Virtually Pwned: Pentesting Virtualization
- Type
- Slides
- Tags
- exploiting, Metasploit, virtualization, virtual machine
- Authors
- Claudio Criscione
- Event
- Black Hat USA 2010
- Indexed on
- Mar 27, 2013
- URL
- https://media.blackhat.com/bh-us-10/presentations/Criscione/BlackHat-USA-2010-Criscione-Virtually-Pwned-slides.pdf
- File name
- BlackHat-USA-2010-Criscione-Virtually-Pwned-slides.pdf
- File size
- 1.6 MB
- MD5
- a865cc67c062fe311f8fbdcdda3fa1cb
- SHA1
- dc3b04eed19cc84ca322d8700c76539cb889f558
Virtualization systems are nowadays ubiquitus in enterprises of any size. Penetration testers and security auditors, however, often overlook virtualization infrastructures, simply looking at the virtual machines without any direct analysis of the underlying solution, not to mention those analyses simply marking virtual environments as "not-compliant". A different, new approach is required to assess such systems, defining new targets and new ways to get there. This talk will outline procedures and approaches, complete with tools and demos, to execute a penetration test or a design review on virtualization enviroments. Security experts eager to know more about these systems and sysops willing to protect their own fortress will find this talk interesting
About us
Secdocs is a project aimed to index high-quality IT security and hacking documents. These are fetched from multiple data sources: events, conferences and generally from interwebs.
Statistics
Serving 8166 documents and 531.0 GB of hacking knowledge, indexed from 2419 authors from 163 security conferences.
Contribute
To support this site and keep it alive, you can click on the buttons below. Any help is really appreciated! This service is provided for free, but real money is needed to pay bills.
