Blog Posts Tagged with "Pentesting"

306708aaf995cf6a77d3083885b60907

Live Webinar: Combining Pen Testing & Incident Detection

May 16, 2017 Added by:Mike Lennon

Join SecurityWeek and Rapid7's Eric Sun for actionable takeaways from penetration testing engagements, and see how customers are combining detection technologies to find intruders earlier in the attack chain.

Comments  (0)

C492d23f3758cf5cdee0b35b74cc36f1

Can CTF Players Replace Professional Penetration Testers?

September 23, 2015 Added by:Ilia Kolochenko

The first issue with the majority of CTFs is that they focus on single result (flag), rather than a process of comprehensive consecutive security testing.

Comments  (0)

Ffc4103a877b409fd8d6da8f854f617e

Webcast: SAP Pentesting - From Zero 2 Hero with Metasploit

December 16, 2013 Added by:InfosecIsland News

The webcast will provide a very high level overview of common SAP system vulnerabilities and misconfigurations as well as demonstrate how the Metasploit Framework can be leveraged to quickly and easily exploit and compromise misconfigured/vulnerable SAP systems.

Comments  (0)

D8853ae281be8cfdfa18ab73608e8c3f

Let Me out Of Your .NET Work: Server Build

September 19, 2012 Added by:Rob Fuller

First you have to get rid of all other services. That’s harder than you would first assume, because you have to admin the box some how. You could toss SSH on a really high port, or have some kind of backend management, or just remove things from running on a multi-IP’d box...

Comments  (0)

D8853ae281be8cfdfa18ab73608e8c3f

Let Me Out of Your .NET Work: Intro

September 05, 2012 Added by:Rob Fuller

The problem I find with these tools is that they are still straight TCP. I know most networks still allow some ports directly outbound and these tools are still quite valid. During the span between these two tools being released, MrB released a site that listens on all 65k ports...

Comments  (0)

B64e021126c832bb29ec9fa988155eaf

Social Engineering Toolkit: Bypassing Antivirus Using Powershell

August 22, 2012 Added by:Dan Dieterle

Just when it looked like antivirus was getting the upper hand against the Social Engineering Toolkit, David Kennedy, author of SET, showed some of the program’s new features. One is a way to get a remote shell by completely bypassing Anti-Virus using a Windows Powershell attack. Let’s look at how this works...

Comments  (0)

B64e021126c832bb29ec9fa988155eaf

Metasploitable 2.0 pt 4: Cracking Linux Passwords and Pentesting with Grep

August 20, 2012 Added by:Dan Dieterle

Because we had a root shell, we were able to grab the Linux password hashes from the system by simply copying them and pasting them on our local machine. We were then able to use John the Ripper to crack them. We now have passwords to play with...

Comments  (0)

D8853ae281be8cfdfa18ab73608e8c3f

Bypassing TrendMicro's Service Protections

August 20, 2012 Added by:Rob Fuller

It's injecting our payload into the service binary and tossing our payload into "rundll32.exe" at run time on the victim. Lets change this so it doesn't do any injection and just executes a binary. That removes the 'injection' piece and hopefully lets us get our shell...

Comments  (0)

B64e021126c832bb29ec9fa988155eaf

Billions of Hashes per Second with Multiforcer Password Cracker

August 07, 2012 Added by:Dan Dieterle

So what does it take to reach cracking speeds topping 154 Billion hashes per second with multiple hashes? The tool was created to help out pentesters who need to crack passwords, but can not submit hashes obtained to online cracking programs due to auditing agreement restrictions...

Comments  (0)

D8853ae281be8cfdfa18ab73608e8c3f

Companies That Give Back with Free Tools

July 25, 2012 Added by:Rob Fuller

Penetration Testing / Red Teaming requires the use of a lot of tools. I don't mind getting called a "script kiddie" because I can accomplish more and faster when I don't have to code every single task I need to do. This post is to point out companies that make this possible and give a small bit of thanks...

Comments  (2)

D8853ae281be8cfdfa18ab73608e8c3f

Netstat Post Module for Meterpreter

July 20, 2012 Added by:Rob Fuller

It's real simple, first we've gotta add the GetTcpTable function to Railgun, then gauge the size of the table, then it's all just parsing the result. Also pretty straight forward. First we get the number of entries which is held in the first 4 bytes, then just parse the MIB_TCPTABLE one MIB_TCPROW...

Comments  (0)

1de705dde1cf97450678321cd77853d9

The Perils Of Automation In Vulnerability Assessment

June 25, 2012 Added by:Ian Tibble

“Run a scanner by it” still appears in so many articles – it's still very much part of the furniture. Software suites are built on the use of automated unauthenticated scanning – in some cases taking an open source scanning engine, wrapping a nice GUI around it, and slapping a 25K USD price tag on it...

Comments  (5)

B64e021126c832bb29ec9fa988155eaf

Wireshark: Listening to VoIP Conversations from Packet Captures

June 24, 2012 Added by:Dan Dieterle

A lot of telephones and communication devices now use VoIP to communicate over the internet. I was wondering how hard it would be to listen to a VoIP phone call if you had a packet capture that included the call. Well, come to find out, it is not hard at all. The feature is built into Wireshark - here's how...

Comments  (0)

759c37c6aff04cd46262f93652b5fad5

SecureState Contributes to the SQLMap Project

June 18, 2012 Added by:Spencer McIntyre

Custom-coded applications make SQLi very difficult to exploit in an automated fashion, and most of detection tools are particularly effective against only a few select Database Management Systems (DBMSes). However, the open source SQLMap tool is capable of exploiting a variety of DBMSes....

Comments  (0)

B64e021126c832bb29ec9fa988155eaf

Recovering Clear Text Passwords – Updated

June 13, 2012 Added by:Dan Dieterle

When I wrote about WCE last, I noticed that for some reason the output didn’t seem right for accounts that did not have passwords. WCE seemed to mirror a password from another account when a password was not present. Hernan from Amplia Security (creator of WCE) created a fix for this...

Comments  (0)

B64e021126c832bb29ec9fa988155eaf

Recovering Remote Windows Passwords in Plain Text with WCE

June 05, 2012 Added by:Dan Dieterle

After obtaining a remote session using Backtrack’s Social Engineering Toolkit, I ran Bypassuac to get System level authority and at the Meterpreter prompt simply ran wce.rb. Mimikatz seems to do a better job at recovering passwords, but WCE is just as easy to use. Both offer other features and functions...

Comments  (1)

Page « < 1 - 2 - 3 > »