SlideShare a Scribd company logo

Ethical Hacking & Penetration Testing

Surachai Chatchalermpun
Surachai Chatchalermpun

Ethical Hacking & Penetration Testing For education only.

Technology
1 of 50
Download to read offline
Ethical Hacking & Penetration Test ting Bachelor Degree in Computer Engineering (CPE) Faculty of Engineering, KMUTT 18-Sep_2009 Surachai Chatchalermpun
Global Certificate • EC-Council – CEH (Certified Ethical Hacker) – ECSA (EC-Council Certified Security Analyst) – LPT (Lice sensed Penetration Tester) • SANS GIAC (Global Information Assurance Certification) – GPEN (GIAC Certified Penetration Tester ) – GWAPT (GIAC Web Application Penetration Tester) • OSSTMM (The Open Source Security Testing Methodology Manual) – OPST (OSSTMM PROFESSIONAL SECURITY TESTER ACCREDITED CERTIFICATION) – OPSA (OSSTMM PROFESSIONAL SECURITY ANALYST ACCREDITED CERTIFICATION) • NIST (SP800-115) – OPSE (OSSTMM PROFESSIONAL SECURITY EXPERT ACCREDITED CERTIFICATION) OSSTMM • Mile2 – CPTEngineer (Certified Pen Testing Engineer) Government-US with standards such as the NSA Infrastructure Evaluation Methodology (IEM). Open Web Application Security Project (OWASP) provides a framework of recommendations 2
OSSTMM • NIST (SP800-115) 3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50

Recommended

Introduction to penetration testing
Introduction to penetration testingIntroduction to penetration testing
Introduction to penetration testingAmine SAIGHI
 
NETWORK PENETRATION TESTING
NETWORK PENETRATION TESTINGNETWORK PENETRATION TESTING
NETWORK PENETRATION TESTINGEr Vivek Rana
 
Penetration Testing vs. Vulnerability Scanning
Penetration Testing vs. Vulnerability ScanningPenetration Testing vs. Vulnerability Scanning
Penetration Testing vs. Vulnerability ScanningSecurityMetrics
 
Penetration Testing Execution Phases
Penetration Testing Execution Phases Penetration Testing Execution Phases
Penetration Testing Execution Phases Nasir Bhutta
 
Penetration testing in wireless network
Penetration testing in wireless networkPenetration testing in wireless network
Penetration testing in wireless networkHadi Fadlallah
 
Ethical Hacking and Penetration Testing
Ethical Hacking and Penetration Testing Ethical Hacking and Penetration Testing
Ethical Hacking and Penetration Testing Rishabh Upadhyay
 
Penetration testing, What’s this?
Penetration testing, What’s this?Penetration testing, What’s this?
Penetration testing, What’s this?Dmitry Evteev
 
DC612 Day - Hands on Penetration Testing 101
DC612 Day - Hands on Penetration Testing 101DC612 Day - Hands on Penetration Testing 101
DC612 Day - Hands on Penetration Testing 101dc612
 

Recommended

Introduction to penetration testing
Introduction to penetration testingIntroduction to penetration testing
Introduction to penetration testingAmine SAIGHI
 
NETWORK PENETRATION TESTING
NETWORK PENETRATION TESTINGNETWORK PENETRATION TESTING
NETWORK PENETRATION TESTINGEr Vivek Rana
 
Penetration Testing vs. Vulnerability Scanning
Penetration Testing vs. Vulnerability ScanningPenetration Testing vs. Vulnerability Scanning
Penetration Testing vs. Vulnerability ScanningSecurityMetrics
 
Penetration Testing Execution Phases
Penetration Testing Execution Phases Penetration Testing Execution Phases
Penetration Testing Execution Phases Nasir Bhutta
 
Penetration testing in wireless network
Penetration testing in wireless networkPenetration testing in wireless network
Penetration testing in wireless networkHadi Fadlallah
 
Ethical Hacking and Penetration Testing
Ethical Hacking and Penetration Testing Ethical Hacking and Penetration Testing
Ethical Hacking and Penetration Testing Rishabh Upadhyay
 
Penetration testing, What’s this?
Penetration testing, What’s this?Penetration testing, What’s this?
Penetration testing, What’s this?Dmitry Evteev
 
DC612 Day - Hands on Penetration Testing 101
DC612 Day - Hands on Penetration Testing 101DC612 Day - Hands on Penetration Testing 101
DC612 Day - Hands on Penetration Testing 101dc612
 
