An Information Security Online Brain Book
Testing Evasiveness with Home Lab NIDS and HIDS – Part I
As professional pen-testers we often have the luxury of not being terribly concerned with stealth. Often we will explicitly announce our IP address, plan of action and start/stop times before an engagement. “Loud” (easily detectable/ alert-triggering) tools and methods can be used and a pen-tester can find it tempting to get complacent. However, if you…
A Beginners Guide to Leveraging SMB for Enumeration and Exploitation
There are dozens of terrific articles covering this topic from just about every angle. I benefit from writing this because every time I rehash this process it becomes more and more second nature to me. The only hope I have that you, dear reader, gain something valuable from this article is that I delve fairly…
Wireless Security Assessment of an Organization
Having recently completed a wireless network security assessment of an organization, I thought it useful to document the steps and tools I used on the engagement. This write-up largely covers the passive phase of discovering SSIDs in use within the client’s network, identify access points in use, and then finishing this phase with traffic analysis…
Follow My Blog
Get new content delivered directly to your inbox.
pursuit_of_root 