Any security evaluation involves three components:

* Preparation: In this phase, a formal contract is signed between an ethical hacker and the authority of the organization that contains a non-disclosure clause as well as a legal clause to protect the ethical hacker against any prosecution that he may face during the conduct phase. The contract also outlines the infrastructure perimeter, evaluation activities, time schedules, and resources available to him.
* Conduct: In this phase, the evaluation technical report is prepared based on testing potential vulnerabilities.
* Conclusion: In this phase, the results of the evaluation are communicated to the organization and corrective advice/action, if needed, is taken.

Explore More

Introducing SpearPhisher – A Simple Phishing Email Generation Tool

SpearPhisher is a simple point and click Windows GUI tool designed for (mostly) non-technical people who would like to supplement the education and awareness aspect of their information security program.

Read More

EC-Council Launches Center for Advanced Security Training (CAST)

EC-Council Launches Center for Advanced Security Training (CAST) to Address the Growing Need for Advanced Information Security Knowledge Mar 9, 2011, Albuquerque, NM – According to the report, Commission on

Read More

Dangerous IP’s – Do not scan

All the below are FBI controlled Linux servers & IPs/IP-Ranges 207.60.0.0 – 207.60.255.0 The Internet Access Company207.60.2.128 – 207.60.2.255 Abacus Technology207.60.3.0 – 207.60.3.127 Mass Electric Construction Co.207.60.3.128 – 207.60.3.255 Peabody

Read More