Blog Posts Tagged with "Penetration Testing"

D8853ae281be8cfdfa18ab73608e8c3f

Let Me Out of Your .NET Work: Intro

September 05, 2012 Added by:Rob Fuller

The problem I find with these tools is that they are still straight TCP. I know most networks still allow some ports directly outbound and these tools are still quite valid. During the span between these two tools being released, MrB released a site that listens on all 65k ports...

Comments  (0)

68b48711426f3b082ab24e5746a66b36

Securing Your Application Perimeter: What to Test for Vulnerabilities

September 05, 2012 Added by:Fergal Glynn

When dynamic scanning engines were first designed they were primarily tools for penetration testers to use on a few select web applications deemed critical enough to warrant serious testing. But times have changed, every Internet facing application is now a potential attack surface...

Comments  (0)

86d8831c7ce6fcda920aac867a984d98

Infosec Recruiters Examine Security Career Trends

August 30, 2012 Added by:InfoSec Institute

"Penetration testers, the guys that come onto the sites—they’re highly in demand... In terms of technology, I think these guys see security in a different light than other people. They sort of can see it as a whole picture. Penetration testers are looking at it in a completely different light...."

Comments  (3)

D8853ae281be8cfdfa18ab73608e8c3f

Cross-Protocol Chained Pass the Hash for Metasploit

August 29, 2012 Added by:Rob Fuller

Every so often someone writes a Metasploit Module that is pretty epic. July 12th was one such day, and as soon as you do you can start using this (using the example resource file to put a file, cat it out, enum shares available, list files on a share) then psexec all from a single URL being loaded...

Comments  (0)

B64e021126c832bb29ec9fa988155eaf

Backtrack 5 r3 List of (Some of the) New Tools and Programs

August 27, 2012 Added by:Dan Dieterle

What are the new utilities included with Backtrack 5r3? I couldn’t find a list, so I decided to make one myself comparing BT5r2 with the latest version. This is not an exhaustive list, but hopefully it will help people see some of the very cool new tools and programs added to Backtrack...

Comments  (1)

E313765e3bec84b2852c1c758f7244b6

Which Application Testing is Right for Your Organization?

August 23, 2012 Added by:Brent Huston

Billions of dollars and millions of identities are at stake every day. In the past, security professionals thought firewalls, Secure Sockets Layer, patching, and privacy policies were enough to protect websites from hackers. Today, we know better. Whatever your industry — you should have consistent testing...

Comments  (0)

B64e021126c832bb29ec9fa988155eaf

Social Engineering Toolkit: Bypassing Antivirus Using Powershell

August 22, 2012 Added by:Dan Dieterle

Just when it looked like antivirus was getting the upper hand against the Social Engineering Toolkit, David Kennedy, author of SET, showed some of the program’s new features. One is a way to get a remote shell by completely bypassing Anti-Virus using a Windows Powershell attack. Let’s look at how this works...

Comments  (0)

Bbb285308604bc5fbb9b43590d0501f6

Security BSides is Coming Memphis

August 22, 2012 Added by:Security BSides

The goal of Security BSides is to expand the conversation beyond the traditional confines. BSides creates opportunities to both present and participate in an atmosphere that encourages collaboration. It is where conversations for the next-big-thing are happening. You don’t want to miss it...

Comments  (0)

B64e021126c832bb29ec9fa988155eaf

Metasploitable 2.0 pt 4: Cracking Linux Passwords and Pentesting with Grep

August 20, 2012 Added by:Dan Dieterle

Because we had a root shell, we were able to grab the Linux password hashes from the system by simply copying them and pasting them on our local machine. We were then able to use John the Ripper to crack them. We now have passwords to play with...

Comments  (0)

D8853ae281be8cfdfa18ab73608e8c3f

Bypassing TrendMicro's Service Protections

August 20, 2012 Added by:Rob Fuller

It's injecting our payload into the service binary and tossing our payload into "rundll32.exe" at run time on the victim. Lets change this so it doesn't do any injection and just executes a binary. That removes the 'injection' piece and hopefully lets us get our shell...

Comments  (0)

B64e021126c832bb29ec9fa988155eaf

Metasploitable 2.0 Tutorial pt 3: Gaining Root from a Vulnerable Service

August 17, 2012 Added by:Dan Dieterle

There are numerous Metasploitable how-to’s out there, but a lot of them focus on the standard services. In real life, which is the service that will most likely go unpatched? The main web server or some secondary service that was installed for a project and then forgotten about? So let’s get started...

Comments  (1)

Bdcd1324539ec513ff7c10014b9668b6

Recovering tmpfs from Linux and Android Memory Captures with Volatility

August 14, 2012 Added by:Andrew Case

Tmpfs is interesting from a forensics perspective for a few reasons. The first is that, in a traditional forensics scenario, the investigator expects that he can shut a computer off, images its disk(s), and get back the filesystem at the time of when the computer was running. With tmpfs, this is obviously not true...

Comments  (3)

1de705dde1cf97450678321cd77853d9

Breaking Into Security: Planet Earth Edition

August 14, 2012 Added by:Ian Tibble

As a pentest guru wannabe, you may possess extremely high levels of fuzzing, exploit coding, and reversing skills, but you will never get to use them and you will intimidate most interviewers. There are easier ways to break into systems. Security is insufficiently mature in most organizations to warrant pentesting...

Comments  (0)

B64e021126c832bb29ec9fa988155eaf

Metasploitable 2.0 Tutorial pt 2: Scanning for Network Services

August 14, 2012 Added by:Dan Dieterle

Okay, we put in 192.168.12.20 and it scanned it and returned the version of Samba that was running on it. But what if we wanted to scan the whole network for just systems running Samba. This is where the beauty of the RHOSTS command comes into play. Instead of just scanning the single host, let’s scan all 256 clients...

Comments  (0)

D8853ae281be8cfdfa18ab73608e8c3f

Network Security: Presence, Persistence, and Pivoting

August 08, 2012 Added by:Rob Fuller

Explaining what goes through an attackers head when they get a shell is virtually impossible, even more so to generalize into a methodology, but I’ve tried to do that with the "Three P’s of Post Exploitation” - they are in a certain order for a reason, but certainly up to circumstance to what order is best...

Comments  (0)

B64e021126c832bb29ec9fa988155eaf

Billions of Hashes per Second with Multiforcer Password Cracker

August 07, 2012 Added by:Dan Dieterle

So what does it take to reach cracking speeds topping 154 Billion hashes per second with multiple hashes? The tool was created to help out pentesters who need to crack passwords, but can not submit hashes obtained to online cracking programs due to auditing agreement restrictions...

Comments  (0)

Page « < 1 - 2 - 3 - 4 - 5 > »