Vulnerability assessment and penetration testing
Vulnerability assessment and penetration testingVulnerability assessment and penetration testing
Vulnerability assessment and penetration testingAbu Sadat Mohammed Yasin
 
Vulnerability and Assessment Penetration Testing
Vulnerability and Assessment Penetration TestingVulnerability and Assessment Penetration Testing
Vulnerability and Assessment Penetration TestingYvonne Marambanyika
 
Web application Testing
Web application TestingWeb application Testing
Web application TestingOWASP Foundation
 
Client-Side Penetration Testing Presentation
Client-Side Penetration Testing PresentationClient-Side Penetration Testing Presentation
Client-Side Penetration Testing PresentationChris Gates
 
WTF is Penetration Testing v.2
WTF is Penetration Testing v.2WTF is Penetration Testing v.2
WTF is Penetration Testing v.2Scott Sutherland
 
Penetration testing & Ethical Hacking
Penetration testing & Ethical HackingPenetration testing & Ethical Hacking
Penetration testing & Ethical HackingS.E. CTS CERT-GOV-MD
 
What is Penetration & Penetration test ?
What is Penetration & Penetration test ?What is Penetration & Penetration test ?
What is Penetration & Penetration test ?Bhavin Shah
 
Penetration testing reporting and methodology
Penetration testing reporting and methodologyPenetration testing reporting and methodology
Penetration testing reporting and methodologyRashad Aliyev
 
How Ethical Hacking is Healthy for Business
How Ethical Hacking is Healthy for BusinessHow Ethical Hacking is Healthy for Business
How Ethical Hacking is Healthy for BusinessSecurityMetrics
 
Info Security - Vulnerability Assessment
Info Security - Vulnerability AssessmentInfo Security - Vulnerability Assessment
Info Security - Vulnerability AssessmentMarcelo Silva
 
Penetration Testing Services
Penetration Testing ServicesPenetration Testing Services
Penetration Testing ServicesCyber 51 LLC
 
Vapt pci dss methodology ppt v1.0
Vapt pci dss methodology ppt v1.0Vapt pci dss methodology ppt v1.0
Vapt pci dss methodology ppt v1.0Network Intelligence India
 
What is pentest
What is pentestWhat is pentest
What is pentestitissolutions
 
VAPT Services by prime
VAPT Services by primeVAPT Services by prime
VAPT Services by primePrime Infoserv
 
AlienVault Brute Force Attacks- Keeping the Bots at Bay with AlienVault USM +...
AlienVault Brute Force Attacks- Keeping the Bots at Bay with AlienVault USM +...AlienVault Brute Force Attacks- Keeping the Bots at Bay with AlienVault USM +...
AlienVault Brute Force Attacks- Keeping the Bots at Bay with AlienVault USM +...AlienVault
 
OTG - Practical Hands on VAPT
OTG - Practical Hands on VAPTOTG - Practical Hands on VAPT
OTG - Practical Hands on VAPTshiriskumar
 
RIoT (Raiding Internet of Things) by Jacob Holcomb
RIoT (Raiding Internet of Things) by Jacob HolcombRIoT (Raiding Internet of Things) by Jacob Holcomb
RIoT (Raiding Internet of Things) by Jacob HolcombPriyanka Aash
 
VAPT, Ethical Hacking and Laws in India by prashant mali
VAPT, Ethical Hacking and Laws in India by prashant maliVAPT, Ethical Hacking and Laws in India by prashant mali
VAPT, Ethical Hacking and Laws in India by prashant maliAdv. Prashant Mali ♛ [Bsc(Phy),MSc(Comp Sci), CCFP,CISSA,LLM]
 
Penetration Testing Services, Penetration Testing
Penetration Testing Services, Penetration TestingPenetration Testing Services, Penetration Testing
Penetration Testing Services, Penetration TestingeNinja Technologies
 
Penetration testing
Penetration testingPenetration testing
Penetration testingAmmar WK
 
Metasploit for Penetration Testing: Beginner Class
Metasploit for Penetration Testing: Beginner ClassMetasploit for Penetration Testing: Beginner Class
Metasploit for Penetration Testing: Beginner ClassGeorgia Weidman
 
Penetration Testing Basics
Penetration Testing BasicsPenetration Testing Basics
Penetration Testing BasicsRick Wanner
 

More Related Content

What's hot

Vulnerability assessment and penetration testing
Vulnerability assessment and penetration testingVulnerability assessment and penetration testing
Vulnerability assessment and penetration testingAbu Sadat Mohammed Yasin
 
