Welcome to Shades of Gray Security. Security is not always black and white. 

Information security is a constantly evolving challenge. We love helping our customers stay ahead of the curve. From risk assessments, to vulnerability tests, to penetration tests, we can deliver what you need to ensure you are doing your best to keep your data and your customers safe. Learn More


Chad Olivier to Speak at NOLACON 2014 Security Conference

Responding to APT: Unpwning the Pwned

Chad Olivier is scheduled to speak at this year's NOLACON Security Conference being held June 19-22, 2014. During the talk, he will be discussing responding to APT during an Incident Response. Areas of interest will include initial response, penetration testing to find weaknesses, investigating traffic and suspicious files, closing the gaps, and hardening the network. For more information check out the NOLACON 2014 schedule here.
Monday, June 2, 2014/Author: Chad/Number of views (204)/Comments (0)/ Article rating: No rating

Kali Linux Primer

As appearing in Hackin9 IT Security Magazine Vol. 9 No. 1 and PenTest Magazine Vol. 2 No. 3

Hakin9 Magazine 01/2014

Kali Linux is the latest version of the BackTrack Linux penetration testing, security auditing, and forensics distribution. It is based on Debian and comes ready to go with all the tools you need to begin an information security engagement.

The amount of tools available in the distribution prevents us from going into depth on each tool, but this tutorial is designed to get you started with some of the most common tools you will use to perform a typical security audit.

For the purposes of this tutorial we will be running a known vulnerable OS called Metasploitable which is available at http://www.offensivesecurity.com/metasploitunleashed/Metasploitable and we are focusing on network penetration testing. Kali however has much more to offer, including application testing via tools such as Burpsuite, and SQL Injection tools such as sqlmap. For Social Engineering engagements it is complete with tools such as Maltego for doing some excellent reconnaissance, BeEF for attacking browsers (think XSS), and it includes the Social Engineering Toolkit.

Wednesday, March 19, 2014/Author: Chad/Number of views (717)/Comments (0)/ Article rating: 5.0