Blog Posts Tagged with "Penetration Testing"

850c7a8a30fa40cf01a9db756b49155a

Improvised Cyber Exploitation Devices

May 31, 2011 Added by:J. Oquendo

It should come as no surprise that ModSecurity is not an offensive tool. Far from it however, I am going to use it as a method to redirect my targets over to my Metasploit machine. My goal is to explain the use a of defensive tool for offensive purposes...

Comments  (0)

5d3b9af5a870b9a89f8fa51fb390d488

Onsite Personnel "Don't Need No Stinkin' Badges" for PCI

May 30, 2011 Added by:Joe Schorr

To truly improve their security posture, companies should create (and enforce) a mandatory ID Badge policy for visitors and employees. An effective policy coupled with good security awareness training will go a long way to closing up this particular gap in PCI-DSS 2.0...

Comments  (2)

69dafe8b58066478aea48f3d0f384820

Penetration Testers: Backtrack 5 Release Slated for May

May 04, 2011 Added by:Headlines

BackTrack 5 will be based on Ubuntu Lucid (10.04 LTS), will support 32 and 64 bit architectures, and will officially support KDE 4, Gnome and Fluxbox while providing users streamlined ISO downloads of each Desktop Environment...

Comments  (0)

7d55c20d433dd60022642d3ab77b8efb

SMBRelay Attacks on Corporate Users Part 2

April 27, 2011 Added by:Alexander Polyakov

MS Office programs will show an alert to our victim if it couldn't download content from a remote resource. We could put a document on our shared resource and when MS Office opens the doc, it takes a style sheet from our shared resource and doesn't show an alert to the victim...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

New Update: The Social-Engineer Toolkit v1.3.5

April 25, 2011 Added by:Headlines

The Social Engineering Toolkit is a python-driven suite of custom tools which focuses on attacking the human element in penetration testing. It’s purpose is to augment and simulate social-engineering attacks and allows for effectively testing how a targeted attack may succeed...

Comments  (0)

37d5f81e2277051bc17116221040d51c

Software Security Incidents Cost an Average $300,000

April 22, 2011 Added by:Robert Siciliano

Enterprises must move from technological security silos to enterprise security intelligence. This can be achieved through the interaction of different technologies as well as contextual analyses of integrated security and business information...

Comments  (1)

850c7a8a30fa40cf01a9db756b49155a

The Art of Cyber Warfare: Counterattack Fail

April 18, 2011 Added by:J. Oquendo

The sole purpose of Ensatus is deception and it drives the point of "fail" when it comes to counterattacking. If I were performing a sanctioned penetration test, I would be using decoys. In the event counterattacking were legal, you would be counterattacking an innocent victim...

Comments  (2)

7fef78c47060974e0b8392e305f0daf0

She Blinded Me With Infosec...

April 11, 2011 Added by:Infosec Island Admin

One must admit that no matter how many times an assessment is carried out and things are found/exploited there are ALWAYS more vulnerabilities being introduced. You will never get them all and the client, if they understand this, will become inured to it...

Comments  (0)

7d55c20d433dd60022642d3ab77b8efb

SMBRelay Attacks on Corporate Users

April 07, 2011 Added by:Alexander Polyakov

An attack on a network is a progressive action. We escalate our rights step-by-step to a domain administrator. Even casual un-privileged users can give us access to some shared resources. But how do we get these user rights? We can enforce users to authenticate on controlled a machine...

Comments  (0)

D8853ae281be8cfdfa18ab73608e8c3f

Interesting DNS Stuff - SRV Records

March 26, 2011 Added by:Rob Fuller

The following are good adds to your DNS brute force list. These are all SRV records so make sure your type is set correctly. SRV records tell you the port in the answer. I don't know of any DNS tools that utilize SRV as part of their process, but scripting dig to do so isn't tough...

Comments  (1)

D8853ae281be8cfdfa18ab73608e8c3f

Metasploit VNC Password Extraction

March 22, 2011 Added by:Rob Fuller

I ran into the 'getvncpw' meterpreter script issue on pentests in the past but didn't know much about the whacked out version of DES that RFB (the VNC protocol) was using. Not being a fan of manually editing a binary and compiling each time, I had a password to crack I wanted to find another way...

Comments  (1)

D8853ae281be8cfdfa18ab73608e8c3f

Cachedump for Meterpreter in Action

March 02, 2011 Added by:Rob Fuller

Cachedump for Meterpreter in Action: Pull it down; Load up the console and pwn something; MAKE SURE YOU ARE SYSTEM; Crack it; Use it; Woot...

Comments  (0)

D8853ae281be8cfdfa18ab73608e8c3f

Brute Forcing Passwords and Word List Resources

February 20, 2011 Added by:Rob Fuller

Brute force, even though it's gotten so fast, is still a long way away from cracking long complex passwords. That's were word lists come in handy. It's usually the crackers first go-to solution, slam a word list against the hash, if that doesn't work, try rainbow tables..

Comments  (1)

4332ff2719b3cf30e44538f49b87f88f

Where's My Creeper Box?

February 13, 2011 Added by:Dave Porcello

Indeed, after 7 years my long-coveted creeper box has finally arrived. And nothing says Sneakers like a text message from an elegantly-placed drop box as you exit your target facility’s parking lot in an unmarked utility van...

Comments  (4)

D8853ae281be8cfdfa18ab73608e8c3f

Improving Insider Threat Testing

February 03, 2011 Added by:Rob Fuller

We need to build organizations up in the detection department from a pentesters point of view. We are loosing this battle, and one of the reasons is we keep our bag of tricks to ourselves, and that's what insider threat testing is all about, getting all the tricks tested in a more open fashion...

Comments  (1)

44fa7dab2a22dc03b6a1de4a35b7834a

Intrusion Prevention Systems Getting Better

January 30, 2011 Added by:Bill Gerneglia

Intrusion prevention systems are doing a significantly better job at blocking hackers from corporate networks than a year ago, according to a new study. But some products from major vendors still fare poorly in intrusion tests, and the better security has come at the expense of performance...

Comments  (0)

Page « < 9 - 10 - 11 - 12 - 13 > »