Download to read offline
Penetration Testing ethical pen testing.pptx
- 1.
- 2. Key words • VirtualMachine:- A "virtual machine" defined as "an efficient, isolated duplicate of a real computer machine. "Current use includes virtual machines that have no direct correspondence to any real hardware. The physical, "real-world" hardware running the VM is generally referred to as the 'host', and the virtual machine emulated on that machine is generally referred to as the 'guest'. A host can emulate several guests, each of which can emulate different operating systems and hardware platforms.
- 3. Key words • API-Anapplication program interface (API) is a set of routines, protocols, and tools for building software applications. Basically, an API specifies how software components should interact. Additionally, APIs are used when programming graphical user interface (GUI) components. • An application programming interface (API) is an interface or communication protocol between a client and a server intended to simplify the building of client-side software.
- 4. Specification of machines Spec Listof spec goes here
- 5. Specification of machines Spec Listof spec goes here
- 6. Additional Hardware required Router •Information on router Wifi Dongle • Information on router
- 7. Software required • VMware • Linux Operating System • Software x-Linux based tool for Pen Testing
- 8.
- 9. Virtual Machine • Thevirtual machine is to be installed on the host machine and will act as guest. • It will be allocated processor power and RAM. • This creates a sandboxed environment that ensures an isolated environment (see next slide for further information)
- 10. Sandboxing • Sandboxing isa software management strategy that isolates applications from critical system resources and other programs. It provides an extra layer of security that prevents malware or harmful applications from negatively affecting your system. • Without sandboxing, an application may have unrestricted access to all system resources and user data on a computer. A sandboxed app on the other hand, can only access resources in its own "sandbox." An application's sandbox is a limited area of storage space and memory that contains the only resources the program requires. If a program needs to access resources or files outside the sandbox, permission must be explicitly granted by the system. • For example, when a sandboxed app is installed in OS X, a specific directory is created for that application's sandbox. The app is given unlimited read and write access to the sandboxed directory, but it is not allowed to read or write any other files on the computer's storage device unless it is authorized by the system. This access is commonly granted using the Open or Save dialog box, both of which require direct user input.
- 11. Sandboxing All the threats arecontained to the sandbox environment (Comment credited to Year 12 Student ICT 2019)
- 12. VM Ware Hardwareresource use explained
- 13. Host Machine Virtual Machineand Sandboxing explained VM Ware installed on Host machine The VM Ware is now referred to as a guest on the Host machine It is now operating in a Sandboxed environment that provides additional security VM WARE
- 14. Using the Softwaretools
- 15. Types of attacks •DDos • Brute force attacks • SQL Injection • Key loggers • Network Flooding • Osint
- 16. Network Flooding • Ina network, flooding is the forwarding by a router of a packet from any node to every other node attached to the router except the node from which the packet arrived. Flooding is a way to distribute routing information updates quickly to every node in a large network