Vulnerability and Assessment Penetration Testing
Vulnerability and Assessment Penetration TestingVulnerability and Assessment Penetration Testing
Vulnerability and Assessment Penetration TestingYvonne Marambanyika
 
Client-Side Penetration Testing Presentation
Client-Side Penetration Testing PresentationClient-Side Penetration Testing Presentation
Client-Side Penetration Testing PresentationChris Gates
 
WTF is Penetration Testing v.2
WTF is Penetration Testing v.2WTF is Penetration Testing v.2
WTF is Penetration Testing v.2Scott Sutherland
 
Penetration testing & Ethical Hacking
Penetration testing & Ethical HackingPenetration testing & Ethical Hacking
Penetration testing & Ethical HackingS.E. CTS CERT-GOV-MD
 
What is Penetration & Penetration test ?
What is Penetration & Penetration test ?What is Penetration & Penetration test ?
What is Penetration & Penetration test ?Bhavin Shah
 
Penetration testing reporting and methodology
Penetration testing reporting and methodologyPenetration testing reporting and methodology
Penetration testing reporting and methodologyRashad Aliyev
 
How Ethical Hacking is Healthy for Business
How Ethical Hacking is Healthy for BusinessHow Ethical Hacking is Healthy for Business
How Ethical Hacking is Healthy for BusinessSecurityMetrics
 
Info Security - Vulnerability Assessment
Info Security - Vulnerability AssessmentInfo Security - Vulnerability Assessment
Info Security - Vulnerability AssessmentMarcelo Silva
 
Penetration Testing Services
Penetration Testing ServicesPenetration Testing Services
Penetration Testing ServicesCyber 51 LLC
 
VAPT Services by prime
VAPT Services by primeVAPT Services by prime
VAPT Services by primePrime Infoserv
 
AlienVault Brute Force Attacks- Keeping the Bots at Bay with AlienVault USM +...
AlienVault Brute Force Attacks- Keeping the Bots at Bay with AlienVault USM +...AlienVault Brute Force Attacks- Keeping the Bots at Bay with AlienVault USM +...
AlienVault Brute Force Attacks- Keeping the Bots at Bay with AlienVault USM +...AlienVault
 
OTG - Practical Hands on VAPT
OTG - Practical Hands on VAPTOTG - Practical Hands on VAPT
OTG - Practical Hands on VAPTshiriskumar
 
RIoT (Raiding Internet of Things) by Jacob Holcomb
RIoT (Raiding Internet of Things) by Jacob HolcombRIoT (Raiding Internet of Things) by Jacob Holcomb
RIoT (Raiding Internet of Things) by Jacob HolcombPriyanka Aash
 
Penetration Testing Services, Penetration Testing
Penetration Testing Services, Penetration TestingPenetration Testing Services, Penetration Testing
Penetration Testing Services, Penetration TestingeNinja Technologies
 

What's hot (19)

Vulnerability assessment and penetration testing
Vulnerability assessment and penetration testingVulnerability assessment and penetration testing
Vulnerability assessment and penetration testing
 
Vulnerability and Assessment Penetration Testing
Vulnerability and Assessment Penetration TestingVulnerability and Assessment Penetration Testing
Vulnerability and Assessment Penetration Testing
 
Web application Testing
Web application TestingWeb application Testing
Web application Testing
 
Client-Side Penetration Testing Presentation
Client-Side Penetration Testing PresentationClient-Side Penetration Testing Presentation
Client-Side Penetration Testing Presentation
 
WTF is Penetration Testing v.2
WTF is Penetration Testing v.2WTF is Penetration Testing v.2
WTF is Penetration Testing v.2
 
Penetration testing & Ethical Hacking
Penetration testing & Ethical HackingPenetration testing & Ethical Hacking
Penetration testing & Ethical Hacking
 
What is Penetration & Penetration test ?
What is Penetration & Penetration test ?What is Penetration & Penetration test ?
What is Penetration & Penetration test ?
 
