Get a Vulnerability Assessment - The most comprehensive Penetration Testing (PT) available in the industry today:

With your consent and guidance, let our consultant run ethical hacks on your organization over the course of one to two days including:

  • Security testing methodologies
  • Stealthy network recon
  • Passive traffic identification
  • Remote root vulnerability exploitation
  • Privilege escalation hacking
  • IPv6 Vulnerabilities
  • Remote access trojan hacking
  • Running shellcode in RAM vs. on disk
  • Wireless Insecurity
  • Breaking IP-based ACLs via spoofing
  • Abusing Windows Named Pipes for Domain Impersonation
  • Evidence removal and anti-forensics
  • Attacking network infrastructure devices
  • Hacking by brute forcing remotely
  • Hiding exploit payloads in jpeg and gif image files
  • Hacking Web Applications
  • Breaking into databases with SQL Injection
  • Cross Site Scripting hacking
  • Writing buffer overflow exploits
  • dlmalloc Heap Overflow exploits
  • Win32 Heap Overflow exploits
  • Linux stack overflow exploits
  • Defeating non-exec stacks
  • Return-to-libc shellcode
  • Function pointer overwrites
  • Crafting Injectable Shellcode
  • Defeating non-executable stacks
  • Linux LKM Rootkits
  • Windows Kernel Rootkits
  • Reverse engineering training
  • Vulnerability development and discovery
  • Attacking and blinding IDSs
  • Hiding your attacks from IDSs
  • Encrypted covert channels
  • Global Offset Table Overwrites
  • Windows Shellcode
  • Integer Overflows
  • Linux shellcode
  • "no listening port" trojans
  • Breaking through enterprise DMZs
  • Reconstructing binaries from sniffed traffic
  • Circumventing antivirus
  • Bi-directional Spoofed Communication
  • Session fixation
  • Advanced SQL Injection

Additional testing includes:

  • Abusing DNS for host identification
  • Leaking system information from Unix and Windows
  • Windows 2003 Server & Vista DNS Cache Poisoning Attacks
  • Unix, Windows and Cisco password cracking
  • Remote buffer overflow exploit lab - heap vs. stack overflows
  • Attacking Kerberos Pre-Auth Hashes
  • Spoofing endpoints of communication tunnels
  • Impersonation of other Users- Hijacking kernel tokens
  • Attacking RDP (Remote Desktop Protocol) in Windows XP, 2003 & Vista
  • Remote keylogging
  • Data mining authentication information from clear-text protocols
  • Sniffing and hijacking SSL encrypted sessions
  • Breaking wireless security via hacking
  • Malicious event log editing
  • Client side IE & Firefox exploits
  • Hacking into Cisco routers
  • Tunneling through IPSec VPNs by abusing ESP
  • Data retrieval with SQL Injection Hacking
  • Writing a stack buffer overflow
  • Porting exploits to metasploit modules
  • Find socket shellcode
  • Writing shellcode for Linux
  • Using Ollydbg for Win32 Exploits
  • Windows Kernel-Mode Rootkits
  • LKM Rootkits
  • Using IDA Pro for Reversing
  • Reconstructing sniffed images
  • Reverse engineering Windows PE Binaries
  • Session hijacking
  • Passive Network Analysis
  • Exploitation with a remote GUI
  • Sniffing SSL Encrypted Sessions
  • Format string exploits
  • Heap overflow exploits
  • Windows exploits
  • Calculating offsets
  • Reversing with SoftIce
  • OS determination without touching the target
  • SQL Injection timing attacks
  • Port redirection
  • ASP source disclosure attacks
  • Call-Back Backdoors
  • Encrypted covert channels
  • Remote keyloggers
  • PHP/MySQL SQL Injection
  • Inserting Malicious Code Into Unix Binaries
Consultant Qualifications
Minimize

Featured and interviewed on WXYZ, Detroit MI, WKRK FM, Detroit MI, WTVN, Columbus, OH, Bloomberg Report, New York, NY and by Mike Wendland of the Detroit Free Press, CNET.com, MSNBC.com, Slashdot.com.

SUMMARY OF QUALIFICATIONS

• Seasoned, accomplished, IT Professional working with Fortune 500 clients such as University of Michigan, Henry Ford Health System, Chrysler, Kmart Corp, General Motors, EDS, City of Detroit Government, Comerica and Siemens.

TECHNICAL SKILLS

OS: Novell Netware 3.x, 4.x, 5.x, 6.x, Microsoft Windows 3.1, 95, 98SE, ME, NT, 2000, XP, Server 2003, Vista, CE, Cisco IOS, UNIX, LINUX, Macintosh OS, Palm OS, Android OS

NETWORK: Network/Administration Tools, ZenWorks, TCP/IP, Cisco, Network Security, VPN, Ethereal, Wireless Networks, Digital Certificates, Attachmate/Extra 3270 emulation, GroupWise Migration, Arcserve, NDS, IPX/SPX, Active Directory, SMTP, SNMP, IPSEC, Public Key Infrastructure (PKI), Ethical Hacking, Social Engineering, Cain & Abel, Packet Sniffing, Kismet, AirSnort, Nmap, Net Stumbler, Intrusion Detection, Remote Access Control and Authentication, 802.11x, Ethernet, Broadband, ISDN, LAN, WAN, Firewall, Proxy, VPN, Nessus, Wireshark.

PROFESSIONAL TRAINING

• IBM, Detroit, MI: IBM Tivoli Enterprise Console (TEC) 3.9, IBM Tivoli Infrastructure 4.1, IBM Tivoli Configuration Manager 4.2

• New Horizons, Troy, MI: A+ Core Hardware and OS, Network +, Interconnecting Cisco Network Devices, Novell Netware 5.1 Administration, Upgrading to Netware 6.0, Foundation Series I-Net+, Network Defense and Countermeasures, Security +, Hardening the Infrastructure

CERTIFICATIONS

• Comptia Security+ (SME), Network+, Server+, A+, i-Net+, CIW Associate, CIW Professional (Security), Novell CNA 5.x, CNA 4.x, Brainbench Information Security Administrator, Network Administrator, Network Support Specialist, Web Administrator

• University of Michigan, Ann Arbor, MI: Communication Rooms Certification, Dealing with Personality Conflicts and Difficult People, Critical Thinking Skills

• Dell, Ann Arbor, MI: Dell Certified Technician