During this summer vacation, i had a lot of stuff to concentrate on and increase my knowledge in..one of them was penetration testing, and after some deep thinking, i think that my future dream job now is to open a firm specialized in penetrarion testing which is a service that i don’t think we have here in egypt (and may be companies are not interested too much in the security systems of their organizations !)..

Anyway, so in order to be a professional penetration tester, you have to be knowledgable in the 2 portions of the game..the security game

1. Defensive Security: and this is the field of studies of most of the people out there studying security where they learn techniques that helps them to “protect” their networks and systems.
2. Offensive Security: where you can learn how the real Hackers and Crackers work, where you do the exact kind of attacks that any intruder will think of when trying to penetrate your network ,the bottom line is “think like them so you can defeat them”.

So in my attempt to learn offensive security, i managed to read a book called “The Art of Intrusion” By Kevin D. Mitnick, the book doesn’t contain too much technical information about the attempts of hackers/crackers mentioned in the book but it gives you the sense of how they really work, here is the a quote from the book (actually i wrote the whole post so i can show you this quote  )

In some situations, common sense dictates that elaborate security pre- cautions are a waste of time. In a military school, for example, you would not expect the student body to be filled with people looking for every possible opportunity to cheat or challenge the rules. In an elementary school, you would not expect ten-year-olds to be more knowledgeable about computer security than the staff technology guru. And in a prison, you would not expect that inmates, closely watched, living under a set of rigid rules, would find the means not just to work their way onto the Internet but then to spend hours at a time, day after day, enjoying music, movies, communications with the opposite sex, and learning more and more about computers. The moral: If you are in charge of information security for any school, workgroup, company, or other entity — you have to assume that some malicious adversary, including someone inside your organization — is looking for that small crack in the wall, the weakest link of your security chain to break your network. Don’t assume that everyone is going to play by the rules. Do what is cost-effective to prevent potential intrusions, but don’t forget to keep looking out for what you missed. The bad guys are counting on you to be careless.

Disclaimer: Every word in the above article or in that book i read which opposes the rules of Islam is rejected, after all this blog is about transferring important information so that Muslims can use it for serving their Religion

سبحانك اللهم و بحمدك..أشهد أن لا اله الا أنت..أستغفرك و أتوب اليك