Tip

Self-testing security guides library

One of the best ways to test the security of your system is to try to hack it yourself. By trying to break through your own defenses, you can get a first-hand perspective on exactly how an attacker is approaching circumventing your security measures. Check out our recent security testing guides and see how Windows security experts Brien Posey and Kevin Beaver think you can test the strength of your own system security.

 

 

 

   BIOS password hacking  

Regardless of how long you've been working with computers, you've likely had the need to reset a BIOS password. You know, those configuration and power-on passwords that often keep us from managing -- sometimes even using -- our computers to get our work done. I used to love working with this kind of stuff in college and when I first started my career. Although I'm still intrigued, I just don't have the time to spend days on end experimenting to find the perfect solution to lost passwords. I'm sure you don't either. That's why I've created a sort of all-in-one reference guide to hacking BIOS passwords.

 


BIOS password hacking

 Home: Introduction
 Step 1: Guess BIOS passwords yourself
 Step 2: Fiddle with the hardware
 Step 3: Crack them with software
 Step 4: Managing the BIOS password
 

 

 

 

   Hacking Windows server processes and services  

In a recent tip, I outlined the higher-level steps associated with domain controller penetration testing: 1) reconnaissance, 2) enumeration, 3) vulnerability discovery, and 4) vulnerability exploitation. Now that you know the methodology, I'll show you more in-depth into the vulnerability discovery and exploitation phases and how you can test specific Windows processes and services.

 


Hacking server processes and services 

 Home: Introduction
 Step 1: Home in on your target
 Step 2: Use good information and good tools to get rolling
 Step 3: Drive your point home
 

 

 

 

   Step-by-step guide: Laptop hacking  

The headline "Laptop - Along with Hundreds of Thousands of Identities - Stolen" seems to be repeating itself -- over and over again -- these days. Whether it's an executive trusting the hotel cleaning staff or a name-brand auditor storing his laptop unsecured in his car (who, by the way, would ding his clients on an annual review for such carelessness) -- laptops and other physically insecure computers are getting lost and stolen by the truckload.

 


Laptop Hacking

 Home: Introduction
 Step 1: How it can happen
 Step 2: How to crack a laptop
 Step 3: How to secure a laptop
 Step 4: Laptop security summation
 

 

   Google hacking to test your security  

In a past article, I discussed the anatomy of a Google hack. In case you aren't familiar with the term Google hack, it refers to using the Google search engine in an effort to pull sensitive information, such as credit card numbers, out of a poorly constructed Web application. In response to feedback from my original Google hack article, I wanted to take the opportunity to show you some ways of Google hacking your own Website to see what exactly is being exposed to the outside world.

 


Google hacking to test your security

 Home: Introduction
 Step 1: Identify what could be Google hacked
 Step 2: Understand your Web applications
 Step 3: Queries to Google hack your site -- Simple stuff
 Step 4: More complicated Google queries
 Step 5: Harden your Web site against Google hacks
 

This was first published in October 2007

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

Disclaimer: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.