Penetration testing reporting and methodology
Penetration testing reporting and methodologyPenetration testing reporting and methodology
Penetration testing reporting and methodology
 
How Ethical Hacking is Healthy for Business
How Ethical Hacking is Healthy for BusinessHow Ethical Hacking is Healthy for Business
How Ethical Hacking is Healthy for Business
 
Info Security - Vulnerability Assessment
Info Security - Vulnerability AssessmentInfo Security - Vulnerability Assessment
Info Security - Vulnerability Assessment
 
Penetration Testing Services
Penetration Testing ServicesPenetration Testing Services
Penetration Testing Services
 
Vapt pci dss methodology ppt v1.0
Vapt pci dss methodology ppt v1.0Vapt pci dss methodology ppt v1.0
Vapt pci dss methodology ppt v1.0
 
What is pentest
What is pentestWhat is pentest
What is pentest
 
VAPT Services by prime
VAPT Services by primeVAPT Services by prime
VAPT Services by prime
 
AlienVault Brute Force Attacks- Keeping the Bots at Bay with AlienVault USM +...
AlienVault Brute Force Attacks- Keeping the Bots at Bay with AlienVault USM +...AlienVault Brute Force Attacks- Keeping the Bots at Bay with AlienVault USM +...
AlienVault Brute Force Attacks- Keeping the Bots at Bay with AlienVault USM +...
 
OTG - Practical Hands on VAPT
OTG - Practical Hands on VAPTOTG - Practical Hands on VAPT
OTG - Practical Hands on VAPT
 
RIoT (Raiding Internet of Things) by Jacob Holcomb
RIoT (Raiding Internet of Things) by Jacob HolcombRIoT (Raiding Internet of Things) by Jacob Holcomb
RIoT (Raiding Internet of Things) by Jacob Holcomb
 
VAPT, Ethical Hacking and Laws in India by prashant mali
VAPT, Ethical Hacking and Laws in India by prashant maliVAPT, Ethical Hacking and Laws in India by prashant mali
VAPT, Ethical Hacking and Laws in India by prashant mali
 
Penetration Testing Services, Penetration Testing
Penetration Testing Services, Penetration TestingPenetration Testing Services, Penetration Testing
Penetration Testing Services, Penetration Testing
 

Viewers also liked

Penetration testing
Penetration testingPenetration testing
Penetration testingAmmar WK
 
Metasploit for Penetration Testing: Beginner Class
Metasploit for Penetration Testing: Beginner ClassMetasploit for Penetration Testing: Beginner Class
Metasploit for Penetration Testing: Beginner ClassGeorgia Weidman
 
Penetration Testing Basics
Penetration Testing BasicsPenetration Testing Basics
Penetration Testing BasicsRick Wanner
 
Introduction to Penetration Testing
Introduction to Penetration TestingIntroduction to Penetration Testing
Introduction to Penetration TestingAndrew McNicol
 
Kali Linux, Introduction to Ethical Hacking and Penetration Tools
Kali Linux, Introduction to Ethical Hacking and Penetration ToolsKali Linux, Introduction to Ethical Hacking and Penetration Tools
Kali Linux, Introduction to Ethical Hacking and Penetration ToolsRassoul Ghaznavi Zadeh
 
Vulnerability Assessment and Penetration Testing Report
Vulnerability Assessment and Penetration Testing Report Vulnerability Assessment and Penetration Testing Report
Vulnerability Assessment and Penetration Testing Report Rishabh Upadhyay
 
Penetration Testing
Penetration Testing Penetration Testing
Penetration Testing RomSoft SRL
 
Ethical Hacking & Penetration Testing
Ethical Hacking & Penetration TestingEthical Hacking & Penetration Testing
Ethical Hacking & Penetration Testingecmee
 
Tipos de Pentest
Tipos de PentestTipos de Pentest
Tipos de PentestRafael Seg
 
Pen Testing Explained
Pen Testing ExplainedPen Testing Explained
Pen Testing ExplainedRand W. Hirt
 
NetworkSecurity.ppt
NetworkSecurity.pptNetworkSecurity.ppt
NetworkSecurity.pptDreamMalar
 
Ethical hacking & Information Security
Ethical hacking & Information SecurityEthical hacking & Information Security
Ethical hacking & Information SecurityAjay Dhamija
 
Hacking & its types
Hacking & its typesHacking & its types
Hacking & its typesSai Sakoji
 
Network Security Threats and Solutions
Network Security Threats and SolutionsNetwork Security Threats and Solutions
Network Security Threats and SolutionsColin058
 
DefCon 2012 - Near-Field Communication / RFID Hacking - Lee
DefCon 2012 - Near-Field Communication / RFID Hacking - LeeDefCon 2012 - Near-Field Communication / RFID Hacking - Lee
DefCon 2012 - Near-Field Communication / RFID Hacking - LeeMichael Smith
 
Assessing a pen tester: Making the right choice when choosing a third party P...
Assessing a pen tester: Making the right choice when choosing a third party P...Assessing a pen tester: Making the right choice when choosing a third party P...
Assessing a pen tester: Making the right choice when choosing a third party P...Jason Broz, CIPP/US
 

