Jump to content

Offensive Security: Difference between revisions

From Wikipedia, the free encyclopedia
Browse history interactively
← Previous editNext edit →
Content deleted Content added
VisualWikitext
Metasploit 2 book sources
Google hacking database, neutralize, add book source
Line 99: Line 99:


=== Google Hacking Database ===
=== Google Hacking Database ===
Google Hacking Database was created by Johnny Long and is now hosted by Offensive Security. The project has been created as a part of [[Hackers for Charity]]. The database is helping security professionals to quickly determine whether a given application or website has been compromised. The database is going through Google, trying to establish whether lists of usernames and passwords had been compromised.
Google Hacking Database was created by [[Johnny Long]] and is now hosted by Offensive Security. The project was created as a part of [[Hackers for Charity]]. The database helps security professionals determine whether a given application or website is compromised. The database uses Google search to establish whether usernames and passwords had been compromised.<ref>{{Cite book|last=Broad|first=James|url=https://books.google.com/books?id=0YihZLFRW1gC&pg=PA97&dq=google+hacking+database&hl=en&newbks=1&newbks_redir=0&sa=X&ved=2ahUKEwi6vpGy97roAhX5FjQIHVSrDtYQ6AEwAXoECAUQAg#v=onepage&q=google%20hacking%20database&f=false|title=Hacking with Kali: Practical Penetration Testing Techniques|last2=Bindner|first2=Andrew|date=2013-12-05|publisher=Newnes|year=|isbn=978-0-12-407883-3|location=|pages=97|language=en}}</ref>


== Security Certifications and Courses ==
== Security Certifications and Courses ==

Revision as of 15:16, 27 March 2020

Offensive Security
FormerlyOffensive Security Services, LLC
Company typePrivate
IndustryComputer software, Information Security, Digital forensics
FoundersMati Aharoni, Devon Kearns
Headquarters
New York City
,
United States
Area served
International
Key people
ProductsKali Linux, Kali NetHunter, Offensive Security Certified Professional
Websitewww.offensive-security.com

Offensive Security is an international company working in Information security, penetration testing and digital forensics. Operating from around 2007,[1] the company created open source projects, advanced security courses, ExploitDB (Vulnerability database) and the Kali Linux distribution. The company was started by Mati Aharoni[2], and employs security professionals with experience in security penetration testing and system security evaluation. The company has provided security counseling and training to the many technology companies.[3]

Their training courses and certifications are widely recognized,[4] including Offensive Security Certified Professional. Certifications are given for demonstrating a specific set of skills.

Background and history

Mati Aharoni, Offensive Security’s co-founder, started the business around 2006 with his wife Iris.[5] Offensive Security LLC was formed in 2008.[6][7] The company was structured as Offensive Security Services, LLC in 2012 in North Carolina.[8][9] In September 2019 the company received its first venture capital investment, from Spectrum Equity, and CEO Ning Wang replaced Joe Steinbach, the previous CEO for four years, who ran the business from the Philippines. Jim O’Gorman, the company’s chief strategy officer, also gives training and writes books. Customers include Cisco, Wells Fargo, Booz Allen Hamilton, and defense-related U.S. government agencies. The company gives training sessions at the annual Black Hat hacker conference.[5][10][11] Current headquarters are in New York City.[citation needed] Their motto is "Try Harder."[12]

Over 60% of Fortune 100 companies employ Offensive Security-trained professionals.[13]

Regarding working from home because of the corona virus, Offensive Security advised caution before "downloading something that could cause problems."[14]

A 2020 Intranet Penetration Market research report named Offensive Security as one of the global "prominent players."[15]

Projects

In addition to their training and security services, the company also founded open source projects, community-friendly information centers and security information teaching aids.

Kali Linux

The company is known for developing Kali Linux, which is a Debian Linux based distribution. It succeeds BackTrack Linux, and is designed for security information needs, such as penetration testing and digital forensics. Kali NetHunter is Offensive Security’s project for the ARM architecture and Android devices.[16] Kali Linux contains over 600 security programs. The release of the second version (2.0) received a wide coverage in the digital media[17][18][19][20] Offensive Security provides a book, Kali Linux Revealed,[21] and makes the first edition available for free download.[22] Users and employees have been inspired to have careers in Social Engineering.[23]

BackTrack

BackTrack Linux was an open source GNU General Public License Linux distribution developed by programmers from around the world with assistance and supervision from Offensive Security. The distribution was originally developed under the names Whoppix, IWHAX, and Auditor. It was designed to delete any trace of its usage. The distribution was widely used by security experts.

