March 11, 2013
At some point, all penetration testers get asked, “Where did you learn all this stuff?” In my experience, the question often comes from clients and students interested in pen testing. Usually, they’re asking because they aren’t sure where to start. There are a number of two- and four-year college programs that can provide a nice structured approach, but generally I think penetration testing is like any other skillset; if you find the right resources, a good direction, and study hard, you’ll acquire the skills you’re looking for. However, I will say that it does help to already have a strong IT background.
January 16, 2013
Many anti-virus solutions are deployed with weak configurations that provide end users with the ability to quickly disable or work around the product if they wish. This blog will provide a brief overview of 10 issues to watch out for. It should be interesting to administrators looking for basic weaknesses in their current implementations.
October 8, 2012
Recently I stumbled upon a Java Rich Client pentest project. Fortunately, the communication was made via HTTP, so it was possible to manipulate requests and response with our favorite tool, Burp. Unfortunately, the app has been transmitting data in serialized …
July 16, 2012
I know that a lot of people have been exposed to ping and port scan discovery techniques, but on large networks those methods alone can be pretty time consuming. So in this blog I thought I would provide some time saving options that can be used in conjunction with the traditional methods.
July 9, 2012
Migrating to Domain Admin processes is a common way penetration testers are able to impersonate Domain Admin accounts on the network. However, before a pentester can do that, they need to know what systems those processes are running on. In this blog I’ll cover 5 techniques to help you do that.
April 24, 2012
I’ve also discovered that non-security executives often seem to think that a pen test is a pen test is a pen test and while this certainly isn’t the case (there is real skill involved in effective penetration testing, as well as the need for a solid process), what’s really frustrating is that it’s often the situation that what people call a pen test is actually a vulnerability assessment or a scan and that drives me nuts.
March 19, 2012
The ability to perform penetration testing against Cloud-based assets and environments is increasing in importance as more organizations begin to leverage the flexibility and cost-efficiency of virtualized and shared platforms. How is testing against these new environments different?
September 29, 2011
By default, SQL Server Express supports a lot of great options that make it a very practical solution to many business problems. However, it also comes configured with a not so great option that could allow domain users to gain unauthorized access to SQL Server Express instances. In this blog I’ll cover what the issue is, how to attack it, and how to fix it.
July 20, 2011
...you've got to look comprehensively at risk within all aspects of your IT environment. Because while you may not be looking at these things, it's certain that at some point, someone looking for the easiest way in will be looking at exploiting these weaknesses.