Viewers also liked (20)

Penetration testing
Penetration testingPenetration testing
Penetration testing
 
Metasploit for Penetration Testing: Beginner Class
Metasploit for Penetration Testing: Beginner ClassMetasploit for Penetration Testing: Beginner Class
Metasploit for Penetration Testing: Beginner Class
 
Penetration Testing Basics
Penetration Testing BasicsPenetration Testing Basics
Penetration Testing Basics
 
Introduction to Penetration Testing
Introduction to Penetration TestingIntroduction to Penetration Testing
Introduction to Penetration Testing
 
Kali Linux, Introduction to Ethical Hacking and Penetration Tools
Kali Linux, Introduction to Ethical Hacking and Penetration ToolsKali Linux, Introduction to Ethical Hacking and Penetration Tools
Kali Linux, Introduction to Ethical Hacking and Penetration Tools
 
Vulnerability Assessment and Penetration Testing Report
Vulnerability Assessment and Penetration Testing Report Vulnerability Assessment and Penetration Testing Report
Vulnerability Assessment and Penetration Testing Report
 
Penetration Testing
Penetration Testing Penetration Testing
Penetration Testing
 
Ethical Hacking & Penetration Testing
Ethical Hacking & Penetration TestingEthical Hacking & Penetration Testing
Ethical Hacking & Penetration Testing
 
Tipos de Pentest
Tipos de PentestTipos de Pentest
Tipos de Pentest
 
Pen Testing Explained
Pen Testing ExplainedPen Testing Explained
Pen Testing Explained
 
Network Security
Network SecurityNetwork Security
Network Security
 
ETHICAL HACKING PPT
ETHICAL HACKING PPTETHICAL HACKING PPT
ETHICAL HACKING PPT
 
NetworkSecurity.ppt
NetworkSecurity.pptNetworkSecurity.ppt
NetworkSecurity.ppt
 
Ethical hacking & Information Security
Ethical hacking & Information SecurityEthical hacking & Information Security
Ethical hacking & Information Security
 
Hacking & its types
Hacking & its typesHacking & its types
Hacking & its types
 
Network Security Threats and Solutions
Network Security Threats and SolutionsNetwork Security Threats and Solutions
Network Security Threats and Solutions
 
DefCon 2012 - Near-Field Communication / RFID Hacking - Lee
DefCon 2012 - Near-Field Communication / RFID Hacking - LeeDefCon 2012 - Near-Field Communication / RFID Hacking - Lee
DefCon 2012 - Near-Field Communication / RFID Hacking - Lee
 
Assessing a pen tester: Making the right choice when choosing a third party P...
Assessing a pen tester: Making the right choice when choosing a third party P...Assessing a pen tester: Making the right choice when choosing a third party P...
Assessing a pen tester: Making the right choice when choosing a third party P...
 
Latest Software
Latest SoftwareLatest Software
Latest Software
 
Mis 450 final presentation
Mis 450 final presentation Mis 450 final presentation
Mis 450 final presentation
 

Similar to Ethical Hacking & Penetration Testing

Summary Arun_Murthi Software System Safety SME
Summary Arun_Murthi Software System Safety SMESummary Arun_Murthi Software System Safety SME
Summary Arun_Murthi Software System Safety SMEARUN MURTHI
 
First SCADA LAB International Workshop
First SCADA LAB International WorkshopFirst SCADA LAB International Workshop
First SCADA LAB International WorkshopScadaLab Project
 
Summary Arun_Murthi Software System Safety SME
Summary Arun_Murthi Software System Safety SMESummary Arun_Murthi Software System Safety SME
Summary Arun_Murthi Software System Safety SMEARUN MURTHI
 
Birds of a Feather 2017: 邀請分享 Glance into the Enterprise InfoSec Field - Howard
Birds of a Feather 2017: 邀請分享 Glance into the Enterprise InfoSec Field - HowardBirds of a Feather 2017: 邀請分享 Glance into the Enterprise InfoSec Field - Howard
Birds of a Feather 2017: 邀請分享 Glance into the Enterprise InfoSec Field - HowardHITCON GIRLS
 
Mg Resume 2012 V2
Mg Resume 2012 V2Mg Resume 2012 V2
Mg Resume 2012 V2sagesilver
 
БОГДАН САВЧУК «IoT testing: Manual, Automation and Cyber Security techniques»
БОГДАН САВЧУК «IoT testing: Manual, Automation and Cyber Security techniques»БОГДАН САВЧУК «IoT testing: Manual, Automation and Cyber Security techniques»
БОГДАН САВЧУК «IoT testing: Manual, Automation and Cyber Security techniques»GoQA
 
