DamianGrace.com

Behind the scenes

Posts Tagged ‘penetration’

We Are Hiring!!!

March 17th, 2010

Role
This is a consulting role where the successful applicant would be providing Network and/or Web Application penetration testing services to our clients requiring Inter-Sydney and surrounding travel. In-house coding and providing technical expertise to our other departments will be required periodically.

The successful applicant must have a strong coding background in at least two of the following languages; Perl, Python, C, C++, PHP, ASP, LISP or SQL.

Strong Web Application Hacking abilities are a HUGE advantage (experience not necessary, but proof of ability will be tested). Experience with Firewalls, Servers, and Networking will be looked upon favourably.

Personal qualities
•   Presentable
•   Excellent written and verbal communication skills
•   Enjoy working individually and as part of a team
•   A well rehearsed root dance.

Education
A CISSP, OSCP, OSWP, OSCE, GPEN, GWAPT etc is preferred but not necessary if you can pass our testing.

What we offer
•   Training opportunities
•   Highly competitive remuneration
•   Flexibility
•   Personal networking with some of the best names in the business.
•   A friendly, fun and supportive working environment

If this sounds like a role suitable for you then contact me via jobs{–at–}damiangrace.com with your details. Overseas candidates are welcome.

4 comments »

Posted in General

Tags: hacking Job jobs penetration security testing

GWAPT Certified

March 13th, 2010

Well that’s another certification attempt passed on my route to world domination.

This time it was the SANS GIAC Web Application Penetration Tester (GWAPT) certification. I managed to scrape through with a 97.33% which I am pretty happy about

hmm, I just realised this is the first time in about 8 months I haven’t had a certification hanging over my head… hmm… all of a sudden I feel all alone… confused… lost… bored…

OK, now I have to find something else to do…

Suggestions anyone?

11 comments »

Posted in Certifications, General, SANS

Tags: application certification domination GWAPT penetration tester web world

Core Impact Pro with Metasploit Integration

February 17th, 2010

Core Security Technologies have just announced that the next version of Core Impact Pro (due out in April) will support Metasploit integration. It’s not a bad list of things you will be able to do too.

* Bring a system compromised during testing with Metasploit into the IMPACT environment and deploy an IMPACT Pro Agent. The Agent is a patented, syscall proxy payload that allows users to:

1. Launch IMPACT Pro’s full range of automated penetration testing capabilities from the compromised system.
2. Leverage IMPACT’s broad selection of commercial-grade exploits, plus multiple pre- and post-exploitation capabilities for in-depth, comprehensive attack replication.
3. Pivot penetration tests to other systems, mimicking an attacker’s attempts at identifying and exploiting paths of weakness to backend systems and data.

* Use IMPACT Pro’s automated Rapid Penetration Test (RPT) to exploit vulnerabilities, then launch Metasploit’s db-autopwn feature and subsequently upload the results back into IMPACT Pro. This allows users with less training and expertise to view Metasploit testing information within the IMPACT environment.

I for one am looking forward to playing with this

Press Release

Blog Announcement

No comments »

Posted in Core Impact, Metasploit, News, Tools

Tags: Core db-autopwn Impact integration Metasploit penetration Pro Rapid RPT security Technologies Test

Web App Hacking – SANS Sydney 2009

October 29th, 2009

Well my payment is in and I have now officially been confirmed as the facilitator for the “Web App Penetration Testing and Ethical Hacking” (what a mouthful) course at this years SANS Sydney event. This year it’s being taught by Johannes Ullrich who is an amazingly knowledgable man in this area and it is the first time it has been run as a 6 day course in Australia so I am really looking forward to it.

There is another interesting track being run in Australia for the first time. “Advanced Security Essentials – Enterprise Defender” being taught by Eric Cole is the next step up from the GSEC (Security Essentials) course. It looks really interesting, and being taught by Eric Cole is sure to be fun.

Kick off is in less than two weeks (9th – 14th Nov) so if you haven’t already booked you’d better hurry.

For those that are going, i’ll see you there!

No comments »

Posted in General, SANS

Tags: advanced app australia cole eric essentials ethical facilitator gsec hacking johannes penetration SANS security sydney testing ullrich web

- Subscribe Subscribe to my blogs feed
Who is Damian Grace?
- Damian has over six years experience working as a security consultant. During that time he has provided security advice to some of Australia's largest organizations including Local and State Government facilities, Banks and Telecommunications providers.
  
  He has a passion for learning and constant improvement. This becomes evident when looking at the his list of achievements which includes a Diploma in Network Engineering, Certified Information Systems Security Professional (CISSP), GIAC Certified Penetration Tester (GPEN), GIAC Certified Forensic Analyst (GCFA), GIAC Systems and Network Auditor (GSNA), GIAC Security Essentials Certification (GSEC), Offensive-Security - Pentesting with Backtrack (OSCP), GIAC Web Application Penetration Tester (GWAPT) and most recently the GIAC Reverse Engineering Malware (GREM) certification.
  
  Damian is also a member of Australian Information Security Association (AISA) and part of the GIAC Advisory Board.
Twitter: damiangrace
- RT “@wired: Scary video of a hive of tiny robotic helicopters acting with one will http://t.co/7ZI7ih8Y” about 23 hours ago from Twitter for iPhone
- Although when you purchase a license after the trial period expires it doesn't reenable your past settings... (cc @binaryfortress) 09:25:44 PM February 03, 2012 from Twitter for Mac
- DisplayFusion (from @BinaryFortress) is the friggen awesome for multi-monitor setups. Check it out! 09:24:05 PM February 03, 2012 from Twitter for Mac
- Just found out about @fishpond_com_au. Got a hard to find bottle of cologne that's normally $105 for < $30 with free shipping!!! 10:07:19 AM February 01, 2012 from Twitter for iPhone
Categories
Sites I Read

Back to Top

Valid XHTML 1.0 Transitional | Valid CSS 3