Monday, March 20, 2017
PenTest Magazine August Issue
PenTest Magazine August Issue
Positive Hack Days material win the world – now there is an article in August issue of PenTest Magazine completely devoted to cloud computing and prepared by Sergey Gordeychik, CTO of Positive Technologies and Yuri Goltsev, penetration testing expert.
{AB}Use their clouds
Annotation from the magazine:
Penetration testing can benefit of cloud computing to improve the business model for resource intensive tests. The flexibility and cost effectiveness of the IaaS model can be used for resource greedy activities as brute forcing or denial-of-service tests.
The article is based on {AB}Use Their Clouds presentation presented by Sergey Gordeychik on Positive Hack Days.
The article is about practical usage of cloud computing in daily routing of a penetration tester. It includes rainbow tables for offline password bruteforce with examples and costs to implement password bruteforce based on widely known encryption algorithms. The article also includes basics of network services on cloud computing such as distributed network scanning service (IDS bypass), fault tolerance testing service, public data gathering service. Special attention is paid to fault tolerance service as now it is a very actual question. The article touches upon clouds provider confidence, appropriate software and reaction to abuses.
{AB}Use their clouds
Annotation from the magazine:
Penetration testing can benefit of cloud computing to improve the business model for resource intensive tests. The flexibility and cost effectiveness of the IaaS model can be used for resource greedy activities as brute forcing or denial-of-service tests.
The article is based on {AB}Use Their Clouds presentation presented by Sergey Gordeychik on Positive Hack Days.
The article is about practical usage of cloud computing in daily routing of a penetration tester. It includes rainbow tables for offline password bruteforce with examples and costs to implement password bruteforce based on widely known encryption algorithms. The article also includes basics of network services on cloud computing such as distributed network scanning service (IDS bypass), fault tolerance testing service, public data gathering service. Special attention is paid to fault tolerance service as now it is a very actual question. The article touches upon clouds provider confidence, appropriate software and reaction to abuses.
Available link for download