Recruiters' guide to hire an Ethical hacker
Recruiters' guide to hire an Ethical hackerRecruiters' guide to hire an Ethical hacker
Recruiters' guide to hire an Ethical hackerAyman Hussein
 
Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...
Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...
Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...promediakw
 
Introduction to Penetration testing - GDG DevFest Caribbean 2021 presentation
Introduction to Penetration testing - GDG DevFest Caribbean 2021 presentationIntroduction to Penetration testing - GDG DevFest Caribbean 2021 presentation
Introduction to Penetration testing - GDG DevFest Caribbean 2021 presentationObika Gellineau
 
LTTS_Dinesh Prasath_Resume
LTTS_Dinesh Prasath_ResumeLTTS_Dinesh Prasath_Resume
LTTS_Dinesh Prasath_ResumeDinesh Prasath
 
Continuous Monitoring Deck
Continuous Monitoring DeckContinuous Monitoring Deck
Continuous Monitoring DeckBrian Fennimore
 
Uvm presentation dac2011_final
Uvm presentation dac2011_finalUvm presentation dac2011_final
Uvm presentation dac2011_finalsean chen
 
Presentazione tesi magistrale procentese.pptx
Presentazione tesi magistrale procentese.pptxPresentazione tesi magistrale procentese.pptx
Presentazione tesi magistrale procentese.pptxAntonioProcentese1
 

Similar to Ethical Hacking & Penetration Testing (20)

Summary Arun_Murthi Software System Safety SME
Summary Arun_Murthi Software System Safety SMESummary Arun_Murthi Software System Safety SME
Summary Arun_Murthi Software System Safety SME
 
First SCADA LAB International Workshop
First SCADA LAB International WorkshopFirst SCADA LAB International Workshop
First SCADA LAB International Workshop
 
Summary Arun_Murthi Software System Safety SME
Summary Arun_Murthi Software System Safety SMESummary Arun_Murthi Software System Safety SME
Summary Arun_Murthi Software System Safety SME
 
Birds of a Feather 2017: 邀請分享 Glance into the Enterprise InfoSec Field - Howard
Birds of a Feather 2017: 邀請分享 Glance into the Enterprise InfoSec Field - HowardBirds of a Feather 2017: 邀請分享 Glance into the Enterprise InfoSec Field - Howard
Birds of a Feather 2017: 邀請分享 Glance into the Enterprise InfoSec Field - Howard
 
OA VLSI course agenda
OA VLSI course agendaOA VLSI course agenda
OA VLSI course agenda
 
Mg Resume 2012 V2
Mg Resume 2012 V2Mg Resume 2012 V2
Mg Resume 2012 V2
 
Ecsa LPT V8 brochure
Ecsa LPT V8 brochureEcsa LPT V8 brochure
Ecsa LPT V8 brochure
 
Sosialisasi sni iso iec 15408 common criteria - evaluasi keamanan ti
Sosialisasi sni iso iec 15408 common criteria - evaluasi keamanan tiSosialisasi sni iso iec 15408 common criteria - evaluasi keamanan ti
Sosialisasi sni iso iec 15408 common criteria - evaluasi keamanan ti
 
БОГДАН САВЧУК «IoT testing: Manual, Automation and Cyber Security techniques»
БОГДАН САВЧУК «IoT testing: Manual, Automation and Cyber Security techniques»БОГДАН САВЧУК «IoT testing: Manual, Automation and Cyber Security techniques»
БОГДАН САВЧУК «IoT testing: Manual, Automation and Cyber Security techniques»
 
Jurovich CV 12-15b TE
Jurovich CV 12-15b TEJurovich CV 12-15b TE
Jurovich CV 12-15b TE
 
Recruiters' guide to hire an Ethical hacker
Recruiters' guide to hire an Ethical hackerRecruiters' guide to hire an Ethical hacker
Recruiters' guide to hire an Ethical hacker
 
Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...
Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...
Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...
 
