Any security evaluation involves three components:

* Preparation: In this phase, a formal contract is signed between an ethical hacker and the authority of the organization that contains a non-disclosure clause as well as a legal clause to protect the ethical hacker against any prosecution that he may face during the conduct phase. The contract also outlines the infrastructure perimeter, evaluation activities, time schedules, and resources available to him.
* Conduct: In this phase, the evaluation technical report is prepared based on testing potential vulnerabilities.
* Conclusion: In this phase, the results of the evaluation are communicated to the organization and corrective advice/action, if needed, is taken.

Explore More

Project: The Wifi Predator

Picture this: You find yourself sitting in a hotel room that does not offer wireless internet… As you look out the window, you spot that the three hotels & a

Read More

What are the user authentications supported by the SSH-2 protocol?

The SSH-2 protocol supports the following user authentications: * Public key authentication (DSA, RSA*, OpenPGP) * Host-based authentication * Password-based authentication Note: SSH-1 supports a wider range of user authentications,

Read More

XSS The Complete Walkthrough

Author: t0pP8uZz Description: Complete tutorial on XSS methods. Homepage: G0t-Root.net, H4cky0u.org, Milw0rm.com Date: 24/07/07 Chapters: What is XSS? Finding XSS Vulnerbilitys The Basics On XSS Deface Methods Cookie Stealing Filteration

Read More