This webcast is Part I of a two part series I am doing in collaboration with Core Security Technologies. The presentation is full of tips, tricks, process, and practical knowledge about performing penetration testing within your own organization. Whether you are a third-party doing penetration tests or want to penetration test your internal network, this webcast is for you! In Part I I cover such topics as finding rogue access points, processes for creating a successful penetration testing program, identifying targets, and more! Information and resources are below:


Audio: Zen and The Art Of An Internal Penetration Testing Program – Webcast (Registration Required)
Slides: Zen and The Art Of An Internal Penetration Testing Program – PDF Slides
Forum: Online forum discussion and other related information.
I released a new version of the Perl script that can be used to detect Rogue Access points in your environment:
Rogue AP Detect Script v0.02
Its a good example of some of the more powerful things you can do with Nmap, and if you’re on a budget its a perfect technique for finding those pesky rogue APs. What does this have to do with internal penetration testing? You will just have to listen to the webcast to find out :)
Paul Asadoorian