Skip to main content

March 16, 2015

Create a Budget-Friendly Virtual Private Server with a Metasploit Instance

Whether a requirement for anonymity arises during a penetration test or simply to stand up another Metasploit instance, we can do so easily with VPS p...

See Details

December 23, 2014

The Transcendence of Breach Assessments

This blog post isn’t intended to be a panacea that will resolve past, present and future organization security breaches. That is a tall order many fee...

See Details

November 24, 2014

War Dialing Part 3: Modem Interaction

At this point, and likely sooner, we need to get our lab environment set up with all the necessary dialing gear. In previous sections, we identified t...

See Details

November 17, 2014

War Dialing Part 2: Extrapolating Results and Validating Numbers

Although manually traversing the database isn’t out of the question, I decided that it would be easier to have something that can pull the results qui...

See Details

November 10, 2014

War Dialing Part 1: The VoIP and Analog Primer

In this series of posts, I will introduce the concept of telephony war dialing along with techniques to perform such assessments. Initially, we need t...

See Details

November 07, 2014

Common Web Application Vulnerabilities - Part 10

In this post, we will cover a couple of concepts and implementations that have historically been used to circumvent the Same-Origin Policy (SOP). Spec...

See Details

September 16, 2014

Phishing with Smitty: A Unique Tool for Solicitation Attacks

This post will introduce you to the Smitty SMTP utility, which is a fully featured email client. We use this tool as a means to effectively deliver em...

See Details

December 12, 2013

How-To: Post-Ex Persistence Scripting with PowerSploit & Veil

Many penetration testers within the security industry state that getting a system shell is just the starting point for an attack. Sure, I agree, and q...

See Details

October 30, 2013

Winning the Application Deployment Battle with AppDNA

As desktop and application virtualization become central to the modern day workplace, the challenges that come with providing these resources greatly ...

See Details