Blog Posts Tagged with "Penetration Testing"
Metasploitable 2.0 Tutorial: Checking for Open Ports with Nmap
August 03, 2012 Added by:Dan Dieterle
I mentioned recently that we would take a closer look at Metasploitable 2.0, the purposefully vulnerable Linux virtual machine used for learning security tactics and techniques. In this intro, we will quickly cover obtaining Metasploitable 2.0 and scanning it for open ports and services...
Comments (0)
Wireless Network Security: A Beginner's Guide
August 02, 2012 Added by:Ben Rothke
The T.J. Maxx data breach was due to insecure wireless connectivity. Estimates of the costs for this security fiasco are a staggering $4.5 billion. Had the staff at T.J. Maxx had this book at hand and used it, they may have been able to save themselves a significant amount of money...
Comments (0)
Leveraging Regular User Accounts to Achieve Compromise
July 31, 2012 Added by:Jake Garlie
One of the more common ways pentesters break in to networks is by leveraging regular user accounts which have been compromised. They can be used in various ways to compromise systems, data, applications, and more. Once valid user accounts are obtained, using them throughout the network rarely triggers any alarms...
Comments (0)
Information Security, Hackers, and Vigilance
July 30, 2012 Added by:Tripwire Inc
The bottom line: Attackers are always looking for mistakes, outliers, and inconsistencies so they can use them against you. This means your security programs need to be robust, resilient, measurable, and – as much as possible – consistent (vs. ad hoc)...
Comments (0)
Companies That Give Back with Free Tools
July 25, 2012 Added by:Rob Fuller
Penetration Testing / Red Teaming requires the use of a lot of tools. I don't mind getting called a "script kiddie" because I can accomplish more and faster when I don't have to code every single task I need to do. This post is to point out companies that make this possible and give a small bit of thanks...
Comments (2)
Power Pwn and DARPA Programs for Developing Hacking Tools
July 23, 2012 Added by:Plagiarist Paganini
Network analysis has never been easier. Power Pwn, which looks like a surge protector, can be controled remotely via Wi-Fi, Bluetooth, and Ethernet as it searches for network weaknesses. It’s fully manageable via a Web interface accessible through the unit's 3G radio or directly to the device via text message...
Comments (2)
Netstat Post Module for Meterpreter
July 20, 2012 Added by:Rob Fuller
It's real simple, first we've gotta add the GetTcpTable function to Railgun, then gauge the size of the table, then it's all just parsing the result. Also pretty straight forward. First we get the number of entries which is held in the first 4 bytes, then just parse the MIB_TCPTABLE one MIB_TCPROW...
Comments (0)
DEUCE: Bypassing DLP with Cookies
July 19, 2012 Added by:f8lerror
DEUCE went from simple concept to a multi-encoding and encryption DLP bypass tool. The program simply takes an input file and creates a cookie for each line. DEUCE has the ability to encrypt via AES, hash with MD5 or use a custom multi-encode with a 3 times replacement cipher...
Comments (0)
Penetration Testing the Cloud: Three Important Points
July 17, 2012 Added by:Brandon Knight
One area where companies seem to become lost is when talking about performing penetration testing services against their deployment. While there are some details to work out, fundamentally this type of assessment translates well when talking about applications and infrastructure deployed in the cloud...
Comments (1)
Evidence of Compromise: Metasploit's PSEXEC
July 15, 2012 Added by:Rob Fuller
I was messing with the Windows service binaries in Metasploit and I noticed something. For the PSEXEC module, the service name (actually just the display name, 'service name' is random) always started with an uppercase 'M'. Curious to why that was I looked and found Line 246 of the PSEXEC module to be the culprit...
Comments (0)
Free Power on the Grid?
July 15, 2012 Added by:Jayson Wylie
Sometimes the wrong people get the code and use it maliciously. It is in the nation’s best interest to keep the power infrastructure safe and keep meters fool proof, but it depends on how effective a tool is to be able to effectively manipulate the technology to an individual’s own financial advantage...
Comments (0)
Shodan: There is Now an App for That
July 11, 2012 Added by:shawn merdinger
Since October, 2010, Shodan has consistently made waves in the information security world. Like any security tool, Shodan can be leveraged by both malicious attackers and legitimate security operations to gain insights into the public IP exposure of an organization. Now enters the Shodan App...
Comments (1)
DHS Cyber Teams Uncover Federal Network Vulnerabilities
July 11, 2012 Added by:Headlines
"We provide free specialized access to skills and services that are not readily available or are in high demand across the dot-gov to promote a healthy and resilient cyber infrastructure. That's the goal to do risk-based analysis and gap analysis of capabilities and drive improvements..."
Comments (0)
Integration of Mimikatz into Metasploit Stage One
July 10, 2012 Added by:Rob Fuller
One of the powers of Metasploit is its ability to stay memory resident through the use of reflective DLL injection, even keeping new functionalities the attack loads from ever touching disk. I want get to that same level with Mimikatz. Here is my first step to that end: A Railgun based Meterpreter script...
Comments (0)
Harvesting Credentials with the Social Engineering Toolkit
July 09, 2012 Added by:Dan Dieterle
The Social Engineering Toolkit included with Backtrack 5 is a great way for penetration testers to see how well their network and users would stand up to Social Engineering attacks. In this tutorial I will demonstrate how SET can be used to set up a realistic looking website to harvest e-mail usernames and passwords...
Comments (3)
How to Add a Local Administrator with the Arduino Leonardo
July 08, 2012 Added by:f8lerror
Security researchers have been using the Teensy for HID attacks. Which really is the way to go if that’s all you want to do. However, if you are like me you want to do other things as well you need something bigger. Enter the Arduino Leonardo board which supports emulating a Human Interface Device out of the box...
Comments (1)
- Augmented Reality Will Compromise the Privacy and Safety of Attack Victims
- Ending the Cloud Security Blame Game
- Edge Computing Set to Push Security to the Brink
- Make It So: Accelerating the Enterprise with Intent-Based Network Security
- Threat Horizon 2022: Cyber Attacks Businesses Need to Prepare for Now
- Why the Latest Marriott Breach Should Make Us "Stop and Think" About Security Behaviors
- Examining Potential Election Vulnerabilities: Are They Avoidable?
- Google Skips Chrome 82, Resumes Stable Releases
- Benchmarking the State of the CISO in 2020
- Cyberattacks a Top Concern for Gov Workers