The NetSPI Blog

NetsPWN

Cracking Stats for Q2 2014

During many of our penetration tests, we gather domain password hashes (with permission of the client) for offline cracking and analysis....

NetsPWN

Intercepting Native iOS Application Traffic

In this blog, we will go through proxying an iOS application which uses native web sockets to interact with a web server. The blog will help...

NetsPWN

Bypass iOS Version Check and Certification validation

Certain iOS applications check for the iOS version number of the device. Recently, during testing of a particular application, I encountered...

NetsPWN

Stealing unencrypted SSH-agent keys from memory

It is possible to use gdb to dump the memory of a running SSH-agent and then use that memory to reconstruct a SSH key. This provides the...

NetsPWN

Bypassing AV with Veil-Evasion

Veil-Framework is a collection of tools that help with information gathering and post-exploitation. One such tool is Veil-Evasion which is...

NetsPWN

Open Source Frameworks - How secure are they?

How many of your projects include open source software? Maybe it is better to call it free software. As a person who has spent time in the...

NetsPWN

Verifying ASLR, DEP, and SafeSEH with PowerShell

Today I am releasing a PowerShell script that easily displays whether images (DLLs and EXEs) are compiled with ASLR (Address Space Layout...

NetsPWN

15 Ways to Download a File

Pentesters often upload files to compromised boxes to help with privilege escalation, or to maintain a presence on the machine. This blog...

NetsPWN

Malicious MobileConfigs

How much can you trust your devices? In this blog post, we will cover a practical attack that utilizes the iPhone Configuration Utility, a...

Pages: Prev1234567...24NextReturn Top