As professional pen-testers we often have the luxury of not being terribly concerned with stealth. Often we will explicitly announce our IP address, plan of action and start/stop times before an engagement. “Loud” (easily detectable/ alert-triggering) tools and methods can be used and a pen-tester can find it tempting to get complacent. However, if youContinue reading “Testing Evasiveness with Home Lab NIDS and HIDS – Part I”
Author Archives: UY_Scuti
A Beginners Guide to Leveraging SMB for Enumeration and Exploitation
There are dozens of terrific articles covering this topic from just about every angle. I benefit from writing this because every time I rehash this process it becomes more and more second nature to me. The only hope I have that you, dear reader, gain something valuable from this article is that I delve fairlyContinue reading “A Beginners Guide to Leveraging SMB for Enumeration and Exploitation”
Wireless Security Assessment of an Organization
Having recently completed a wireless network security assessment of an organization, I thought it useful to document the steps and tools I used on the engagement. This write-up largely covers the passive phase of discovering SSIDs in use within the client’s network, identify access points in use, and then finishing this phase with traffic analysisContinue reading “Wireless Security Assessment of an Organization”
Gaining Domain Admin: Responder and Hashcat
On penetration testing engagements, I’ve come to find that you either get domain admin easily in the first few hours, or you will spend the entire engagement struggling and using much more complex attack techniques. There is no middle ground. This entry into this public brain book will be a succinct and focused exploration intoContinue reading “Gaining Domain Admin: Responder and Hashcat”
pursuit_of_root 