ExploitDB

Exploit Database is an archive of vulnerable software and exploits that have been made public by the information security community. The database is designated to help penetration testers test small projects easily by sharing information with each other.[24] The database also contains proof-of-concepts (POC), helping information security professionals learn new exploits variations. In Ethical Hacking and Penetration Testing Guide, Rafay Baloch said Exploit-db had over 20,000 exploits, and was available in BackTrack Linux by default.[25] In CEH v10 Certified Ethical Hacker Study Guide, Ric Messier called exploit-db a "great resource," and stated it was available within Kali Linux by default, or could be added to other Linux distributions.[26]

Metasploit

Metasploit Unleashed is a charity project created by Offensive Security for the sake of Hackers for Charity, which was started by Johnny Long. The projects teaches Metasploit and is designed especially for people who consider starting a career in penetration testing. Offensive security gave the course for free, but requests a small donation for hungry children in East Africa.[27] Offensive security improved training and documentation for the widely used Metasploit Framework tool.[28] The course was called "excellent" in Gray Hat Hacking The Ethical Hackers Handbook,[29] and was recommended in Penetration Testing with Raspberry Pi.[30]

Google Hacking Database

Google Hacking Database was created by Johnny Long and is now hosted by Offensive Security. The project was created as a part of Hackers for Charity. The database helps security professionals determine whether a given application or website is compromised. The database uses Google search to establish whether usernames and passwords had been compromised.[31]

Security Certifications and Courses

Offensive Security teaches online and in-person courses in various information security disciplines. Certifications granted at the end of the course are recognized world-wide. The courses are taught by security professionals who also active penetration testers and information security experts.

Courses include:[1][32]

  •    Penetration Testing with Kali Linux (PWK)
  •    Advanced Web Attacks and Exploitation (AWAE)
  •    Cracking the Perimeter (CTP)
  •    Advanced Windows Exploitation (AWE)
  •    Offensive Security Wireless Attacks (WiFu)