Introduction to Penetration testing - GDG DevFest Caribbean 2021 presentation
Introduction to Penetration testing - GDG DevFest Caribbean 2021 presentationIntroduction to Penetration testing - GDG DevFest Caribbean 2021 presentation
Introduction to Penetration testing - GDG DevFest Caribbean 2021 presentation
 
LTTS_Dinesh Prasath_Resume
LTTS_Dinesh Prasath_ResumeLTTS_Dinesh Prasath_Resume
LTTS_Dinesh Prasath_Resume
 
Continuous Monitoring Deck
Continuous Monitoring DeckContinuous Monitoring Deck
Continuous Monitoring Deck
 
2020 safecomp-sep18
2020 safecomp-sep182020 safecomp-sep18
2020 safecomp-sep18
 
Uvm presentation dac2011_final
Uvm presentation dac2011_finalUvm presentation dac2011_final
Uvm presentation dac2011_final
 
2016ManojResume
2016ManojResume2016ManojResume
2016ManojResume
 
Rehman, Aziz (SCE Resume)
Rehman, Aziz (SCE Resume)Rehman, Aziz (SCE Resume)
Rehman, Aziz (SCE Resume)
 
Presentazione tesi magistrale procentese.pptx
Presentazione tesi magistrale procentese.pptxPresentazione tesi magistrale procentese.pptx
Presentazione tesi magistrale procentese.pptx
 

More from Surachai Chatchalermpun

Experienced in blackhat 2015 surachai chatchalermpun
Experienced in blackhat 2015 surachai chatchalermpunExperienced in blackhat 2015 surachai chatchalermpun
Experienced in blackhat 2015 surachai chatchalermpunSurachai Chatchalermpun
 
Experienced in blackhat 2015 by surachai.c
Experienced in blackhat 2015 by surachai.cExperienced in blackhat 2015 by surachai.c
Experienced in blackhat 2015 by surachai.cSurachai Chatchalermpun
 
Why computer security certification is important
Why computer security certification is importantWhy computer security certification is important
Why computer security certification is importantSurachai Chatchalermpun
 
Thailand Online Marketing 2013: Maya Online Show
Thailand Online Marketing 2013: Maya Online Show Thailand Online Marketing 2013: Maya Online Show
Thailand Online Marketing 2013: Maya Online Show Surachai Chatchalermpun
 
Addressing IT Risk [Lecture at MIS Mahidol]
Addressing IT Risk [Lecture at MIS Mahidol]Addressing IT Risk [Lecture at MIS Mahidol]
Addressing IT Risk [Lecture at MIS Mahidol]Surachai Chatchalermpun
 
Cyber security awareness สถาบันพระปกเกล้า
Cyber security awareness สถาบันพระปกเกล้าCyber security awareness สถาบันพระปกเกล้า
Cyber security awareness สถาบันพระปกเกล้าSurachai Chatchalermpun
 
Computer for Kids_Internet security awareness
Computer for Kids_Internet security awarenessComputer for Kids_Internet security awareness
Computer for Kids_Internet security awarenessSurachai Chatchalermpun
 
PTT ICT ความเสี่ยง...จากการใช้ software ละเมิดลิขสิทธิ์
PTT ICT ความเสี่ยง...จากการใช้ software ละเมิดลิขสิทธิ์PTT ICT ความเสี่ยง...จากการใช้ software ละเมิดลิขสิทธิ์
PTT ICT ความเสี่ยง...จากการใช้ software ละเมิดลิขสิทธิ์Surachai Chatchalermpun
 
IT Security Risk [Guest Speaker It Audit Class@Utcc]
IT Security Risk [Guest Speaker It Audit Class@Utcc]IT Security Risk [Guest Speaker It Audit Class@Utcc]
IT Security Risk [Guest Speaker It Audit Class@Utcc]Surachai Chatchalermpun
 

More from Surachai Chatchalermpun (11)

Experienced in blackhat 2015 surachai chatchalermpun
Experienced in blackhat 2015 surachai chatchalermpunExperienced in blackhat 2015 surachai chatchalermpun
Experienced in blackhat 2015 surachai chatchalermpun
 
Experienced in blackhat 2015 by surachai.c
Experienced in blackhat 2015 by surachai.cExperienced in blackhat 2015 by surachai.c
Experienced in blackhat 2015 by surachai.c
 
Why computer security certification is important
Why computer security certification is importantWhy computer security certification is important
Why computer security certification is important
 
Thailand Online Marketing 2013: Maya Online Show
Thailand Online Marketing 2013: Maya Online Show Thailand Online Marketing 2013: Maya Online Show
Thailand Online Marketing 2013: Maya Online Show
 
Emerging threat
Emerging threatEmerging threat
Emerging threat
 
Addressing IT Risk [Lecture at MIS Mahidol]
Addressing IT Risk [Lecture at MIS Mahidol]Addressing IT Risk [Lecture at MIS Mahidol]
Addressing IT Risk [Lecture at MIS Mahidol]
 
