An Information Security Online Brain Book
As professional pen-testers we often have the luxury of not being terribly concerned with stealth. Often we will explicitly announce our IP address, plan of action and start/stop times before an engagement. “Loud” (easily detectable/ alert-triggering) tools and methods can be used and a pen-tester can find it tempting to get complacent. However, if youContinue reading “Testing Evasiveness with Home Lab NIDS and HIDS – Part I”
There are dozens of terrific articles covering this topic from just about every angle. I benefit from writing this because every time I rehash this process it becomes more and more second nature to me. The only hope I have that you, dear reader, gain something valuable from this article is that I delve fairlyContinue reading “A Beginners Guide to Leveraging SMB for Enumeration and Exploitation”
Having recently completed a wireless network security assessment of an organization, I thought it useful to document the steps and tools I used on the engagement. This write-up largely covers the passive phase of discovering SSIDs in use within the client’s network, identify access points in use, and then finishing this phase with traffic analysisContinue reading “Wireless Security Assessment of an Organization”
Follow My Blog
Get new content delivered directly to your inbox.