See also

References

  1. ^ a b "Homepage". Offensive Security. Retrieved 26 September 2015. {{cite web}}: Cite has empty unknown parameter: |1= (help)
  2. ^ "About Us". Offensive Security. Retrieved 26 September 2015.
  3. ^ Kirk, Jeremy (Jul 29, 2014). "Zero-day flaws found in Symantec's Endpoint Protection". PC World. Retrieved 26 September 2015.
  4. ^ "Africa: Nigeria to Represent Africa At Global Cyber Security Competition". AllAfrica. 20 September 2015. Retrieved 26 September 2015. {{cite journal}}: Cite journal requires |journal= (help)
  5. ^ a b "Exclusive: Offensive Security Names New CEO; Former No. 2 at HackerOne, Lynda". Fortune. Retrieved 2020-03-17.
  6. ^ "Ning Wang, Offensive Security LLC: Profile and Biography". Bloomberg.com. Retrieved 2020-03-17.
  7. ^ "Offensive Security LLC". www.bloomberg.com. Retrieved 2020-03-17.{{cite web}}: CS1 maint: url-status (link)
  8. ^ "Offensive Security Services, LLC - Cornelius | NCCompanies.com". nccompanies.com. Retrieved 2020-03-17.
  9. ^ "Offensive Security Services, LLC". www.buzzfile.com. Retrieved 2020-03-17.
  10. ^ "Penetration Testing with Kali Linux, Black Hat USA 2018". www.blackhat.com. 2018. Retrieved 2020-03-17.{{cite web}}: CS1 maint: url-status (link)
  11. ^ "Speaker Jim O'Gorman, Black Hat USA 2018". www.blackhat.com. 2018. Retrieved 2020-03-17.{{cite web}}: CS1 maint: url-status (link)
  12. ^ Offensive Security. "What it means to try harder". www.offensive-security.com. Retrieved 2020-03-17.{{cite web}}: CS1 maint: url-status (link)
  13. ^ "'We're our own focus group' – Ning Wang on security certification, training, and keeping Kali Linux on top". The Daily Swig | Cybersecurity news and views. 2020-03-03. Retrieved 2020-03-17.
  14. ^ Weise, Elizabeth. "Working from home because of coronavirus? Be careful what you download to keep cybersafe". USA TODAY. Retrieved 2020-03-17.
  15. ^ "Intranet Penetration Market Insights and Global Outlook 2020". Galus Australis. Retrieved 2020-03-17.
  16. ^ Usatenko, Chris (2019-12-12). "Why secure web-based applications with Kali Linux?". Packt Hub. Retrieved 2020-03-20.{{cite web}}: CS1 maint: url-status (link)
  17. ^ Hoffman, Chris (August 19, 2015). "Meet Kali Linux 2.0, a distro built to hammer your security". PC World. Retrieved 26 September 2015.
  18. ^ Stahie, Silviu. "Kali Linux 2.0 Penetration Testing OS Now Based on Debian Jessie and Linux Kernel 4.0". Softpedia. Retrieved 26 September 2015.
  19. ^ Holm, Joshua Allen. "Gnome turns 18, new tools for Docker, Kali Linux 2.0, and more news". OpenSource.com. Retrieved 26 September 2015.
  20. ^ Kerner, Sean Michael. "Linux Planet". Retrieved 26 September 2015.
  21. ^ Hertzog, Raphael; O'Gorman, Jim; Aharoni, Mati (2017-06-05). Kali Linux Revealed: Mastering the Penetration Testing Distribution. Offsec Press. ISBN 978-0-9976156-0-9.
  22. ^ Kali Linux Revealed (PDF).
  23. ^ Carpenter, Perry (2019-04-30). Transformational Security Awareness: What Neuroscientists, Storytellers, and Marketers Can Teach Us About Driving Secure Behaviors. John Wiley & Sons. ISBN 978-1-119-56637-3.
  24. ^ Cimpanu, Catalin. "Chinese websites have been under attack for a week via a new PHP framework bug". ZDNet. Retrieved 2020-03-27.
  25. ^ Baloch, Rafay (2017-09-29). Ethical Hacking and Penetration Testing Guide. CRC Press. pp. 135, 136, 137, 272, 431. ISBN 978-1-4822-3162-5.{{cite book}}: CS1 maint: date and year (link)
  26. ^ Messier, Ric (2019-06-25). CEH v10 Certified Ethical Hacker Study Guide. John Wiley & Sons. pp. 235, 236, 243, 536, 547. ISBN 978-1-119-53319-1.{{cite book}}: CS1 maint: date and year (link)
  27. ^ "Metasploit Unleashed – Free Ethical Hacking Course". www.offensive-security.com. Retrieved 2020-03-27.{{cite web}}: CS1 maint: url-status (link)
  28. ^ O'Gorman, Jim; Kearns, Devon; Aharoni, Mati (2011). Metasploit: The Penetration Tester's Guide. No Starch Press. ISBN 978-1-59327-288-3.
  29. ^ Harper, Allen; Harris, Shon; Ness, Jonathan; Eagle, Chris; Lenkey, Gideon; Williams, Terron (2011-02-05). Gray Hat Hacking The Ethical Hackers Handbook, 3rd Edition. McGraw Hill Professional. ISBN 978-0-07-174256-6.
  30. ^ Muniz, Joseph; Lakhani, Aamir (2015-01-27). Penetration Testing with Raspberry Pi. Packt Publishing Ltd. ISBN 978-1-78439-412-7.
  31. ^ Broad, James; Bindner, Andrew (2013-12-05). Hacking with Kali: Practical Penetration Testing Techniques. Newnes. p. 97. ISBN 978-0-12-407883-3.
  32. ^ Crane, Casey (2019-11-18). "The Top Cyber Security Certifications Hiring Managers Will Look For in 2020". Hashed Out by The SSL Store™. Retrieved 2020-03-20.{{cite web}}: CS1 maint: url-status (link)
Retrieved from "https://en.wikipedia.org/enwiki/w/index.php?title=Offensive_Security&oldid=947636565"