Our proprietary CorrelatedVM™ software has been our pentesters’ “secret weapon” for years. It’s now also available for you to license for use by your own internal pentest team as well.

The NetSPI Blog


Cracking Stats for Q2 2014

During many of our penetration tests, we gather domain password hashes (with permission of the client) for offline cracking and analysis....


Intercepting Native iOS Application Traffic

In this blog, we will go through proxying an iOS application which uses native web sockets to interact with a web server. The blog will help...


Bypass iOS Version Check and Certification validation

Certain iOS applications check for the iOS version number of the device. Recently, during testing of a particular application, I encountered...


Stealing unencrypted SSH-agent keys from memory

It is possible to use gdb to dump the memory of a running SSH-agent and then use that memory to reconstruct a SSH key. This provides the...


Bypassing AV with Veil-Evasion

Veil-Framework is a collection of tools that help with information gathering and post-exploitation. One such tool is Veil-Evasion which is...


Open Source Frameworks - How secure are they?

How many of your projects include open source software? Maybe it is better to call it free software. As a person who has spent time in the...


Verifying ASLR, DEP, and SafeSEH with PowerShell

Today I am releasing a PowerShell script that easily displays whether images (DLLs and EXEs) are compiled with ASLR (Address Space Layout...


15 Ways to Download a File

Pentesters often upload files to compromised boxes to help with privilege escalation, or to maintain a presence on the machine. This blog...


Malicious MobileConfigs

How much can you trust your devices? In this blog post, we will cover a practical attack that utilizes the iPhone Configuration Utility, a...

Pages: Prev1234567...24NextReturn Top