Embed Size (px)
Citation preview
1
Security Labs and Demos
Table of Contents Introduction .................................................................................................................................................. 1
TestOut PC Pro Labs and Demos ................................................................................................................... 1
13.6.7 Use Bitlocker - Demo ..................................................................................................................... 1
13.8.3 Encrypting files with EFS .............................................................................................................. 12
13.3.3 Wiping a Disk and Deleting a File Safely ...................................................................................... 28
13.3.4 Configure Remote Wipe ............................................................................................................... 32
CySA+ Demos and Labs ............................................................................................................................... 35
11.4.10 Use ScoutSuite to Analyze a Cloud Infrastructure ..................................................................... 35
CEH Demos and Labs ................................................................................................................................... 39
10. Sniffers, Session Hijacking and Denial of Service .............................................................................. 39
10. 1.6 Spoof a MAC Address .............................................................................................................. 39
11. IDS, Firewalls, and Honeypots ........................................................................................................... 41
11.1.10 Implement Intrusion Detection ............................................................................................. 41
11.2.7 Configure a Firewall in the DMZ .............................................................................................. 43
12. Web Servers, Web Applications and SQL Injections ......................................................................... 47
12.1.5 Mirror a Website with HTTrack ................................................................................................ 47
12.1.6 Extract Web Server Information .............................................................................................. 51
12.1.8 Crack FTP Credentials with Wireshark ..................................................................................... 56
References .................................................................................................................................................. 58
Introduction This is a list of last and demos from TestOut for teaching purposes.
TestOut PC Pro Labs and Demos
13.6.7 Use Bitlocker - Demo In this Lab you we will cover these concepts:
• BitLocker Data Encryption
• TPM
• Enable BitLocker on a Motherboard without a TPM
2
• Configure Group Policy for TPM
3
4
5
6
7
8
9
10
11
12
13.8.3 Encrypting files with EFS
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
13.3.3 Wiping a Disk and Deleting a File Safely
29
Dod us 7 passes
Dodshort uses 3 passes
Gutmann us 35 passes. It takes days or weeks to run.
30
Deleting a folder safely with the cipher command
The below command will delete with 3 passes, all spaces where deleted files are found.
31
32
13.3.4 Configure Remote Wipe
33
34
35
CySA+ Demos and Labs
11.4.10 Use ScoutSuite to Analyze a Cloud Infrastructure
ScoutSuite is an expanded and updated tool based on Scout2 (featured in the Radar in 2018)
that provides security posture assessment across AWS, Azure, GCP and other cloud providers.
It works by automatically aggregating configuration data for an environment and applying rules
to audit the environment
36
37
38
39
CEH Demos and Labs
10. Sniffers, Session Hijacking and Denial of Service
10. 1.6 Spoof a MAC Address
Ipconfig /all
40
41
Ipconfig /renew
11. IDS, Firewalls, and Honeypots
11.1.10 Implement Intrusion Detection
42
43
11.2.7 Configure a Firewall in the DMZ
44
45
46
47
12. Web Servers, Web Applications and SQL Injections
12.1.5 Mirror a Website with HTTrack
48
49
50
51
12.1.6 Extract Web Server Information
52
53
54
55
56
12.1.8 Crack FTP Credentials with Wireshark
57
58
References ScoutSuite | Technology Radar | Thoughtworks
