Sunday, September 29, 2013
Hacker: Some getting started to you play around with Security and Penetration test
Today we going to talk a little bit about security like vulnerabilities that your Operation System (OS) can have and let people get remote control over it. First, I will just make clear that the hacker term I refereed in the title is a person which want very much to archive something and will learn every detail about that subject to archive their goal, so I will avoid to discuss the term here (like the MIT or GNU definition).
For those who are new, on of the most used tool in security is Metasploit, which it is a tools with tons of exploits of many applications/OS. You can find a more friendly front-end that also provides a workflow and tools on top of Metasploit called Armitage.
Talking about tools, one nice website to find some articles about new security tools and releases is toolswatch. There you can find tool such as oclHashcat (a password recover tool), wifite (Wifi auditor tool) and many others.
You might also give a try on some OS for penetration (pen) test like Kali Linux (or the old Backtrack, which basically is the same distro with just some changes in internal organisation ) and others. They come with tons and more tons of useful tools to you test the security of your application or security site.
As these months we have talked more about security and NSA, I have also a nice tool that can help. For some private chat, I would recommend cryptocat, which is not a silver bullet for every security problem (for example, it doesn't solve the keylogger that you can have unintended installed in your device) but it is very secure to make your chats private for the rest of the world.
The last thing I would like to share with you is this lecture from Etsy about how they deal with security and some more about the subject.
Thank for reading and hope you enjoyed =)