Cyber security awareness สถาบันพระปกเกล้า
Cyber security awareness สถาบันพระปกเกล้าCyber security awareness สถาบันพระปกเกล้า
Cyber security awareness สถาบันพระปกเกล้า
 
Computer for Kids_Internet security awareness
Computer for Kids_Internet security awarenessComputer for Kids_Internet security awareness
Computer for Kids_Internet security awareness
 
PTT ICT ความเสี่ยง...จากการใช้ software ละเมิดลิขสิทธิ์
PTT ICT ความเสี่ยง...จากการใช้ software ละเมิดลิขสิทธิ์PTT ICT ความเสี่ยง...จากการใช้ software ละเมิดลิขสิทธิ์
PTT ICT ความเสี่ยง...จากการใช้ software ละเมิดลิขสิทธิ์
 
IT Security Risk [Guest Speaker It Audit Class@Utcc]
IT Security Risk [Guest Speaker It Audit Class@Utcc]IT Security Risk [Guest Speaker It Audit Class@Utcc]
IT Security Risk [Guest Speaker It Audit Class@Utcc]
 
CSSLP & OWASP & WebGoat
CSSLP & OWASP & WebGoatCSSLP & OWASP & WebGoat
CSSLP & OWASP & WebGoat
 

Recently uploaded

DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamUiPathCommunity
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc
 
AI in Action: Real World Use Cases by Anitaraj
AI in Action: Real World Use Cases by AnitarajAI in Action: Real World Use Cases by Anitaraj
AI in Action: Real World Use Cases by AnitarajAnitaRaj43
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MIND CTI
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businesspanagenda
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingEdi Saputra
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...apidays
 
Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityPlatformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityWSO2
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWERMadyBayot
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024The Digital Insurer
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxRustici Software
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Orbitshub
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...DianaGray10
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native ApplicationsWSO2
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Victor Rentea
 

Recently uploaded (20)

DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
AI in Action: Real World Use Cases by Anitaraj
AI in Action: Real World Use Cases by AnitarajAI in Action: Real World Use Cases by Anitaraj
AI in Action: Real World Use Cases by Anitaraj
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityPlatformless Horizons for Digital Adaptability
Platformless Horizons for Digital Adaptability
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
 

Ethical Hacking & Penetration Testing

  • 1. Ethical Hacking & Penetration Test ting Bachelor Degree in Computer Engineering (CPE) Faculty of Engineering, KMUTT 18-Sep_2009 Surachai Chatchalermpun
  • 2. Global Certificate • EC-Council – CEH (Certified Ethical Hacker) – ECSA (EC-Council Certified Security Analyst) – LPT (Lice sensed Penetration Tester) • SANS GIAC (Global Information Assurance Certification) – GPEN (GIAC Certified Penetration Tester ) – GWAPT (GIAC Web Application Penetration Tester) • OSSTMM (The Open Source Security Testing Methodology Manual) – OPST (OSSTMM PROFESSIONAL SECURITY TESTER ACCREDITED CERTIFICATION) – OPSA (OSSTMM PROFESSIONAL SECURITY ANALYST ACCREDITED CERTIFICATION) • NIST (SP800-115) – OPSE (OSSTMM PROFESSIONAL SECURITY EXPERT ACCREDITED CERTIFICATION) OSSTMM • Mile2 – CPTEngineer (Certified Pen Testing Engineer) Government-US with standards such as the NSA Infrastructure Evaluation Methodology (IEM). Open Web Application Security Project (OWASP) provides a framework of recommendations 2
  • 3. OSSTMM • NIST (SP800-115) 3
  • 4. 4
  • 5. 5
  • 6. 6
  • 7. 7
  • 8. 8
  • 9. 9
  • 10. 10
  • 11. 11
  • 12. 12
  • 13. 13
  • 14. 14
  • 15. 15
  • 16. 16
  • 17. 17
  • 18. 18
  • 19. 19
  • 20. 20
  • 21. 21
  • 22. 22
  • 23. 23
  • 24. 24
  • 25. 25
  • 26. 26
  • 27. 27
  • 28. 28
  • 29. 29
  • 30. 30
  • 31. 31
  • 32. 32
  • 33. 33
  • 34. 34
  • 35. 35
  • 36. 36
  • 37. 37
  • 38. 38
  • 39. 39
  • 40. 40
  • 41. 41
  • 42. 42
  • 43. 43
  • 44. 44
  • 45. 45
  • 46. 46
  • 47. 47
  • 48. 48
  • 49. 49
  • 50. 50