes.
Não deixe para testar depois o que você pode testar antes.
 
Desenvolvendo jogos com pygame
Desenvolvendo jogos com pygameDesenvolvendo jogos com pygame
Desenvolvendo jogos com pygame
 
Essa câmera faz fotos muito boas, né?
Essa câmera faz fotos muito boas, né?Essa câmera faz fotos muito boas, né?
Essa câmera faz fotos muito boas, né?
 

Recently uploaded

08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
Delhi Call girls
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
Earley Information Science
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
Enterprise Knowledge
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
UK Journal
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
Delhi Call girls
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Igalia
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
 

Recently uploaded (20)

GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Evaluating the top large language models.pdf
Evaluating the top large language models.pdfEvaluating the top large language models.pdf
Evaluating the top large language models.pdf
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 

Ethical Hacking - Ferramentas Open Source para Pentest - Mateus Buogo - Tchelinux Caxias 2018

  • 2. Quem sou eu? Nome: Mateus Buogo Formação: Redes de Computadores – UNIFTEC / MBA Administração de TI – UNISINOS / Mestrando em Educação - UCS Cursos: ITIL Avançado; ISO27001 e ISO27002; Configuring and Troubleshooting a Windows Server; Administração de Servidores Linux; Ethical Hacking, Enterprise Security Fundamentals, IIT Support: Cloud Fundamentals; Microsoft Azure Virtual Networks; Windows Server 2016: Azure for On- Premises Administrators, Windows Server 2016 Infrastructure, Windows Sever 2016 Network Advanced. Experiência Profissional: Analista de Suporte de Infraestrutura de TI Experiência Acadêmica: Segurança em Redes, Sistemas Operacionais, Governança de TI, Serviços de Redes e Segurança da Informação
  • 3. Ethical Hacking Vulnerability management is a core element in modern information technology (IT) compliance. IT compliance is defined as the adherence to legal, corporate and contractual rules and regulations as they relate to IT infrastructures. Within its context IT compliance mainly relates to information security, availability, storage and privacy. Companies and agencies have to comply with many legal obligations in this area. http://www.openvas.org/
  • 4. Ethical Hacking The control and improvement in IT security is an ongoing process that consists at a minimum of these three steps: ● Discovery of the current state ● Taking actions to improve the current state ● Review of the measures taken http://www.openvas.org/
  • 5. Ethical Hacking ● Technology lag ● Application development security ● Skill gap ● Asymmetry of attack and defense ● Increasing availability and sophistication of attack tools ● Monetization of malware ● Automation of Detection ● Internet of Things ● Transition to the cloud ● Increasing regulation INF246x - Enterprise Security Fundamentals - edx.org
  • 6. Ethical Hacking When considering the cybersecurity landscape, it’s important to note that the versions of products that organizations have deployed exist on a spectrum, with a small number of organizations running the latest versions, most organizations running older but still supported versions, and a substantial number of organizations running information systems that are no longer supported by the vendor. It’s usually the organizations running outdated or unsupported products that you hear about when a large cybersecurity incident occurs. For example, the 2017 WannaCry ransomware attack disproportionally impacted organizations that had servers running the Windows Server 2003 operating system where the ports that are used for SMB storage protocol were exposed to the internet. INF246x - Enterprise Security Fundamentals - edx.org
  • 7. Ethical Hacking The recent Global Information and Security Workforce Study by the Center for Cyber Safety and Education projected a global shortfall of 1.8 million information security workers by 2022. INF246x - Enterprise Security Fundamentals - edx.org
  • 8.
  • 9. Ethical Hacking Um Hacker Ético é um especialista em sistemas e redes de computadores que conhece as técnicas e métodos utilizados para se encontrar vulnerabilidades de segurança em softwares e redes corporativas. Antes de mais nada, um hacker é um especialista em sistemas e redes de computadores. Ele conhece muito bem a base teórica e prática do funcionamento de sistemas e redes. http://profissaohacker.com/
  • 10. Ethical Hacking Pen Tester: Salário médio de 2015: R$6.500 – 14.000 Desenvolvedor: Salário médio de 2015: R$6.500 – 12.000 Profissional de infraestrutura: Salário médio de 2015: R$4.000 – 7.000 http://aratuonline.com.br/noticias/mundo-hacker-conheca-os-perfis-salarios-e-como-esta-o-mercado-para-profissionais-da- tecnologia/?utm_content=bufferbc9f4&utm_medium=social&utm_source=facebook.com&utm_campaign=buffer
  • 11. Ethical Hacking Nível 1 – Júnior - Tool based Penetration Nível 2 - Pleno Coding based Penetration Nível 3 – Sênior Vulnerability Researcher
  • 13. Ferramentas ● DIG ● DIRB ● NMAP ● NETCAT ● SN1PER